Pastebin
API
tools
faq
paste
Login
Sign up
Please fix the following errors:
New Paste
Syntax Highlighting
[*] MalFamily: "" [*] MalScore: 10.0 [*] File Name: "Formbook_12863ef9766010c7406c9b0f1f9201d3.exe" [*] File Size: 1042944 [*] File Type: "PE32 executable (GUI) Intel 80386, for MS Windows" [*] SHA256: "12a07cd8bc2572114e5b4a3b6892b479f8fee07b15f95ca4e93b8ce488679859" [*] MD5: "12863ef9766010c7406c9b0f1f9201d3" [*] SHA1: "073a47f4f3d1fc0675125ea1d98b22e01c4bb56e" [*] SHA512: "7e49a6655d43db56553a30415d36bd4f0865f6435f6968348ce757b4d965c404e7dac1054c43ebba7818f8363422a0378f2ae1338a158963aad1e6926e44eac9" [*] CRC32: "A51AF99D" [*] SSDEEP: "12288:YTkms64RrXaSLwg+QsxPdmNzrxX8E0MLxO4grJHMsjQcQovnjTuZrDIHH7z:6lkDaSLFAPcxwMLxOxie/jqJyn" [*] Process Execution: [ "Formbook_12863ef9766010c7406c9b0f1f9201d3.exe", "zapal.exe", "zapal.exe" ] [*] Signatures Detected: [ { "Description": "Creates RWX memory", "Details": [] }, { "Description": "Drops a binary and executes it", "Details": [ { "binary": "C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe" } ] }, { "Description": "The binary likely contains encrypted or compressed data.", "Details": [ { "section": "name: .rsrc, entropy: 7.45, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ, raw_size: 0x0007ee00, virtual_size: 0x0007ec34" } ] }, { "Description": "Executed a process and injected code into it, probably while unpacking", "Details": [ { "Injection": "zapal.exe(2636) -> zapal.exe(2036)" } ] }, { "Description": "File has been identified by 33 Antiviruses on VirusTotal as malicious", "Details": [ { "FireEye": "Generic.mg.12863ef9766010c7" }, { "McAfee": "Fareit-FOZ!12863EF97660" }, { "Cylance": "Unsafe" }, { "CrowdStrike": "win/malicious_confidence_100% (W)" }, { "Alibaba": "TrojanSpy:Application/Delphi.a71dc9ef" }, { "Invincea": "heuristic" }, { "Symantec": "Trojan.Gen.MBT" }, { "APEX": "Malicious" }, { "Paloalto": "generic.ml" }, { "Kaspersky": "UDS:DangerousObject.Multi.Generic" }, { "AegisLab": "Trojan.Multi.Generic.4!c" }, { "Endgame": "malicious (high confidence)" }, { "Sophos": "Mal/Fareit-V" }, { "F-Secure": "Dropper.DR/Delphi.Gen8" }, { "DrWeb": "Trojan.PWS.Siggen2.19816" }, { "TrendMicro": "TSPY_HPFAREIT.SMROX" }, { "McAfee-GW-Edition": "BehavesLike.Win32.Fareit.fc" }, { "Trapmine": "malicious.high.ml.score" }, { "Ikarus": "Win32.Outbreak" }, { "Webroot": "W32.Trojan.Gen" }, { "Avira": "DR/Delphi.Gen8" }, { "Microsoft": "Trojan:Win32/Wacatac.B!ml" }, { "ZoneAlarm": "HEUR:Trojan-PSW.Win32.Azorult.gen" }, { "AhnLab-V3": "Win-Trojan/Delphiless.Exp" }, { "Acronis": "suspicious" }, { "Malwarebytes": "Spyware.AzorUlt" }, { "ESET-NOD32": "a variant of Win32/Injector.EGHQ" }, { "TrendMicro-HouseCall": "TSPY_HPFAREIT.SMROX" }, { "Rising": "Trojan.Injector!1.AFE3 (CLOUD)" }, { "SentinelOne": "DFI - Suspicious PE" }, { "Fortinet": "W32/HPFAREIT.SMROX!tr" }, { "Cybereason": "malicious.4f3d1f" }, { "Qihoo-360": "Win32/Trojan.PSW.ae6" } ] }, { "Description": "Creates a copy of itself", "Details": [ { "copy": "C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe" } ] }, { "Description": "Attempts to interact with an Alternate Data Stream (ADS)", "Details": [ { "file": "C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe:ZoneIdentifier" } ] }, { "Description": "Anomalous binary characteristics", "Details": [ { "anomaly": "Timestamp on binary predates the release date of the OS version it requires by at least a year" } ] } ] [*] Started Service: [] [*] Executed Commands: [ "\"C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe\"" ] [*] Mutexes: [] [*] Modified Files: [ "C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe", "C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe:ZoneIdentifier" ] [*] Deleted Files: [ "C:\\Users\\user\\AppData\\Roaming\\zapwaerv\\zapal.exe" ] [*] Modified Registry Keys: [] [*] Deleted Registry Keys: [] [*] DNS Communications: [] [*] Domains: [] [*] Network Communication - ICMP: [] [*] Network Communication - HTTP: [] [*] Network Communication - SMTP: [] [*] Network Communication - Hosts: [] [*] Network Communication - IRC: [] [*] Static Analysis: { "pe": { "peid_signatures": null, "imports": [ { "imports": [ { "name": "DeleteCriticalSection", "address": "0x478168" }, { "name": "LeaveCriticalSection", "address": "0x47816c" }, { "name": "EnterCriticalSection", "address": "0x478170" }, { "name": "InitializeCriticalSection", "address": "0x478174" }, { "name": "VirtualFree", "address": "0x478178" }, { "name": "VirtualAlloc", "address": "0x47817c" }, { "name": "LocalFree", "address": "0x478180" }, { "name": "LocalAlloc", "address": "0x478184" }, { "name": "GetVersion", "address": "0x478188" }, { "name": "GetCurrentThreadId", "address": "0x47818c" }, { "name": "InterlockedDecrement", "address": "0x478190" }, { "name": "InterlockedIncrement", "address": "0x478194" }, { "name": "VirtualQuery", "address": "0x478198" }, { "name": "WideCharToMultiByte", "address": "0x47819c" }, { "name": "MultiByteToWideChar", "address": "0x4781a0" }, { "name": "lstrlenA", "address": "0x4781a4" }, { "name": "lstrcpynA", "address": "0x4781a8" }, { "name": "LoadLibraryExA", "address": "0x4781ac" }, { "name": "GetThreadLocale", "address": "0x4781b0" }, { "name": "GetStartupInfoA", "address": "0x4781b4" }, { "name": "GetProcAddress", "address": "0x4781b8" }, { "name": "GetModuleHandleA", "address": "0x4781bc" }, { "name": "GetModuleFileNameA", "address": "0x4781c0" }, { "name": "GetLocaleInfoA", "address": "0x4781c4" }, { "name": "GetCommandLineA", "address": "0x4781c8" }, { "name": "FreeLibrary", "address": "0x4781cc" }, { "name": "FindFirstFileA", "address": "0x4781d0" }, { "name": "FindClose", "address": "0x4781d4" }, { "name": "ExitProcess", "address": "0x4781d8" }, { "name": "WriteFile", "address": "0x4781dc" }, { "name": "UnhandledExceptionFilter", "address": "0x4781e0" }, { "name": "RtlUnwind", "address": "0x4781e4" }, { "name": "RaiseException", "address": "0x4781e8" }, { "name": "GetStdHandle", "address": "0x4781ec" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "GetKeyboardType", "address": "0x4781f4" }, { "name": "LoadStringA", "address": "0x4781f8" }, { "name": "MessageBoxA", "address": "0x4781fc" }, { "name": "CharNextA", "address": "0x478200" } ], "dll": "user32.dll" }, { "imports": [ { "name": "RegQueryValueExA", "address": "0x478208" }, { "name": "RegOpenKeyExA", "address": "0x47820c" }, { "name": "RegCloseKey", "address": "0x478210" } ], "dll": "advapi32.dll" }, { "imports": [ { "name": "SysFreeString", "address": "0x478218" }, { "name": "SysReAllocStringLen", "address": "0x47821c" }, { "name": "SysAllocStringLen", "address": "0x478220" } ], "dll": "oleaut32.dll" }, { "imports": [ { "name": "TlsSetValue", "address": "0x478228" }, { "name": "TlsGetValue", "address": "0x47822c" }, { "name": "LocalAlloc", "address": "0x478230" }, { "name": "GetModuleHandleA", "address": "0x478234" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "RegQueryValueExA", "address": "0x47823c" }, { "name": "RegOpenKeyExA", "address": "0x478240" }, { "name": "RegCloseKey", "address": "0x478244" } ], "dll": "advapi32.dll" }, { "imports": [ { "name": "lstrcpyA", "address": "0x47824c" }, { "name": "WriteFile", "address": "0x478250" }, { "name": "WaitForSingleObject", "address": "0x478254" }, { "name": "VirtualQuery", "address": "0x478258" }, { "name": "VirtualAlloc", "address": "0x47825c" }, { "name": "Sleep", "address": "0x478260" }, { "name": "SizeofResource", "address": "0x478264" }, { "name": "SetThreadLocale", "address": "0x478268" }, { "name": "SetFilePointer", "address": "0x47826c" }, { "name": "SetEvent", "address": "0x478270" }, { "name": "SetErrorMode", "address": "0x478274" }, { "name": "SetEndOfFile", "address": "0x478278" }, { "name": "ResetEvent", "address": "0x47827c" }, { "name": "ReadFile", "address": "0x478280" }, { "name": "MultiByteToWideChar", "address": "0x478284" }, { "name": "MulDiv", "address": "0x478288" }, { "name": "LockResource", "address": "0x47828c" }, { "name": "LoadResource", "address": "0x478290" }, { "name": "LoadLibraryA", "address": "0x478294" }, { "name": "LeaveCriticalSection", "address": "0x478298" }, { "name": "InitializeCriticalSection", "address": "0x47829c" }, { "name": "GlobalUnlock", "address": "0x4782a0" }, { "name": "GlobalSize", "address": "0x4782a4" }, { "name": "GlobalReAlloc", "address": "0x4782a8" }, { "name": "GlobalHandle", "address": "0x4782ac" }, { "name": "GlobalLock", "address": "0x4782b0" }, { "name": "GlobalFree", "address": "0x4782b4" }, { "name": "GlobalFindAtomA", "address": "0x4782b8" }, { "name": "GlobalDeleteAtom", "address": "0x4782bc" }, { "name": "GlobalAlloc", "address": "0x4782c0" }, { "name": "GlobalAddAtomA", "address": "0x4782c4" }, { "name": "GetVersionExA", "address": "0x4782c8" }, { "name": "GetVersion", "address": "0x4782cc" }, { "name": "GetUserDefaultLCID", "address": "0x4782d0" }, { "name": "GetTickCount", "address": "0x4782d4" }, { "name": "GetThreadLocale", "address": "0x4782d8" }, { "name": "GetSystemInfo", "address": "0x4782dc" }, { "name": "GetStringTypeExA", "address": "0x4782e0" }, { "name": "GetStdHandle", "address": "0x4782e4" }, { "name": "GetProfileStringA", "address": "0x4782e8" }, { "name": "GetProcAddress", "address": "0x4782ec" }, { "name": "GetPriorityClass", "address": "0x4782f0" }, { "name": "GetModuleHandleA", "address": "0x4782f4" }, { "name": "GetModuleFileNameA", "address": "0x4782f8" }, { "name": "GetLocaleInfoA", "address": "0x4782fc" }, { "name": "GetLocalTime", "address": "0x478300" }, { "name": "GetLastError", "address": "0x478304" }, { "name": "GetFullPathNameA", "address": "0x478308" }, { "name": "GetDiskFreeSpaceA", "address": "0x47830c" }, { "name": "GetDateFormatA", "address": "0x478310" }, { "name": "GetCurrentThreadId", "address": "0x478314" }, { "name": "GetCurrentProcessId", "address": "0x478318" }, { "name": "GetComputerNameA", "address": "0x47831c" }, { "name": "GetCPInfo", "address": "0x478320" }, { "name": "GetACP", "address": "0x478324" }, { "name": "FreeResource", "address": "0x478328" }, { "name": "InterlockedExchange", "address": "0x47832c" }, { "name": "FreeLibrary", "address": "0x478330" }, { "name": "FormatMessageA", "address": "0x478334" }, { "name": "FindResourceA", "address": "0x478338" }, { "name": "EnumCalendarInfoA", "address": "0x47833c" }, { "name": "EnterCriticalSection", "address": "0x478340" }, { "name": "DeleteCriticalSection", "address": "0x478344" }, { "name": "CreateThread", "address": "0x478348" }, { "name": "CreateFileA", "address": "0x47834c" }, { "name": "CreateEventA", "address": "0x478350" }, { "name": "CompareStringA", "address": "0x478354" }, { "name": "CloseHandle", "address": "0x478358" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "VerQueryValueA", "address": "0x478360" }, { "name": "GetFileVersionInfoSizeA", "address": "0x478364" }, { "name": "GetFileVersionInfoA", "address": "0x478368" } ], "dll": "version.dll" }, { "imports": [ { "name": "UnrealizeObject", "address": "0x478370" }, { "name": "StretchBlt", "address": "0x478374" }, { "name": "SetWindowOrgEx", "address": "0x478378" }, { "name": "SetWinMetaFileBits", "address": "0x47837c" }, { "name": "SetViewportOrgEx", "address": "0x478380" }, { "name": "SetTextColor", "address": "0x478384" }, { "name": "SetStretchBltMode", "address": "0x478388" }, { "name": "SetROP2", "address": "0x47838c" }, { "name": "SetPixel", "address": "0x478390" }, { "name": "SetMapMode", "address": "0x478394" }, { "name": "SetEnhMetaFileBits", "address": "0x478398" }, { "name": "SetDIBColorTable", "address": "0x47839c" }, { "name": "SetBrushOrgEx", "address": "0x4783a0" }, { "name": "SetBkMode", "address": "0x4783a4" }, { "name": "SetBkColor", "address": "0x4783a8" }, { "name": "SelectPalette", "address": "0x4783ac" }, { "name": "SelectObject", "address": "0x4783b0" }, { "name": "SelectClipRgn", "address": "0x4783b4" }, { "name": "ScaleWindowExtEx", "address": "0x4783b8" }, { "name": "SaveDC", "address": "0x4783bc" }, { "name": "RestoreDC", "address": "0x4783c0" }, { "name": "RectVisible", "address": "0x4783c4" }, { "name": "RealizePalette", "address": "0x4783c8" }, { "name": "Polyline", "address": "0x4783cc" }, { "name": "PlayEnhMetaFile", "address": "0x4783d0" }, { "name": "PatBlt", "address": "0x4783d4" }, { "name": "MoveToEx", "address": "0x4783d8" }, { "name": "MaskBlt", "address": "0x4783dc" }, { "name": "LineTo", "address": "0x4783e0" }, { "name": "LPtoDP", "address": "0x4783e4" }, { "name": "IntersectClipRect", "address": "0x4783e8" }, { "name": "GetWindowOrgEx", "address": "0x4783ec" }, { "name": "GetWinMetaFileBits", "address": "0x4783f0" }, { "name": "GetTextMetricsA", "address": "0x4783f4" }, { "name": "GetTextExtentPoint32A", "address": "0x4783f8" }, { "name": "GetSystemPaletteEntries", "address": "0x4783fc" }, { "name": "GetStockObject", "address": "0x478400" }, { "name": "GetPixel", "address": "0x478404" }, { "name": "GetPaletteEntries", "address": "0x478408" }, { "name": "GetObjectA", "address": "0x47840c" }, { "name": "GetEnhMetaFilePaletteEntries", "address": "0x478410" }, { "name": "GetEnhMetaFileHeader", "address": "0x478414" }, { "name": "GetEnhMetaFileDescriptionA", "address": "0x478418" }, { "name": "GetEnhMetaFileBits", "address": "0x47841c" }, { "name": "GetDeviceCaps", "address": "0x478420" }, { "name": "GetDIBits", "address": "0x478424" }, { "name": "GetDIBColorTable", "address": "0x478428" }, { "name": "GetDCOrgEx", "address": "0x47842c" }, { "name": "GetCurrentPositionEx", "address": "0x478430" }, { "name": "GetClipBox", "address": "0x478434" }, { "name": "GetBrushOrgEx", "address": "0x478438" }, { "name": "GetBitmapBits", "address": "0x47843c" }, { "name": "ExtTextOutA", "address": "0x478440" }, { "name": "ExcludeClipRect", "address": "0x478444" }, { "name": "EndPage", "address": "0x478448" }, { "name": "EndDoc", "address": "0x47844c" }, { "name": "DeleteObject", "address": "0x478450" }, { "name": "DeleteEnhMetaFile", "address": "0x478454" }, { "name": "DeleteDC", "address": "0x478458" }, { "name": "CreateSolidBrush", "address": "0x47845c" }, { "name": "CreatePenIndirect", "address": "0x478460" }, { "name": "CreatePalette", "address": "0x478464" }, { "name": "CreateICA", "address": "0x478468" }, { "name": "CreateHalftonePalette", "address": "0x47846c" }, { "name": "CreateFontIndirectA", "address": "0x478470" }, { "name": "CreateEnhMetaFileA", "address": "0x478474" }, { "name": "CreateDIBitmap", "address": "0x478478" }, { "name": "CreateDIBSection", "address": "0x47847c" }, { "name": "CreateDCA", "address": "0x478480" }, { "name": "CreateCompatibleDC", "address": "0x478484" }, { "name": "CreateCompatibleBitmap", "address": "0x478488" }, { "name": "CreateBrushIndirect", "address": "0x47848c" }, { "name": "CreateBitmap", "address": "0x478490" }, { "name": "CopyEnhMetaFileA", "address": "0x478494" }, { "name": "CloseEnhMetaFile", "address": "0x478498" }, { "name": "BitBlt", "address": "0x47849c" } ], "dll": "gdi32.dll" }, { "imports": [ { "name": "CreateWindowExA", "address": "0x4784a4" }, { "name": "WindowFromPoint", "address": "0x4784a8" }, { "name": "WinHelpA", "address": "0x4784ac" }, { "name": "WaitMessage", "address": "0x4784b0" }, { "name": "UpdateWindow", "address": "0x4784b4" }, { "name": "UnregisterClassA", "address": "0x4784b8" }, { "name": "UnhookWindowsHookEx", "address": "0x4784bc" }, { "name": "TranslateMessage", "address": "0x4784c0" }, { "name": "TranslateMDISysAccel", "address": "0x4784c4" }, { "name": "TrackPopupMenu", "address": "0x4784c8" }, { "name": "SystemParametersInfoA", "address": "0x4784cc" }, { "name": "ShowWindow", "address": "0x4784d0" }, { "name": "ShowScrollBar", "address": "0x4784d4" }, { "name": "ShowOwnedPopups", "address": "0x4784d8" }, { "name": "ShowCursor", "address": "0x4784dc" }, { "name": "SetWindowsHookExA", "address": "0x4784e0" }, { "name": "SetWindowTextA", "address": "0x4784e4" }, { "name": "SetWindowPos", "address": "0x4784e8" }, { "name": "SetWindowPlacement", "address": "0x4784ec" }, { "name": "SetWindowLongA", "address": "0x4784f0" }, { "name": "SetTimer", "address": "0x4784f4" }, { "name": "SetScrollRange", "address": "0x4784f8" }, { "name": "SetScrollPos", "address": "0x4784fc" }, { "name": "SetScrollInfo", "address": "0x478500" }, { "name": "SetRect", "address": "0x478504" }, { "name": "SetPropA", "address": "0x478508" }, { "name": "SetParent", "address": "0x47850c" }, { "name": "SetMenuItemInfoA", "address": "0x478510" }, { "name": "SetMenu", "address": "0x478514" }, { "name": "SetKeyboardState", "address": "0x478518" }, { "name": "SetForegroundWindow", "address": "0x47851c" }, { "name": "SetFocus", "address": "0x478520" }, { "name": "SetCursor", "address": "0x478524" }, { "name": "SetClipboardData", "address": "0x478528" }, { "name": "SetClassLongA", "address": "0x47852c" }, { "name": "SetCapture", "address": "0x478530" }, { "name": "SetActiveWindow", "address": "0x478534" }, { "name": "SendMessageA", "address": "0x478538" }, { "name": "ScrollWindow", "address": "0x47853c" }, { "name": "ScreenToClient", "address": "0x478540" }, { "name": "RemovePropA", "address": "0x478544" }, { "name": "RemoveMenu", "address": "0x478548" }, { "name": "ReleaseDC", "address": "0x47854c" }, { "name": "ReleaseCapture", "address": "0x478550" }, { "name": "RegisterWindowMessageA", "address": "0x478554" }, { "name": "RegisterClipboardFormatA", "address": "0x478558" }, { "name": "RegisterClassA", "address": "0x47855c" }, { "name": "RedrawWindow", "address": "0x478560" }, { "name": "PtInRect", "address": "0x478564" }, { "name": "PostQuitMessage", "address": "0x478568" }, { "name": "PostMessageA", "address": "0x47856c" }, { "name": "PeekMessageA", "address": "0x478570" }, { "name": "OpenClipboard", "address": "0x478574" }, { "name": "OffsetRect", "address": "0x478578" }, { "name": "OemToCharA", "address": "0x47857c" }, { "name": "MessageBoxA", "address": "0x478580" }, { "name": "MessageBeep", "address": "0x478584" }, { "name": "MapWindowPoints", "address": "0x478588" }, { "name": "MapVirtualKeyA", "address": "0x47858c" }, { "name": "LoadStringA", "address": "0x478590" }, { "name": "LoadKeyboardLayoutA", "address": "0x478594" }, { "name": "LoadIconA", "address": "0x478598" }, { "name": "LoadCursorA", "address": "0x47859c" }, { "name": "LoadBitmapA", "address": "0x4785a0" }, { "name": "KillTimer", "address": "0x4785a4" }, { "name": "IsZoomed", "address": "0x4785a8" }, { "name": "IsWindowVisible", "address": "0x4785ac" }, { "name": "IsWindowEnabled", "address": "0x4785b0" }, { "name": "IsWindow", "address": "0x4785b4" }, { "name": "IsRectEmpty", "address": "0x4785b8" }, { "name": "IsIconic", "address": "0x4785bc" }, { "name": "IsDialogMessageA", "address": "0x4785c0" }, { "name": "IsChild", "address": "0x4785c4" }, { "name": "IsCharAlphaNumericA", "address": "0x4785c8" }, { "name": "IsCharAlphaA", "address": "0x4785cc" }, { "name": "InvalidateRect", "address": "0x4785d0" }, { "name": "IntersectRect", "address": "0x4785d4" }, { "name": "InsertMenuItemA", "address": "0x4785d8" }, { "name": "InsertMenuA", "address": "0x4785dc" }, { "name": "InflateRect", "address": "0x4785e0" }, { "name": "GetWindowThreadProcessId", "address": "0x4785e4" }, { "name": "GetWindowTextA", "address": "0x4785e8" }, { "name": "GetWindowRect", "address": "0x4785ec" }, { "name": "GetWindowPlacement", "address": "0x4785f0" }, { "name": "GetWindowLongA", "address": "0x4785f4" }, { "name": "GetWindowDC", "address": "0x4785f8" }, { "name": "GetTopWindow", "address": "0x4785fc" }, { "name": "GetSystemMetrics", "address": "0x478600" }, { "name": "GetSystemMenu", "address": "0x478604" }, { "name": "GetSysColorBrush", "address": "0x478608" }, { "name": "GetSysColor", "address": "0x47860c" }, { "name": "GetSubMenu", "address": "0x478610" }, { "name": "GetScrollRange", "address": "0x478614" }, { "name": "GetScrollPos", "address": "0x478618" }, { "name": "GetScrollInfo", "address": "0x47861c" }, { "name": "GetPropA", "address": "0x478620" }, { "name": "GetParent", "address": "0x478624" }, { "name": "GetWindow", "address": "0x478628" }, { "name": "GetMessageTime", "address": "0x47862c" }, { "name": "GetMenuStringA", "address": "0x478630" }, { "name": "GetMenuState", "address": "0x478634" }, { "name": "GetMenuItemInfoA", "address": "0x478638" }, { "name": "GetMenuItemID", "address": "0x47863c" }, { "name": "GetMenuItemCount", "address": "0x478640" }, { "name": "GetMenu", "address": "0x478644" }, { "name": "GetLastActivePopup", "address": "0x478648" }, { "name": "GetKeyboardState", "address": "0x47864c" }, { "name": "GetKeyboardLayoutList", "address": "0x478650" }, { "name": "GetKeyboardLayout", "address": "0x478654" }, { "name": "GetKeyState", "address": "0x478658" }, { "name": "GetKeyNameTextA", "address": "0x47865c" }, { "name": "GetIconInfo", "address": "0x478660" }, { "name": "GetForegroundWindow", "address": "0x478664" }, { "name": "GetFocus", "address": "0x478668" }, { "name": "GetDesktopWindow", "address": "0x47866c" }, { "name": "GetDCEx", "address": "0x478670" }, { "name": "GetDC", "address": "0x478674" }, { "name": "GetCursorPos", "address": "0x478678" }, { "name": "GetCursor", "address": "0x47867c" }, { "name": "GetClipboardData", "address": "0x478680" }, { "name": "GetClientRect", "address": "0x478684" }, { "name": "GetClassNameA", "address": "0x478688" }, { "name": "GetClassInfoA", "address": "0x47868c" }, { "name": "GetCapture", "address": "0x478690" }, { "name": "GetActiveWindow", "address": "0x478694" }, { "name": "FrameRect", "address": "0x478698" }, { "name": "FindWindowA", "address": "0x47869c" }, { "name": "FillRect", "address": "0x4786a0" }, { "name": "EqualRect", "address": "0x4786a4" }, { "name": "EnumWindows", "address": "0x4786a8" }, { "name": "EnumThreadWindows", "address": "0x4786ac" }, { "name": "EnumClipboardFormats", "address": "0x4786b0" }, { "name": "EndPaint", "address": "0x4786b4" }, { "name": "EndDeferWindowPos", "address": "0x4786b8" }, { "name": "EnableWindow", "address": "0x4786bc" }, { "name": "EnableScrollBar", "address": "0x4786c0" }, { "name": "EnableMenuItem", "address": "0x4786c4" }, { "name": "EmptyClipboard", "address": "0x4786c8" }, { "name": "DrawTextA", "address": "0x4786cc" }, { "name": "DrawMenuBar", "address": "0x4786d0" }, { "name": "DrawIconEx", "address": "0x4786d4" }, { "name": "DrawIcon", "address": "0x4786d8" }, { "name": "DrawFrameControl", "address": "0x4786dc" }, { "name": "DrawFocusRect", "address": "0x4786e0" }, { "name": "DrawEdge", "address": "0x4786e4" }, { "name": "DispatchMessageA", "address": "0x4786e8" }, { "name": "DestroyWindow", "address": "0x4786ec" }, { "name": "DestroyMenu", "address": "0x4786f0" }, { "name": "DestroyIcon", "address": "0x4786f4" }, { "name": "DestroyCursor", "address": "0x4786f8" }, { "name": "DeleteMenu", "address": "0x4786fc" }, { "name": "DeferWindowPos", "address": "0x478700" }, { "name": "DefWindowProcA", "address": "0x478704" }, { "name": "DefMDIChildProcA", "address": "0x478708" }, { "name": "DefFrameProcA", "address": "0x47870c" }, { "name": "CreatePopupMenu", "address": "0x478710" }, { "name": "CreateMenu", "address": "0x478714" }, { "name": "CreateIcon", "address": "0x478718" }, { "name": "CloseClipboard", "address": "0x47871c" }, { "name": "ClientToScreen", "address": "0x478720" }, { "name": "CheckMenuItem", "address": "0x478724" }, { "name": "CallWindowProcA", "address": "0x478728" }, { "name": "CallNextHookEx", "address": "0x47872c" }, { "name": "BeginPaint", "address": "0x478730" }, { "name": "BeginDeferWindowPos", "address": "0x478734" }, { "name": "CharNextA", "address": "0x478738" }, { "name": "CharLowerBuffA", "address": "0x47873c" }, { "name": "CharLowerA", "address": "0x478740" }, { "name": "CharUpperBuffA", "address": "0x478744" }, { "name": "CharToOemA", "address": "0x478748" }, { "name": "AdjustWindowRectEx", "address": "0x47874c" }, { "name": "ActivateKeyboardLayout", "address": "0x478750" } ], "dll": "user32.dll" }, { "imports": [ { "name": "Sleep", "address": "0x478758" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "SafeArrayPtrOfIndex", "address": "0x478760" }, { "name": "SafeArrayGetUBound", "address": "0x478764" }, { "name": "SafeArrayGetLBound", "address": "0x478768" }, { "name": "SafeArrayCreate", "address": "0x47876c" }, { "name": "VariantChangeType", "address": "0x478770" }, { "name": "VariantCopy", "address": "0x478774" }, { "name": "VariantClear", "address": "0x478778" }, { "name": "VariantInit", "address": "0x47877c" } ], "dll": "oleaut32.dll" }, { "imports": [ { "name": "CreateStreamOnHGlobal", "address": "0x478784" }, { "name": "IsAccelerator", "address": "0x478788" }, { "name": "OleDraw", "address": "0x47878c" }, { "name": "OleSetMenuDescriptor", "address": "0x478790" }, { "name": "CoTaskMemFree", "address": "0x478794" }, { "name": "ProgIDFromCLSID", "address": "0x478798" }, { "name": "StringFromCLSID", "address": "0x47879c" }, { "name": "CoCreateInstance", "address": "0x4787a0" }, { "name": "CoGetClassObject", "address": "0x4787a4" }, { "name": "CoUninitialize", "address": "0x4787a8" }, { "name": "CoInitialize", "address": "0x4787ac" }, { "name": "IsEqualGUID", "address": "0x4787b0" } ], "dll": "ole32.dll" }, { "imports": [ { "name": "GetErrorInfo", "address": "0x4787b8" }, { "name": "GetActiveObject", "address": "0x4787bc" }, { "name": "SysFreeString", "address": "0x4787c0" } ], "dll": "oleaut32.dll" }, { "imports": [ { "name": "ImageList_SetIconSize", "address": "0x4787c8" }, { "name": "ImageList_GetIconSize", "address": "0x4787cc" }, { "name": "ImageList_Write", "address": "0x4787d0" }, { "name": "ImageList_Read", "address": "0x4787d4" }, { "name": "ImageList_GetDragImage", "address": "0x4787d8" }, { "name": "ImageList_DragShowNolock", "address": "0x4787dc" }, { "name": "ImageList_SetDragCursorImage", "address": "0x4787e0" }, { "name": "ImageList_DragMove", "address": "0x4787e4" }, { "name": "ImageList_DragLeave", "address": "0x4787e8" }, { "name": "ImageList_DragEnter", "address": "0x4787ec" }, { "name": "ImageList_EndDrag", "address": "0x4787f0" }, { "name": "ImageList_BeginDrag", "address": "0x4787f4" }, { "name": "ImageList_Remove", "address": "0x4787f8" }, { "name": "ImageList_DrawEx", "address": "0x4787fc" }, { "name": "ImageList_Draw", "address": "0x478800" }, { "name": "ImageList_GetBkColor", "address": "0x478804" }, { "name": "ImageList_SetBkColor", "address": "0x478808" }, { "name": "ImageList_ReplaceIcon", "address": "0x47880c" }, { "name": "ImageList_Add", "address": "0x478810" }, { "name": "ImageList_GetImageCount", "address": "0x478814" }, { "name": "ImageList_Destroy", "address": "0x478818" }, { "name": "ImageList_Create", "address": "0x47881c" } ], "dll": "comctl32.dll" }, { "imports": [ { "name": "OpenPrinterA", "address": "0x478824" }, { "name": "EnumPrintersA", "address": "0x478828" }, { "name": "DocumentPropertiesA", "address": "0x47882c" }, { "name": "ClosePrinter", "address": "0x478830" } ], "dll": "winspool.drv" }, { "imports": [ { "name": "PrintDlgA", "address": "0x478838" }, { "name": "ChooseColorA", "address": "0x47883c" } ], "dll": "comdlg32.dll" } ], "digital_signers": null, "exported_dll_name": null, "actual_checksum": "0x0010d01c", "overlay": { "size": "0x00000200", "offset": "0x000fe800" }, "imagebase": "0x00400000", "reported_checksum": "0x00000000", "icon_hash": null, "entrypoint": "0x0046c324", "timestamp": "1991-12-21 12:36:27", "osversion": "4.0", "sections": [ { "name": "CODE", "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ", "virtual_address": "0x00001000", "size_of_data": "0x0006b400", "entropy": "6.53", "raw_address": "0x00000400", "virtual_size": "0x0006b36c", "characteristics_raw": "0x60000020" }, { "name": "DATA", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x0006d000", "size_of_data": "0x00009800", "entropy": "5.01", "raw_address": "0x0006b800", "virtual_size": "0x00009648", "characteristics_raw": "0xc0000040" }, { "name": "BSS", "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x00077000", "size_of_data": "0x00000000", "entropy": "0.00", "raw_address": "0x00075000", "virtual_size": "0x00000d5d", "characteristics_raw": "0xc0000000" }, { "name": ".idata", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x00078000", "size_of_data": "0x00002600", "entropy": "5.02", "raw_address": "0x00075000", "virtual_size": "0x0000258e", "characteristics_raw": "0xc0000040" }, { "name": ".tls", "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x0007b000", "size_of_data": "0x00000000", "entropy": "0.00", "raw_address": "0x00077600", "virtual_size": "0x00000010", "characteristics_raw": "0xc0000000" }, { "name": ".rdata", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ", "virtual_address": "0x0007c000", "size_of_data": "0x00000200", "entropy": "0.21", "raw_address": "0x00077600", "virtual_size": "0x00000018", "characteristics_raw": "0x50000040" }, { "name": ".reloc", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ", "virtual_address": "0x0007d000", "size_of_data": "0x00008200", "entropy": "6.65", "raw_address": "0x00077800", "virtual_size": "0x00008024", "characteristics_raw": "0x50000040" }, { "name": ".rsrc", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ", "virtual_address": "0x00086000", "size_of_data": "0x0007ee00", "entropy": "7.45", "raw_address": "0x0007fa00", "virtual_size": "0x0007ec34", "characteristics_raw": "0x50000040" } ], "resources": [], "dirents": [ { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_EXPORT", "size": "0x00000000" }, { "virtual_address": "0x00078000", "name": "IMAGE_DIRECTORY_ENTRY_IMPORT", "size": "0x0000258e" }, { "virtual_address": "0x00086000", "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE", "size": "0x0007ec34" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_SECURITY", "size": "0x00000000" }, { "virtual_address": "0x0007d000", "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC", "size": "0x00008024" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_DEBUG", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR", "size": "0x00000000" }, { "virtual_address": "0x0007c000", "name": "IMAGE_DIRECTORY_ENTRY_TLS", "size": "0x00000018" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_IAT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_RESERVED", "size": "0x00000000" } ], "exports": [], "guest_signers": {}, "imphash": "0ea231930c15d70fe56362b6d930df5b", "icon_fuzzy": null, "icon": null, "pdbpath": null, "imported_dll_count": 17, "versioninfo": [] } } [*] Resolved APIs: [ "kernel32.dll.GetDiskFreeSpaceExA", "oleaut32.dll.VariantChangeTypeEx", "oleaut32.dll.VarNeg", "oleaut32.dll.VarNot", "oleaut32.dll.VarAdd", "oleaut32.dll.VarSub", "oleaut32.dll.VarMul", "oleaut32.dll.VarDiv", "oleaut32.dll.VarIdiv", "oleaut32.dll.VarMod", "oleaut32.dll.VarAnd", "oleaut32.dll.VarOr", "oleaut32.dll.VarXor", "oleaut32.dll.VarCmp", "oleaut32.dll.VarI4FromStr", "oleaut32.dll.VarR4FromStr", "oleaut32.dll.VarR8FromStr", "oleaut32.dll.VarDateFromStr", "oleaut32.dll.VarCyFromStr", "oleaut32.dll.VarBoolFromStr", "oleaut32.dll.VarBstrFromCy", "oleaut32.dll.VarBstrFromDate", "oleaut32.dll.VarBstrFromBool", "user32.dll.GetMonitorInfoA", "user32.dll.GetSystemMetrics", "user32.dll.EnumDisplayMonitors", "dwmapi.dll.DwmIsCompositionEnabled", "gdi32.dll.GetLayout", "gdi32.dll.GdiRealizationInfo", "gdi32.dll.FontIsLinked", "advapi32.dll.RegOpenKeyExW", "advapi32.dll.RegQueryInfoKeyW", "gdi32.dll.GetTextFaceAliasW", "advapi32.dll.RegEnumValueW", "advapi32.dll.RegCloseKey", "advapi32.dll.RegQueryValueExW", "gdi32.dll.GetFontAssocStatus", "advapi32.dll.RegQueryValueExA", "advapi32.dll.RegEnumKeyExW", "gdi32.dll.GdiIsMetaPrintDC", "user32.dll.AnimateWindow", "comctl32.dll.InitializeFlatSB", "comctl32.dll.UninitializeFlatSB", "comctl32.dll.FlatSB_GetScrollProp", "comctl32.dll.FlatSB_SetScrollProp", "comctl32.dll.FlatSB_EnableScrollBar", "comctl32.dll.FlatSB_ShowScrollBar", "comctl32.dll.FlatSB_GetScrollRange", "comctl32.dll.FlatSB_GetScrollInfo", "comctl32.dll.FlatSB_GetScrollPos", "comctl32.dll.FlatSB_SetScrollPos", "comctl32.dll.FlatSB_SetScrollInfo", "comctl32.dll.FlatSB_SetScrollRange", "user32.dll.SetLayeredWindowAttributes", "ole32.dll.CoCreateInstanceEx", "ole32.dll.CoInitializeEx", "ole32.dll.CoAddRefServerProcess", "ole32.dll.CoReleaseServerProcess", "ole32.dll.CoResumeClassObjects", "ole32.dll.CoSuspendClassObjects", "olepro32.dll.OleCreatePropertyFrame", "olepro32.dll.OleCreateFontIndirect", "olepro32.dll.OleCreatePictureIndirect", "olepro32.dll.OleLoadPicture" ] [*] Static Analysis: { "pe": { "peid_signatures": null, "imports": [ { "imports": [ { "name": "DeleteCriticalSection", "address": "0x478168" }, { "name": "LeaveCriticalSection", "address": "0x47816c" }, { "name": "EnterCriticalSection", "address": "0x478170" }, { "name": "InitializeCriticalSection", "address": "0x478174" }, { "name": "VirtualFree", "address": "0x478178" }, { "name": "VirtualAlloc", "address": "0x47817c" }, { "name": "LocalFree", "address": "0x478180" }, { "name": "LocalAlloc", "address": "0x478184" }, { "name": "GetVersion", "address": "0x478188" }, { "name": "GetCurrentThreadId", "address": "0x47818c" }, { "name": "InterlockedDecrement", "address": "0x478190" }, { "name": "InterlockedIncrement", "address": "0x478194" }, { "name": "VirtualQuery", "address": "0x478198" }, { "name": "WideCharToMultiByte", "address": "0x47819c" }, { "name": "MultiByteToWideChar", "address": "0x4781a0" }, { "name": "lstrlenA", "address": "0x4781a4" }, { "name": "lstrcpynA", "address": "0x4781a8" }, { "name": "LoadLibraryExA", "address": "0x4781ac" }, { "name": "GetThreadLocale", "address": "0x4781b0" }, { "name": "GetStartupInfoA", "address": "0x4781b4" }, { "name": "GetProcAddress", "address": "0x4781b8" }, { "name": "GetModuleHandleA", "address": "0x4781bc" }, { "name": "GetModuleFileNameA", "address": "0x4781c0" }, { "name": "GetLocaleInfoA", "address": "0x4781c4" }, { "name": "GetCommandLineA", "address": "0x4781c8" }, { "name": "FreeLibrary", "address": "0x4781cc" }, { "name": "FindFirstFileA", "address": "0x4781d0" }, { "name": "FindClose", "address": "0x4781d4" }, { "name": "ExitProcess", "address": "0x4781d8" }, { "name": "WriteFile", "address": "0x4781dc" }, { "name": "UnhandledExceptionFilter", "address": "0x4781e0" }, { "name": "RtlUnwind", "address": "0x4781e4" }, { "name": "RaiseException", "address": "0x4781e8" }, { "name": "GetStdHandle", "address": "0x4781ec" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "GetKeyboardType", "address": "0x4781f4" }, { "name": "LoadStringA", "address": "0x4781f8" }, { "name": "MessageBoxA", "address": "0x4781fc" }, { "name": "CharNextA", "address": "0x478200" } ], "dll": "user32.dll" }, { "imports": [ { "name": "RegQueryValueExA", "address": "0x478208" }, { "name": "RegOpenKeyExA", "address": "0x47820c" }, { "name": "RegCloseKey", "address": "0x478210" } ], "dll": "advapi32.dll" }, { "imports": [ { "name": "SysFreeString", "address": "0x478218" }, { "name": "SysReAllocStringLen", "address": "0x47821c" }, { "name": "SysAllocStringLen", "address": "0x478220" } ], "dll": "oleaut32.dll" }, { "imports": [ { "name": "TlsSetValue", "address": "0x478228" }, { "name": "TlsGetValue", "address": "0x47822c" }, { "name": "LocalAlloc", "address": "0x478230" }, { "name": "GetModuleHandleA", "address": "0x478234" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "RegQueryValueExA", "address": "0x47823c" }, { "name": "RegOpenKeyExA", "address": "0x478240" }, { "name": "RegCloseKey", "address": "0x478244" } ], "dll": "advapi32.dll" }, { "imports": [ { "name": "lstrcpyA", "address": "0x47824c" }, { "name": "WriteFile", "address": "0x478250" }, { "name": "WaitForSingleObject", "address": "0x478254" }, { "name": "VirtualQuery", "address": "0x478258" }, { "name": "VirtualAlloc", "address": "0x47825c" }, { "name": "Sleep", "address": "0x478260" }, { "name": "SizeofResource", "address": "0x478264" }, { "name": "SetThreadLocale", "address": "0x478268" }, { "name": "SetFilePointer", "address": "0x47826c" }, { "name": "SetEvent", "address": "0x478270" }, { "name": "SetErrorMode", "address": "0x478274" }, { "name": "SetEndOfFile", "address": "0x478278" }, { "name": "ResetEvent", "address": "0x47827c" }, { "name": "ReadFile", "address": "0x478280" }, { "name": "MultiByteToWideChar", "address": "0x478284" }, { "name": "MulDiv", "address": "0x478288" }, { "name": "LockResource", "address": "0x47828c" }, { "name": "LoadResource", "address": "0x478290" }, { "name": "LoadLibraryA", "address": "0x478294" }, { "name": "LeaveCriticalSection", "address": "0x478298" }, { "name": "InitializeCriticalSection", "address": "0x47829c" }, { "name": "GlobalUnlock", "address": "0x4782a0" }, { "name": "GlobalSize", "address": "0x4782a4" }, { "name": "GlobalReAlloc", "address": "0x4782a8" }, { "name": "GlobalHandle", "address": "0x4782ac" }, { "name": "GlobalLock", "address": "0x4782b0" }, { "name": "GlobalFree", "address": "0x4782b4" }, { "name": "GlobalFindAtomA", "address": "0x4782b8" }, { "name": "GlobalDeleteAtom", "address": "0x4782bc" }, { "name": "GlobalAlloc", "address": "0x4782c0" }, { "name": "GlobalAddAtomA", "address": "0x4782c4" }, { "name": "GetVersionExA", "address": "0x4782c8" }, { "name": "GetVersion", "address": "0x4782cc" }, { "name": "GetUserDefaultLCID", "address": "0x4782d0" }, { "name": "GetTickCount", "address": "0x4782d4" }, { "name": "GetThreadLocale", "address": "0x4782d8" }, { "name": "GetSystemInfo", "address": "0x4782dc" }, { "name": "GetStringTypeExA", "address": "0x4782e0" }, { "name": "GetStdHandle", "address": "0x4782e4" }, { "name": "GetProfileStringA", "address": "0x4782e8" }, { "name": "GetProcAddress", "address": "0x4782ec" }, { "name": "GetPriorityClass", "address": "0x4782f0" }, { "name": "GetModuleHandleA", "address": "0x4782f4" }, { "name": "GetModuleFileNameA", "address": "0x4782f8" }, { "name": "GetLocaleInfoA", "address": "0x4782fc" }, { "name": "GetLocalTime", "address": "0x478300" }, { "name": "GetLastError", "address": "0x478304" }, { "name": "GetFullPathNameA", "address": "0x478308" }, { "name": "GetDiskFreeSpaceA", "address": "0x47830c" }, { "name": "GetDateFormatA", "address": "0x478310" }, { "name": "GetCurrentThreadId", "address": "0x478314" }, { "name": "GetCurrentProcessId", "address": "0x478318" }, { "name": "GetComputerNameA", "address": "0x47831c" }, { "name": "GetCPInfo", "address": "0x478320" }, { "name": "GetACP", "address": "0x478324" }, { "name": "FreeResource", "address": "0x478328" }, { "name": "InterlockedExchange", "address": "0x47832c" }, { "name": "FreeLibrary", "address": "0x478330" }, { "name": "FormatMessageA", "address": "0x478334" }, { "name": "FindResourceA", "address": "0x478338" }, { "name": "EnumCalendarInfoA", "address": "0x47833c" }, { "name": "EnterCriticalSection", "address": "0x478340" }, { "name": "DeleteCriticalSection", "address": "0x478344" }, { "name": "CreateThread", "address": "0x478348" }, { "name": "CreateFileA", "address": "0x47834c" }, { "name": "CreateEventA", "address": "0x478350" }, { "name": "CompareStringA", "address": "0x478354" }, { "name": "CloseHandle", "address": "0x478358" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "VerQueryValueA", "address": "0x478360" }, { "name": "GetFileVersionInfoSizeA", "address": "0x478364" }, { "name": "GetFileVersionInfoA", "address": "0x478368" } ], "dll": "version.dll" }, { "imports": [ { "name": "UnrealizeObject", "address": "0x478370" }, { "name": "StretchBlt", "address": "0x478374" }, { "name": "SetWindowOrgEx", "address": "0x478378" }, { "name": "SetWinMetaFileBits", "address": "0x47837c" }, { "name": "SetViewportOrgEx", "address": "0x478380" }, { "name": "SetTextColor", "address": "0x478384" }, { "name": "SetStretchBltMode", "address": "0x478388" }, { "name": "SetROP2", "address": "0x47838c" }, { "name": "SetPixel", "address": "0x478390" }, { "name": "SetMapMode", "address": "0x478394" }, { "name": "SetEnhMetaFileBits", "address": "0x478398" }, { "name": "SetDIBColorTable", "address": "0x47839c" }, { "name": "SetBrushOrgEx", "address": "0x4783a0" }, { "name": "SetBkMode", "address": "0x4783a4" }, { "name": "SetBkColor", "address": "0x4783a8" }, { "name": "SelectPalette", "address": "0x4783ac" }, { "name": "SelectObject", "address": "0x4783b0" }, { "name": "SelectClipRgn", "address": "0x4783b4" }, { "name": "ScaleWindowExtEx", "address": "0x4783b8" }, { "name": "SaveDC", "address": "0x4783bc" }, { "name": "RestoreDC", "address": "0x4783c0" }, { "name": "RectVisible", "address": "0x4783c4" }, { "name": "RealizePalette", "address": "0x4783c8" }, { "name": "Polyline", "address": "0x4783cc" }, { "name": "PlayEnhMetaFile", "address": "0x4783d0" }, { "name": "PatBlt", "address": "0x4783d4" }, { "name": "MoveToEx", "address": "0x4783d8" }, { "name": "MaskBlt", "address": "0x4783dc" }, { "name": "LineTo", "address": "0x4783e0" }, { "name": "LPtoDP", "address": "0x4783e4" }, { "name": "IntersectClipRect", "address": "0x4783e8" }, { "name": "GetWindowOrgEx", "address": "0x4783ec" }, { "name": "GetWinMetaFileBits", "address": "0x4783f0" }, { "name": "GetTextMetricsA", "address": "0x4783f4" }, { "name": "GetTextExtentPoint32A", "address": "0x4783f8" }, { "name": "GetSystemPaletteEntries", "address": "0x4783fc" }, { "name": "GetStockObject", "address": "0x478400" }, { "name": "GetPixel", "address": "0x478404" }, { "name": "GetPaletteEntries", "address": "0x478408" }, { "name": "GetObjectA", "address": "0x47840c" }, { "name": "GetEnhMetaFilePaletteEntries", "address": "0x478410" }, { "name": "GetEnhMetaFileHeader", "address": "0x478414" }, { "name": "GetEnhMetaFileDescriptionA", "address": "0x478418" }, { "name": "GetEnhMetaFileBits", "address": "0x47841c" }, { "name": "GetDeviceCaps", "address": "0x478420" }, { "name": "GetDIBits", "address": "0x478424" }, { "name": "GetDIBColorTable", "address": "0x478428" }, { "name": "GetDCOrgEx", "address": "0x47842c" }, { "name": "GetCurrentPositionEx", "address": "0x478430" }, { "name": "GetClipBox", "address": "0x478434" }, { "name": "GetBrushOrgEx", "address": "0x478438" }, { "name": "GetBitmapBits", "address": "0x47843c" }, { "name": "ExtTextOutA", "address": "0x478440" }, { "name": "ExcludeClipRect", "address": "0x478444" }, { "name": "EndPage", "address": "0x478448" }, { "name": "EndDoc", "address": "0x47844c" }, { "name": "DeleteObject", "address": "0x478450" }, { "name": "DeleteEnhMetaFile", "address": "0x478454" }, { "name": "DeleteDC", "address": "0x478458" }, { "name": "CreateSolidBrush", "address": "0x47845c" }, { "name": "CreatePenIndirect", "address": "0x478460" }, { "name": "CreatePalette", "address": "0x478464" }, { "name": "CreateICA", "address": "0x478468" }, { "name": "CreateHalftonePalette", "address": "0x47846c" }, { "name": "CreateFontIndirectA", "address": "0x478470" }, { "name": "CreateEnhMetaFileA", "address": "0x478474" }, { "name": "CreateDIBitmap", "address": "0x478478" }, { "name": "CreateDIBSection", "address": "0x47847c" }, { "name": "CreateDCA", "address": "0x478480" }, { "name": "CreateCompatibleDC", "address": "0x478484" }, { "name": "CreateCompatibleBitmap", "address": "0x478488" }, { "name": "CreateBrushIndirect", "address": "0x47848c" }, { "name": "CreateBitmap", "address": "0x478490" }, { "name": "CopyEnhMetaFileA", "address": "0x478494" }, { "name": "CloseEnhMetaFile", "address": "0x478498" }, { "name": "BitBlt", "address": "0x47849c" } ], "dll": "gdi32.dll" }, { "imports": [ { "name": "CreateWindowExA", "address": "0x4784a4" }, { "name": "WindowFromPoint", "address": "0x4784a8" }, { "name": "WinHelpA", "address": "0x4784ac" }, { "name": "WaitMessage", "address": "0x4784b0" }, { "name": "UpdateWindow", "address": "0x4784b4" }, { "name": "UnregisterClassA", "address": "0x4784b8" }, { "name": "UnhookWindowsHookEx", "address": "0x4784bc" }, { "name": "TranslateMessage", "address": "0x4784c0" }, { "name": "TranslateMDISysAccel", "address": "0x4784c4" }, { "name": "TrackPopupMenu", "address": "0x4784c8" }, { "name": "SystemParametersInfoA", "address": "0x4784cc" }, { "name": "ShowWindow", "address": "0x4784d0" }, { "name": "ShowScrollBar", "address": "0x4784d4" }, { "name": "ShowOwnedPopups", "address": "0x4784d8" }, { "name": "ShowCursor", "address": "0x4784dc" }, { "name": "SetWindowsHookExA", "address": "0x4784e0" }, { "name": "SetWindowTextA", "address": "0x4784e4" }, { "name": "SetWindowPos", "address": "0x4784e8" }, { "name": "SetWindowPlacement", "address": "0x4784ec" }, { "name": "SetWindowLongA", "address": "0x4784f0" }, { "name": "SetTimer", "address": "0x4784f4" }, { "name": "SetScrollRange", "address": "0x4784f8" }, { "name": "SetScrollPos", "address": "0x4784fc" }, { "name": "SetScrollInfo", "address": "0x478500" }, { "name": "SetRect", "address": "0x478504" }, { "name": "SetPropA", "address": "0x478508" }, { "name": "SetParent", "address": "0x47850c" }, { "name": "SetMenuItemInfoA", "address": "0x478510" }, { "name": "SetMenu", "address": "0x478514" }, { "name": "SetKeyboardState", "address": "0x478518" }, { "name": "SetForegroundWindow", "address": "0x47851c" }, { "name": "SetFocus", "address": "0x478520" }, { "name": "SetCursor", "address": "0x478524" }, { "name": "SetClipboardData", "address": "0x478528" }, { "name": "SetClassLongA", "address": "0x47852c" }, { "name": "SetCapture", "address": "0x478530" }, { "name": "SetActiveWindow", "address": "0x478534" }, { "name": "SendMessageA", "address": "0x478538" }, { "name": "ScrollWindow", "address": "0x47853c" }, { "name": "ScreenToClient", "address": "0x478540" }, { "name": "RemovePropA", "address": "0x478544" }, { "name": "RemoveMenu", "address": "0x478548" }, { "name": "ReleaseDC", "address": "0x47854c" }, { "name": "ReleaseCapture", "address": "0x478550" }, { "name": "RegisterWindowMessageA", "address": "0x478554" }, { "name": "RegisterClipboardFormatA", "address": "0x478558" }, { "name": "RegisterClassA", "address": "0x47855c" }, { "name": "RedrawWindow", "address": "0x478560" }, { "name": "PtInRect", "address": "0x478564" }, { "name": "PostQuitMessage", "address": "0x478568" }, { "name": "PostMessageA", "address": "0x47856c" }, { "name": "PeekMessageA", "address": "0x478570" }, { "name": "OpenClipboard", "address": "0x478574" }, { "name": "OffsetRect", "address": "0x478578" }, { "name": "OemToCharA", "address": "0x47857c" }, { "name": "MessageBoxA", "address": "0x478580" }, { "name": "MessageBeep", "address": "0x478584" }, { "name": "MapWindowPoints", "address": "0x478588" }, { "name": "MapVirtualKeyA", "address": "0x47858c" }, { "name": "LoadStringA", "address": "0x478590" }, { "name": "LoadKeyboardLayoutA", "address": "0x478594" }, { "name": "LoadIconA", "address": "0x478598" }, { "name": "LoadCursorA", "address": "0x47859c" }, { "name": "LoadBitmapA", "address": "0x4785a0" }, { "name": "KillTimer", "address": "0x4785a4" }, { "name": "IsZoomed", "address": "0x4785a8" }, { "name": "IsWindowVisible", "address": "0x4785ac" }, { "name": "IsWindowEnabled", "address": "0x4785b0" }, { "name": "IsWindow", "address": "0x4785b4" }, { "name": "IsRectEmpty", "address": "0x4785b8" }, { "name": "IsIconic", "address": "0x4785bc" }, { "name": "IsDialogMessageA", "address": "0x4785c0" }, { "name": "IsChild", "address": "0x4785c4" }, { "name": "IsCharAlphaNumericA", "address": "0x4785c8" }, { "name": "IsCharAlphaA", "address": "0x4785cc" }, { "name": "InvalidateRect", "address": "0x4785d0" }, { "name": "IntersectRect", "address": "0x4785d4" }, { "name": "InsertMenuItemA", "address": "0x4785d8" }, { "name": "InsertMenuA", "address": "0x4785dc" }, { "name": "InflateRect", "address": "0x4785e0" }, { "name": "GetWindowThreadProcessId", "address": "0x4785e4" }, { "name": "GetWindowTextA", "address": "0x4785e8" }, { "name": "GetWindowRect", "address": "0x4785ec" }, { "name": "GetWindowPlacement", "address": "0x4785f0" }, { "name": "GetWindowLongA", "address": "0x4785f4" }, { "name": "GetWindowDC", "address": "0x4785f8" }, { "name": "GetTopWindow", "address": "0x4785fc" }, { "name": "GetSystemMetrics", "address": "0x478600" }, { "name": "GetSystemMenu", "address": "0x478604" }, { "name": "GetSysColorBrush", "address": "0x478608" }, { "name": "GetSysColor", "address": "0x47860c" }, { "name": "GetSubMenu", "address": "0x478610" }, { "name": "GetScrollRange", "address": "0x478614" }, { "name": "GetScrollPos", "address": "0x478618" }, { "name": "GetScrollInfo", "address": "0x47861c" }, { "name": "GetPropA", "address": "0x478620" }, { "name": "GetParent", "address": "0x478624" }, { "name": "GetWindow", "address": "0x478628" }, { "name": "GetMessageTime", "address": "0x47862c" }, { "name": "GetMenuStringA", "address": "0x478630" }, { "name": "GetMenuState", "address": "0x478634" }, { "name": "GetMenuItemInfoA", "address": "0x478638" }, { "name": "GetMenuItemID", "address": "0x47863c" }, { "name": "GetMenuItemCount", "address": "0x478640" }, { "name": "GetMenu", "address": "0x478644" }, { "name": "GetLastActivePopup", "address": "0x478648" }, { "name": "GetKeyboardState", "address": "0x47864c" }, { "name": "GetKeyboardLayoutList", "address": "0x478650" }, { "name": "GetKeyboardLayout", "address": "0x478654" }, { "name": "GetKeyState", "address": "0x478658" }, { "name": "GetKeyNameTextA", "address": "0x47865c" }, { "name": "GetIconInfo", "address": "0x478660" }, { "name": "GetForegroundWindow", "address": "0x478664" }, { "name": "GetFocus", "address": "0x478668" }, { "name": "GetDesktopWindow", "address": "0x47866c" }, { "name": "GetDCEx", "address": "0x478670" }, { "name": "GetDC", "address": "0x478674" }, { "name": "GetCursorPos", "address": "0x478678" }, { "name": "GetCursor", "address": "0x47867c" }, { "name": "GetClipboardData", "address": "0x478680" }, { "name": "GetClientRect", "address": "0x478684" }, { "name": "GetClassNameA", "address": "0x478688" }, { "name": "GetClassInfoA", "address": "0x47868c" }, { "name": "GetCapture", "address": "0x478690" }, { "name": "GetActiveWindow", "address": "0x478694" }, { "name": "FrameRect", "address": "0x478698" }, { "name": "FindWindowA", "address": "0x47869c" }, { "name": "FillRect", "address": "0x4786a0" }, { "name": "EqualRect", "address": "0x4786a4" }, { "name": "EnumWindows", "address": "0x4786a8" }, { "name": "EnumThreadWindows", "address": "0x4786ac" }, { "name": "EnumClipboardFormats", "address": "0x4786b0" }, { "name": "EndPaint", "address": "0x4786b4" }, { "name": "EndDeferWindowPos", "address": "0x4786b8" }, { "name": "EnableWindow", "address": "0x4786bc" }, { "name": "EnableScrollBar", "address": "0x4786c0" }, { "name": "EnableMenuItem", "address": "0x4786c4" }, { "name": "EmptyClipboard", "address": "0x4786c8" }, { "name": "DrawTextA", "address": "0x4786cc" }, { "name": "DrawMenuBar", "address": "0x4786d0" }, { "name": "DrawIconEx", "address": "0x4786d4" }, { "name": "DrawIcon", "address": "0x4786d8" }, { "name": "DrawFrameControl", "address": "0x4786dc" }, { "name": "DrawFocusRect", "address": "0x4786e0" }, { "name": "DrawEdge", "address": "0x4786e4" }, { "name": "DispatchMessageA", "address": "0x4786e8" }, { "name": "DestroyWindow", "address": "0x4786ec" }, { "name": "DestroyMenu", "address": "0x4786f0" }, { "name": "DestroyIcon", "address": "0x4786f4" }, { "name": "DestroyCursor", "address": "0x4786f8" }, { "name": "DeleteMenu", "address": "0x4786fc" }, { "name": "DeferWindowPos", "address": "0x478700" }, { "name": "DefWindowProcA", "address": "0x478704" }, { "name": "DefMDIChildProcA", "address": "0x478708" }, { "name": "DefFrameProcA", "address": "0x47870c" }, { "name": "CreatePopupMenu", "address": "0x478710" }, { "name": "CreateMenu", "address": "0x478714" }, { "name": "CreateIcon", "address": "0x478718" }, { "name": "CloseClipboard", "address": "0x47871c" }, { "name": "ClientToScreen", "address": "0x478720" }, { "name": "CheckMenuItem", "address": "0x478724" }, { "name": "CallWindowProcA", "address": "0x478728" }, { "name": "CallNextHookEx", "address": "0x47872c" }, { "name": "BeginPaint", "address": "0x478730" }, { "name": "BeginDeferWindowPos", "address": "0x478734" }, { "name": "CharNextA", "address": "0x478738" }, { "name": "CharLowerBuffA", "address": "0x47873c" }, { "name": "CharLowerA", "address": "0x478740" }, { "name": "CharUpperBuffA", "address": "0x478744" }, { "name": "CharToOemA", "address": "0x478748" }, { "name": "AdjustWindowRectEx", "address": "0x47874c" }, { "name": "ActivateKeyboardLayout", "address": "0x478750" } ], "dll": "user32.dll" }, { "imports": [ { "name": "Sleep", "address": "0x478758" } ], "dll": "kernel32.dll" }, { "imports": [ { "name": "SafeArrayPtrOfIndex", "address": "0x478760" }, { "name": "SafeArrayGetUBound", "address": "0x478764" }, { "name": "SafeArrayGetLBound", "address": "0x478768" }, { "name": "SafeArrayCreate", "address": "0x47876c" }, { "name": "VariantChangeType", "address": "0x478770" }, { "name": "VariantCopy", "address": "0x478774" }, { "name": "VariantClear", "address": "0x478778" }, { "name": "VariantInit", "address": "0x47877c" } ], "dll": "oleaut32.dll" }, { "imports": [ { "name": "CreateStreamOnHGlobal", "address": "0x478784" }, { "name": "IsAccelerator", "address": "0x478788" }, { "name": "OleDraw", "address": "0x47878c" }, { "name": "OleSetMenuDescriptor", "address": "0x478790" }, { "name": "CoTaskMemFree", "address": "0x478794" }, { "name": "ProgIDFromCLSID", "address": "0x478798" }, { "name": "StringFromCLSID", "address": "0x47879c" }, { "name": "CoCreateInstance", "address": "0x4787a0" }, { "name": "CoGetClassObject", "address": "0x4787a4" }, { "name": "CoUninitialize", "address": "0x4787a8" }, { "name": "CoInitialize", "address": "0x4787ac" }, { "name": "IsEqualGUID", "address": "0x4787b0" } ], "dll": "ole32.dll" }, { "imports": [ { "name": "GetErrorInfo", "address": "0x4787b8" }, { "name": "GetActiveObject", "address": "0x4787bc" }, { "name": "SysFreeString", "address": "0x4787c0" } ], "dll": "oleaut32.dll" }, { "imports": [ { "name": "ImageList_SetIconSize", "address": "0x4787c8" }, { "name": "ImageList_GetIconSize", "address": "0x4787cc" }, { "name": "ImageList_Write", "address": "0x4787d0" }, { "name": "ImageList_Read", "address": "0x4787d4" }, { "name": "ImageList_GetDragImage", "address": "0x4787d8" }, { "name": "ImageList_DragShowNolock", "address": "0x4787dc" }, { "name": "ImageList_SetDragCursorImage", "address": "0x4787e0" }, { "name": "ImageList_DragMove", "address": "0x4787e4" }, { "name": "ImageList_DragLeave", "address": "0x4787e8" }, { "name": "ImageList_DragEnter", "address": "0x4787ec" }, { "name": "ImageList_EndDrag", "address": "0x4787f0" }, { "name": "ImageList_BeginDrag", "address": "0x4787f4" }, { "name": "ImageList_Remove", "address": "0x4787f8" }, { "name": "ImageList_DrawEx", "address": "0x4787fc" }, { "name": "ImageList_Draw", "address": "0x478800" }, { "name": "ImageList_GetBkColor", "address": "0x478804" }, { "name": "ImageList_SetBkColor", "address": "0x478808" }, { "name": "ImageList_ReplaceIcon", "address": "0x47880c" }, { "name": "ImageList_Add", "address": "0x478810" }, { "name": "ImageList_GetImageCount", "address": "0x478814" }, { "name": "ImageList_Destroy", "address": "0x478818" }, { "name": "ImageList_Create", "address": "0x47881c" } ], "dll": "comctl32.dll" }, { "imports": [ { "name": "OpenPrinterA", "address": "0x478824" }, { "name": "EnumPrintersA", "address": "0x478828" }, { "name": "DocumentPropertiesA", "address": "0x47882c" }, { "name": "ClosePrinter", "address": "0x478830" } ], "dll": "winspool.drv" }, { "imports": [ { "name": "PrintDlgA", "address": "0x478838" }, { "name": "ChooseColorA", "address": "0x47883c" } ], "dll": "comdlg32.dll" } ], "digital_signers": null, "exported_dll_name": null, "actual_checksum": "0x0010d01c", "overlay": { "size": "0x00000200", "offset": "0x000fe800" }, "imagebase": "0x00400000", "reported_checksum": "0x00000000", "icon_hash": null, "entrypoint": "0x0046c324", "timestamp": "1991-12-21 12:36:27", "osversion": "4.0", "sections": [ { "name": "CODE", "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ", "virtual_address": "0x00001000", "size_of_data": "0x0006b400", "entropy": "6.53", "raw_address": "0x00000400", "virtual_size": "0x0006b36c", "characteristics_raw": "0x60000020" }, { "name": "DATA", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x0006d000", "size_of_data": "0x00009800", "entropy": "5.01", "raw_address": "0x0006b800", "virtual_size": "0x00009648", "characteristics_raw": "0xc0000040" }, { "name": "BSS", "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x00077000", "size_of_data": "0x00000000", "entropy": "0.00", "raw_address": "0x00075000", "virtual_size": "0x00000d5d", "characteristics_raw": "0xc0000000" }, { "name": ".idata", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x00078000", "size_of_data": "0x00002600", "entropy": "5.02", "raw_address": "0x00075000", "virtual_size": "0x0000258e", "characteristics_raw": "0xc0000040" }, { "name": ".tls", "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE", "virtual_address": "0x0007b000", "size_of_data": "0x00000000", "entropy": "0.00", "raw_address": "0x00077600", "virtual_size": "0x00000010", "characteristics_raw": "0xc0000000" }, { "name": ".rdata", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ", "virtual_address": "0x0007c000", "size_of_data": "0x00000200", "entropy": "0.21", "raw_address": "0x00077600", "virtual_size": "0x00000018", "characteristics_raw": "0x50000040" }, { "name": ".reloc", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ", "virtual_address": "0x0007d000", "size_of_data": "0x00008200", "entropy": "6.65", "raw_address": "0x00077800", "virtual_size": "0x00008024", "characteristics_raw": "0x50000040" }, { "name": ".rsrc", "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ", "virtual_address": "0x00086000", "size_of_data": "0x0007ee00", "entropy": "7.45", "raw_address": "0x0007fa00", "virtual_size": "0x0007ec34", "characteristics_raw": "0x50000040" } ], "resources": [], "dirents": [ { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_EXPORT", "size": "0x00000000" }, { "virtual_address": "0x00078000", "name": "IMAGE_DIRECTORY_ENTRY_IMPORT", "size": "0x0000258e" }, { "virtual_address": "0x00086000", "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE", "size": "0x0007ec34" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_SECURITY", "size": "0x00000000" }, { "virtual_address": "0x0007d000", "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC", "size": "0x00008024" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_DEBUG", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR", "size": "0x00000000" }, { "virtual_address": "0x0007c000", "name": "IMAGE_DIRECTORY_ENTRY_TLS", "size": "0x00000018" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_IAT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR", "size": "0x00000000" }, { "virtual_address": "0x00000000", "name": "IMAGE_DIRECTORY_ENTRY_RESERVED", "size": "0x00000000" } ], "exports": [], "guest_signers": {}, "imphash": "0ea231930c15d70fe56362b6d930df5b", "icon_fuzzy": null, "icon": null, "pdbpath": null, "imported_dll_count": 17, "versioninfo": [] } }
Optional Paste Settings
Category:
None
Cryptocurrency
Cybersecurity
Fixit
Food
Gaming
Haiku
Help
History
Housing
Jokes
Legal
Money
Movies
Music
Pets
Photo
Science
Software
Source Code
Spirit
Sports
Travel
TV
Writing
Tags:
Syntax Highlighting:
None
Bash
C
C#
C++
CSS
HTML
JSON
Java
JavaScript
Lua
Markdown (PRO members only)
Objective C
PHP
Perl
Python
Ruby
Swift
4CS
6502 ACME Cross Assembler
6502 Kick Assembler
6502 TASM/64TASS
ABAP
AIMMS
ALGOL 68
APT Sources
ARM
ASM (NASM)
ASP
ActionScript
ActionScript 3
Ada
Apache Log
AppleScript
Arduino
Asymptote
AutoIt
Autohotkey
Avisynth
Awk
BASCOM AVR
BNF
BOO
Bash
Basic4GL
Batch
BibTeX
Blitz Basic
Blitz3D
BlitzMax
BrainFuck
C
C (WinAPI)
C Intermediate Language
C for Macs
C#
C++
C++ (WinAPI)
C++ (with Qt extensions)
C: Loadrunner
CAD DCL
CAD Lisp
CFDG
CMake
COBOL
CSS
Ceylon
ChaiScript
Chapel
Clojure
Clone C
Clone C++
CoffeeScript
ColdFusion
Cuesheet
D
DCL
DCPU-16
DCS
DIV
DOT
Dart
Delphi
Delphi Prism (Oxygene)
Diff
E
ECMAScript
EPC
Easytrieve
Eiffel
Email
Erlang
Euphoria
F#
FO Language
Falcon
Filemaker
Formula One
Fortran
FreeBasic
FreeSWITCH
GAMBAS
GDB
GDScript
Game Maker
Genero
Genie
GetText
Go
Godot GLSL
Groovy
GwBasic
HQ9 Plus
HTML
HTML 5
Haskell
Haxe
HicEst
IDL
INI file
INTERCAL
IO
ISPF Panel Definition
Icon
Inno Script
J
JCL
JSON
Java
Java 5
JavaScript
Julia
KSP (Kontakt Script)
KiXtart
Kotlin
LDIF
LLVM
LOL Code
LScript
Latex
Liberty BASIC
Linden Scripting
Lisp
Loco Basic
Logtalk
Lotus Formulas
Lotus Script
Lua
M68000 Assembler
MIX Assembler
MK-61/52
MPASM
MXML
MagikSF
Make
MapBasic
Markdown (PRO members only)
MatLab
Mercury
MetaPost
Modula 2
Modula 3
Motorola 68000 HiSoft Dev
MySQL
Nagios
NetRexx
Nginx
Nim
NullSoft Installer
OCaml
OCaml Brief
Oberon 2
Objeck Programming Langua
Objective C
Octave
Open Object Rexx
OpenBSD PACKET FILTER
OpenGL Shading
Openoffice BASIC
Oracle 11
Oracle 8
Oz
PARI/GP
PCRE
PHP
PHP Brief
PL/I
PL/SQL
POV-Ray
ParaSail
Pascal
Pawn
Per
Perl
Perl 6
Phix
Pic 16
Pike
Pixel Bender
PostScript
PostgreSQL
PowerBuilder
PowerShell
ProFTPd
Progress
Prolog
Properties
ProvideX
Puppet
PureBasic
PyCon
Python
Python for S60
QBasic
QML
R
RBScript
REBOL
REG
RPM Spec
Racket
Rails
Rexx
Robots
Roff Manpage
Ruby
Ruby Gnuplot
Rust
SAS
SCL
SPARK
SPARQL
SQF
SQL
SSH Config
Scala
Scheme
Scilab
SdlBasic
Smalltalk
Smarty
StandardML
StoneScript
SuperCollider
Swift
SystemVerilog
T-SQL
TCL
TeXgraph
Tera Term
TypeScript
TypoScript
UPC
Unicon
UnrealScript
Urbi
VB.NET
VBScript
VHDL
VIM
Vala
Vedit
VeriLog
Visual Pro Log
VisualBasic
VisualFoxPro
WHOIS
WhiteSpace
Winbatch
XBasic
XML
XPP
Xojo
Xorg Config
YAML
YARA
Z80 Assembler
ZXBasic
autoconf
jQuery
mIRC
newLISP
q/kdb+
thinBasic
Paste Expiration:
Never
Burn after read
10 Minutes
1 Hour
1 Day
1 Week
2 Weeks
1 Month
6 Months
1 Year
Paste Exposure:
Public
Unlisted
Private
Folder:
(members only)
Password
NEW
Enabled
Disabled
Burn after read
NEW
Paste Name / Title:
Create New Paste
Hello
Guest
Sign Up
or
Login
Sign in with Facebook
Sign in with Twitter
Sign in with Google
You are currently not logged in, this means you can not edit or delete anything you paste.
Sign Up
or
Login
Public Pastes
VinCheckUp
4 hours ago | 1.69 KB
Dark Warning 4
8 hours ago | 0.72 KB
Dark Warning 3
8 hours ago | 0.21 KB
Dark Warning 2
8 hours ago | 5.63 KB
Dark Warning 1
8 hours ago | 1.50 KB
BH V BD 2
8 hours ago | 2.07 KB
BH V BD 1
8 hours ago | 1.07 KB
Boba Fett Pursuit 3
8 hours ago | 6.33 KB
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the
Cookies Policy
.
OK, I Understand
Not a member of Pastebin yet?
Sign Up
, it unlocks many cool features!