filename | Aurora-A11.exe_539416_307200.exe | |
---|---|---|
size | 307200 (0x4b000) | |
md5 | a14a9c589f6938d2c6621ab8938bb120 | |
type | PE32 executable (GUI) Intel 80386, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xf0 |
Rich Header
lib id | version | times used |
---|---|---|
10 | 8047 | 1 |
11 | 8047 | 7 |
12 | 7291 | 6 |
0 | 0 | 6 |
19 | 8034 | 15 |
1 | 0 | 382 |
14 | 7299 | 27 |
10 | 9782 | 153 |
11 | 9782 | 75 |
6 | 1735 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
name | va | vsize | raw size | flags | |
---|---|---|---|---|---|
.text | 0x1000 | 0x2793a | 0x28000 | R-X CODE | |
.rdata | 0x29000 | 0x8774 | 0x9000 | R-- IDATA | |
.data | 0x32000 | 0x1c754 | 0x13000 | RW- IDATA | |
.rsrc | 0x4f000 | 0x5480 | 0x6000 | R-- IDATA |
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x30328 | 0xa0 | |
RESOURCE | 0x4f000 | 0x5480 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0 | 0 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0 | 0 | |
Bound_IAT | 0 | 0 | |
IAT | 0x29000 | 0x3c0 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
id | lang | string |
---|---|---|
10102 | 1033 | Property Sheet |
10108 | 1033 | Software\AMI\AFUWIN |
10109 | 1033 | To ensure that no other program interferes with the BIOS update process, it is highly recommended to close all other programs before continue. Please do not shutdown or suspend your system during the BIOS update. |
10110 | 1033 | ErrorCode |
10111 | 1033 | ErrorMessage |
11001 | 1033 | Current Operating System. |
11002 | 1033 | BIOS chipset name. |
11003 | 1033 | BIOS size in bytes. |
11004 | 1033 | BIOS bootblock size in bytes. |
11005 | 1033 | BIOS Non-Volatile-RAM size in bytes. |
11006 | 1033 | BIOS core version. |
11007 | 1033 | BIOS release date. |
11008 | 1033 | BIOS ID of current system. |
11009 | 1033 | BIOS file = Unknown. |
11010 | 1033 | BIOS ID of file = Unknown. |
12001 | 1033 | Check this to program all blocks. |
12002 | 1033 | Check this to program main BIOS image. |
12003 | 1033 | Check this to program bootblock. |
12004 | 1033 | Check this to program Non-Volatile-RAM. |
12005 | 1033 | If available, check this to program embedded controller. |
12006 | 1033 | If BIOS supports the ME Ignition Firmware update, check this to program it. NOTE: Disable it when ROM File doesn't contains ME firmware data. |
12007 | 1033 | If BIOS supports the ME Entire Firmware update, check this to program entire image. NOTE: Disable it when ROM File doesn't contains ME firmware data. |
12010 | 1033 | If system has Non-Critical-Block(s), check this to program all of them. |
12011 | 1033 | If system has Non-Critical-Block 1, check this to program it. |
12012 | 1033 | If system has Non-Critical-Block 2, check this to program it. |
12013 | 1033 | If system has Non-Critical-Block 3, check this to program it. |
12014 | 1033 | If system has Non-Critical-Block 4, check this to program it. |
12015 | 1033 | If system has Non-Critical-Block 5, check this to program it. |
12016 | 1033 | If system has Non-Critical-Block 6, check this to program it. |
12017 | 1033 | If system has Non-Critical-Block 7, check this to program it. |
12018 | 1033 | If system has Non-Critical-Block 8, check this to program it. |
12020 | 1033 | Do nothing to CMOS. |
12021 | 1033 | If available, load current system's CMOS optimal default. |
12022 | 1033 | If available, load current system's CMOS failsafe default. |
12023 | 1033 | If available, load ROM file's CMOS optimal default. NOTE: Using this feature will enable main BIOS and bootblock programming. |
12024 | 1033 | If available, load ROM file's CMOS failsafe default. NOTE: Using this feature will enable main BIOS and bootblock programming. |
12025 | 1033 | Destroy CMOS. You will need to setup your CMOS upon next reboot. |
12026 | 1033 | Do not check ROM file's ROM ID against system's ROM ID before programming. |
12027 | 1033 | Check this will restart Windows after programming. |
12028 | 1033 | Only available if NVRAM programming is enabled. Type in SMBIOS data type(s) you want to preserve. For example: "0 10" will preserve type 0 and 10. Hit 'A' to preserve all types. |
12029 | 1033 | If BIOS supports, onboard ethernet adapter's MAC address can be updated here. NOTE: Use only hexadecimal values and fill in full length. |
12032 | 1033 | Check this will force restart the Windows after programming. NOTE: Using this would cause the windows generated the system event log of shutdown error after reboot. |
module_name | hint | ord | function_name |
---|---|---|---|
KERNEL32.dll | 559 | RtlUnwind | |
KERNEL32.dll | 125 | ExitProcess | |
KERNEL32.dll | 670 | TerminateProcess | |
KERNEL32.dll | 415 | HeapFree | |
KERNEL32.dll | 409 | HeapAlloc | |
KERNEL32.dll | 351 | GetSystemTimeAsFileTime | |
KERNEL32.dll | 336 | GetStartupInfoA | |
KERNEL32.dll | 202 | GetCommandLineA | |
KERNEL32.dll | 523 | RaiseException | |
KERNEL32.dll | 419 | HeapSize | |
KERNEL32.dll | 418 | HeapReAlloc | |
KERNEL32.dll | 185 | GetACP | |
KERNEL32.dll | 447 | LCMapStringA | |
KERNEL32.dll | 448 | LCMapStringW | |
KERNEL32.dll | 338 | GetStdHandle | |
KERNEL32.dll | 277 | GetFileType | |
KERNEL32.dll | 413 | HeapDestroy | |
KERNEL32.dll | 411 | HeapCreate | |
KERNEL32.dll | 703 | VirtualFree | |
KERNEL32.dll | 699 | VirtualAlloc | |
KERNEL32.dll | 440 | IsBadWritePtr | |
KERNEL32.dll | 685 | UnhandledExceptionFilter | |
KERNEL32.dll | 178 | FreeEnvironmentStringsA | |
KERNEL32.dll | 179 | FreeEnvironmentStringsW | |
KERNEL32.dll | 262 | GetEnvironmentStrings | |
KERNEL32.dll | 264 | GetEnvironmentStringsW | |
KERNEL32.dll | 651 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 339 | GetStringTypeA | |
KERNEL32.dll | 342 | GetStringTypeW | |
KERNEL32.dll | 636 | SetStdHandle | |
KERNEL32.dll | 437 | IsBadReadPtr | |
KERNEL32.dll | 434 | IsBadCodePtr | |
KERNEL32.dll | 235 | GetConsoleMode | |
KERNEL32.dll | 592 | SetConsoleMode | |
KERNEL32.dll | 525 | ReadConsoleInputA | |
KERNEL32.dll | 430 | InterlockedExchange | |
KERNEL32.dll | 609 | SetEndOfFile | |
KERNEL32.dll | 170 | FlushFileBuffers | |
KERNEL32.dll | 305 | GetOEMCP | |
KERNEL32.dll | 191 | GetCPInfo | |
KERNEL32.dll | 391 | GlobalFlags | |
KERNEL32.dll | 764 | lstrcmpA | |
KERNEL32.dll | 325 | GetProcessVersion | |
KERNEL32.dll | 372 | GetVersion | |
KERNEL32.dll | 761 | lstrcatA | |
KERNEL32.dll | 393 | GlobalGetAtomNameA | |
KERNEL32.dll | 767 | lstrcmpiA | |
KERNEL32.dll | 383 | GlobalAddAtomA | |
KERNEL32.dll | 388 | GlobalFindAtomA | |
KERNEL32.dll | 387 | GlobalDeleteAtom | |
KERNEL32.dll | 770 | lstrcpyA | |
KERNEL32.dll | 676 | TlsGetValue | |
KERNEL32.dll | 463 | LocalReAlloc | |
KERNEL32.dll | 677 | TlsSetValue | |
KERNEL32.dll | 385 | GlobalAlloc | |
KERNEL32.dll | 399 | GlobalReAlloc | |
KERNEL32.dll | 396 | GlobalLock | |
KERNEL32.dll | 675 | TlsFree | |
KERNEL32.dll | 395 | GlobalHandle | |
KERNEL32.dll | 403 | GlobalUnlock | |
KERNEL32.dll | 392 | GlobalFree | |
KERNEL32.dll | 724 | WriteConsoleA | |
KERNEL32.dll | 674 | TlsAlloc | |
KERNEL32.dll | 456 | LocalAlloc | |
KERNEL32.dll | 102 | EnterCriticalSection | |
KERNEL32.dll | 449 | LeaveCriticalSection | |
KERNEL32.dll | 85 | DeleteCriticalSection | |
KERNEL32.dll | 426 | InitializeCriticalSection | |
KERNEL32.dll | 250 | GetCurrentThreadId | |
KERNEL32.dll | 773 | lstrcpynA | |
KERNEL32.dll | 625 | SetLastError | |
KERNEL32.dll | 484 | MultiByteToWideChar | |
KERNEL32.dll | 722 | WideCharToMultiByte | |
KERNEL32.dll | 776 | lstrlenA | |
KERNEL32.dll | 429 | InterlockedDecrement | |
KERNEL32.dll | 432 | InterlockedIncrement | |
KERNEL32.dll | 292 | GetModuleFileNameA | |
KERNEL32.dll | 74 | CreateThread | |
KERNEL32.dll | 460 | LocalFree | |
KERNEL32.dll | 577 | SetConsoleCtrlHandler | |
KERNEL32.dll | 323 | GetProcessShutdownParameters | |
KERNEL32.dll | 634 | SetProcessShutdownParameters | |
KERNEL32.dll | 265 | GetEnvironmentVariableA | |
KERNEL32.dll | 345 | GetSystemDirectoryA | |
KERNEL32.dll | 450 | LoadLibraryA | |
KERNEL32.dll | 180 | FreeLibrary | |
KERNEL32.dll | 381 | GetWindowsDirectoryA | |
KERNEL32.dll | 644 | SetThreadExecutionState | |
KERNEL32.dll | 63 | CreateMutexA | |
KERNEL32.dll | 294 | GetModuleHandleA | |
KERNEL32.dll | 318 | GetProcAddress | |
KERNEL32.dll | 218 | GetConsoleCP | |
KERNEL32.dll | 597 | SetConsoleOutputCP | |
KERNEL32.dll | 247 | GetCurrentProcess | |
KERNEL32.dll | 632 | SetProcessAffinityMask | |
KERNEL32.dll | 92 | DeviceIoControl | |
KERNEL32.dll | 373 | GetVersionExA | |
KERNEL32.dll | 245 | GetCurrentDirectoryA | |
KERNEL32.dll | 282 | GetLastError | |
KERNEL32.dll | 662 | Sleep | |
KERNEL32.dll | 618 | SetFilePointer | |
KERNEL32.dll | 735 | WriteFile | |
KERNEL32.dll | 536 | ReadFile | |
KERNEL32.dll | 52 | CreateFileA | |
KERNEL32.dll | 274 | GetFileSize | |
KERNEL32.dll | 621 | SetHandleCount | |
KERNEL32.dll | 27 | CloseHandle | |
USER32.dll | 606 | SetWindowTextA | |
USER32.dll | 410 | LoadCursorA | |
USER32.dll | 324 | GetSysColorBrush | |
USER32.dll | 515 | ReleaseDC | |
USER32.dll | 253 | GetDC | |
USER32.dll | 237 | GetClassNameA | |
USER32.dll | 490 | PtInRect | |
USER32.dll | 58 | ClientToScreen | |
USER32.dll | 480 | PostQuitMessage | |
USER32.dll | 141 | DestroyMenu | |
USER32.dll | 627 | TabbedTextOutA | |
USER32.dll | 175 | DrawTextA | |
USER32.dll | 356 | GrayStringA | |
USER32.dll | 441 | MapWindowPoints | |
USER32.dll | 323 | GetSysColor | |
USER32.dll | 559 | SetFocus | |
USER32.dll | 2 | AdjustWindowRectEx | |
USER32.dll | 240 | GetClientRect | |
USER32.dll | 68 | CopyRect | |
USER32.dll | 332 | GetTopWindow | |
USER32.dll | 228 | GetCapture | |
USER32.dll | 678 | WinHelpA | |
USER32.dll | 231 | GetClassInfoA | |
USER32.dll | 498 | RegisterClassA | |
USER32.dll | 284 | GetMenu | |
USER32.dll | 414 | LoadIconA | |
USER32.dll | 322 | GetSubMenu | |
USER32.dll | 291 | GetMenuItemID | |
USER32.dll | 258 | GetDlgItem | |
USER32.dll | 350 | GetWindowTextA | |
USER32.dll | 257 | GetDlgCtrlID | |
USER32.dll | 142 | DestroyWindow | |
USER32.dll | 235 | GetClassLongA | |
USER32.dll | 578 | SetPropA | |
USER32.dll | 314 | GetPropA | |
USER32.dll | 22 | CallWindowProcA | |
USER32.dll | 517 | RemovePropA | |
USER32.dll | 301 | GetMessageTime | |
USER32.dll | 300 | GetMessagePos | |
USER32.dll | 264 | GetForegroundWindow | |
USER32.dll | 560 | SetForegroundWindow | |
USER32.dll | 338 | GetWindow | |
USER32.dll | 600 | SetWindowLongA | |
USER32.dll | 603 | SetWindowPos | |
USER32.dll | 512 | RegisterWindowMessageA | |
USER32.dll | 396 | IsIconic | |
USER32.dll | 347 | GetWindowPlacement | |
USER32.dll | 348 | GetWindowRect | |
USER32.dll | 326 | GetSystemMetrics | |
USER32.dll | 286 | GetMenuCheckMarkDimensions | |
USER32.dll | 408 | LoadBitmapA | |
USER32.dll | 295 | GetMenuState | |
USER32.dll | 452 | ModifyMenuA | |
USER32.dll | 569 | SetMenuItemBitmaps | |
USER32.dll | 52 | CheckMenuItem | |
USER32.dll | 181 | EnableMenuItem | |
USER32.dll | 263 | GetFocus | |
USER32.dll | 307 | GetNextDlgTabItem | |
USER32.dll | 274 | GetKeyState | |
USER32.dll | 446 | MessageBoxA | |
USER32.dll | 684 | wsprintfA | |
USER32.dll | 427 | LoadStringA | |
USER32.dll | 625 | SystemParametersInfoA | |
USER32.dll | 13 | BlockInput | |
USER32.dll | 211 | ExitWindowsEx | |
USER32.dll | 21 | CallNextHookEx | |
USER32.dll | 476 | PeekMessageA | |
USER32.dll | 610 | SetWindowsHookExA | |
USER32.dll | 646 | UnhookWindowsHookEx | |
USER32.dll | 309 | GetParent | |
USER32.dll | 281 | GetLastActivePopup | |
USER32.dll | 400 | IsWindowEnabled | |
USER32.dll | 342 | GetWindowLongA | |
USER32.dll | 532 | SendMessageA | |
USER32.dll | 183 | EnableWindow | |
USER32.dll | 89 | CreateWindowExA | |
USER32.dll | 298 | GetMessageA | |
USER32.dll | 642 | TranslateMessage | |
USER32.dll | 149 | DispatchMessageA | |
USER32.dll | 478 | PostMessageA | |
USER32.dll | 290 | GetMenuItemCount | |
USER32.dll | 499 | RegisterClassExA | |
USER32.dll | 132 | DefWindowProcA | |
GDI32.dll | 501 | SetViewportExtEx | |
GDI32.dll | 449 | ScaleViewportExtEx | |
GDI32.dll | 505 | SetWindowExtEx | |
GDI32.dll | 450 | ScaleWindowExtEx | |
GDI32.dll | 396 | OffsetViewportOrgEx | |
GDI32.dll | 426 | PtVisible | |
GDI32.dll | 430 | RectVisible | |
GDI32.dll | 517 | TextOutA | |
GDI32.dll | 158 | ExtTextOutA | |
GDI32.dll | 149 | Escape | |
GDI32.dll | 502 | SetViewportOrgEx | |
GDI32.dll | 482 | SetMapMode | |
GDI32.dll | 351 | GetStockObject | |
GDI32.dll | 455 | SelectObject | |
GDI32.dll | 441 | RestoreDC | |
GDI32.dll | 448 | SaveDC | |
GDI32.dll | 80 | DeleteDC | |
GDI32.dll | 83 | DeleteObject | |
GDI32.dll | 293 | GetDeviceCaps | |
GDI32.dll | 335 | GetObjectA | |
GDI32.dll | 461 | SetBkColor | |
GDI32.dll | 499 | SetTextColor | |
GDI32.dll | 282 | GetClipBox | |
GDI32.dll | 36 | CreateBitmap | |
WINSPOOL.DRV | 124 | OpenPrinterA | |
WINSPOOL.DRV | 71 | DocumentPropertiesA | |
WINSPOOL.DRV | 28 | ClosePrinter | |
ADVAPI32.dll | 53 | ControlService | |
ADVAPI32.dll | 322 | OpenProcessToken | |
ADVAPI32.dll | 245 | LookupPrivilegeValueA | |
ADVAPI32.dll | 23 | AdjustTokenPrivileges | |
ADVAPI32.dll | 325 | OpenSCManagerA | |
ADVAPI32.dll | 120 | DeleteService | |
ADVAPI32.dll | 347 | RegCloseKey | |
ADVAPI32.dll | 327 | OpenServiceA | |
ADVAPI32.dll | 434 | StartServiceA | |
ADVAPI32.dll | 76 | CreateServiceA | |
ADVAPI32.dll | 52 | CloseServiceHandle | |
ADVAPI32.dll | 370 | RegOpenKeyExA | |
ADVAPI32.dll | 351 | RegCreateKeyExA | |
ADVAPI32.dll | 390 | RegSetValueExA | |
SHELL32.dll | 114 | ShellExecuteA | |
COMCTL32.dll | 17 |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
everything is OK