filename | vem.exe | |
---|---|---|
size | 1418752 (0x15a600) | |
md5 | 2cb3cbd7b304c8a0854029135a5042e5 | |
type | PE32 executable (console) Intel 80386, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0 |
blocks_in_file | 1 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0xb |
sp | 0x100 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0x726a00000001 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xf0 |
DOS stub
00000000: b4 30 cd 21 86 c4 3d 0a 14 72 42 be 80 00 8a 1c |.0.!..=..rB.....| 00000010: 32 ff 46 88 38 2e 8c 1e 6e 00 8e 06 2c 00 33 c0 |2.F.8...n...,.3.| 00000020: 8b f8 b9 00 80 fc f2 ae 75 23 49 78 20 ae 75 f6 |........u#Ix .u.| 00000030: 47 47 0e 1f 2e 89 3e 68 00 2e 8c 06 6a 00 be 5c |GG....>h....j..\| 00000040: 00 b9 6c 63 bb 25 00 b4 64 cd 21 73 0b ba 7c 00 |..lc.%..d.!s..|.| 00000050: 0e 1f b4 09 cd 21 b0 01 b4 4c cd 21 20 00 01 00 |.....!...L.! ...| 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 81 00 00 00 |................| 00000070: 00 00 00 00 00 00 00 00 00 00 02 00 54 68 69 73 |............This| 00000080: 20 70 72 6f 67 72 61 6d 20 6d 75 73 74 20 62 65 | program must be| 00000090: 20 72 75 6e 20 75 6e 64 65 72 20 57 69 6e 33 32 | run under Win32| 000000a0: 2e 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 |...$............|
PE Header
Packer / Compiler
Sections
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x1856f8 | 0x8c | |
RESOURCE | 0x8b000 | 0xc10 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0x187000 | 0x82b4 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0 | 0 | |
Bound_IAT | 0 | 0 | |
IAT | 0x8c000 | 0x334 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
type | name | size | cp | |
---|---|---|---|---|
STRING | #4089 | 754 | 0 | |
STRING | #4090 | 784 | 0 | |
STRING | #4091 | 758 | 0 | |
STRING | #4093 | 104 | 0 | |
STRING | #4094 | 180 | 0 | |
STRING | #4095 | 174 | 0 |
id | lang | string |
---|---|---|
65408 | 4105 | e1 47 0e fe f8 78 60 13 80 1f 67 dc f6 33 a0 86 |.G...x`...g..3..| 4b 7d 20 85 6b 83 99 ed 66 06 05 2a 80 35 ef a1 |K} .k...f..*.5..| 73 3b 10 05 f3 68 ed 48 99 9d 49 ec a0 5e e3 8c |s;...h.H..I..^..| 34 dd 82 d8 ba d6 76 ed 0c 4d 20 ff ef ca 18 a6 |4.....v..M .....| a1 f8 15 2c bb 64 4d f0 b6 6b cd e7 76 93 68 69 |...,.dM..k..v.hi| 72 f1 c0 77 98 ca bc c3 67 f4 06 db 6b 26 fb ed |r..w....g...k&..| d6 bf 43 7d 8b 4f ff b3 d6 3c c3 ea 81 89 07 85 |..C}.O...<......| 67 8d 23 e1 90 00 0b 99 44 5b cb a6 47 7f 63 a4 |g.#.....D[..G.c.| 50 1b 7a f3 09 73 e8 60 d7 93 fd 95 e8 a8 02 34 |P.z..s.`.......4| 21 be df 4f e1 46 da 1a 0c f0 d7 4e 5b 9e 4f e7 |!..O.F.....N[.O.| 6d 4a e9 7a a1 df da 34 ea bc 41 c5 52 32 e4 17 |mJ.z...4..A.R2..| a2 9c d6 f6 8d b9 a9 7a 76 da b2 d4 4f 9d 8b f4 |.......zv...O...| 4b 28 53 18 d5 41 33 24 57 0b b6 b1 bd 7e 34 7f |K(S..A3$W....~4.| db 1e b6 9f a5 a2 45 eb 3d 1c 1f 30 7d 0c 81 23 |......E.=..0}..#| 27 d5 3b 02 26 e5 49 7a bf 84 24 e9 98 01 33 4d |'.;.&.Iz..$...3M| a6 2e ba d9 86 33 a2 1c 42 85 89 d7 72 e1 98 0a |.....3..B...r...| 37 c1 d4 af 9d 05 ff 44 ce 68 e2 89 8f 4f e2 98 |7......D.h...O..| 49 f9 f2 06 eb 04 a3 fa 60 da 22 11 e0 a0 9c 37 |I.......`."....7| 5b e9 46 43 28 af 96 e7 c0 b8 15 b3 d3 02 9f cf |[.FC(...........| 70 a7 3f 13 5c 2f a0 7e a5 5d 57 63 c5 b1 dc ea |p.?.\/.~.]Wc....| 98 18 02 48 90 18 bf d3 d5 b0 44 fd 30 5c e0 c7 |...H......D.0\..| 7b 52 0d 89 7f dc a6 0c 05 c9 7d 33 30 32 1f 9e |{R........}302..| 4f 80 64 d5 07 26 3b 6a 59 50 02 bd 52 bd 84 9a |O.d..&;jYP..R...| 4d c1 63 43 3c 8b b3 0d ce 71 82 d8 1b dc e7 f7 |M.cC<....q......| 46 fb 45 6d 58 5e b6 7f de 31 49 24 f9 ac 8c 04 |F.EmX^...1I$....| 17 74 64 8b 27 e7 e9 94 48 a9 8d fd 68 0d f4 b8 |.td.'...H...h...| 5e f9 bb 07 44 ed c0 33 b7 a8 cb 65 bf 8d c7 b6 |^...D..3...e....| 75 88 c1 70 c6 e8 d9 0b a3 1b 81 92 ad be 9a 35 |u..p...........5| 57 90 35 5c fa 8a 0c 78 55 df 77 f4 12 0e 4b 74 |W.5\...xU.w...Kt| d8 b6 f4 d2 c5 52 3f 18 9f e0 e8 f5 15 50 5b 79 |.....R?......P[y| c5 d9 0c c6 ad ef 4d 19 b0 69 7d 42 0d 6f 77 a0 |......M..i}B.ow.| c8 3a 74 c3 df 3a 3a f7 e6 1d c7 60 5a 31 ec d2 |.:t..::....`Z1..| d6 24 85 6c d3 f1 27 a9 f3 ff 77 5a 90 09 f3 4b |.$.l..'...wZ...K| 80 d9 f7 5c 3e 32 df f2 c2 68 52 e8 6a 72 75 34 |...\>2...hR.jru4| cb 48 84 94 56 6e bb 36 f3 2a de e7 43 41 89 0b |.H..Vn.6.*..CA..| 6b 3f 50 93 fa 8f 39 fc 97 d5 2b b0 32 f7 62 2d |k?P...9...+.2.b-| 22 53 59 75 93 17 4b 19 15 d0 5c c7 cb 09 86 d0 |"SYu..K...\.....| 3b b9 89 47 e9 dd 25 46 de 2e e9 b2 f7 c7 81 e4 |;..G..%F........| fa bb 4c be b3 8b e6 44 5c a2 b4 0c 50 fa 59 4e |..L....D\...P.YN| 83 d0 e0 53 ba e1 ee 6a 5e db d2 b1 90 a6 7f f1 |...S...j^.......| 85 3e 3d 1a e6 bc 2a 8c 03 28 ea fd f5 59 14 ad |.>=...*..(...Y..| 18 f3 2a bc 72 42 08 33 e8 a0 c5 a6 b2 b1 a3 34 |..*.rB.3.......4| c2 0f dc bf 17 46 2b 63 8c 75 f1 70 54 84 37 f0 |.....F+c.u.pT.7.| b9 69 ac dc e6 6a 72 1e d7 26 6d e8 14 81 3b 1e |.i...jr..&m...;.| a8 2c 95 3b 36 5d 4c ce 43 d0 82 4e 7f 54 38 3f |.,.;6]L.C..N.T8?| ff 43 35 59 3c 97 6e 58 0f 93 95 b7 70 30 2f 88 |.C5Y<.nX....p0/.| 6b 10 ad 4b 3a 07 4a b2 82 a5 f9 85 36 23 77 dd |k..K:.J.....6#w.| 04 47 |.G | |
65424 | 4105 | d0 47 6d fe b4 78 65 13 ce 1f 34 dc f6 33 bc 86 |.Gm..xe...4..3..| bd aa be 2d 47 7b ab 53 e3 75 50 09 e9 ec c1 04 |...-G{.S.uP.....| 56 08 45 4a d4 07 89 6c 61 26 26 4d 8a cf d8 b5 |V.EJ...la&&M....| 08 85 fb e7 af 4d 14 cc f3 f4 77 3c 77 fd f9 61 |.....M....w |
65440 | 4105 | f1 47 6f fe b2 78 61 13 ca 1f 26 dc eb 33 f3 86 |.Go..xa...&..3..| 94 8a a4 b4 28 b5 6a 57 f6 59 1b 00 56 35 18 12 |....(.jW.Y..V5..| 6a 1a c5 ac c0 a2 ab 54 0d 3a 78 fd d8 89 bb d2 |j......T.:x.....| 90 47 de 33 d3 10 a6 20 64 ad 61 07 89 ab 68 d7 |.G.3... d.a...h.| 07 4a 41 f1 79 a4 aa e1 58 70 6a 5a 82 fc ee c8 |.JA.y...XpjZ....| 91 3e 3d b9 d9 96 af 68 a4 f5 88 d1 6d 09 8c 11 |.>=....h....m...| 0a 1b 5e b4 b2 9d 01 a5 29 23 0a 93 ca 02 74 19 |..^.....)#....t.| ec d2 cf 4f 86 4b 22 f4 92 8d ea a2 b0 4b 80 ca |...O.K"......K..| 2a 5d b0 37 90 9e 33 73 8c 25 3c 8a 86 69 04 cb |*].7..3s.%<..i..| 9c 1c 4b a5 da be 1a 2e 2b 7c ec 08 3c 74 09 ad |..K.....+|.. |
65472 | 4105 | c3 47 63 fe bc 78 7d 13 a4 1f 01 dc fa 33 b1 86 |.Gc..x}......3..| c9 5a 87 0b 0c df dc fa 72 fa 71 e2 57 c0 6e b2 |.Z......r.q.W.n.| c4 af c0 25 16 24 3b 07 7c 11 3b 1b d2 1a 87 b9 |...%.$;.|.;.....| 47 f3 02 ec 06 7f 84 30 f8 64 16 e5 70 0f 41 87 |G......0.d..p.A.| 5a 1c 9a 7e 1c 9b 89 a1 b8 e3 cd 93 d4 e0 d6 83 |Z..~............| 82 43 32 02 e4 0c 32 cd 22 3a 04 fc e4 62 b4 85 |.C2...2.":...b..| 40 c8 2e 14 91 8d e9 95 |@....... | |
65488 | 4105 | c7 47 63 fe bc 78 7d 13 d2 1f 26 dc ed 33 aa 86 |.Gc..x}...&..3..| f0 a1 63 3d 5b 61 e0 db a2 5e 36 ff 6a 02 01 70 |..c=[a...^6.j..p| 56 48 e0 4c be 57 10 05 18 a4 cc 07 b3 9e 79 8f |VH.L.W........y.| b0 58 42 43 b0 87 6d 1f db 5c 36 ae 54 d3 cc eb |.XBC..m..\6.T...| a6 bf 05 1f e4 b7 a1 ba da 1b ba f6 cc 94 f3 f5 |................| 00 66 a2 7c 91 5a 05 71 a4 6c 74 d5 8d 4e 6e 3f |.f.|.Z.q.lt..Nn?| 0d c1 a2 e8 ca 83 47 ca 7e df 9d ea 1b 8b 2f 5b |......G.~...../[| 64 4d d9 40 cc e4 f6 51 e2 2b 47 82 43 93 31 a0 |dM.@...Q.+G.C.1.| 5e 97 84 3a 6e 1f 70 72 60 39 15 a5 f6 61 3e cc |^..:n.pr`9...a>.| 46 e8 30 0c 4f 6e 02 26 9c fc 84 b5 9c 59 16 9c |F.0.On.&.....Y..| 75 1e 2f ce b1 19 7b 96 d5 ff 97 c0 1f 80 f6 59 |u./...{........Y| f4 95 c4 46 |...F | |
65504 | 4105 | c3 47 7a fe a8 78 7d 13 a4 1f 0a dc f0 33 bd 86 |.Gz..x}......3..| 6b 12 f4 ea 1c 11 f3 1c 1b 1e aa 36 c1 32 74 ed |k..........6.2t.| 86 14 61 cb 4a 29 5e b0 80 09 7b 14 e4 8f 30 71 |..a.J)^...{...0q| 4c 54 6d c6 84 da 4a 50 7c 79 57 95 db d0 9d 49 |LTm...JP|yW....I| 7b e7 f2 44 4c 96 d5 2f a9 65 bf a4 2f 94 04 b4 |{..DL../.e../...| 0e 8f 0d 10 a4 04 5a c6 07 3d a1 3d 79 74 ae 62 |......Z..=.=yt.b| 2b 24 d9 6a 26 e9 1c dc 05 f7 72 b1 89 70 0e 25 |+$.j&.....r..p.%| ef 61 8d 3a 79 8f e9 4f 24 71 9a e5 cb 0a 38 1b |.a.:y..O$q....8.| ba 75 61 28 00 76 bd 18 a6 01 1e bd 91 07 be 46 |.ua(.v.........F| 42 b0 d0 09 31 3f f8 77 e3 46 4a 67 2a 25 0e 12 |B...1?.w.FJg*%..| 25 c9 19 95 f0 0f 01 36 d7 15 89 de 06 2f |%......6...../ | |
module_name | hint | ord | function_name |
---|---|---|---|
USER32.dll | 8 | AppendMenuA | |
USER32.dll | 348 | GetSystemMenu | |
USER32.dll | 39 | CharLowerBuffA | |
USER32.dll | 602 | SetLastErrorEx | |
USER32.dll | 349 | GetSystemMetrics | |
USER32.dll | 479 | MessageBoxA | |
USER32.dll | 512 | PeekMessageA | |
USER32.dll | 24 | CallMsgFilterA | |
USER32.dll | 682 | TranslateMessage | |
USER32.dll | 161 | DispatchMessageA | |
USER32.dll | 459 | LoadStringA | |
USER32.dll | 184 | DrawMenuBar | |
USER32.dll | 53 | CharUpperBuffA | |
USER32.dll | 38 | CharLowerA | |
USER32.dll | 727 | wsprintfA | |
ADVAPI32.dll | 429 | OpenSCManagerA | |
ADVAPI32.dll | 585 | StartServiceA | |
ADVAPI32.dll | 62 | CloseServiceHandle | |
ADVAPI32.dll | 431 | OpenServiceA | |
ADVAPI32.dll | 292 | GetUserNameA | |
ADVAPI32.dll | 459 | RegCloseKey | |
ADVAPI32.dll | 503 | RegQueryValueExA | |
ADVAPI32.dll | 492 | RegOpenKeyExA | |
ADVAPI32.dll | 570 | SetSecurityDescriptorDacl | |
ADVAPI32.dll | 308 | InitializeSecurityDescriptor | |
ADVAPI32.dll | 483 | RegFlushKey | |
ADVAPI32.dll | 465 | RegCreateKeyExA | |
ADVAPI32.dll | 516 | RegSetValueExA | |
ADVAPI32.dll | 468 | RegDeleteKeyA | |
ADVAPI32.dll | 478 | RegEnumKeyExA | |
ADVAPI32.dll | 481 | RegEnumValueA | |
ADVAPI32.dll | 472 | RegDeleteValueA | |
SHELL32.dll | 265 | ShellExecuteExA | |
WSOCK32.dll | 13 | ||
WSOCK32.dll | 23 | ||
WSOCK32.dll | 21 | ||
WSOCK32.dll | 9 | ||
WSOCK32.dll | 4 | ||
WSOCK32.dll | 5 | ||
WSOCK32.dll | 1 | ||
WSOCK32.dll | 51 | ||
WSOCK32.dll | 2 | ||
WSOCK32.dll | 10 | ||
WSOCK32.dll | 115 | ||
WSOCK32.dll | 52 | ||
WSOCK32.dll | 116 | ||
WSOCK32.dll | 151 | ||
WSOCK32.dll | 3 | ||
WSOCK32.dll | 18 | ||
WSOCK32.dll | 22 | ||
WSOCK32.dll | 19 | ||
WSOCK32.dll | 57 | ||
WSOCK32.dll | 20 | ||
WSOCK32.dll | 17 | ||
WSOCK32.dll | 11 | ||
WSOCK32.dll | 16 | ||
VERSION.dll | GetFileVersionInfoA | ||
VERSION.dll | 1 | GetFileVersionInfoSizeA | |
VERSION.dll | 10 | VerQueryValueA | |
KERNEL32.dll | 483 | GetUserDefaultLCID | |
KERNEL32.dll | 372 | GetLocaleInfoA | |
KERNEL32.dll | 823 | SetStdHandle | |
KERNEL32.dll | 290 | GetConsoleCP | |
KERNEL32.dll | 540 | HeapSize | |
KERNEL32.dll | 575 | IsValidCodePage | |
KERNEL32.dll | 403 | GetOEMCP | |
KERNEL32.dll | 897 | VirtualAlloc | |
KERNEL32.dll | 175 | EnumSystemLocalesA | |
KERNEL32.dll | 577 | IsValidLocale | |
KERNEL32.dll | 373 | GetLocaleInfoW | |
KERNEL32.dll | 58 | CompareStringA | |
KERNEL32.dll | 59 | CompareStringW | |
KERNEL32.dll | 445 | GetStringTypeW | |
KERNEL32.dll | 442 | GetStringTypeA | |
KERNEL32.dll | 581 | LCMapStringW | |
KERNEL32.dll | 580 | LCMapStringA | |
KERNEL32.dll | 787 | SetEnvironmentVariableA | |
KERNEL32.dll | 458 | GetSystemTimeAsFileTime | |
KERNEL32.dll | 260 | GetCPInfo | |
KERNEL32.dll | 439 | GetStartupInfoA | |
KERNEL32.dll | 358 | GetFileType | |
KERNEL32.dll | 804 | SetHandleCount | |
KERNEL32.dll | 899 | VirtualFree | |
KERNEL32.dll | 530 | HeapCreate | |
KERNEL32.dll | 532 | HeapDestroy | |
KERNEL32.dll | 569 | IsDebuggerPresent | |
KERNEL32.dll | 842 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 878 | UnhandledExceptionFilter | |
KERNEL32.dll | 679 | RaiseException | |
KERNEL32.dll | 727 | RtlUnwind | |
KERNEL32.dll | 553 | InterlockedExchange | |
KERNEL32.dll | 550 | InterlockedCompareExchange | |
KERNEL32.dll | 552 | InterlockedDecrement | |
KERNEL32.dll | 556 | InterlockedIncrement | |
KERNEL32.dll | 611 | LockFile | |
KERNEL32.dll | 879 | UnlockFile | |
KERNEL32.dll | 565 | IsBadStringPtrW | |
KERNEL32.dll | 564 | IsBadStringPtrA | |
KERNEL32.dll | 902 | VirtualProtect | |
KERNEL32.dll | 239 | FlushInstructionCache | |
KERNEL32.dll | 357 | GetFileTime | |
KERNEL32.dll | 355 | GetFileSize | |
KERNEL32.dll | 784 | SetEndOfFile | |
KERNEL32.dll | 238 | FlushFileBuffers | |
KERNEL32.dll | 795 | SetFilePointer | |
KERNEL32.dll | 693 | ReadFile | |
KERNEL32.dll | 932 | WriteFile | |
KERNEL32.dll | 707 | ReleaseSemaphore | |
KERNEL32.dll | 107 | CreateSemaphoreA | |
KERNEL32.dll | 921 | WriteConsoleA | |
KERNEL32.dll | 309 | GetConsoleOutputCP | |
KERNEL32.dll | 931 | WriteConsoleW | |
KERNEL32.dll | 538 | HeapReAlloc | |
KERNEL32.dll | 869 | TlsGetValue | |
KERNEL32.dll | 75 | CreateDirectoryA | |
KERNEL32.dll | 489 | GetVersionExA | |
KERNEL32.dll | 488 | GetVersion | |
KERNEL32.dll | 383 | GetModuleHandleA | |
KERNEL32.dll | 323 | GetCurrentProcessId | |
KERNEL32.dll | 479 | GetTickCount | |
KERNEL32.dll | 499 | GetWindowsDirectoryA | |
KERNEL32.dll | 320 | GetCurrentDirectoryA | |
KERNEL32.dll | 750 | SetConsoleCtrlHandler | |
KERNEL32.dll | 326 | GetCurrentThreadId | |
KERNEL32.dll | 381 | GetModuleFileNameA | |
KERNEL32.dll | 322 | GetCurrentProcess | |
KERNEL32.dll | 904 | VirtualQuery | |
KERNEL32.dll | 534 | HeapFree | |
KERNEL32.dll | 862 | TerminateProcess | |
KERNEL32.dll | 528 | HeapAlloc | |
KERNEL32.dll | 419 | GetProcessHeap | |
KERNEL32.dll | 147 | DuplicateHandle | |
KERNEL32.dll | 325 | GetCurrentThread | |
KERNEL32.dll | 347 | GetExitCodeThread | |
KERNEL32.dll | 653 | OutputDebugStringA | |
KERNEL32.dll | 453 | GetSystemInfo | |
KERNEL32.dll | 449 | GetSystemDirectoryA | |
KERNEL32.dll | 276 | GetComputerNameA | |
KERNEL32.dll | 808 | SetLastError | |
KERNEL32.dll | 563 | IsBadReadPtr | |
KERNEL32.dll | 474 | GetThreadLocale | |
KERNEL32.dll | 253 | GetACP | |
KERNEL32.dll | 333 | GetDiskFreeSpaceA | |
KERNEL32.dll | 469 | GetTempPathA | |
KERNEL32.dll | 859 | SystemTimeToFileTime | |
KERNEL32.dll | 371 | GetLocalTime | |
KERNEL32.dll | 350 | GetFileAttributesA | |
KERNEL32.dll | 361 | GetFullPathNameA | |
KERNEL32.dll | 778 | SetCurrentDirectoryA | |
KERNEL32.dll | 870 | TlsSetValue | |
KERNEL32.dll | 600 | LocalAlloc | |
KERNEL32.dll | 604 | LocalFree | |
KERNEL32.dll | 185 | ExitProcess | |
KERNEL32.dll | 867 | TlsAlloc | |
KERNEL32.dll | 868 | TlsFree | |
KERNEL32.dll | 482 | GetTimeZoneInformation | |
KERNEL32.dll | 456 | GetSystemTime | |
KERNEL32.dll | 197 | FileTimeToSystemTime | |
KERNEL32.dll | 916 | WideCharToMultiByte | |
KERNEL32.dll | 629 | MultiByteToWideChar | |
KERNEL32.dll | 344 | GetEnvironmentVariableA | |
KERNEL32.dll | 12 | AreFileApisANSI | |
KERNEL32.dll | 369 | GetLastError | |
KERNEL32.dll | 248 | FreeLibrary | |
KERNEL32.dll | 416 | GetProcAddress | |
KERNEL32.dll | 594 | LoadLibraryA | |
KERNEL32.dll | 434 | GetProfileStringA | |
KERNEL32.dll | 52 | CloseHandle | |
KERNEL32.dll | 881 | UnmapViewOfFile | |
KERNEL32.dll | 640 | OpenFileMappingA | |
KERNEL32.dll | 84 | CreateFileMappingA | |
KERNEL32.dll | 616 | MapViewOfFile | |
KERNEL32.dll | 854 | Sleep | |
KERNEL32.dll | 912 | WaitForSingleObject | |
KERNEL32.dll | 937 | WritePrivateProfileStringA | |
KERNEL32.dll | 412 | GetPrivateProfileStringA | |
KERNEL32.dll | 406 | GetPrivateProfileIntA | |
KERNEL32.dll | 408 | GetPrivateProfileSectionA | |
KERNEL32.dll | 935 | WritePrivateProfileSectionA | |
KERNEL32.dll | 129 | DeleteCriticalSection | |
KERNEL32.dll | 547 | InitializeCriticalSection | |
KERNEL32.dll | 152 | EnterCriticalSection | |
KERNEL32.dll | 593 | LeaveCriticalSection | |
KERNEL32.dll | 646 | OpenProcess | |
KERNEL32.dll | 346 | GetExitCodeProcess | |
KERNEL32.dll | 566 | IsBadWritePtr | |
KERNEL32.dll | 637 | OpenEventA | |
KERNEL32.dll | 79 | CreateEventA | |
KERNEL32.dll | 790 | SetEvent | |
KERNEL32.dll | 910 | WaitForMultipleObjects | |
KERNEL32.dll | 138 | DeviceIoControl | |
KERNEL32.dll | 83 | CreateFileA | |
KERNEL32.dll | 339 | GetDriveTypeA | |
KERNEL32.dll | 441 | GetStdHandle | |
KERNEL32.dll | 307 | GetConsoleMode | |
KERNEL32.dll | 131 | DeleteFileA | |
KERNEL32.dll | 799 | SetFileTime |
Scanning the drive for archives: 1 file, 1418752 bytes (1386 KiB) Errors: 1
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[!] string size(36802) > stringtable size(754). truncated to 752
[!] cannot convert "\x0E\xFE\xF8x`\x13\x80\x1Fg\xDC\xF63\xA0\x86K}"... to UTF-16
[!] string size(36768) > stringtable size(784). truncated to 782
[!] cannot convert "m\xFE\xB4xe\x13\xCE\x1F4\xDC\xF63\xBC\x86\xBD\xAA"... to UTF-16
[!] string size(36834) > stringtable size(758). truncated to 756
[!] cannot convert "o\xFE\xB2xa\x13\xCA\x1F&\xDC\xEB3\xF3\x86\x94\x8A"... to UTF-16
[!] string size(36742) > stringtable size(104). truncated to 102
[!] cannot convert "c\xFE\xBCx}\x13\xA4\x1F\x01\xDC\xFA3\xB1\x86\xC9Z"... to UTF-16
[!] string size(36750) > stringtable size(180). truncated to 178
[!] cannot convert "c\xFE\xBCx}\x13\xD2\x1F&\xDC\xED3\xAA\x86\xF0\xA1"... to UTF-16
[!] string size(36742) > stringtable size(174). truncated to 172
[!] cannot convert "z\xFE\xA8x}\x13\xA4\x1F\n\xDC\xF03\xBD\x86k\x12"... to UTF-16