test.msi - DPCA.DLL - Microsoft (R) Visual Studio UrlConvert custom action

info
MZ
PE
resources
imports
exports
foremost
7zip
version info
hexdump
disasm
log
discuss
donate

filename	test.msi
size	4645376 (0x46e200)
md5	461eed01569fdfa9d913e37c0bc83dba

type	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0x128

Rich Header

lib id	version	times used
260	23007	4
264	23007	3
206	65501	3
242	30703	27
241	30703	11
243	30703	147
259	22823	21
261	22823	60
260	22823	64
203	65501	25
1	0	347
261	23007	27
256	23007	1
255	23007	1
258	23007	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	5
TimeDateStamp	0x55c1875d
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x2122
Magic	0x10b
LinkerVersion	14.0
SizeOfCode	0x42600
SizeOfInitializedData	0x8a00
SizeOfUninitializedData	0
AddressOfEntryPoint	0x15903
BaseOfCode	0x1000
BaseOfData	0x44000
ImageBase	0x3bad0000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	6.0
ImageVersion	10.0
SubsystemVersion	6.0
Reserved1	0
SizeOfImage	0x4e000
SizeOfHeaders	0x400
CheckSum	0x56b07
Subsystem	2
DllCharacteristics	0x140
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Packer / Compiler

MS Visual C++ 6.0 - 8.0

Sections

name	va	vsize	raw size	flags
.text	0x1000	0x42453	0x42600	R-X CODE
.data	0x44000	0x44cc	0x1400	RW- IDATA
.idata	0x49000	0xf16	0x1000	R-- IDATA
.rsrc	0x4a000	0x438	0x600	R-- IDATA
.reloc	0x4b000	0x2de0	0x2e00	R-- IDATA DISCARDABLE

Data Directory

type	va	size
EXPORT	0x43230	0x223
IMPORT	0x49290	0xa0
RESOURCE	0x4a000	0x438
EXCEPTION	0	0
SECURITY	0	0
BASERELOC	0x4b000	0x2de0
DEBUG	0xcb00	0x54
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0xcb58	0x40
Bound_IAT	0	0
IAT	0x49000	0x290
Delay_IAT	0	0
CLR_Header	0	0

show previews

type	name	size	cp
VERSION	#1	984	0

module_name	hint	ord	function_name
ADVAPI32.dll	596		RegCloseKey
ADVAPI32.dll	625		RegEnumKeyA
ADVAPI32.dll	644		RegOpenKeyExA
ADVAPI32.dll	657		RegQueryValueExA
ADVAPI32.dll	658		RegQueryValueExW
ADVAPI32.dll	645		RegOpenKeyExW
ADVAPI32.dll	673		RegSetValueExA
ADVAPI32.dll	652		RegQueryInfoKeyW
ADVAPI32.dll	626		RegEnumKeyExA
ADVAPI32.dll	619		RegDeleteValueA
ADVAPI32.dll	609		RegDeleteKeyA
ADVAPI32.dll	604		RegCreateKeyExA
ADVAPI32.dll	794		SystemFunction036
KERNEL32.dll	736		GetTempFileNameA
KERNEL32.dll	738		GetTempPathA
KERNEL32.dll	560		GetFileAttributesA
KERNEL32.dll	186		CreateFileA
KERNEL32.dll	771		GetVersion
KERNEL32.dll	739		GetTempPathW
KERNEL32.dll	737		GetTempFileNameW
KERNEL32.dll	565		GetFileAttributesW
KERNEL32.dll	553		GetEnvironmentVariableW
KERNEL32.dll	552		GetEnvironmentVariableA
KERNEL32.dll	593		GetLocalTime
KERNEL32.dll	946		LocalFree
KERNEL32.dll	1544		lstrlenA
KERNEL32.dll	869		IsDBCSLeadByte
KERNEL32.dll	390		FindResourceA
KERNEL32.dll	1545		lstrlenW
KERNEL32.dll	1535		lstrcmpiA
KERNEL32.dll	1359		SizeofResource
KERNEL32.dll	720		GetSystemInfo
KERNEL32.dll	1433		VirtualAlloc
KERNEL32.dll	1439		VirtualProtect
KERNEL32.dll	1441		VirtualQuery
KERNEL32.dll	957		LockResource
KERNEL32.dll	939		LoadResource
KERNEL32.dll	610		GetModuleFileNameA
KERNEL32.dll	194		CreateFileW
KERNEL32.dll	1018		OutputDebugStringW
KERNEL32.dll	393		FindResourceW
KERNEL32.dll	1408		UnhandledExceptionFilter
KERNEL32.dll	1502		WriteConsoleW
KERNEL32.dll	402		FlushFileBuffers
KERNEL32.dll	1276		SetFilePointerEx
KERNEL32.dll	494		GetConsoleMode
KERNEL32.dll	476		GetConsoleCP
KERNEL32.dll	1312		SetStdHandle
KERNEL32.dll	457		GetCommandLineW
KERNEL32.dll	456		GetCommandLineA
KERNEL32.dll	674		GetProcessHeap
KERNEL32.dll	764		GetUserDefaultLCID
KERNEL32.dll	918		LCMapStringW
KERNEL32.dll	261		DeleteCriticalSection
KERNEL32.dll	841		InitializeCriticalSectionEx
KERNEL32.dll	1087		RaiseException
KERNEL32.dll	254		DecodePointer
KERNEL32.dll	1483		WideCharToMultiByte
KERNEL32.dll	977		MultiByteToWideChar
KERNEL32.dll	933		LoadLibraryA
KERNEL32.dll	934		LoadLibraryExA
KERNEL32.dll	669		GetProcAddress
KERNEL32.dll	612		GetModuleHandleA
KERNEL32.dll	414		FreeLibrary
KERNEL32.dll	716		GetSystemDirectoryA
KERNEL32.dll	219		CreateProcessW
KERNEL32.dll	556		GetExitCodeProcess
KERNEL32.dll	521		GetCurrentProcess
KERNEL32.dll	1262		SetErrorMode
KERNEL32.dll	592		GetLastError
KERNEL32.dll	127		CloseHandle
KERNEL32.dll	1503		WriteFile
KERNEL32.dll	1069		QueryPerformanceCounter
KERNEL32.dll	522		GetCurrentProcessId
KERNEL32.dll	526		GetCurrentThreadId
KERNEL32.dll	726		GetSystemTimeAsFileTime
KERNEL32.dll	843		InitializeSListHead
KERNEL32.dll	871		IsDebuggerPresent
KERNEL32.dll	1345		SetUnhandledExceptionFilter
KERNEL32.dll	702		GetStartupInfoW
KERNEL32.dll	877		IsProcessorFeaturePresent
KERNEL32.dll	615		GetModuleHandleW
KERNEL32.dll	1375		TerminateProcess
KERNEL32.dll	289		EncodePointer
KERNEL32.dll	1196		RtlUnwind
KERNEL32.dll	611		GetModuleFileNameW
KERNEL32.dll	852		InterlockedFlushSList
KERNEL32.dll	1290		SetLastError
KERNEL32.dll	840		InitializeCriticalSectionAndSpinCount
KERNEL32.dll	1393		TlsAlloc
KERNEL32.dll	1395		TlsGetValue
KERNEL32.dll	1396		TlsSetValue
KERNEL32.dll	1394		TlsFree
KERNEL32.dll	935		LoadLibraryExW
KERNEL32.dll	293		EnterCriticalSection
KERNEL32.dll	930		LeaveCriticalSection
KERNEL32.dll	337		ExitProcess
KERNEL32.dll	614		GetModuleHandleExW
KERNEL32.dll	819		HeapFree
KERNEL32.dll	815		HeapAlloc
KERNEL32.dll	420		GetACP
KERNEL32.dll	704		GetStdHandle
KERNEL32.dll	574		GetFileType
KERNEL32.dll	709		GetStringTypeW
KERNEL32.dll	824		HeapSize
KERNEL32.dll	822		HeapReAlloc
KERNEL32.dll	882		IsValidCodePage
KERNEL32.dll	646		GetOEMCP
KERNEL32.dll	435		GetCPInfo
KERNEL32.dll	551		GetEnvironmentStringsW
KERNEL32.dll	413		FreeEnvironmentStringsW
OLEAUT32.dll		2
OLEAUT32.dll		4
OLEAUT32.dll		6
OLEAUT32.dll		7
OLEAUT32.dll		149
OLEAUT32.dll		150
OLEAUT32.dll		313
OLEAUT32.dll		201
OLEAUT32.dll		200
OLEAUT32.dll		277
ole32.dll	80		CoInitializeEx
ole32.dll	26		CoCreateInstance
ole32.dll	122		CoTaskMemAlloc
ole32.dll	124		CoTaskMemRealloc
ole32.dll	123		CoTaskMemFree
ole32.dll	372		OleRun
ole32.dll	127		CoUninitialize
USER32.dll	596		MsgWaitForMultipleObjects
USER32.dll	619		PeekMessageA
USER32.dll	180		DispatchMessageA
USER32.dll	831		TranslateMessage
USER32.dll	582		MessageBoxA
USER32.dll	47		CharNextA
USER32.dll	265		FindWindowW
USER32.dll	589		MessageBoxW
SHELL32.dll	307		ShellExecuteA
msi.dll		74
msi.dll		145
msi.dll		51
msi.dll		116
msi.dll		47
msi.dll		103
msi.dll		171
msi.dll		64
msi.dll		49
msi.dll		120
msi.dll		80
msi.dll		118
msi.dll		8
msi.dll		32
msi.dll		159
msi.dll		160
msi.dll		17
msi.dll		114
msi.dll		121
msi.dll		125

ord	entry_va	function_name
1	0x11996	SetTARGETSITE
2	0xfa05	EvaluateURLs
3	0xfc0e	EvaluateURLsMB
4	0xfc37	EvaluateURLsNoFail
5	0x12061	ToggleNearestAppRoot
6	0xf0a1	CreateAppRoots
7	0x13da3	GatherWebFolderProperties
8	0x13001	ApplyWebFolderProperties
9	0x15264	RollbackApplyWebFolderProperties
10	0xdb55	CheckFX
11	0x1209e	VsdLaunchConditions
12	0x100ba	GatherWebSites
13	0xfc52	GatherAppPools
14	0x11543	SetTARGETAPPPOOL
15	0x116c2	SetTARGETIISPATH
16	0xfdf1	GatherRegisterAspNetProperties
17	0x10bf4	RegisterAspNet

module_name	CustomActions.dll
flags	0
timestamp	2015-08-05 02:48:12
version	0.0
ordinal_base	1
nFunctions	17
nNames	17
Names(17)	0x4329c
Functions(17)	0x43258
NameOrdinals(17)	0x432e0

StringTable 040904b0

CompanyName	Microsoft Corporation
FileDescription	Microsoft (R) Visual Studio UrlConvert custom action
FileVersion	14.0.23205.0 built by: D14OOB
InternalName	CustomActions
LegalCopyright	© Microsoft Corporation. All rights reserved.
OriginalFilename	DPCA.DLL
ProductName	Microsoft® Visual Studio® 2015
ProductVersion	14.0.23205.0
OleSelfRegister

VS_FIXEDFILEINFO

FileVersion	14.0.23205.0
ProductVersion	14.0.23205.0
StrucVersion	0x10000
FileFlagsMask	0x3f
FileFlags	0
FileOS	4
FileType	2
FileSubtype	0

show previews

offset	size	type	comment
0	295424	DLL	08/05/2015 03:47:41	#
15c1	15	HTM		#
54a00	105056	BMP	(500 x 70)	#
6e460	4193696	BIN	overlay data past EOF	#

Scanning the drive for archives:
1 file, 4645376 bytes (4537 KiB)


--
Type = Cab
WARNINGS:
There are data after the end of archive
Offset = 512512
Physical Size = 4132435
Tail Size = 429
Method = MSZip
Blocks = 13
Volumes = 1
Volume Index = 0
ID = 0

   Date      Time    Attr         Size   Compressed  Name
------------------- ----- ------------ ------------  ------------------------
2015-11-05 22:54:46 .....        20376               api_ms_win_core_sysinfo_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19368               api_ms_win_core_namedpipe_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2016-01-18 00:14:34 .....        37376               _0C57D2EF0A30CF1728BA0E3311579519
2015-11-05 22:54:46 .....        18848               api_ms_win_core_profile_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        21896               api_ms_win_crt_time_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        20424               api_ms_win_core_processenvironment_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2016-01-06 00:12:24 ..H..        46592               _239090AFFD0F4AD89B101A7F3424C8E8
2015-11-05 22:54:46 .....        19376               api_ms_win_core_errorhandling_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        20376               api_ms_win_crt_process_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....       916288               ucrtbase.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19344               api_ms_win_core_util_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19856               api_ms_win_core_heap_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-12-27 23:53:30 ..H..        58368               _34D4711117E00807E4091AA1BBBD5033
2015-11-05 22:54:46 .....        21936               api_ms_win_core_localization_l1_2_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        20360               api_ms_win_crt_heap_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        25496               api_ms_win_crt_string_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        85840               vcruntime140.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....       245056               concrt140.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19344               api_ms_win_core_file_l2_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        18856               api_ms_win_core_rtlsupport_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19896               api_ms_win_core_processthreads_l1_1_1.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        25488               api_ms_win_crt_stdio_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19880               api_ms_win_crt_environment_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....       443192               msvcp140.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19864               api_ms_win_crt_utility_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        27552               api_ms_win_crt_multibyte_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        74136               api_ms_win_crt_private_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19360               api_ms_win_core_datetime_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        23448               api_ms_win_crt_convert_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-12-22 22:25:12 .....          187               _9019034EB3AB2EA45B171757F124157B
2015-11-05 22:54:46 .....        19864               api_ms_win_core_console_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        21432               api_ms_win_core_processthreads_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19864               api_ms_win_crt_locale_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19360               api_ms_win_core_timezone_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2016-01-03 17:02:18 .....      5647872               _A45074ABC91A489FBD3B3FBA61B28CD2
2015-11-05 22:54:46 .....        19352               api_ms_win_core_debug_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19896               api_ms_win_core_libraryloader_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        20368               api_ms_win_crt_conio_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        23960               api_ms_win_crt_runtime_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....       271024               vccorlib140.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2016-01-03 15:21:18 .....        70144               _B1FD386C9601417ABC593B942B96D20B
2015-11-05 22:54:46 .....        21392               api_ms_win_core_synch_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19864               api_ms_win_core_memory_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-12-27 23:53:26 .....       513536               _CC3A13A4A8151B655851D8F5A13DE53C
2015-11-05 22:54:46 .....        19352               api_ms_win_core_handle_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        22928               api_ms_win_core_file_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        21416               api_ms_win_crt_filesystem_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        30096               api_ms_win_crt_math_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2016-01-06 00:08:12 ..H..      1912320               _E1FF763F927E479B888F81462EC7D94F
2016-01-11 20:07:36 ..H..        50688               _E79EE45A51AA52C667B7994AAEFCCF4F
2015-11-05 22:54:46 .....        19352               api_ms_win_core_string_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19344               api_ms_win_core_file_l1_2_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19880               api_ms_win_core_interlocked_l1_1_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
2015-11-05 22:54:46 .....        19864               api_ms_win_core_synch_l1_2_0.dll.4DC92F6E_EBA2_3C5C_A487_1CFA4311A269
------------------- ----- ------------ ------------  ------------------------
2016-01-18 00:14:34           11191547      4645376  54 files

Warnings: 1

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

everything is OK

test.msi-

MZ Header

Rich Header

DOS stub

PE Header

Packer / Compiler

Sections

Data Directory

StringTable 040904b0

VS_FIXEDFILEINFO

test.msi
-