| filename | okzai.dll | |
|---|---|---|
| size | 2280960 (0x22ce00) | |
| md5 | 93e40893e9ac95186c07f7f94f9d4344 | |
| type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x50 |
| blocks_in_file | 2 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0xf |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0x1a |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x100 |
DOS stub
00000000: ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 |........!..L.!..| 00000010: 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 |This program mus| 00000020: 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 |t be run under W| 00000030: 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 |in32..$7........| 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000000c0:
PE Header
Packer / Compiler
Sections
Data Directory
| type | va | size | |
|---|---|---|---|
| EXPORT | 0x1c000 | 0x73 | |
| IMPORT | 0x230fc0 | 0x324 | |
| RESOURCE | 0x1f000 | 0x1800 | |
| EXCEPTION | 0 | 0 | |
| SECURITY | 0 | 0 | |
| BASERELOC | 0x22000 | 0x68 | |
| DEBUG | 0 | 0 | |
| ARCHITECTURE | 0 | 0 | |
| GLOBALPTR | 0 | 0 | |
| TLS | 0 | 0 | |
| LOAD_CONFIG | 0 | 0 | |
| Bound_IAT | 0 | 0 | |
| IAT | 0 | 0 | |
| Delay_IAT | 0 | 0 | |
| CLR_Header | 0 | 0 |
| type | name | size | cp | |
|---|---|---|---|---|
| ICON | #1 | 744 | 0 | |
| STRING | #4090 | 464 | 0 | |
| STRING | #4091 | 872 | 0 | |
| STRING | #4092 | 244 | 0 | |
| STRING | #4093 | 196 | 0 | |
| STRING | #4094 | 736 | 0 | |
| STRING | #4095 | 860 | 0 | |
| STRING | #4096 | 692 | 0 | |
| RCDATA | DVCLAL | 16 | 0 | |
| RCDATA | PACKAGEINFO | 156 | 0 | |
| GROUP_ICON | MAINICON | 20 | 0 |
| id | lang | string |
|---|---|---|
| 65424 | 0 | Out of memory while expanding memory stream |
| 65425 | 0 | Error reading %s%s%s: %s |
| 65426 | 0 | Stream read error |
| 65427 | 0 | Property is read-only |
| 65428 | 0 | %s.Seek not implemented |
| 65429 | 0 | Operation not allowed on sorted list |
| 65430 | 0 | Property %s does not exist |
| 65431 | 0 | Stream write error |
| 65440 | 0 | Friday |
| 65441 | 0 | Saturday |
| 65442 | 0 | Ancestor for '%s' not found |
| 65443 | 0 | Cannot assign a %s to a %s |
| 65444 | 0 | Class %s not found |
| 65445 | 0 | List does not allow duplicates ($0%x) |
| 65446 | 0 | A component named %s already exists |
| 65447 | 0 | String list does not allow duplicates |
| 65448 | 0 | Cannot create file %s |
| 65449 | 0 | Cannot open file %s |
| 65450 | 0 | ''%s'' is not a valid component name |
| 65451 | 0 | Invalid property path |
| 65452 | 0 | Invalid property value |
| 65453 | 0 | List capacity out of bounds (%d) |
| 65454 | 0 | List count out of bounds (%d) |
| 65455 | 0 | List index out of bounds (%d) |
| 65456 | 0 | September |
| 65457 | 0 | October |
| 65458 | 0 | November |
| 65459 | 0 | December |
| 65460 | 0 | Sun |
| 65461 | 0 | Mon |
| 65462 | 0 | Tue |
| 65463 | 0 | Wed |
| 65464 | 0 | Thu |
| 65465 | 0 | Fri |
| 65466 | 0 | Sat |
| 65467 | 0 | Sunday |
| 65468 | 0 | Monday |
| 65469 | 0 | Tuesday |
| 65470 | 0 | Wednesday |
| 65471 | 0 | Thursday |
| 65472 | 0 | May |
| 65473 | 0 | Jun |
| 65474 | 0 | Jul |
| 65475 | 0 | Aug |
| 65476 | 0 | Sep |
| 65477 | 0 | Oct |
| 65478 | 0 | Nov |
| 65479 | 0 | Dec |
| 65480 | 0 | January |
| 65481 | 0 | February |
| 65482 | 0 | March |
| 65483 | 0 | April |
| 65484 | 0 | May |
| 65485 | 0 | June |
| 65486 | 0 | July |
| 65487 | 0 | August |
| 65488 | 0 | Error creating variant array |
| 65489 | 0 | Variant is not an array |
| 65490 | 0 | Variant array index out of bounds |
| 65491 | 0 | External exception %x |
| 65492 | 0 | Assertion failed |
| 65493 | 0 | Interface not supported |
| 65494 | 0 | Exception in safecall method |
| 65495 | 0 | %s (%s, line %d) |
| 65496 | 0 | Abstract Error |
| 65497 | 0 | Access violation at address %p in module '%s'. %s of address %p |
| 65498 | 0 | System Error. Code: %d. %s |
| 65499 | 0 | A call to an OS function failed |
| 65500 | 0 | Jan |
| 65501 | 0 | Feb |
| 65502 | 0 | Mar |
| 65503 | 0 | Apr |
| 65504 | 0 | Floating point underflow |
| 65505 | 0 | Invalid pointer operation |
| 65506 | 0 | Invalid class typecast |
| 65507 | 0 | Access violation at address %p. %s of address %p |
| 65508 | 0 | Stack overflow |
| 65509 | 0 | Control-C hit |
| 65510 | 0 | Privileged instruction |
| 65511 | 0 | Exception %s in module %s at %p. %s%s |
| 65512 | 0 | Application Error |
| 65513 | 0 | Format '%s' invalid or incompatible with argument |
| 65514 | 0 | No argument for format '%s' |
| 65515 | 0 | Invalid variant type conversion |
| 65516 | 0 | Invalid variant operation |
| 65517 | 0 | Variant method calls not supported |
| 65518 | 0 | Read |
| 65519 | 0 | Write |
| 65520 | 0 | '%s' is not a valid integer value |
| 65521 | 0 | Out of memory |
| 65522 | 0 | I/O error %d |
| 65523 | 0 | File not found |
| 65524 | 0 | Invalid filename |
| 65525 | 0 | Too many open files |
| 65526 | 0 | File access denied |
| 65527 | 0 | Read beyond end of file |
| 65528 | 0 | Disk full |
| 65529 | 0 | Invalid numeric input |
| 65530 | 0 | Division by zero |
| 65531 | 0 | Range check error |
| 65532 | 0 | Integer overflow |
| 65533 | 0 | Invalid floating point operation |
| 65534 | 0 | Floating point division by zero |
| 65535 | 0 | Floating point overflow |
| module_name | hint | ord | function_name |
|---|---|---|---|
| KERNEL32.dll | 671 | TerminateThread | |
| KERNEL32.dll | 662 | Sleep | |
| KERNEL32.dll | 365 | GetTickCount | |
| KERNEL32.dll | 185 | GetACP | |
| KERNEL32.dll | 305 | GetOEMCP | |
| KERNEL32.dll | 247 | GetCurrentProcess | |
| KERNEL32.dll | 248 | GetCurrentProcessId | |
| KERNEL32.dll | 249 | GetCurrentThread | |
| KERNEL32.dll | 282 | GetLastError | |
| KERNEL32.dll | 343 | GetSystemDefaultLCID | |
| KERNEL32.dll | 372 | GetVersion | |
| KERNEL32.dll | 671 | TerminateThread | |
| KERNEL32.dll | 268 | GetExitCodeThread | |
| KERNEL32.dll | 718 | WaitForSingleObject | |
| KERNEL32.dll | 662 | Sleep | |
| KERNEL32.dll | 27 | CloseHandle | |
| KERNEL32.dll | 351 | GetSystemTimeAsFileTime | |
| KERNEL32.dll | 437 | IsBadReadPtr | |
| KERNEL32.dll | 250 | GetCurrentThreadId | |
| KERNEL32.dll | 248 | GetCurrentProcessId | |
| KERNEL32.dll | 102 | EnterCriticalSection | |
| KERNEL32.dll | 426 | InitializeCriticalSection | |
| KERNEL32.dll | 415 | HeapFree | |
| KERNEL32.dll | 320 | GetProcessHeap | |
| KERNEL32.dll | 409 | HeapAlloc | |
| KERNEL32.dll | 92 | DeviceIoControl | |
| KERNEL32.dll | 460 | LocalFree | |
| KERNEL32.dll | 52 | CreateFileA | |
| KERNEL32.dll | 456 | LocalAlloc | |
| KERNEL32.dll | 429 | InterlockedDecrement | |
| KERNEL32.dll | 428 | InterlockedCompareExchange | |
| KERNEL32.dll | 63 | CreateMutexA | |
| KERNEL32.dll | 549 | ReleaseMutex | |
| KERNEL32.dll | 175 | FormatMessageA | |
| KERNEL32.dll | 282 | GetLastError | |
| KERNEL32.dll | 375 | GetVolumeInformationA | |
| KERNEL32.dll | 265 | GetEnvironmentVariableA | |
| KERNEL32.dll | 74 | CreateThread | |
| KERNEL32.dll | 318 | GetProcAddress | |
| KERNEL32.dll | 450 | LoadLibraryA | |
| KERNEL32.dll | 677 | TlsSetValue | |
| KERNEL32.dll | 676 | TlsGetValue | |
| KERNEL32.dll | 674 | TlsAlloc | |
| KERNEL32.dll | 667 | SystemTimeToFileTime | |
| KERNEL32.dll | 349 | GetSystemTime | |
| KERNEL32.dll | 138 | FileTimeToSystemTime | |
| KERNEL32.dll | 247 | GetCurrentProcess | |
| KERNEL32.dll | 675 | TlsFree | |
| KERNEL32.dll | 294 | GetModuleHandleA | |
| KERNEL32.dll | 536 | ReadFile | |
| KERNEL32.dll | 735 | WriteFile | |
| KERNEL32.dll | 274 | GetFileSize | |
| KERNEL32.dll | 144 | FindClose | |
| KERNEL32.dll | 283 | GetLocalTime | |
| KERNEL32.dll | 612 | SetErrorMode | |
| KERNEL32.dll | 148 | FindFirstFileA | |
| KERNEL32.dll | 157 | FindNextFileA | |
| KERNEL32.dll | 292 | GetModuleFileNameA | |
| KERNEL32.dll | 432 | InterlockedIncrement | |
| KERNEL32.dll | 418 | HeapReAlloc | |
| KERNEL32.dll | 563 | SearchPathA | |
| KERNEL32.dll | 71 | CreateSemaphoreA | |
| KERNEL32.dll | 497 | OpenSemaphoreA | |
| KERNEL32.dll | 550 | ReleaseSemaphore | |
| KERNEL32.dll | 449 | LeaveCriticalSection | |
| KERNEL32.dll | 85 | DeleteCriticalSection | |
| KERNEL32.dll | 180 | FreeLibrary | |
| KERNEL32.dll | 372 | GetVersion | |
| MSVCRT.dll | 704 | strncmp | |
| SETUPAPI.dll | 112 | SetupDiEnumDeviceInfo | |
| ADVAPI32.dll | 215 | GetUserNameA | |
| COMCTL32.dll | 67 | InitCommonControlsEx | |
| USER32.dll | 399 | IsWindow | |
| USER32.dll | 618 | ShowWindow | |
| USER32.dll | 237 | GetClassNameA | |
| USER32.dll | 354 | GetWindowThreadProcessId | |
| USER32.dll | 338 | GetWindow | |
| USER32.dll | 603 | SetWindowPos | |
| USER32.dll | 258 | GetDlgItem | |
| USER32.dll | 657 | UpdateWindow | |
| USER32.dll | 607 | SetWindowTextW | |
| USER32.dll | 353 | GetWindowTextW | |
| USER32.dll | 240 | GetClientRect | |
| USER32.dll | 348 | GetWindowRect | |
| USER32.dll | 532 | SendMessageA | |
| USER32.dll | 208 | EnumWindows | |
| USER32.dll | 255 | GetDesktopWindow | |
| USER32.dll | 451 | MessageBoxW | |
| USER32.dll | 342 | GetWindowLongA | |
| USER32.dll | 600 | SetWindowLongA | |
| USER32.dll | 132 | DefWindowProcA | |
| WSOCK32.dll | 115 | ||
| KERNEL32.dll | 294 | GetModuleHandleA | |
| KERNEL32.dll | 318 | GetProcAddress | |
| USER32.dll | 446 | MessageBoxA | |
| kernel32.dll | DeleteCriticalSection | ||
| user32.dll | GetKeyboardType | ||
| advapi32.dll | RegQueryValueExA | ||
| oleaut32.dll | SysFreeString | ||
| kernel32.dll | TlsSetValue | ||
| kernel32.dll | WriteFile | ||
| user32.dll | MessageBoxA | ||
| kernel32.dll | Sleep | ||
| oleaut32.dll | SafeArrayPtrOfIndex |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
everything is OK