filename | okzai.dll | |
---|---|---|
size | 2280960 (0x22ce00) | |
md5 | 93e40893e9ac95186c07f7f94f9d4344 | |
type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x50 |
blocks_in_file | 2 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0xf |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0x1a |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0x100 |
DOS stub
00000000: ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 |........!..L.!..| 00000010: 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 |This program mus| 00000020: 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 |t be run under W| 00000030: 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 |in32..$7........| 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000000c0:
PE Header
Packer / Compiler
Sections
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0x1c000 | 0x73 | |
IMPORT | 0x230fc0 | 0x324 | |
RESOURCE | 0x1f000 | 0x1800 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0x22000 | 0x68 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0 | 0 | |
Bound_IAT | 0 | 0 | |
IAT | 0 | 0 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
type | name | size | cp | |
---|---|---|---|---|
ICON | #1 | 744 | 0 | |
STRING | #4090 | 464 | 0 | |
STRING | #4091 | 872 | 0 | |
STRING | #4092 | 244 | 0 | |
STRING | #4093 | 196 | 0 | |
STRING | #4094 | 736 | 0 | |
STRING | #4095 | 860 | 0 | |
STRING | #4096 | 692 | 0 | |
RCDATA | DVCLAL | 16 | 0 | |
RCDATA | PACKAGEINFO | 156 | 0 | |
GROUP_ICON | MAINICON | 20 | 0 |
id | lang | string |
---|---|---|
65424 | 0 | Out of memory while expanding memory stream |
65425 | 0 | Error reading %s%s%s: %s |
65426 | 0 | Stream read error |
65427 | 0 | Property is read-only |
65428 | 0 | %s.Seek not implemented |
65429 | 0 | Operation not allowed on sorted list |
65430 | 0 | Property %s does not exist |
65431 | 0 | Stream write error |
65440 | 0 | Friday |
65441 | 0 | Saturday |
65442 | 0 | Ancestor for '%s' not found |
65443 | 0 | Cannot assign a %s to a %s |
65444 | 0 | Class %s not found |
65445 | 0 | List does not allow duplicates ($0%x) |
65446 | 0 | A component named %s already exists |
65447 | 0 | String list does not allow duplicates |
65448 | 0 | Cannot create file %s |
65449 | 0 | Cannot open file %s |
65450 | 0 | ''%s'' is not a valid component name |
65451 | 0 | Invalid property path |
65452 | 0 | Invalid property value |
65453 | 0 | List capacity out of bounds (%d) |
65454 | 0 | List count out of bounds (%d) |
65455 | 0 | List index out of bounds (%d) |
65456 | 0 | September |
65457 | 0 | October |
65458 | 0 | November |
65459 | 0 | December |
65460 | 0 | Sun |
65461 | 0 | Mon |
65462 | 0 | Tue |
65463 | 0 | Wed |
65464 | 0 | Thu |
65465 | 0 | Fri |
65466 | 0 | Sat |
65467 | 0 | Sunday |
65468 | 0 | Monday |
65469 | 0 | Tuesday |
65470 | 0 | Wednesday |
65471 | 0 | Thursday |
65472 | 0 | May |
65473 | 0 | Jun |
65474 | 0 | Jul |
65475 | 0 | Aug |
65476 | 0 | Sep |
65477 | 0 | Oct |
65478 | 0 | Nov |
65479 | 0 | Dec |
65480 | 0 | January |
65481 | 0 | February |
65482 | 0 | March |
65483 | 0 | April |
65484 | 0 | May |
65485 | 0 | June |
65486 | 0 | July |
65487 | 0 | August |
65488 | 0 | Error creating variant array |
65489 | 0 | Variant is not an array |
65490 | 0 | Variant array index out of bounds |
65491 | 0 | External exception %x |
65492 | 0 | Assertion failed |
65493 | 0 | Interface not supported |
65494 | 0 | Exception in safecall method |
65495 | 0 | %s (%s, line %d) |
65496 | 0 | Abstract Error |
65497 | 0 | Access violation at address %p in module '%s'. %s of address %p |
65498 | 0 | System Error. Code: %d. %s |
65499 | 0 | A call to an OS function failed |
65500 | 0 | Jan |
65501 | 0 | Feb |
65502 | 0 | Mar |
65503 | 0 | Apr |
65504 | 0 | Floating point underflow |
65505 | 0 | Invalid pointer operation |
65506 | 0 | Invalid class typecast |
65507 | 0 | Access violation at address %p. %s of address %p |
65508 | 0 | Stack overflow |
65509 | 0 | Control-C hit |
65510 | 0 | Privileged instruction |
65511 | 0 | Exception %s in module %s at %p. %s%s |
65512 | 0 | Application Error |
65513 | 0 | Format '%s' invalid or incompatible with argument |
65514 | 0 | No argument for format '%s' |
65515 | 0 | Invalid variant type conversion |
65516 | 0 | Invalid variant operation |
65517 | 0 | Variant method calls not supported |
65518 | 0 | Read |
65519 | 0 | Write |
65520 | 0 | '%s' is not a valid integer value |
65521 | 0 | Out of memory |
65522 | 0 | I/O error %d |
65523 | 0 | File not found |
65524 | 0 | Invalid filename |
65525 | 0 | Too many open files |
65526 | 0 | File access denied |
65527 | 0 | Read beyond end of file |
65528 | 0 | Disk full |
65529 | 0 | Invalid numeric input |
65530 | 0 | Division by zero |
65531 | 0 | Range check error |
65532 | 0 | Integer overflow |
65533 | 0 | Invalid floating point operation |
65534 | 0 | Floating point division by zero |
65535 | 0 | Floating point overflow |
module_name | hint | ord | function_name |
---|---|---|---|
KERNEL32.dll | 671 | TerminateThread | |
KERNEL32.dll | 662 | Sleep | |
KERNEL32.dll | 365 | GetTickCount | |
KERNEL32.dll | 185 | GetACP | |
KERNEL32.dll | 305 | GetOEMCP | |
KERNEL32.dll | 247 | GetCurrentProcess | |
KERNEL32.dll | 248 | GetCurrentProcessId | |
KERNEL32.dll | 249 | GetCurrentThread | |
KERNEL32.dll | 282 | GetLastError | |
KERNEL32.dll | 343 | GetSystemDefaultLCID | |
KERNEL32.dll | 372 | GetVersion | |
KERNEL32.dll | 671 | TerminateThread | |
KERNEL32.dll | 268 | GetExitCodeThread | |
KERNEL32.dll | 718 | WaitForSingleObject | |
KERNEL32.dll | 662 | Sleep | |
KERNEL32.dll | 27 | CloseHandle | |
KERNEL32.dll | 351 | GetSystemTimeAsFileTime | |
KERNEL32.dll | 437 | IsBadReadPtr | |
KERNEL32.dll | 250 | GetCurrentThreadId | |
KERNEL32.dll | 248 | GetCurrentProcessId | |
KERNEL32.dll | 102 | EnterCriticalSection | |
KERNEL32.dll | 426 | InitializeCriticalSection | |
KERNEL32.dll | 415 | HeapFree | |
KERNEL32.dll | 320 | GetProcessHeap | |
KERNEL32.dll | 409 | HeapAlloc | |
KERNEL32.dll | 92 | DeviceIoControl | |
KERNEL32.dll | 460 | LocalFree | |
KERNEL32.dll | 52 | CreateFileA | |
KERNEL32.dll | 456 | LocalAlloc | |
KERNEL32.dll | 429 | InterlockedDecrement | |
KERNEL32.dll | 428 | InterlockedCompareExchange | |
KERNEL32.dll | 63 | CreateMutexA | |
KERNEL32.dll | 549 | ReleaseMutex | |
KERNEL32.dll | 175 | FormatMessageA | |
KERNEL32.dll | 282 | GetLastError | |
KERNEL32.dll | 375 | GetVolumeInformationA | |
KERNEL32.dll | 265 | GetEnvironmentVariableA | |
KERNEL32.dll | 74 | CreateThread | |
KERNEL32.dll | 318 | GetProcAddress | |
KERNEL32.dll | 450 | LoadLibraryA | |
KERNEL32.dll | 677 | TlsSetValue | |
KERNEL32.dll | 676 | TlsGetValue | |
KERNEL32.dll | 674 | TlsAlloc | |
KERNEL32.dll | 667 | SystemTimeToFileTime | |
KERNEL32.dll | 349 | GetSystemTime | |
KERNEL32.dll | 138 | FileTimeToSystemTime | |
KERNEL32.dll | 247 | GetCurrentProcess | |
KERNEL32.dll | 675 | TlsFree | |
KERNEL32.dll | 294 | GetModuleHandleA | |
KERNEL32.dll | 536 | ReadFile | |
KERNEL32.dll | 735 | WriteFile | |
KERNEL32.dll | 274 | GetFileSize | |
KERNEL32.dll | 144 | FindClose | |
KERNEL32.dll | 283 | GetLocalTime | |
KERNEL32.dll | 612 | SetErrorMode | |
KERNEL32.dll | 148 | FindFirstFileA | |
KERNEL32.dll | 157 | FindNextFileA | |
KERNEL32.dll | 292 | GetModuleFileNameA | |
KERNEL32.dll | 432 | InterlockedIncrement | |
KERNEL32.dll | 418 | HeapReAlloc | |
KERNEL32.dll | 563 | SearchPathA | |
KERNEL32.dll | 71 | CreateSemaphoreA | |
KERNEL32.dll | 497 | OpenSemaphoreA | |
KERNEL32.dll | 550 | ReleaseSemaphore | |
KERNEL32.dll | 449 | LeaveCriticalSection | |
KERNEL32.dll | 85 | DeleteCriticalSection | |
KERNEL32.dll | 180 | FreeLibrary | |
KERNEL32.dll | 372 | GetVersion | |
MSVCRT.dll | 704 | strncmp | |
SETUPAPI.dll | 112 | SetupDiEnumDeviceInfo | |
ADVAPI32.dll | 215 | GetUserNameA | |
COMCTL32.dll | 67 | InitCommonControlsEx | |
USER32.dll | 399 | IsWindow | |
USER32.dll | 618 | ShowWindow | |
USER32.dll | 237 | GetClassNameA | |
USER32.dll | 354 | GetWindowThreadProcessId | |
USER32.dll | 338 | GetWindow | |
USER32.dll | 603 | SetWindowPos | |
USER32.dll | 258 | GetDlgItem | |
USER32.dll | 657 | UpdateWindow | |
USER32.dll | 607 | SetWindowTextW | |
USER32.dll | 353 | GetWindowTextW | |
USER32.dll | 240 | GetClientRect | |
USER32.dll | 348 | GetWindowRect | |
USER32.dll | 532 | SendMessageA | |
USER32.dll | 208 | EnumWindows | |
USER32.dll | 255 | GetDesktopWindow | |
USER32.dll | 451 | MessageBoxW | |
USER32.dll | 342 | GetWindowLongA | |
USER32.dll | 600 | SetWindowLongA | |
USER32.dll | 132 | DefWindowProcA | |
WSOCK32.dll | 115 | ||
KERNEL32.dll | 294 | GetModuleHandleA | |
KERNEL32.dll | 318 | GetProcAddress | |
USER32.dll | 446 | MessageBoxA | |
kernel32.dll | DeleteCriticalSection | ||
user32.dll | GetKeyboardType | ||
advapi32.dll | RegQueryValueExA | ||
oleaut32.dll | SysFreeString | ||
kernel32.dll | TlsSetValue | ||
kernel32.dll | WriteFile | ||
user32.dll | MessageBoxA | ||
kernel32.dll | Sleep | ||
oleaut32.dll | SafeArrayPtrOfIndex |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
everything is OK