| filename | AcGenral.dll | |
|---|---|---|
| size | 2176512 (0x213600) | |
| md5 | b5b2896034d8adebd79e0c281b52508f | |
| type | PE32 executable (DLL) (console) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xe0 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 147 | 30729 | 57 |
| 1 | 0 | 463 |
| 149 | 30729 | 19 |
| 131 | 30729 | 129 |
| 146 | 30729 | 1 |
| 132 | 30729 | 294 |
| 148 | 30729 | 1 |
| 145 | 30729 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
| name | va | vsize | raw size | flags | |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x78e99 | 0x79000 | R-X CODE | |
| .data | 0x7a000 | 0xa100 | 0x8200 | RW- IDATA | |
| .rsrc | 0x85000 | 0x189260 | 0x189400 | R-- IDATA | |
| .reloc | 0x20f000 | 0x8a90 | 0x8c00 | R-- IDATA DISCARDABLE |
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| ntdll.dll | 924 | RtlInitUnicodeString | |
| ntdll.dll | 398 | NtQueryInformationProcess | |
| ntdll.dll | 497 | NtSetInformationProcess | |
| ntdll.dll | 982 | RtlIsDosDeviceName_U | |
| ntdll.dll | 212 | NtClose | |
| ntdll.dll | 1190 | RtlSubAuthoritySid | |
| ntdll.dll | 401 | NtQueryInformationToken | |
| ntdll.dll | 944 | RtlInitializeSid | |
| ntdll.dll | 1005 | RtlLengthRequiredSid | |
| ntdll.dll | 791 | RtlEqualSid | |
| ntdll.dll | 884 | RtlGetOwnerSecurityDescriptor | |
| ntdll.dll | 621 | RtlAppendUnicodeToString | |
| ntdll.dll | 412 | NtQueryObject | |
| ntdll.dll | 845 | RtlFreeUnicodeString | |
| ntdll.dll | 834 | RtlFormatCurrentUserKeyPath | |
| ntdll.dll | 1158 | RtlSetLastWin32ErrorAndNtStatusFromNtStatus | |
| ntdll.dll | 873 | RtlGetLastNtStatus | |
| ntdll.dll | 1236 | RtlUnwind | |
| ntdll.dll | 829 | RtlFirstEntrySList | |
| ntdll.dll | 957 | RtlInterlockedPushEntrySList | |
| ntdll.dll | 942 | RtlInitializeSListHead | |
| ntdll.dll | 956 | RtlInterlockedPopEntrySList | |
| ntdll.dll | 522 | NtSetValueKey | |
| ntdll.dll | 232 | NtCreateKey | |
| ntdll.dll | 228 | NtCreateFile | |
| ntdll.dll | 560 | NtWriteFile | |
| ntdll.dll | 759 | RtlDosPathNameToNtPathName_U | |
| ntdll.dll | 346 | NtOpenKey | |
| ntdll.dll | 430 | NtQueryValueKey | |
| ntdll.dll | 847 | RtlGUIDFromString | |
| ntdll.dll | 1052 | RtlOemStringToUnicodeString | |
| ntdll.dll | 611 | RtlAllocateHeap | |
| ntdll.dll | 840 | RtlFreeHeap | |
| ntdll.dll | 1044 | RtlNtStatusToDosError | |
| ntdll.dll | 221 | NtConnectPort | |
| ntdll.dll | 463 | NtRequestWaitReplyPort | |
| ntdll.dll | 904 | RtlIdentifierAuthoritySid | |
| ntdll.dll | 860 | RtlGetDaclSecurityDescriptor | |
| ntdll.dll | 1189 | RtlSubAuthorityCountSid | |
| ntdll.dll | 931 | RtlInitializeCriticalSection | |
| ntdll.dll | 432 | NtQueryVolumeInformationFile | |
| ntdll.dll | 431 | NtQueryVirtualMemory | |
| ntdll.dll | 355 | NtOpenProcessToken | |
| ntdll.dll | 363 | NtOpenThreadToken | |
| ntdll.dll | 379 | NtProtectVirtualMemory | |
| ntdll.dll | 909 | RtlImageNtHeader | |
| ntdll.dll | 915 | RtlInitAnsiString | |
| ntdll.dll | 616 | RtlAnsiStringToUnicodeString | |
| ntdll.dll | 1220 | RtlUnicodeStringToInteger | |
| ntdll.dll | 706 | RtlCreateUnicodeStringFromAsciiz | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 30 | RegQueryValueExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 25 | RegOpenKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 2 | RegCreateKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 28 | RegQueryInfoKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 13 | RegEnumValueW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 39 | RegUnLoadKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 11 | RegEnumKeyExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 29 | RegQueryValueExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 35 | RegSetKeySecurity | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 24 | RegOpenKeyExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 15 | RegGetKeySecurity | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 36 | RegSetValueExA | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 17 | RegGetValueW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 37 | RegSetValueExW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | 19 | RegLoadKeyW | |
| API-MS-Win-Core-LocalRegistry-L1-1-0.dll | RegCloseKey | ||
| API-MS-Win-Security-Base-L1-1-0.dll | 24 | CheckTokenMembership | |
| API-MS-Win-Security-Base-L1-1-0.dll | 50 | GetSecurityDescriptorLength | |
| API-MS-Win-Security-Base-L1-1-0.dll | 64 | InitializeSecurityDescriptor | |
| API-MS-Win-Security-Base-L1-1-0.dll | 91 | SetSecurityDescriptorDacl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 45 | GetLengthSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 63 | InitializeAcl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 42 | GetAclInformation | |
| API-MS-Win-Security-Base-L1-1-0.dll | 31 | CreateWellKnownSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 47 | GetSecurityDescriptorControl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 48 | GetSecurityDescriptorDacl | |
| API-MS-Win-Security-Base-L1-1-0.dll | 38 | EqualSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 20 | AllocateAndInitializeSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 40 | FreeSid | |
| API-MS-Win-Security-Base-L1-1-0.dll | 19 | AdjustTokenPrivileges | |
| API-MS-Win-Security-Base-L1-1-0.dll | 43 | GetFileSecurityW | |
| API-MS-Win-Security-Base-L1-1-0.dll | 41 | GetAce | |
| API-MS-Win-Security-Base-L1-1-0.dll | 7 | AddAccessAllowedAce | |
| API-MS-WIN-Service-winsvc-L1-1-0.dll | 2 | ControlService | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 2 | CreateServiceW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 5 | OpenServiceW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | 6 | StartServiceW | |
| API-MS-WIN-Service-Management-L1-1-0.dll | CloseServiceHandle | ||
| API-MS-WIN-Service-Management-L1-1-0.dll | 4 | OpenSCManagerW | |
| API-MS-WIN-Service-Management-L2-1-0.dll | 1 | ChangeServiceConfigW | |
| SspiCli.dll | 25 | GetUserNameExW | |
| SHLWAPI.dll | 194 | SHGetValueW | |
| SHLWAPI.dll | 73 | PathFindFileNameW | |
| SHLWAPI.dll | 179 | SHDeleteKeyW | |
| SHLWAPI.dll | 139 | PathRemoveFileSpecW | |
| SHLWAPI.dll | 461 | ||
| SHLWAPI.dll | 255 | SHStrDupW | |
| UxTheme.dll | 69 | SetThemeAppProperties | |
| UxTheme.dll | 67 | ||
| USER32.dll | 449 | IsCharAlphaA | |
| USER32.dll | 47 | CharNextA | |
| USER32.dll | 610 | RegisterWindowMessageA | |
| USER32.dll | 42 | ChangeWindowMessageFilterEx | |
| USER32.dll | 260 | GetAncestor | |
| USER32.dll | 274 | GetClassNameW | |
| USER32.dll | 695 | SetSystemCursor | |
| USER32.dll | 491 | LoadCursorW | |
| USER32.dll | 83 | CopyIcon | |
| USER32.dll | 162 | DestroyCursor | |
| USER32.dll | 256 | GetActiveWindow | |
| USER32.dll | 291 | GetDesktopWindow | |
| USER32.dll | 412 | GetWindowRect | |
| USER32.dll | 710 | SetWindowPos | |
| USER32.dll | 537 | MonitorFromRect | |
| USER32.dll | 351 | GetMonitorInfoW | |
| USER32.dll | 289 | GetDC | |
| USER32.dll | 613 | ReleaseDC | |
| USER32.dll | 349 | GetMessageW | |
| USER32.dll | 360 | GetProcessWindowStation | |
| USER32.dll | 175 | DispatchMessageW | |
| USER32.dll | 718 | SetWindowsHookExA | |
| USER32.dll | 317 | GetKeyState | |
| USER32.dll | 28 | CallNextHookEx | |
| USER32.dll | 730 | ShowCursor | |
| USER32.dll | 173 | DisableProcessWindowsGhosting | |
| USER32.dll | 405 | GetWindowLongA | |
| USER32.dll | 301 | GetForegroundWindow | |
| USER32.dll | 817 | mouse_event | |
| USER32.dll | 659 | SetForegroundWindow | |
| USER32.dll | 29 | CallWindowProcA | |
| USER32.dll | 231 | EnumDisplaySettingsA | |
| USER32.dll | 35 | ChangeDisplaySettingsA | |
| USER32.dll | 685 | SetPropW | |
| USER32.dll | 617 | RemovePropW | |
| USER32.dll | 363 | GetPropW | |
| USER32.dll | 307 | GetIconInfo | |
| USER32.dll | 103 | CreateIconIndirect | |
| USER32.dll | 163 | DestroyIcon | |
| USER32.dll | 60 | CharUpperW | |
| USER32.dll | 382 | GetSystemMetrics | |
| USER32.dll | 213 | EmptyClipboard | |
| USER32.dll | 747 | SystemParametersInfoA | |
| USER32.dll | 748 | SystemParametersInfoW | |
| USER32.dll | 225 | EnumDesktopWindows | |
| USER32.dll | 417 | GetWindowTextLengthA | |
| USER32.dll | 416 | GetWindowTextA | |
| USER32.dll | 655 | SetDlgItemTextA | |
| USER32.dll | 636 | SendMessageW | |
| USER32.dll | 810 | WindowFromDC | |
| USER32.dll | 392 | GetUpdateRgn | |
| USER32.dll | 356 | GetParent | |
| USER32.dll | 457 | IsChild | |
| USER32.dll | 621 | ScreenToClient | |
| USER32.dll | 398 | GetWindow | |
| USER32.dll | 480 | IsWindowVisible | |
| USER32.dll | 404 | GetWindowInfo | |
| USER32.dll | 475 | IsWindow | |
| USER32.dll | 302 | GetGUIThreadInfo | |
| USER32.dll | 420 | GetWindowThreadProcessId | |
| USER32.dll | 395 | GetUserObjectInformationW | |
| USER32.dll | 406 | GetWindowLongW | |
| USER32.dll | 386 | GetThreadDesktop | |
| USER32.dll | 567 | PostQuitMessage | |
| USER32.dll | 648 | SetCursor | |
| USER32.dll | 540 | MsgWaitForMultipleObjects | |
| USER32.dll | 563 | PeekMessageW | |
| USER32.dll | 216 | EnableWindow | |
| USER32.dll | 6 | AllowSetForegroundWindow | |
| USER32.dll | 764 | TranslateMessage | |
| GDI32.dll | 459 | GetDeviceCaps | |
| GDI32.dll | 525 | GetStockObject | |
| GDI32.dll | 509 | GetObjectW | |
| GDI32.dll | 48 | CreateCompatibleDC | |
| GDI32.dll | 631 | SelectObject | |
| GDI32.dll | 19 | BitBlt | |
| GDI32.dll | 227 | DeleteDC | |
| GDI32.dll | 53 | CreateDIBSection | |
| GDI32.dll | 448 | GetClipBox | |
| GDI32.dll | 80 | CreateRectRgnIndirect | |
| GDI32.dll | 79 | CreateRectRgn | |
| GDI32.dll | 524 | GetRgnBox | |
| GDI32.dll | 672 | SetRectRgn | |
| GDI32.dll | 34 | CombineRgn | |
| GDI32.dll | 230 | DeleteObject | |
| WINMM.dll | 47 | mciSendCommandA | |
| samcli.dll | 10 | NetLocalGroupAdd | |
| samcli.dll | 12 | NetLocalGroupAddMembers | |
| ole32.dll | 63 | CoInitializeEx | |
| ole32.dll | 376 | StringFromCLSID | |
| ole32.dll | 62 | CoInitialize | |
| ole32.dll | 53 | CoGetObject | |
| ole32.dll | 377 | StringFromGUID2 | |
| ole32.dll | 104 | CoTaskMemFree | |
| ole32.dll | 16 | CoCreateInstance | |
| ole32.dll | 108 | CoUninitialize | |
| OLEAUT32.dll | 6 | ||
| OLEAUT32.dll | 442 | ||
| OLEAUT32.dll | 7 | ||
| OLEAUT32.dll | 2 | ||
| MSACM32.dll | 42 | acmStreamSize | |
| MSACM32.dll | 39 | acmStreamOpen | |
| VERSION.dll | 2 | GetFileVersionInfoExW | |
| VERSION.dll | 6 | GetFileVersionInfoW | |
| VERSION.dll | 14 | VerQueryValueW | |
| VERSION.dll | 5 | GetFileVersionInfoSizeW | |
| SHELL32.dll | 194 | SHGetFolderPathEx | |
| SHELL32.dll | 225 | SHGetSpecialFolderPathW | |
| SHELL32.dll | 288 | ShellExecuteExA | |
| SHELL32.dll | 224 | SHGetSpecialFolderPathA | |
| SHELL32.dll | 289 | ShellExecuteExW | |
| SHELL32.dll | 127 | SHChangeNotify | |
| SHELL32.dll | 141 | SHCreateDirectoryExW | |
| SHELL32.dll | 195 | SHGetFolderPathW | |
| SHELL32.dll | 165 | ||
| sfc.dll | 4 | SfcIsFileProtected | |
| sfc.dll | 5 | SfcIsKeyProtected | |
| USERENV.dll | 30 | GetUserProfileDirectoryW | |
| USERENV.dll | 17 | GetAllUsersProfileDirectoryW | |
| USERENV.dll | 29 | GetUserProfileDirectoryA | |
| dwmapi.dll | 102 | ||
| dwmapi.dll | 15 | DwmIsCompositionEnabled | |
| SETUPAPI.dll | 249 | PnpIsFilePnpDriver | |
| apphelp.dll | 131 | SdbOpenLocalDatabase | |
| apphelp.dll | 163 | SdbResolveDatabase | |
| apphelp.dll | 106 | SdbGetPDBFromGUID | |
| apphelp.dll | 116 | SdbInitDatabase | |
| apphelp.dll | 117 | SdbInitDatabaseEx | |
| apphelp.dll | 70 | SdbFindNextTag | |
| apphelp.dll | 111 | SdbGetStringTagPtr | |
| apphelp.dll | 63 | SdbFindFirstTag | |
| urlmon.dll | 26 | CoInternetSetFeatureEnabled | |
| KERNEL32.dll | 411 | GetConsoleCP | |
| KERNEL32.dll | 429 | GetConsoleMode | |
| KERNEL32.dll | 627 | GetSystemInfo | |
| KERNEL32.dll | 1161 | SetStdHandle | |
| KERNEL32.dll | 1311 | WriteConsoleA | |
| KERNEL32.dll | 433 | GetConsoleOutputCP | |
| KERNEL32.dll | 1321 | WriteConsoleW | |
| KERNEL32.dll | 746 | InterlockedCompareExchange | |
| KERNEL32.dll | 134 | CreateEventW | |
| KERNEL32.dll | 506 | GetFullPathNameW | |
| KERNEL32.dll | 1054 | SearchPathW | |
| KERNEL32.dll | 1354 | lstrcmpiW | |
| KERNEL32.dll | 692 | GlobalAlloc | |
| KERNEL32.dll | 200 | DebugBreak | |
| KERNEL32.dll | 530 | GetModuleFileNameA | |
| KERNEL32.dll | 675 | GetVersionExA | |
| KERNEL32.dll | 609 | GetShortPathNameW | |
| KERNEL32.dll | 514 | GetLocalTime | |
| KERNEL32.dll | 1127 | SetFilePointer | |
| KERNEL32.dll | 1018 | ReleaseMutex | |
| KERNEL32.dll | 448 | GetCurrentDirectoryW | |
| KERNEL32.dll | 159 | CreateMutexW | |
| KERNEL32.dll | 905 | OutputDebugStringA | |
| KERNEL32.dll | 893 | OpenMutexW | |
| KERNEL32.dll | 763 | IsBadWritePtr | |
| KERNEL32.dll | 113 | CopyFileA | |
| KERNEL32.dll | 1053 | SearchPathA | |
| KERNEL32.dll | 855 | MapViewOfFile | |
| KERNEL32.dll | 1243 | UnmapViewOfFile | |
| KERNEL32.dll | 896 | OpenProcess | |
| KERNEL32.dll | 1270 | VirtualQuery | |
| KERNEL32.dll | 1112 | SetEnvironmentVariableA | |
| KERNEL32.dll | 75 | CheckElevationEnabled | |
| KERNEL32.dll | 391 | GetCommandLineA | |
| KERNEL32.dll | 165 | CreateProcessA | |
| KERNEL32.dll | 631 | GetSystemTime | |
| KERNEL32.dll | 935 | QueryPerformanceCounter | |
| KERNEL32.dll | 936 | QueryPerformanceFrequency | |
| KERNEL32.dll | 633 | GetSystemTimeAsFileTime | |
| KERNEL32.dll | 636 | GetSystemWindowsDirectoryW | |
| KERNEL32.dll | 495 | GetFileSize | |
| KERNEL32.dll | 1220 | TerminateProcess | |
| KERNEL32.dll | 1114 | SetErrorMode | |
| KERNEL32.dll | 332 | FindResourceA | |
| KERNEL32.dll | 1204 | SizeofResource | |
| KERNEL32.dll | 834 | LoadResource | |
| KERNEL32.dll | 852 | LockResource | |
| KERNEL32.dll | 212 | DeleteFileA | |
| KERNEL32.dll | 520 | GetLogicalDrives | |
| KERNEL32.dll | 468 | GetDriveTypeW | |
| KERNEL32.dll | 1322 | WriteFile | |
| KERNEL32.dll | 475 | GetEnvironmentStringsW | |
| KERNEL32.dll | 354 | FreeEnvironmentStringsW | |
| KERNEL32.dll | 130 | CreateDirectoryW | |
| KERNEL32.dll | 577 | GetPrivateProfileStringW | |
| KERNEL32.dll | 1328 | WritePrivateProfileStringW | |
| KERNEL32.dll | 960 | ReadFile | |
| KERNEL32.dll | 141 | CreateFileMappingW | |
| KERNEL32.dll | 138 | CreateFileMappingA | |
| KERNEL32.dll | 324 | FindNextFileA | |
| KERNEL32.dll | 623 | GetSystemDirectoryA | |
| KERNEL32.dll | 829 | LoadLibraryA | |
| KERNEL32.dll | 182 | CreateThread | |
| KERNEL32.dll | 1262 | VirtualAlloc | |
| KERNEL32.dll | 1265 | VirtualFree | |
| KERNEL32.dll | 725 | HeapSize | |
| KERNEL32.dll | 728 | HeapValidate | |
| KERNEL32.dll | 608 | GetShortPathNameA | |
| KERNEL32.dll | 526 | GetLongPathNameW | |
| KERNEL32.dll | 783 | IsWow64Process | |
| KERNEL32.dll | 1304 | Wow64DisableWow64FsRedirection | |
| KERNEL32.dll | 1308 | Wow64RevertWow64FsRedirection | |
| KERNEL32.dll | 286 | ExpandEnvironmentStringsW | |
| KERNEL32.dll | 233 | DuplicateHandle | |
| KERNEL32.dll | 344 | FlushFileBuffers | |
| KERNEL32.dll | 532 | GetModuleHandleA | |
| KERNEL32.dll | 1350 | lstrcmpA | |
| KERNEL32.dll | 222 | DeviceIoControl | |
| KERNEL32.dll | 679 | GetVolumeInformationW | |
| KERNEL32.dll | 517 | GetLocaleInfoW | |
| KERNEL32.dll | 1362 | lstrlenA | |
| KERNEL32.dll | 768 | IsDBCSLeadByteEx | |
| KERNEL32.dll | 781 | IsValidLocale | |
| KERNEL32.dll | 1179 | SetThreadPriority | |
| KERNEL32.dll | 453 | GetCurrentThread | |
| KERNEL32.dll | 1180 | SetThreadPriorityBoost | |
| KERNEL32.dll | 118 | CopyFileW | |
| KERNEL32.dll | 215 | DeleteFileW | |
| KERNEL32.dll | 945 | RaiseException | |
| KERNEL32.dll | 1227 | TlsGetValue | |
| KERNEL32.dll | 449 | GetCurrentProcess | |
| KERNEL32.dll | 1363 | lstrlenW | |
| KERNEL32.dll | 1225 | TlsAlloc | |
| KERNEL32.dll | 1228 | TlsSetValue | |
| KERNEL32.dll | 1226 | TlsFree | |
| KERNEL32.dll | 454 | GetCurrentThreadId | |
| KERNEL32.dll | 1136 | SetHandleCount | |
| KERNEL32.dll | 612 | GetStdHandle | |
| KERNEL32.dll | 498 | GetFileType | |
| KERNEL32.dll | 610 | GetStartupInfoA | |
| KERNEL32.dll | 353 | FreeEnvironmentStringsA | |
| KERNEL32.dll | 473 | GetEnvironmentStrings | |
| KERNEL32.dll | 719 | HeapDestroy | |
| KERNEL32.dll | 718 | HeapCreate | |
| KERNEL32.dll | 864 | MoveFileExW | |
| KERNEL32.dll | 1122 | SetFileAttributesW | |
| KERNEL32.dll | 515 | GetLocaleInfoA | |
| KERNEL32.dll | 740 | InitializeCriticalSection | |
| KERNEL32.dll | 830 | LoadLibraryExA | |
| KERNEL32.dll | 617 | GetStringTypeW | |
| KERNEL32.dll | 614 | GetStringTypeA | |
| KERNEL32.dll | 484 | GetFileAttributesA | |
| KERNEL32.dll | 210 | DeleteCriticalSection | |
| KERNEL32.dll | 741 | InitializeCriticalSectionAndSpinCount | |
| KERNEL32.dll | 144 | CreateFileW | |
| KERNEL32.dll | 83 | CloseHandle | |
| KERNEL32.dll | 314 | FindFirstFileW | |
| KERNEL32.dll | 326 | FindNextFileW | |
| KERNEL32.dll | 303 | FindClose | |
| KERNEL32.dll | 826 | LeaveCriticalSection | |
| KERNEL32.dll | 659 | GetTickCount | |
| KERNEL32.dll | 699 | GlobalFree | |
| KERNEL32.dll | 1268 | VirtualProtect | |
| KERNEL32.dll | 624 | GetSystemDirectoryW | |
| KERNEL32.dll | 137 | CreateFileA | |
| KERNEL32.dll | 1205 | Sleep | |
| KERNEL32.dll | 767 | IsDBCSLeadByte | |
| KERNEL32.dll | 667 | GetUserDefaultLCID | |
| KERNEL32.dll | 760 | IsBadReadPtr | |
| KERNEL32.dll | 101 | CompareStringW | |
| KERNEL32.dll | 98 | CompareStringA | |
| KERNEL32.dll | 1351 | lstrcmpW | |
| KERNEL32.dll | 351 | FormatMessageW | |
| KERNEL32.dll | 831 | LoadLibraryExW | |
| KERNEL32.dll | 355 | FreeLibrary | |
| KERNEL32.dll | 814 | LCMapStringW | |
| KERNEL32.dll | 812 | LCMapStringA | |
| KERNEL32.dll | 489 | GetFileAttributesW | |
| KERNEL32.dll | 687 | GetWindowsDirectoryW | |
| KERNEL32.dll | 169 | CreateProcessW | |
| KERNEL32.dll | 1278 | WaitForSingleObject | |
| KERNEL32.dll | 1191 | SetUnhandledExceptionFilter | |
| KERNEL32.dll | 1240 | UnhandledExceptionFilter | |
| KERNEL32.dll | 566 | GetOEMCP | |
| KERNEL32.dll | 480 | GetExitCodeProcess | |
| KERNEL32.dll | 645 | GetTempPathW | |
| KERNEL32.dll | 643 | GetTempFileNameW | |
| KERNEL32.dll | 644 | GetTempPathA | |
| KERNEL32.dll | 642 | GetTempFileNameA | |
| KERNEL32.dll | 100 | CompareStringOrdinal | |
| KERNEL32.dll | 531 | GetModuleFileNameW | |
| KERNEL32.dll | 477 | GetEnvironmentVariableW | |
| KERNEL32.dll | 1113 | SetEnvironmentVariableW | |
| KERNEL32.dll | 121 | CreateActCtxW | |
| KERNEL32.dll | 925 | QueryActCtxW | |
| KERNEL32.dll | 361 | GetACP | |
| KERNEL32.dll | 371 | GetCPInfo | |
| KERNEL32.dll | 1140 | SetLastError | |
| KERNEL32.dll | 513 | GetLastError | |
| KERNEL32.dll | 282 | ExitProcess | |
| KERNEL32.dll | 580 | GetProcAddress | |
| KERNEL32.dll | 832 | LoadLibraryW | |
| KERNEL32.dll | 841 | LocalFree | |
| KERNEL32.dll | 392 | GetCommandLineW | |
| KERNEL32.dll | 450 | GetCurrentProcessId | |
| KERNEL32.dll | 837 | LocalAlloc | |
| KERNEL32.dll | 535 | GetModuleHandleW | |
| KERNEL32.dll | 99 | CompareStringEx | |
| KERNEL32.dll | 811 | LCIDToLocaleName | |
| KERNEL32.dll | 720 | HeapFree | |
| KERNEL32.dll | 871 | MultiByteToWideChar | |
| KERNEL32.dll | 716 | HeapAlloc | |
| KERNEL32.dll | 585 | GetProcessHeap | |
| KERNEL32.dll | 516 | GetLocaleInfoEx | |
| KERNEL32.dll | 813 | LCMapStringEx | |
| KERNEL32.dll | 1302 | WideCharToMultiByte | |
| KERNEL32.dll | 723 | HeapReAlloc | |
| KERNEL32.dll | 322 | FindNLSStringEx | |
| KERNEL32.dll | 770 | IsNLSDefinedString | |
| KERNEL32.dll | 752 | InterlockedIncrement | |
| KERNEL32.dll | 748 | InterlockedDecrement | |
| KERNEL32.dll | 239 | EnterCriticalSection | |
| KERNEL32.dll | 1017 | ReleaseActCtx | |
| ADVAPI32.dll | 116 | ConvertStringSidToSidW | |
| ADVAPI32.dll | 401 | LookupAccountSidW | |
| ADVAPI32.dll | 689 | SetNamedSecurityInfoW | |
| ADVAPI32.dll | 114 | ConvertStringSecurityDescriptorToSecurityDescriptorW | |
| ADVAPI32.dll | 407 | LookupPrivilegeValueW | |
| ADVAPI32.dll | 503 | OpenProcessToken | |
| ADVAPI32.dll | 334 | GetSecurityInfo | |
| ADVAPI32.dll | 303 | GetFileSecurityA | |
| ADVAPI32.dll | 445 | LsaOpenPolicy | |
| ADVAPI32.dll | 678 | SetEntriesInAclW | |
| ADVAPI32.dll | 302 | GetExplicitEntriesFromAclW | |
| ADVAPI32.dll | 413 | LsaClose | |
| ADVAPI32.dll | 410 | LsaAddAccountRights | |
| ADVAPI32.dll | 443 | LsaNtStatusToWinError | |
| ADVAPI32.dll | 322 | GetNamedSecurityInfoW | |
| ADVAPI32.dll | 552 | QueryServiceStatus | |
| MPR.dll | 36 | WNetGetConnectionW | |
| RPCRT4.dll | 139 | NdrAsyncClientCall | |
| RPCRT4.dll | 340 | RpcAsyncCancelCall | |
| RPCRT4.dll | 341 | RpcAsyncCompleteCall | |
| RPCRT4.dll | 45 | I_RpcExceptionFilter | |
| RPCRT4.dll | 343 | RpcAsyncInitializeHandle | |
| RPCRT4.dll | 494 | RpcStringBindingComposeW | |
| RPCRT4.dll | 351 | RpcBindingFromStringBindingW | |
| RPCRT4.dll | 349 | RpcBindingFree | |
| RPCRT4.dll | 366 | RpcBindingSetAuthInfoExW | |
| RPCRT4.dll | 498 | RpcStringFreeW |
| ord | entry_va | function_name | |
|---|---|---|---|
| 1 | 0x590a1 | GetHookAPIs | |
| 2 | 0x59b3a | NotifyShims |
StringTable 040904B0
| CompanyName | Microsoft Corporation |
| FileDescription | Windows Compatibility DLL |
| FileVersion | 6.1.7601.18076 (win7sp1_gdr.130211-1434) |
| InternalName | |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 6.1.7601.18076 |
VS_FIXEDFILEINFO
| FileVersion | 6.1.7601.18076 |
| ProductVersion | 6.1.7601.18076 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 0x40004 |
| FileType | 2 |
| FileSubtype | 0 |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
everything is OK