filename | KillKeys.exe | |
---|---|---|
size | 41472 (0xa200) | |
md5 | dbf1e9343b311f0b12e67d6bf68d6b26 | |
type | PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0x80 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x9000 | 0x129c | |
RESOURCE | 0xd000 | 0x2508 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0 | 0 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0 | 0 | |
Bound_IAT | 0 | 0 | |
IAT | 0x94ac | 0x3f8 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
type | name | size | cp | |
---|---|---|---|---|
ICON | #1 | 5512 | 0 | |
ICON | #2 | 1128 | 0 | |
ICON | #3 | 1128 | 0 | |
GROUP_ICON | APP_ICON | 20 | 0 | |
GROUP_ICON | TRAY_DISABLED | 20 | 0 | |
GROUP_ICON | TRAY_ENABLED | 20 | 0 | |
VERSION | #1 | 580 | 0 | |
MANIFEST | #1 | 504 | 0 |
module_name | hint | ord | function_name |
---|---|---|---|
ADVAPI32.dll | 459 | RegCloseKey | |
ADVAPI32.dll | 466 | RegCreateKeyExW | |
ADVAPI32.dll | 473 | RegDeleteValueW | |
ADVAPI32.dll | 493 | RegOpenKeyExW | |
ADVAPI32.dll | 504 | RegQueryValueExW | |
ADVAPI32.dll | 517 | RegSetValueExW | |
KERNEL32.dll | 54 | CloseHandle | |
KERNEL32.dll | 115 | CreateThread | |
KERNEL32.dll | 134 | DeleteCriticalSection | |
KERNEL32.dll | 157 | EnterCriticalSection | |
KERNEL32.dll | 249 | FormatMessageW | |
KERNEL32.dll | 253 | FreeLibrary | |
KERNEL32.dll | 327 | GetCurrentProcess | |
KERNEL32.dll | 328 | GetCurrentProcessId | |
KERNEL32.dll | 331 | GetCurrentThreadId | |
KERNEL32.dll | 373 | GetLastError | |
KERNEL32.dll | 386 | GetModuleFileNameW | |
KERNEL32.dll | 387 | GetModuleHandleA | |
KERNEL32.dll | 417 | GetPrivateProfileStringW | |
KERNEL32.dll | 420 | GetProcAddress | |
KERNEL32.dll | 443 | GetStartupInfoA | |
KERNEL32.dll | 462 | GetSystemTimeAsFileTime | |
KERNEL32.dll | 483 | GetTickCount | |
KERNEL32.dll | 551 | InitializeCriticalSection | |
KERNEL32.dll | 591 | LeaveCriticalSection | |
KERNEL32.dll | 592 | LoadLibraryA | |
KERNEL32.dll | 598 | LocalAlloc | |
KERNEL32.dll | 602 | LocalFree | |
KERNEL32.dll | 673 | QueryPerformanceCounter | |
KERNEL32.dll | 721 | RtlAddFunctionTable | |
KERNEL32.dll | 722 | RtlCaptureContext | |
KERNEL32.dll | 729 | RtlLookupFunctionEntry | |
KERNEL32.dll | 736 | RtlVirtualUnwind | |
KERNEL32.dll | 850 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 862 | Sleep | |
KERNEL32.dll | 870 | TerminateProcess | |
KERNEL32.dll | 877 | TlsGetValue | |
KERNEL32.dll | 886 | UnhandledExceptionFilter | |
KERNEL32.dll | 910 | VirtualProtect | |
KERNEL32.dll | 912 | VirtualQuery | |
msvcrt.dll | 96 | _wcsicmp | |
msvcrt.dll | 78 | __dllonexit | |
msvcrt.dll | 81 | __getmainargs | |
msvcrt.dll | 82 | __initenv | |
msvcrt.dll | 83 | __iob_func | |
msvcrt.dll | 90 | __lconv_init | |
msvcrt.dll | 96 | __set_app_type | |
msvcrt.dll | 98 | __setusermatherr | |
msvcrt.dll | 114 | _acmdln | |
msvcrt.dll | 121 | _amsg_exit | |
msvcrt.dll | 139 | _cexit | |
msvcrt.dll | 231 | _fmode | |
msvcrt.dll | 297 | _initterm | |
msvcrt.dll | 400 | _lock | |
msvcrt.dll | 564 | _onexit | |
msvcrt.dll | 732 | _unlock | |
msvcrt.dll | 920 | _wtoi | |
msvcrt.dll | 932 | abort | |
msvcrt.dll | 946 | calloc | |
msvcrt.dll | 956 | exit | |
msvcrt.dll | 971 | fprintf | |
msvcrt.dll | 978 | free | |
msvcrt.dll | 989 | fwrite | |
msvcrt.dll | 1034 | malloc | |
msvcrt.dll | 1042 | memcpy | |
msvcrt.dll | 1062 | realloc | |
msvcrt.dll | 1072 | signal | |
msvcrt.dll | 1084 | strcmp | |
msvcrt.dll | 1092 | strlen | |
msvcrt.dll | 1095 | strncmp | |
msvcrt.dll | 1109 | swprintf | |
msvcrt.dll | 1111 | swscanf | |
msvcrt.dll | 1127 | vfprintf | |
msvcrt.dll | 1140 | wcscat | |
msvcrt.dll | 1143 | wcscmp | |
msvcrt.dll | 1149 | wcslen | |
msvcrt.dll | 1153 | wcsncpy | |
SHELL32.dll | 267 | ShellExecuteW | |
SHELL32.dll | 276 | Shell_NotifyIconW | |
SHLWAPI.dll | 114 | PathRemoveFileSpecW | |
USER32.dll | 26 | CallNextHookEx | |
USER32.dll | 66 | CloseClipboard | |
USER32.dll | 95 | CreatePopupMenu | |
USER32.dll | 98 | CreateWindowExW | |
USER32.dll | 144 | DefWindowProcW | |
USER32.dll | 152 | DestroyMenu | |
USER32.dll | 154 | DestroyWindow | |
USER32.dll | 163 | DispatchMessageW | |
USER32.dll | 194 | EmptyClipboard | |
USER32.dll | 211 | EnumDisplayMonitors | |
USER32.dll | 231 | FindWindowW | |
USER32.dll | 256 | GetClassNameW | |
USER32.dll | 270 | GetCursorPos | |
USER32.dll | 282 | GetForegroundWindow | |
USER32.dll | 321 | GetMessageW | |
USER32.dll | 372 | GetWindowLongPtrW | |
USER32.dll | 378 | GetWindowRect | |
USER32.dll | 405 | InsertMenuW | |
USER32.dll | 455 | LoadImageW | |
USER32.dll | 492 | MessageBoxW | |
USER32.dll | 508 | OpenClipboard | |
USER32.dll | 521 | PostMessageW | |
USER32.dll | 522 | PostQuitMessage | |
USER32.dll | 542 | RegisterClassExW | |
USER32.dll | 560 | RegisterWindowMessageW | |
USER32.dll | 584 | SendMessageW | |
USER32.dll | 596 | SetClipboardData | |
USER32.dll | 606 | SetDlgItemTextW | |
USER32.dll | 609 | SetForegroundWindow | |
USER32.dll | 663 | SetWindowsHookExW | |
USER32.dll | 688 | TrackPopupMenu | |
USER32.dll | 694 | TranslateMessage | |
USER32.dll | 698 | UnhookWindowsHookEx | |
WININET.dll | 88 | HttpQueryInfoW | |
WININET.dll | 105 | InternetCloseHandle | |
WININET.dll | 128 | InternetGetConnectedState | |
WININET.dll | 148 | InternetOpenUrlW | |
WININET.dll | 149 | InternetOpenW | |
WININET.dll | 154 | InternetReadFile |
StringTable 040904b0
FileDescription | KillKeys |
FileVersion | 1.2 |
InternalName | killkeys |
OriginalFilename | KillKeys.exe |
CompanyName | Stefan Sundin |
LegalCopyright | © Stefan Sundin 2010 |
VS_FIXEDFILEINFO
FileVersion | 1.2.0.0 |
ProductVersion | 1.2.0.0 |
StrucVersion | 0x10000 |
FileFlagsMask | 0x3f |
FileFlags | 0 |
FileOS | 0x40004 |
FileType | 1 |
FileSubtype | 0 |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
everything is OK