Static | ZeroBOX

PE Compile Time

2017-12-28 02:19:31

PE Imphash

a89655faa2b6840e801be1e1c779fc67

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x00041220 0x00041400 6.43097949877
.itext 0x00043000 0x00001e7c 0x00002000 5.20593097463
.data 0x00045000 0x00001278 0x00001400 3.2460815303
.bss 0x00047000 0x00004fc0 0x00000000 0.0
.idata 0x0004c000 0x000012f8 0x00001400 4.88809264311
.tls 0x0004e000 0x00000010 0x00000000 0.0
.rdata 0x0004f000 0x00000018 0x00000200 0.20058190744
.reloc 0x00050000 0x00005efc 0x00006000 6.65571575134
.rsrc 0x00056000 0x00119000 0x00118600 6.51472021305

Resources

Name Offset Size Language Sub-language File type
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_STRING 0x00057a94 0x000002a4 LANG_NEUTRAL SUBLANG_NEUTRAL data
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_RCDATA 0x00164dc8 0x00009200 LANG_NEUTRAL SUBLANG_NEUTRAL PE32+ executable (DLL) (console) x86-64, for MS Windows
RT_VERSION 0x0016dfc8 0x00000380 LANG_ENGLISH SUBLANG_ENGLISH_US data
RT_MANIFEST 0x0016e348 0x00000165 LANG_ENGLISH SUBLANG_ENGLISH_US ASCII text, with CRLF line terminators

Imports

Library oleaut32.dll:
0x44c3e8 SysFreeString
0x44c3ec SysReAllocStringLen
0x44c3f0 SysAllocStringLen
Library advapi32.dll:
0x44c3f8 RegQueryValueExW
0x44c3fc RegOpenKeyExW
0x44c400 RegCloseKey
Library user32.dll:
0x44c408 LoadStringW
0x44c40c MessageBoxA
0x44c410 CharNextW
Library kernel32.dll:
0x44c418 lstrcmpiA
0x44c41c LoadLibraryA
0x44c420 LocalFree
0x44c424 LocalAlloc
0x44c428 GetACP
0x44c42c Sleep
0x44c430 VirtualFree
0x44c434 VirtualAlloc
0x44c438 GetSystemInfo
0x44c43c GetTickCount
0x44c444 GetVersion
0x44c448 GetCurrentThreadId
0x44c44c VirtualQuery
0x44c450 WideCharToMultiByte
0x44c454 MultiByteToWideChar
0x44c458 lstrlenW
0x44c45c lstrcpynW
0x44c460 LoadLibraryExW
0x44c464 IsValidLocale
0x44c46c GetStartupInfoA
0x44c470 GetProcAddress
0x44c474 GetModuleHandleW
0x44c478 GetModuleFileNameW
0x44c480 GetLocaleInfoW
0x44c484 GetLastError
0x44c488 GetCommandLineW
0x44c48c FreeLibrary
0x44c490 FindFirstFileW
0x44c494 FindClose
0x44c498 ExitProcess
0x44c49c CompareStringW
0x44c4a0 WriteFile
0x44c4a8 SetFilePointer
0x44c4ac SetEndOfFile
0x44c4b0 RtlUnwind
0x44c4b4 ReadFile
0x44c4b8 RaiseException
0x44c4bc GetStdHandle
0x44c4c0 GetFileSize
0x44c4c4 GetFileType
0x44c4d8 CreateFileW
0x44c4dc CloseHandle
Library kernel32.dll:
0x44c4e4 TlsSetValue
0x44c4e8 TlsGetValue
0x44c4ec LocalAlloc
0x44c4f0 GetModuleHandleW
Library user32.dll:
0x44c4f8 MessageBoxW
0x44c4fc LoadStringW
0x44c500 GetSystemMetrics
0x44c504 CharUpperBuffW
0x44c508 CharNextW
Library kernel32.dll:
0x44c510 WriteFile
0x44c514 WideCharToMultiByte
0x44c518 WaitForSingleObject
0x44c51c VirtualQueryEx
0x44c520 VirtualQuery
0x44c524 VirtualFree
0x44c528 TerminateProcess
0x44c52c Sleep
0x44c530 SizeofResource
0x44c534 SignalObjectAndWait
0x44c538 SetFilePointer
0x44c53c SetEvent
0x44c540 SetEndOfFile
0x44c544 ResetEvent
0x44c548 RemoveDirectoryW
0x44c54c ReadFile
0x44c550 OpenProcess
0x44c554 MultiByteToWideChar
0x44c558 LockResource
0x44c55c LoadResource
0x44c560 LoadLibraryExW
0x44c56c GetVersionExW
0x44c570 GetThreadLocale
0x44c574 GetNativeSystemInfo
0x44c578 GetStdHandle
0x44c57c GetProcAddress
0x44c580 GetModuleHandleW
0x44c584 GetModuleFileNameW
0x44c588 GetLocaleInfoW
0x44c58c GetLocalTime
0x44c590 GetLastError
0x44c594 GetFullPathNameW
0x44c598 GetFileAttributesW
0x44c59c GetDiskFreeSpaceW
0x44c5a0 GetDateFormatW
0x44c5a4 GetCurrentThreadId
0x44c5a8 GetCurrentProcess
0x44c5ac GetCPInfo
0x44c5b0 FreeResource
0x44c5b4 InterlockedExchange
0x44c5bc FreeLibrary
0x44c5c0 FormatMessageW
0x44c5c4 FindResourceW
0x44c5c8 FindFirstFileW
0x44c5cc FindClose
0x44c5d4 EnumCalendarInfoW
0x44c5dc DeleteFileW
0x44c5e4 CreateProcessW
0x44c5e8 CreateFileW
0x44c5ec CreateEventW
0x44c5f0 CreateDirectoryW
0x44c5f4 CompareStringW
0x44c5f8 CloseHandle
Library advapi32.dll:
0x44c600 RegUnLoadKeyW
0x44c604 RegSetValueExW
0x44c608 RegSaveKeyW
0x44c60c RegRestoreKeyW
0x44c610 RegReplaceKeyW
0x44c614 RegQueryValueExW
0x44c618 RegQueryInfoKeyW
0x44c61c RegOpenKeyExW
0x44c620 RegLoadKeyW
0x44c624 RegFlushKey
0x44c628 RegEnumValueW
0x44c62c RegEnumKeyExW
0x44c630 RegDeleteValueW
0x44c634 RegDeleteKeyW
0x44c638 RegCreateKeyExW
0x44c63c RegConnectRegistryW
0x44c640 RegCloseKey
0x44c644 OpenProcessToken
Library kernel32.dll:
0x44c654 Sleep
Library oleaut32.dll:
0x44c65c SafeArrayPtrOfIndex
0x44c660 SafeArrayGetUBound
0x44c664 SafeArrayGetLBound
0x44c668 SafeArrayCreate
0x44c66c VariantChangeType
0x44c670 VariantCopy
0x44c674 VariantClear
0x44c678 VariantInit
Library advapi32.dll:
0x44c680 StartServiceW
0x44c684 QueryServiceConfigW
0x44c688 OpenServiceW
0x44c68c OpenSCManagerW
0x44c690 CloseServiceHandle
Library wininet.dll:
0x44c69c InternetReadFile
0x44c6a0 InternetOpenUrlW
0x44c6a4 InternetOpenW
0x44c6a8 InternetCloseHandle
Library advapi32.dll:

This program must be run under Win32
`.itext
`.data
.idata
.rdata
@.reloc
B.rsrc
Boolean
System
AnsiChar
ShortInt
SmallInt
Integer
Pointer
Cardinal
UInt64
Single
Extended
Double
Currency
ShortString
PAnsiChar0
PWideCharL
WordBool
System
string
WideString
AnsiString
Variant
TClass
HRESULT
PInterfaceEntry
TInterfaceEntry
VTable
IOffset
ImplGetter
PInterfaceTable
TInterfaceTable
EntryCount
Entries
TMethod
TObject&
Create
InitInstance
Instance
CleanupInstance
ClassType
ClassName
ClassNameIs
ClassParent
ClassInfo
InstanceSize
InheritsFrom
AClass
MethodAddress
MethodAddress
MethodName
Address
FieldAddress
FieldAddress
GetInterface
GetInterfaceEntry
GetInterfaceTable
UnitName
Equals
GetHashCode
ToString
SafeCallException
ExceptObject
ExceptAddr
AfterConstruction
BeforeDestruction
Dispatch
Message
DefaultHandler
Message
NewInstance
FreeInstance
Destroy
TObjectd
System
IInterface
System
FRefCount
TInterfacedObject1
AfterConstruction
BeforeDestruction
NewInstance
TInterfacedObject
System
RefCount
PShortString
TDateTime
TVarArrayBound
ElementCount
LowBound
TVarArrayBoundArray
PVarArray
TVarArray
DimCount
ElementSize
LockCount
Bounds
TVarData
Reserved1
Reserved2
Reserved3
VSmallInt
VInteger
VSingle
VDouble
VCurrency
VOleStr
VDispatch
VError
VBoolean
VUnknown
VShortInt
VLongWord
VInt64
VUInt64
VString
VArray
VPointer
VUString
VLongs
VWords
VBytes
RawData
TTypeTable
PTypeTable
PPackageTypeInfo
TPackageTypeInfo
TypeCount
TypeTable
UnitCount
UnitNames
PLibModule
TLibModule
Instance
CodeInstance
DataInstance
ResInstance
TypeInfo
Reserved
PResStringRech#@
TResStringRec
Module
Identifier
FastMM Borland Edition (c) 2004 - 2008 Pierre le Riche / Professional Software Development
An unexpected memory leak has occurred.
The unexpected small block leaks are:
The sizes of unexpected leaked medium and large blocks are:
bytes:
Unknown
AnsiString
UnicodeString
Unexpected Memory Leak
Ht Ht.
~]x[[)
YZXtm1
ZTUWVSPR
_^[YY]
XZ_^[X]X
zh-TW,zh-Hant,zh
es-ES_tradnl
nb-NO,nb,no
tg-Cyrl-TJ
az-Latn-AZ
uz-Latn-UZ
mn-MN,mn-Cyrl,mn
iu-Cans-CA
ha-Latn-NG
qps-ploc,en
qps-ploca,ja
zh-CN,zh-Hans,zh
nn-NO,nn,no
sr-Latn-CS
az-Cyrl-AZ
dsb-DE,dsb,hsb
uz-Cyrl-UZ
mn-Mong-CN
iu-Latn-CA
tzm-Latn-DZ
qps-plocm,ar
zh-HK,zh-Hant,zh
sr-Cyrl-CS
zh-SG,zh-Hans,zh
smj-NO,smj,se
zh-MO,zh-Hant,zh
bs-Latn-BA
smj-SE,smj,se
sr-Latn-BA
sma-NO,sma,se
sr-Cyrl-BA
sma-SE,sma,se
bs-Cyrl-BA
sms-FI,sms,se
sr-Latn-RS
smn-FI,smn,se
sr-Cyrl-RS
sr-Latn-ME
sr-Cyrl-ME
GetThreadPreferredUILanguages
SetThreadPreferredUILanguages
GetThreadUILanguage
0123456789ABCDEF
QQQQSV
,tfBHu
GetLongPathNameW
_^[YY]
_^[YY]
_^[YY]
PListEntryL
_LIST_ENTRY
PRTLCriticalSection
PRTLCriticalSectionDebug
_RTL_CRITICAL_SECTION_DEBUG
Type_18
CreatorBackTraceIndex
CriticalSection
ProcessLocksList
EntryCount
ContentionCount
_RTL_CRITICAL_SECTION
DebugInfo
LockCount
RecursionCount
OwningThread
LockSemaphore
Reserved
_FILETIME
dwLowDateTime
dwHighDateTime
TBytes
SysUtils
PExceptionRecord
TExceptionRecordP
ExceptionCode
ExceptionFlags
ExceptionRecord
ExceptionAddress
NumberParameters
ExceptionInformation
ExceptAddr
ExceptObject
FMessage
FHelpContext
FInnerException
FStackInfo
FAcquireInnerException
Exception3
Create
CreateFmt8
CreateRes
CreateRes
ResStringRec
CreateResFmt
CreateResFmtM
CreateHelp
AHelpContext
CreateFmtHelpR
CreateResHelp
AHelpContext
CreateResHelp
ResStringRec
AHelpContext
CreateResFmtHelp
CreateResFmtHelp'
Destroy
GetBaseException
ToString
RaiseOuterException
ThrowOuterException
Exception$
SysUtils
BaseException
HelpContext`
InnerException
Message
StackTrace
StackInfo
AllowFree
EHeapException,
FreeInstance
EHeapException
SysUtils
EOutOfMemory
EOutOfMemory
SysUtils
ErrorCode
EInOutError
EInOutError|
SysUtils
ExceptionRecord
EExternal
EExternal4
SysUtils
EExternalException
EExternalException
SysUtils
EIntError
EIntError
SysUtils
EDivByZero
EDivByZero(
SysUtils
ERangeError
ERangeError
SysUtils
EIntOverflow
EIntOverflowX
SysUtils
EMathError
EMathError
SysUtils
EInvalidOp
EInvalidOp
SysUtils
EZeroDivide<
EZeroDivide$
SysUtils
EOverflow
EOverflow
SysUtils
EUnderflow
EUnderflowP
SysUtils
EInvalidPointer
EInvalidPointer
SysUtils
EInvalidCast
EInvalidCast
SysUtils
EConvertError
EConvertError$
SysUtils
EAccessViolation
EAccessViolation
SysUtils
EPrivilege
EPrivileged
SysUtils
EStackOverflow
EStackOverflow
SysUtils
EControlC
EControlC
SysUtils
EVariantError
EVariantError0
SysUtils
EAssertionFailed
EAssertionFailed
SysUtils
EAbstractError
EAbstractErrorp
SysUtils
EIntfCastError
EIntfCastError
SysUtils
ErrorCode
EOSError
EOSError
SysUtils
ESafecallException
ESafecallException`
SysUtils
EMonitor
EMonitor
SysUtils
EMonitorLockException
EMonitorLockException
SysUtils
ENoMonitorSupportException
ENoMonitorSupportExceptionH
SysUtils
SysUtils
SysUtils
PThreadInfo
TThreadInfo
ThreadID
Active
RecursionCount
FHashTable
TThreadLocalCounter'
Destroy
Thread
Delete
Thread
Thread
TThreadLocalCounter
SysUtils
FSentinel
FReadSignal
FWriteSignal
FWaitRecycle
FWriteRecursionCount
FWriterID
FRevisionLevel
$TMultiReadExclusiveWriteSynchronizer&
Create
Destroy
BeginRead
EndRead
BeginWrite
EndWrite
$TMultiReadExclusiveWriteSynchronizer
SysUtils
RevisionLevel
TCharArray
SysUtilsL
EEncodingError
EEncodingError
SysUtils
FIsSingleByte
FMaxCharSize
TEncodingf
Convert
Source
Destination
Convert
Source
Destination
StartIndex
FreeEncodings
IsStandardEncoding
AEncoding
GetBufferEncoding
Buffer
AEncoding
GetByteCount
GetByteCount
CharIndex
CharCount
GetByteCount
GetByteCount
CharIndex
CharCount
GetBytes
GetBytes
CharIndex
CharCount
ByteIndex
GetBytes
GetBytes
CharIndex
CharCount
ByteIndex
GetCharCount
GetCharCount
ByteIndex
ByteCount
GetChars
GetChars
ByteIndex
ByteCount
GetChars
ByteIndex
ByteCount
CharIndex
GetEncoding
CodePage
GetMaxByteCount
CharCount
GetMaxCharCount
ByteCount
GetPreamble
GetString
GetString
ByteIndex
ByteCount
TEncoding
SysUtils
IsSingleByte
FCodePage
FMBToWCharFlags
FWCharToMBFlags
TMBCSEncoding&
Create
Create
CodePage
Create
CodePage
MBToWCharFlags
WCharToMBFlags
GetMaxByteCount
CharCount
GetMaxCharCount
ByteCount
GetPreamble
TMBCSEncoding<
SysUtils
TUTF7Encoding&
Create
GetMaxByteCount
CharCount
GetMaxCharCount
ByteCount
TUTF7Encoding
SysUtils
TUTF8Encoding&
Create
GetMaxByteCount
CharCount
GetMaxCharCount
ByteCount
GetPreamble
TUTF8Encoding
SysUtils
TUnicodeEncoding&
Create
GetMaxByteCount
CharCount
GetMaxCharCount
ByteCount
GetPreamble
TUnicodeEncoding@
SysUtils
TBigEndianUnicodeEncoding6
GetPreamble
TBigEndianUnicodeEncoding
SysUtils
.uvCOu
_^[YY]
TStrData
_^[YY]
$Z]_^[
_^[YY]
_^[YY]
<@t!QS<$t
$*@@@*$@@@$ *@@* $@@($*)@-$*@@$-*@@$*-@@(*$)@-*$@@*-$@@*$-@@-* $@-$ *@* $-@$ *-@$ -*@*- $@($ *)(* $)
_^[YY]
t%HtIHtm
_^[YY]
$Z]_^[
_^[YY]
QQQQQQSVW3
QQQQQQSVW
SysUtils0
_^[YY]
_^[YY]
_^[YY]
_^[YY]
TErrorRec
TExceptType
etDivByZero
etRangeError
etIntOverflow
etInvalidOp
etZeroDivide
etOverflow
etUnderflow
etInvalidCast
etAccessViolation
etPrivilege
etControlC
etStackOverflow
etVariantError
etAssertionFailed
etExternalException
etIntfCastError
etSafeCallException
etMonitorLockException
etNoMonitorSupportException
SysUtils
TExceptRec
EClass
EIdent
_^[YY]
PUnitHashEntryXWA
TUnitHashEntry
LibModule
UnitName
DupsAllowed
FullHash
TUnitHashArray
SysUtilsXWA
TModuleInfo
Validated
UnitHashArray
(Z]_^[
YZ]_^[
QQQQQSVW
TLanguageArray
SysUtils
VariantChangeTypeEx
VarNeg
VarNot
VarAdd
VarSub
VarMul
VarDiv
VarIdiv
VarMod
VarAnd
VarXor
VarCmp
VarI4FromStr
VarR4FromStr
VarR8FromStr
VarDateFromStr
VarCyFromStr
VarBoolFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
TVarCompareResult
crLessThan
crEqual
crGreaterThan
Variants
FVarType
TCustomVariantType&
Create
Create
RequestedVarType
Destroy
IsClear
Source
CastTo
Source
AVarType
CastToOle
Source
Source
Indirect
BinaryOp
Operator
UnaryOp
Operator
CompareOp
Operator
Compare
Relationship
TCustomVariantTypeH
Variants
VarType
EVariantInvalidOpError
EVariantInvalidOpErrorX
Variants
EVariantTypeCastError
EVariantTypeCastError
Variants
EVariantOverflowError
EVariantOverflowError
Variants
EVariantInvalidArgError
EVariantInvalidArgError`
Variants
EVariantBadVarTypeError4
EVariantBadVarTypeError
Variants
EVariantBadIndexError
EVariantBadIndexError
Variants
EVariantArrayLockedError
EVariantArrayLockedErrorl
Variants
EVariantArrayCreateError
EVariantArrayCreateError
Variants
EVariantNotImplError
EVariantNotImplError
Variants
EVariantOutOfMemoryError
EVariantOutOfMemoryError
Variants
EVariantUnexpectedErrorX
EVariantUnexpectedError4
Variants
EVariantDispatchError
EVariantDispatchError
Variants
EVariantInvalidNullOpError
EVariantInvalidNullOpError
Variants
_^[YY]
_^[YY]
_^[YY]
_^[YY]
_^[YY]
QQQQSV
Variants
TTypeKind
tkUnknown
tkInteger
tkChar
tkEnumeration
tkFloat
tkString
tkClass
tkMethod
tkWChar
tkLString
tkWString
tkVariant
tkArray
tkRecord
tkInterface
tkInt64
tkDynArray
tkUString
tkClassRef
tkPointer
tkProcedure
TypInfo
PPTypeInfo
PTypeInfo
TTypeInfo
PPropInfo\
TPropInfo
PropType
GetProc
SetProc
StoredProc
Default
NameIndex
_^[YY]
_^[YY]
TSeekOrigin
soBeginning
soCurrent
Classes
TNotifyEvent
Sender
TObject
Sender
EStreamError
EStreamError
Classes
EFileStreamErrorN
Create
ResStringRec
FileName
EFileStreamErrord
Classes
EFCreateError
EFCreateError`
Classes
EFOpenError
EFOpenError
Classes
EFilerError
EFilerError
Classes
EReadError
EReadError,
Classes
EWriteError
EWriteError
Classes
EClassNotFound
EClassNotFoundXB
Classes
EInvalidImage
EInvalidImage
Classes
EResNotFound
EResNotFound
Classes
EListError
EListError,!B
Classes
EStringListError
EStringListError
Classes
EComponentError
EComponentErrord"B
Classes
TDuplicates
dupIgnore
dupAccept
dupError
Classes
PPointerList
TPointerList
TListSortCompare
TListSortCompareFunc
Classes
TListAssignOp
laCopy
laSrcUnique
laDestUnique
Classes
FIndex
TListEnumerator5
Create
GetCurrent
MoveNext
TListEnumeratorh$B
Classes
Current
TList.TDirection
FromBeginning
FromEnd
Classes
FCount
FCapacity
TList'
Destroy
Delete
Exchange
Index1
Index2
Expand
Extract
ExtractItem
Direction
GetEnumerator
IndexOf
IndexOfItem
Direction
Insert
CurIndex
NewIndex
Remove
RemoveItem
Direction
Compare
SortList
Compare
Assign
AOperator
TList<&B
Classes
Capacity
FDuplicates
TThreadList&
Create
Destroy
LockList
Remove
RemoveItem
Direction
UnlockList
TThreadListP-B
Classes
Duplicates
TPersistent'
Destroy
Assign
Source
GetNamePath
TPersistent
Classes
TPersistentClass
FCollection
TCollectionItem:
Create
Collection
Destroy
GetNamePath
TCollectionItem
Classes
Collection
DisplayName
TCollectionItemClass
FIndex
FCollection
TCollectionEnumerator;
Create
ACollection
GetCurrent
MoveNext
TCollectionEnumerator
Classes
Current
FItemClass
FItems
FUpdateCount
FNextID
FPropName
TCollection9
Create
ItemClass
Destroy
Assign
Source
BeginUpdate
Delete
EndUpdate
FindItemID
GetEnumerator
GetNamePath
Insert
TCollection
Classes
Capacity
Countt3B
ItemClass
IStringsAdapter
Classes
sdDelimiter
sdQuoteChar
sdNameValueSeparator
sdLineBreak
sdStrictDelimiter
Classes
TStringsDefined
FIndex
FStrings
TStringsEnumerator8
Create
AStrings
GetCurrent
MoveNext
TStringsEnumerator
Classes
Current
FDefined
FDelimiter
FLineBreak
FQuoteChar
FNameValueSeparator
FStrictDelimiter
FUpdateCount
FAdapter
TStrings'
Destroy
AddObject
AObject
Append
AddStrings
Strings
Assign
Source
BeginUpdate
Delete
EndUpdate
Equals
Strings
Exchange
Index1
Index2
GetEnumerator
GetText
IndexOf
IndexOfName
IndexOfObject
AObject
Insert
InsertObject
AObject
LoadFromFile
FileName
LoadFromFile
FileName
Encoding
LoadFromStream
Stream
LoadFromStream
Stream
Encoding
CurIndex
NewIndex
SaveToFile
FileName
SaveToFile
FileName
Encoding
SaveToStream
Stream
SaveToStream
Stream
Encoding
SetText
TStrings
Classes
Capacity
CommaText
CountL
Delimiter
DelimitedText
LineBreakL
QuoteCharL
NameValueSeparator
StrictDelimiter
StringsAdapter
TStringItem
FString
FObject
PStringItemList4HB
TStringItemList
TStringListSortCompare"
Index1
Index2
FCount
FCapacity
FSorted
FDuplicates
FCaseSensitive
FOnChange
FOnChanging
FOwnsObject
TStringList&
Create
Create
OwnsObjects
Destroy
AddObject
AObject
Delete
Exchange
Index1
Index2
IndexOf
Insert
InsertObject
AObject
CustomSort
Compare
TStringList
Classes
Duplicates
Sorted
CaseSensitive,
OnChange,
OnChanging
OwnsObjects
TStreamC
Buffer
Buffer
Offset
Origin
Offset
Origin
ReadBuffer
Buffer
WriteBuffer
Buffer
CopyFrom
Source
ReadComponent
Instance
ReadComponentRes
Instance
WriteComponent
Instance
WriteComponentRes
ResName
Instance
WriteDescendent
Instance
Ancestor
WriteDescendentRes
ResName
Instance
Ancestor
WriteResourceHeader
ResName
FixupInfo
FixupResourceHeader
FixupInfo
ReadResHeader
TStream
Classes
Position
FHandle
THandleStream7
Create
AHandle
Buffer
Buffer
Offset
Origin
THandleStream
Classes
Handle
FFileName
TFileStreamG
Create
AFileName
Create
AFileName
Rights
Destroy
TFileStream
Classes
FileName
FMemory
FPosition
TCustomMemoryStreamC
Buffer
Offset
Origin
SaveToStream
Stream
SaveToFile
FileName
TCustomMemoryStream
Classes
Memory
FCapacity
TMemoryStream'
Destroy
LoadFromStream
Stream
LoadFromFile
FileName
SetSize
NewSize
Buffer
TMemoryStream
Classes
HResInfo
HGlobal
TResourceStreamZ
Create
Instance
ResName
ResType
CreateFromID
Instance
ResType
Destroy
Buffer
TResourceStream
Classes
TGetClass
AClass
TPersistentClass
AClass
FGroups
TClassFinderT
Create
AClass
AIncludeActiveGroups
Destroy
GetClass
AClassName
GetClasses
TClassFinder
Classes
TValueType
vaNull
vaList
vaInt8
vaInt16
vaInt32
vaExtended
vaString
vaIdent
vaFalse
vaTrue
vaBinary
vaLString
vaCollection
vaSingle
vaCurrency
vaDate
vaWString
vaInt64
vaUTF8String
vaDouble
Classes
TFilerFlag
ffInherited
ffChildPos
ffInline
Classes
TFilerFlags
TReaderProc
Reader
TReader
Reader
TWriterProc
Writer
TWriter
Writer
TStreamProc
Stream
TStream
Stream
FStream
FBuffer
FBufSize
FBufPos
FBufEnd
FLookupRoot
FAncestor
FIgnoreChildren
TFilerG
Create
Stream
BufSize
Destroy
DefineProperty
ReadData
WriteData
HasData
DefineBinaryProperty
ReadData
WriteData
HasData
FlushBuffer
TFilerhdB
Classes
LookupRoot
Ancestor
IgnoreChildren
TComponentClass|
TFindMethodEvent
Reader
TReader
MethodName
string
Address
Pointer
Boolean
Reader
MethodName
Address
TSetNameEvent
Reader
TReader
Component
TComponent
string
Reader
Component
TReferenceNameEvent
Reader
TReader
string
Reader
TAncestorNotFoundEvent
Reader
TReader
ComponentName
string
ComponentClass
TPersistentClass
Component
TComponent
Reader
ComponentName
ComponentClass
Component
TReadComponentsProc
Component
TComponent
Component
TReaderError
Reader
TReader
Message
string
Handled
Boolean
Reader
Message
Handled
TFindComponentClassEvent
Reader
TReader
ClassName
string
ComponentClass
TComponentClass
Reader
ClassName
ComponentClass
TCreateComponentEvent
Reader
TReader
ComponentClass
TComponentClass
Component
TComponent
Reader
ComponentClass
Component
TFindMethodInstanceEvent
Reader
TReader
MethodName
string
AMethod
TMethod
Boolean
Reader
MethodName
AMethod
TFindComponentInstanceEvent
Reader
TReader
string
Instance
Pointer
Reader
Instance
FOwner
FParent
FFixups
FLoaded
FOnFindMethod
FOnFindMethodInstance
FOnSetName
FOnReferenceName
FOnAncestorNotFound
FOnError
FOnFindComponentClass
FOnCreateComponent
FOnFindComponentInstance
FPropName
FFinder
FCanHandleExcepts
TReader'
Destroy
BeginReferences
CheckValue
DefineProperty
ReadData
WriteData
HasData
DefineBinaryProperty
ReadData
WriteData
HasData
EndOfList
EndReferences
FixupReferences
FlushBuffer
NextValue
ReadBoolean
ReadChar
ReadWideChar
ReadCollection
Collection
ReadComponent
Component
ReadComponents
AOwner
AParent
ReadFloat
ReadSingle
ReadDouble
ReadCurrency
ReadDate
ReadIdent
ReadInteger
ReadInt64
ReadListBegin
ReadListEnd
ReadPrefix
AChildPos
ReadRootComponent
ReadSignature
ReadStr
ReadString
ReadWideString
ReadValue
ReadVariant
CopyValue
Writer
SkipValue
TReader
Classes
Owner|
Parent
Position
OnError
OnFindMethod
OnFindMethodInstance
OnSetName<iB
OnReferenceName
OnAncestorNotFound
OnCreateComponenthkB
OnFindComponentClass
OnFindComponentInstance
TFindAncestorEvent
Writer
TWriter
Component
TComponent
string
Ancestor
TComponent
RootAncestor
TComponent
Writer
Component
Ancestor
RootAncestor
TFindMethodNameEvent
Writer
TWriter
AMethod
TMethod
MethodName
string
Writer
AMethod
MethodName
FRootAncestor
FPropPath
FAncestorList
FAncestorPos
FChildPos
FOnFindAncestor
FOnFindMethodName
FUseQualifiedNames
TWriter'
Destroy
DefineProperty
ReadData
WriteData
HasData
DefineBinaryProperty
ReadData
WriteData
HasData
FlushBuffer
WriteBoolean
WriteCollection
WriteComponent
Component
WriteChar
WriteWideChar
WriteDescendent
AAncestor
WriteFloat
WriteSingle
WriteDouble
WriteCurrency
WriteDate
WriteIdent
WriteInteger
WriteInteger
WriteListBegin
WriteListEnd
WriteRootComponent
WriteSignature
WriteStr
WriteUTF8Str
WriteString
WriteWideString
WriteVariant
TWriter
Classes
Position|
RootAncestor
OnFindAncestor
OnFindMethodName
UseQualifiedNames
FIndex
FComponent
TComponentEnumerator:
Create
AComponent
GetCurrent
MoveNext
TComponentEnumerator
Classes
Current
TOperation
opInsert
opRemove
Classes
csLoading
csReading
csWriting
csDestroying
csDesigning
csAncestor
csUpdating
csFixups
csFreeNotification
csInline
csDesignInstance
Classes
TComponentState
csInheritable
csCheckPropAvail
csSubComponent
csTransient
Classes
TComponentStyle
TComponentName
FOwner
FComponents
FFreeNotifies
FDesignInfo
FComponentState
FVCLComObject
FComponentStyle
FSortedComponents
TComponent6
Create
AOwner
Destroy
BeforeDestruction
DestroyComponents
Destroying
ExecuteAction
Action
FindComponent
FreeNotification
AComponent
RemoveFreeNotification
AComponent
FreeOnRelease
GetEnumerator
GetParentComponent
GetNamePath
HasParent
InsertComponent
AComponent
RemoveComponent
AComponent
SetSubComponent
IsSubComponent
SafeCallException
ExceptObject
ExceptAddr
UpdateAction
Action
IsImplementorOf
ReferenceInterface
Operation
TComponentl
Classes
ComObject
ComponentCount
ComponentIndex
ComponentState8
ComponentStyle
DesignInfo|
VCLComObject
FOnChange
FAction
TBasicActionLink7
Create
AClient
Destroy
Execute
AComponent
Update
TBasicActionLink
Classes
Action,
OnChange
FActionComponent
FOnChange
FOnExecute
FOnUpdate
FClients
TBasicAction6
Create
AOwner
Destroy
HandlesTarget
Target
UpdateTarget
Target
ExecuteTarget
Target
Execute
RegisterChanges
UnRegisterChanges
Update
TBasicAction
Classes
ActionComponent,
OnExecute,
OnUpdate
FClassList
FAliasList
FGroupClasses
FActive
TRegGroup6
Create
AClass
Destroy
BestGroup
Group1
Group2
AClass
AddClass
AClass
GetClass
AClassName
GetClasses
InGroup
AClass
RegisterClass
AClass
RegisterClassAlias
AClass
Registered
AClass
UnregisterClass
AClass
UnregisterModuleClasses
Module
TRegGroup
Classes
Active
FGroups
FActiveClass
TRegGroups&
Create
Destroy
Activate
AClass
AddClass
AClass
GetClass
AClassName
GroupedWith
AClass
GroupWith
AClass
AGroupClass
RegisterClass
AClass
RegisterClassAlias
AClass
Registered
AClass
StartGroup
AClass
Unlock
UnregisterClass
AClass
UnregisterModuleClasses
Module
TRegGroups<
Classes
ActiveClass
YZ]_^[
$Z]_^[
$Z]_^[
_^[YY]
Compare
TList.Sort$ActRec
TList.Sort$ActRec
Classes
_^[YY]
_^[YY]
S$_^[Y]
_^[YY]
Sd]_^[
QQQQQQQSVW
$Z]_^[
C ;C$u
FInstance
FInstanceRoot
FPropInfo
FRootName
TPropFixup
Create
Instance
InstanceRoot
PropInfo
RootName
MakeGlobalReference
ResolveReference
Reference
TPropFixup
Classes
TPropIntfFixupC
ResolveReference
Reference
TPropIntfFixup
Classes
_^[YY]
$YZ_^[
:TReader.:1
Classes|
_^[YY]
_^[YY]
QQQQQSV
QQQQQQQS
_^[YY]
QQQQS3
_^[YY]
QQQQQQQQS3
QQQQQS3
TComponent.FindComponent$ActRec
TComponent.FindComponent$ActRecheC
Classes
R4_^[]
ERegistryException
ERegistryException
Registry
TRegKeyInfo
NumSubKeys
MaxSubKeyLen
NumValues
MaxValueLen
MaxDataLen
FileTime
TRegDataType
rdUnknown
rdString
rdExpandString
rdInteger
rdBinary
Registry
TRegDataInfo
RegData
DataSize
FCurrentKey
FRootKey
FLazyWrite
FCurrentPath
FCloseRootKey
FAccess
FLastError
TRegistry&
Create
Create
AAccess
Destroy
CloseKey
CreateKey
DeleteKey
DeleteValue
GetDataAsString
ValueName
PrefixType
GetDataInfo
ValueName
GetDataSize
ValueName
GetDataType
ValueName
GetKeyInfo
GetKeyNames
Strings
GetValueNames
Strings
HasSubKeys
KeyExists
LoadKey
FileName
MoveKey
OldName
NewName
Delete
OpenKey
CanCreate
OpenKeyReadOnly
ReadCurrency
ReadBinaryData
Buffer
BufSize
ReadBool
ReadDate
ReadDateTime
ReadFloat
ReadInteger
ReadString
ReadTime
RegistryConnect
UNCName
RenameValue
OldName
NewName
ReplaceKey
FileName
BackUpFileName
RestoreKey
FileName
SaveKey
FileName
UnLoadKey
ValueExists
WriteCurrency
WriteBinaryData
Buffer
BufSize
WriteBool
WriteDate
WriteDateTime
WriteFloat
WriteInteger
WriteString
WriteExpandString
WriteTime
TRegistry
Registry
CurrentKey
CurrentPath
LazyWrite
LastError
LastErrorMsg
RootKey
RootKeyName
Access
:TRegistry.:2
Registry
SERVICE_STATUS_PROCESS$
dwServiceType
dwCurrentState
dwControlsAccepted
dwWin32ExitCode
dwServiceSpecificExitCode
dwCheckPoint
dwWaitHint
dwProcessId
dwServiceFlags
ENUM_SERVICE_STATUS_PROCESS,
lpServiceName
lpDisplayName
ServiceStatusProcess
RDPWInst
QQQQQQQSV3
RDPWInst
QQQQQQQQS3
_^[YY]
Variants
VarUtils
Windows
SysInit
System
SysConst
SysUtils
Character
RTLConsts
StrUtils
ImageHlp
WinInet
Registry
IniFiles
IOUtils
DateUtils
Classes
ActiveX
Messages
TypInfo
WinSvc
Runtime error at 00000000
0123456789ABCDEF
oleaut32.dll
SysFreeString
SysReAllocStringLen
SysAllocStringLen
advapi32.dll
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
user32.dll
LoadStringW
MessageBoxA
CharNextW
kernel32.dll
lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
GetACP
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
CompareStringW
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
kernel32.dll
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
user32.dll
MessageBoxW
LoadStringW
GetSystemMetrics
CharUpperBuffW
CharNextW
kernel32.dll
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQueryEx
VirtualQuery
VirtualFree
TerminateProcess
SizeofResource
SignalObjectAndWait
SetFilePointer
SetEvent
SetEndOfFile
ResetEvent
RemoveDirectoryW
ReadFile
OpenProcess
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryExW
LeaveCriticalSection
InitializeCriticalSection
GetVersionExW
GetThreadLocale
GetNativeSystemInfo
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
EnumCalendarInfoW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateProcessW
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
advapi32.dll
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
kernel32.dll
oleaut32.dll
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit
advapi32.dll
StartServiceW
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
ChangeServiceConfigW
wininet.dll
InternetReadFile
InternetOpenUrlW
InternetOpenW
InternetCloseHandle
advapi32.dll
EnumServicesStatusExW
000L0d0
141T1d1x1
2 242H2X2d2l2
3%373J3d3y3
4$4,484<4@4D4H4L4P4T4X4\4`4h4p4x4
5 5(50585@5H5P5X5j5
6!61696J6Z6p6~6
777J7`7s7
8!8/8B8J8X8i8|8
9'9?9X9g9}9
:4:<:J:`:w:
;/;Q;c;|;
;H<L<P<h<t<x<
=9=J=j={=
>(>I>a>x>
?)?9?P?k?|?
0000C0X0j0~0
1&181L1
2'2<2Q2f2
3 343L3_3h3
4&4.464>4F4N4V4^4f4n4v4~4
5&5.565>5F5N5V5^5f5
99&919A9v9
>>>H>`>f>~>
>:?W?c?v?
3+353N3
9&9.979E9R9
?+?O?U?s?
p0t0z0~0
1F1N1[1a1o1~1
2%2n2y2
8:8V8b8v8
8+949i9p9
>4?J?a?
Antivirus Signature
Bkav Clean
Lionic Riskware.Win32.RDPWrap.1!c
Elastic malicious (high confidence)
DrWeb Program.Rdpwrap.4
MicroWorld-eScan Application.RemoteAdmin.RHU
FireEye Generic.mg.3288c28456105504
CAT-QuickHeal Trojan.Rdpwrap
ALYac Misc.Riskware.RemoteAdmin
Cylance Unsafe
VIPRE Trojan.Win32.Generic!BT
Sangfor PUP.Win32.RemoteAdmin.RHU
K7AntiVirus RemoteTool ( 0053f8421 )
BitDefender Application.RemoteAdmin.RHU
K7GW Riskware ( 0040eff71 )
Cybereason malicious.456105
Arcabit Clean
BitDefenderTheta Clean
Cyren W64/RDPWrap.A
Symantec Clean
ESET-NOD32 a variant of Win32/RDPWrap.A potentially unsafe
APEX Malicious
Paloalto generic.ml
ClamAV Win.Malware.Msilperseus-9807948-0
Kaspersky not-a-virus:RemoteAdmin.Win32.RDPWrap.h
Alibaba RiskWare:Win32/RDPWrap.e5b84be0
NANO-Antivirus Riskware.Win32.Rdpwrap.fgzswy
ViRobot NetTool.RDPwrap.1460224
Avast Clean
Tencent Clean
Ad-Aware Application.RemoteAdmin.RHU
TACHYON Clean
Sophos Clean
Comodo Clean
F-Secure Clean
Baidu Clean
Zillya Tool.RemoteAdmin.Win32.5
TrendMicro HackTool.Win32.Radmin.GD
McAfee-GW-Edition BehavesLike.Win32.Infected.th
CMC Clean
Emsisoft Application.RemoteAdmin.RHU (B)
Ikarus Clean
Jiangmin RemoteAdmin.RDPWrap.r
MaxSecure Trojan.Malware.121218.susgen
Avira SPR/Remoteadmin.AO
Antiy-AVL Trojan/Generic.ASMalwS.300D04C
Kingsoft Clean
Gridinsoft Trojan.Win32.Agent.dg
Microsoft Clean
SUPERAntiSpyware Clean
ZoneAlarm Clean
GData Application.RemoteAdmin.RHU
Cynet Malicious (score: 100)
AhnLab-V3 Unwanted/Win32.Rdpwrap.R220687
Acronis Clean
McAfee Artemis!3288C2845610
MAX malware (ai score=99)
VBA32 Clean
Malwarebytes RiskWare.RemoteAdmin
Zoner Clean
TrendMicro-HouseCall HackTool.Win32.Radmin.GD
Rising Trojan.Generic@ML.100 (RDML:udk7SerMqsOzHh+oM6uaYQ)
Yandex Trojan.Igent.bUFxrI.20
SentinelOne Clean
eGambit Clean
Fortinet Clean
Webroot W32.Riskware.Rdp
Panda PUP/RemoteAdmin
CrowdStrike win/malicious_confidence_100% (D)
Qihoo-360 Clean
No IRMA results available.