Static | ZeroBOX

PE Compile Time

1990-10-22 01:49:14

PDB Path

HOTPLUG.pdb

PE Imphash

3341bc2ede2baeeaf8f8cfa9cad95970

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
.text	0x00001000	0x000078b0	0x00007a00	5.9318821092
.rdata	0x00009000	0x00002dbc	0x00002e00	4.75593825398
.data	0x0000c000	0x000007d0	0x00000200	1.64494286885
.pdata	0x0000d000	0x00000504	0x00000600	3.78926636643
.didat	0x0000e000	0x00000048	0x00000200	0.517658261042
.rsrc	0x0000f000	0x0000b540	0x0000b600	1.45738525508
.reloc	0x0001b000	0x00000064	0x00000200	1.11212527264

Resources

Name	Offset	Size	Language	Sub-language	File type
MUI	0x0001a460	0x000000e0	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_ICON	0x0001a320	0x00000128	LANG_ENGLISH	SUBLANG_ENGLISH_US	GLS_BINARY_LSB_FIRST
RT_GROUP_ICON	0x0001a448	0x00000014	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_GROUP_ICON	0x0001a448	0x00000014	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_VERSION	0x0000f790	0x000003a0	LANG_ENGLISH	SUBLANG_ENGLISH_US	data
RT_MANIFEST	0x0000f300	0x0000048b	LANG_ENGLISH	SUBLANG_ENGLISH_US	XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library msvcrt.dll:

• 0x180009630 ??1type_info@@UEAA@XZ

• 0x180009638 __CxxFrameHandler3

• 0x180009640 _initterm

• 0x180009648 _amsg_exit

• 0x180009650 _XcptFilter

• 0x180009658 _CxxThrowException

• 0x180009660 __C_specific_handler

• 0x180009668 ??1exception@@UEAA@XZ

• 0x180009670 ??0exception@@QEAA@AEBV0@@Z

• 0x180009678 ??0exception@@QEAA@AEBQEBDH@Z

• 0x180009680 malloc

• 0x180009688 free

• 0x180009690 wcschr

• 0x180009698 _callnewh

• 0x1800096a0 _vsnwprintf

• 0x1800096a8 ?what@exception@@UEBAPEBDXZ

• 0x1800096b0 memset

Library ntdll.dll:

• 0x1800096c0 NtClose

• 0x1800096c8 NtOpenThreadToken

• 0x1800096d0 NtOpenProcessToken

• 0x1800096d8 NtQueryInformationToken

• 0x1800096e0 RtlVirtualUnwind

• 0x1800096e8 RtlLookupFunctionEntry

• 0x1800096f0 RtlCaptureContext

Library KERNEL32.dll:

• 0x180009308 GetLastError

• 0x180009310 GetModuleHandleW

• 0x180009318 lstrcmpiW

• 0x180009320 WaitNamedPipeW

• 0x180009328 GetModuleHandleExW

• 0x180009330 FreeLibraryAndExitThread

• 0x180009338 GetExitCodeThread

• 0x180009340 Sleep

• 0x180009348 CreateThread

• 0x180009350 UnhandledExceptionFilter

• 0x180009358 SetUnhandledExceptionFilter

• 0x180009360 FormatMessageW

• 0x180009368 QueryPerformanceCounter

• 0x180009370 GetCurrentProcessId

• 0x180009378 GetCurrentThreadId

• 0x180009380 GetSystemTimeAsFileTime

• 0x180009388 GetTickCount

• 0x180009390 GetVolumeNameForVolumeMountPointW

• 0x180009398 LoadLibraryW

• 0x1800093a0 lstrcmpW

• 0x1800093a8 LocalFree

• 0x1800093b0 LocalAlloc

• 0x1800093b8 ReadFile

• 0x1800093c0 GetProcAddress

• 0x1800093c8 CreateFileW

• 0x1800093d0 GetCurrentProcess

• 0x1800093d8 CloseHandle

• 0x1800093e0 DisableThreadLibraryCalls

• 0x1800093e8 ResolveDelayLoadedAPI

• 0x1800093f0 SetEvent

• 0x1800093f8 CreateEventW

• 0x180009400 WaitForSingleObject

• 0x180009408 TerminateProcess

• 0x180009410 FreeLibrary

• 0x180009418 DelayLoadFailureHook

• 0x180009420 OpenEventW

Library ADVAPI32.dll:

• 0x1800091d8 RegQueryValueExW

• 0x1800091e0 OpenSCManagerW

• 0x1800091e8 CloseServiceHandle

• 0x1800091f0 RegSetValueExW

• 0x1800091f8 RegCloseKey

• 0x180009200 GetTokenInformation

• 0x180009208 GetServiceDisplayNameW

• 0x180009210 RegCreateKeyW

• 0x180009218 LookupPrivilegeValueW

• 0x180009220 OpenProcessToken

Library USER32.dll:

• 0x180009498 GetClassInfoW

• 0x1800094a0 ShowWindow

• 0x1800094a8 GetWindowLongPtrW

• 0x1800094b0 EndDialog

• 0x1800094b8 ScreenToClient

• 0x1800094c0 CreateWindowExW

• 0x1800094c8 SetWindowLongPtrW

• 0x1800094d0 DestroyWindow

• 0x1800094d8 PostMessageW

• 0x1800094e0 GetMessagePos

• 0x1800094e8 DefWindowProcW

• 0x1800094f0 SetProcessDPIAware

• 0x1800094f8 FindWindowW

• 0x180009500 TranslateMessage

• 0x180009508 PeekMessageW

• 0x180009510 IsWindow

• 0x180009518 MsgWaitForMultipleObjects

• 0x180009520 GetMessageW

• 0x180009528 ReleaseDC

• 0x180009530 InvalidateRect

• 0x180009538 LoadImageW

• 0x180009540 GetProcessDefaultLayout

• 0x180009548 GetDC

• 0x180009550 GetWindow

• 0x180009558 PostQuitMessage

• 0x180009560 IsDialogMessageW

• 0x180009568 MessageBoxW

• 0x180009570 GetParent

• 0x180009578 DialogBoxParamW

• 0x180009580 EnableWindow

• 0x180009588 LoadStringW

• 0x180009590 SendMessageW

• 0x180009598 GetSystemMetrics

• 0x1800095a0 CheckDlgButton

• 0x1800095a8 SetDlgItemTextW

• 0x1800095b0 RegisterClassW

• 0x1800095b8 GetSysColor

• 0x1800095c0 IsDlgButtonChecked

• 0x1800095c8 LoadIconW

• 0x1800095d0 LoadCursorW

• 0x1800095d8 SetCursor

• 0x1800095e0 GetDlgItem

• 0x1800095e8 DispatchMessageW

• 0x1800095f0 KillTimer

• 0x1800095f8 DestroyIcon

• 0x180009600 SetTimer

Library GDI32.dll:

• 0x1800092f8 GetDeviceCaps

Library COMCTL32.dll:

• 0x1800092b8 ImageList_Destroy

• 0x1800092c0 ImageList_SetBkColor

• 0x1800092c8 ImageList_ReplaceIcon

• 0x1800092d0 ImageList_Remove

• 0x1800092d8 ImageList_GetImageCount

• 0x1800092e0 ImageList_SetOverlayImage

• 0x1800092e8 ImageList_Create

Library CFGMGR32.dll:

• 0x180009230 CM_Locate_DevNodeW

• 0x180009238 CM_Request_Device_Eject_ExW

• 0x180009240 CM_Is_Dock_Station_Present

• 0x180009248 CM_Get_Parent_Ex

• 0x180009250 CM_Get_Device_Interface_List_SizeW

• 0x180009258 CM_Get_DevNode_Registry_PropertyW

• 0x180009260 CM_Get_DevNode_Registry_Property_ExW

• 0x180009268 CM_Get_DevNode_Status_Ex

• 0x180009270 CM_Get_Device_ID_List_ExW

• 0x180009278 CM_Get_Device_ID_List_Size_ExW

• 0x180009280 CM_Get_Device_ID_ExW

• 0x180009288 CM_Locate_DevNode_ExW

• 0x180009290 CM_Get_Child_Ex

• 0x180009298 CM_Open_DevNode_Key_Ex

• 0x1800092a0 CM_Get_Sibling_Ex

• 0x1800092a8 CM_Get_Device_Interface_ListW

Library SETUPAPI.dll:

• 0x180009430 SetupDiDestroyDeviceInfoList

• 0x180009438 SetupDiCreateDeviceInfoList

• 0x180009440 SetupDiLoadDeviceIcon

• 0x180009448 SetupDiOpenDeviceInfoW

• 0x180009450 pSetupGuidFromString

Library SHELL32.dll:

• 0x180009460 ShellExecuteExW

• 0x180009468 ShellExecuteW

• 0x180009470 Shell_NotifyIconW

Library SHLWAPI.dll:

• 0x180009480 StrChrW

• 0x180009488 None

Library api-ms-win-core-com-l1-1-0.dll:

• 0x180009610 CoCreateInstance

• 0x180009618 CoUninitialize

• 0x180009620 CoInitializeEx

Exports

Ordinal	Address	Name
1	0x180004240	CPlApplet
13	0x180001230	DllGetClassObject
2	0x180003fa0	HotPlugChildWithInvalidIdW
3	0x180003d20	HotPlugDriverBlockedW
4	0x180005df0	HotPlugEjectDevice
5	0x180005e00	HotPlugEjectDeviceEx
6	0x180003770	HotPlugEjectVetoedW
7	0x1800037d0	HotPlugHibernateVetoedW
8	0x180003740	HotPlugRemovalVetoedW
9	0x180003bf0	HotPlugSafeRemovalDriveNotificationW
10	0x180003b50	HotPlugSafeRemovalNotificationW
11	0x1800037a0	HotPlugStandbyVetoedW
12	0x180003800	HotPlugWarmEjectVetoedW

No antivirus signatures available.

No IRMA results available.