popup
Static | ZeroBOX
  1. Home
  2. Result
  3. Report
  4. Detail Analysis

Static Analysis

PE Compile Time

1985-06-21 11:35:13

PDB Path

mtxclu.pdb

PE Imphash

d21ac5e21e55f5b9ee93d732d6cbb672

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x0003227f 0x00032400 6.19604829957
.rdata 0x00034000 0x0003469c 0x00034800 3.9234439351
.data 0x00069000 0x000030f8 0x00000800 1.94343747496
.pdata 0x0006d000 0x00001aac 0x00001c00 5.37771024642
.rsrc 0x0006f000 0x00000470 0x00000600 2.72377440801
.reloc 0x00070000 0x00000554 0x00000600 5.18339903013

Resources

Name Offset Size Language Sub-language File type
RT_VERSION 0x0006f060 0x00000410 LANG_ENGLISH SUBLANG_ENGLISH_US data

Imports

Library ntdll.dll:
0x180036430 RtlFreeHeap
0x180036438 RtlImageNtHeader
0x180036440 RtlAllocateHeap
0x180036448 RtlVirtualUnwind
0x180036450 RtlLookupFunctionEntry
0x180036458 RtlCreateServiceSid
0x180036460 RtlReportException
0x180036468 RtlCaptureContext
0x180036470 RtlNtStatusToDosError
0x180036478 RtlInitUnicodeString
Library api-ms-win-core-registry-l1-1-0.dll:
0x180035f30 RegSetValueExW
0x180035f38 RegFlushKey
0x180035f40 RegQueryValueExW
0x180035f48 RegCloseKey
0x180035f50 RegOpenKeyExW
0x180035f58 RegCreateKeyExW
0x180035f60 RegCreateKeyExA
0x180035f68 RegDeleteValueA
0x180035f70 RegOpenKeyExA
0x180035f78 RegQueryValueExA
0x180035f80 RegSetValueExA
0x180035f88 RegDeleteValueW
Library api-ms-win-core-string-l1-1-0.dll:
0x180035f98 WideCharToMultiByte
0x180035fa0 CompareStringW
0x180035fa8 MultiByteToWideChar
Library api-ms-win-core-com-l1-1-0.dll:
0x180035ce0 CoTaskMemFree
0x180035ce8 CoTaskMemAlloc
0x180035cf0 StringFromGUID2
0x180035cf8 CoCreateInstance
0x180035d00 CoGetObjectContext
Library api-ms-win-service-management-l1-1-0.dll:
0x1800361c0 DeleteService
0x1800361c8 CreateServiceW
0x1800361d0 OpenSCManagerW
0x1800361d8 CloseServiceHandle
0x1800361e0 OpenServiceW
Library api-ms-win-security-sddl-l1-1-0.dll:
0x180036198 ConvertStringSidToSidW
0x1800361a0 ConvertSidToStringSidW
Library RPCRT4.dll:
0x180035c80 UuidFromStringW
0x180035c88 UuidToStringW
0x180035c90 RpcStringFreeW
0x180035c98 UuidCreate
0x180035ca0 UuidFromStringA
0x180035ca8 UuidToStringA
0x180035cb0 RpcStringFreeA
Library api-ms-win-core-synch-l1-2-0.dll:
0x180036040 Sleep
Library api-ms-win-core-errorhandling-l1-1-0.dll:
0x180035d38 GetLastError
0x180035d40 SetLastError
0x180035d48 UnhandledExceptionFilter
Library api-ms-win-core-heap-l2-1-0.dll:
0x180035dc0 LocalAlloc
0x180035dc8 LocalFree
Library api-ms-win-service-winsvc-l1-1-0.dll:
0x180036218 StartServiceA
0x180036220 ControlService
0x180036228 QueryServiceStatus
0x180036230 OpenSCManagerA
Library api-ms-win-core-file-l1-1-0.dll:
0x180035d58 RemoveDirectoryW
0x180035d60 FindFirstFileW
0x180035d68 CreateFileW
0x180035d70 FindClose
0x180035d78 SetFileAttributesW
0x180035d80 GetFullPathNameW
0x180035d88 FindNextFileW
0x180035d90 DeleteFileW
0x180035d98 CreateDirectoryW
0x180035da0 GetFileAttributesW
Library api-ms-win-security-base-l1-1-0.dll:
0x1800360b0 MakeSelfRelativeSD
0x1800360b8 AdjustTokenPrivileges
0x1800360d0 GetTokenInformation
0x1800360d8 MakeAbsoluteSD
0x1800360e0 DuplicateTokenEx
0x1800360f0 GetLengthSid
0x1800360f8 AddAccessAllowedAceEx
0x180036100 InitializeAcl
0x180036110 FreeSid
0x180036118 AddAce
0x180036120 IsWellKnownSid
0x180036130 CopySid
0x180036138 GetAclInformation
0x180036140 GetSidLengthRequired
0x180036148 AllocateAndInitializeSid
0x180036150 EqualSid
0x180036158 GetAce
Library api-ms-win-service-management-l2-1-0.dll:
0x1800361f0 ChangeServiceConfigW
0x1800361f8 ChangeServiceConfig2W
0x180036200 QueryServiceStatusEx
0x180036208 QueryServiceConfigW
Library api-ms-win-service-core-l1-1-1.dll:
0x1800361b0 EnumServicesStatusExW
Library api-ms-win-core-processenvironment-l1-1-0.dll:
0x180035e78 GetEnvironmentVariableW
0x180035e80 GetCommandLineA
Library api-ms-win-core-sysinfo-l1-1-0.dll:
0x180036050 GetLocalTime
0x180036058 GetComputerNameExW
0x180036068 GetSystemInfo
0x180036070 GetTickCount
0x180036078 GetSystemDirectoryW
0x180036080 GetSystemTimeAsFileTime
Library api-ms-win-core-handle-l1-1-0.dll:
0x180035db0 CloseHandle
Library api-ms-win-core-libraryloader-l1-2-0.dll:
0x180035dd8 LoadResource
0x180035de0 GetModuleFileNameW
0x180035df0 LoadStringW
0x180035df8 LockResource
0x180035e00 GetModuleHandleW
0x180035e08 LoadLibraryExA
0x180035e10 GetProcAddress
0x180035e18 GetModuleHandleExA
0x180035e20 FindResourceExW
0x180035e28 FreeLibrary
0x180035e30 LoadLibraryExW
Library api-ms-win-core-processthreads-l1-1-0.dll:
0x180035e90 SetThreadStackGuarantee
0x180035e98 CreateProcessW
0x180035ea0 TerminateProcess
0x180035ea8 TlsFree
0x180035eb0 GetCurrentProcess
0x180035eb8 SetThreadToken
0x180035ec0 GetExitCodeProcess
0x180035ec8 GetCurrentThreadId
0x180035ed0 TlsSetValue
0x180035ed8 OpenThreadToken
0x180035ee0 GetCurrentThread
0x180035ee8 OpenProcessToken
0x180035ef0 GetCurrentProcessId
0x180035ef8 TlsAlloc
0x180035f00 TlsGetValue
Library api-ms-win-security-lsalookup-l2-1-0.dll:
0x180036170 LookupAccountNameW
Library api-ms-win-core-synch-l1-1-0.dll:
0x180035fd0 ReleaseSemaphore
0x180035fd8 CreateSemaphoreExW
0x180035fe0 CreateEventW
0x180035fe8 DeleteCriticalSection
0x180035ff0 WaitForSingleObject
0x180035ff8 CreateEventA
0x180036008 LeaveCriticalSection
0x180036010 ResetEvent
0x180036020 WaitForSingleObjectEx
0x180036028 EnterCriticalSection
0x180036030 SetEvent
Library WS2_32.dll:
0x180035cc0 WSAGetLastError
0x180035cc8 FreeAddrInfoW
0x180035cd0 GetAddrInfoW
Library api-ms-win-core-debug-l1-1-0.dll:
0x180035d10 DebugBreak
0x180035d18 OutputDebugStringW
0x180035d20 IsDebuggerPresent
Library api-ms-win-core-psapi-l1-1-0.dll:
Library bcrypt.dll:
0x180036248 BCryptGetProperty
0x180036258 BCryptGenRandom
0x180036260 BCryptExportKey
0x180036270 BCryptSetProperty
0x180036278 BCryptDestroyKey
Library api-ms-win-core-string-obsolete-l1-1-0.dll:
0x180035fb8 lstrcmpiW
0x180035fc0 lstrcmpW
Library CRYPTSP.dll:
0x180035b58 CryptGenKey
0x180035b60 CryptReleaseContext
0x180035b68 CryptGetUserKey
0x180035b70 CryptDecrypt
0x180035b78 CryptImportKey
0x180035b80 CryptExportKey
0x180035b88 CryptDestroyKey
0x180035b90 CryptEncrypt
0x180035b98 CryptAcquireContextW
0x180035ba0 CryptSetProvParam
Library api-ms-win-security-lsapolicy-l1-1-0.dll:
0x180036180 LsaClose
Library ADVAPI32.dll:
0x1800359a8 DeregisterEventSource
0x1800359b0 LookupPrivilegeValueA
0x1800359b8 RegEnumKeyA
0x1800359c0 RegEnumKeyW
0x1800359c8 RegDeleteKeyA
0x1800359d0 RegDeleteKeyW
0x1800359d8 RegisterEventSourceW
0x1800359e0 ReportEventW
0x1800359e8 SetNamedSecurityInfoW
0x1800359f0 GetNamedSecurityInfoW
0x1800359f8 EnumServicesStatusExA
0x180035a00 RegConnectRegistryW
Library KERNEL32.dll:
0x180035bb0 UnregisterWaitEx
0x180035bb8 QueueUserWorkItem
Library msvcrt.dll:
0x180036288 _initterm
0x180036290 _callnewh
0x180036298 malloc
0x1800362a0 _waccess
0x1800362a8 _wfopen
0x1800362b0 strchr
0x1800362b8 fopen
0x1800362c0 fflush
0x1800362c8 fclose
0x1800362d0 fprintf
0x1800362d8 fwprintf
0x1800362e0 _vsnprintf
0x1800362e8 wcsrchr
0x1800362f0 mbstowcs
0x1800362f8 _purecall
0x180036300 _stricmp
0x180036308 _wcsnicmp
0x180036310 wcstombs
0x180036318 _ltoa
0x180036320 _ltow
0x180036328 atol
0x180036330 _wtol
0x180036338 iswalpha
0x180036358 ??1exception@@UEAA@XZ
0x180036368 _CxxThrowException
0x180036370 memcpy
0x180036378 memmove
0x180036380 _XcptFilter
0x180036388 _amsg_exit
0x180036390 wcscpy_s
0x180036398 ??1type_info@@UEAA@XZ
0x1800363a0 _wcsicmp
0x1800363a8 _onexit
0x1800363b0 _ultow
0x1800363b8 _local_unwind
0x1800363c0 memcmp
0x1800363c8 memset
0x1800363d0 __dllonexit
0x1800363d8 __CxxFrameHandler3
0x1800363e0 _vsnwprintf
0x1800363e8 _unlock
0x1800363f0 _lock
0x1800363f8 _wcsdup
0x180036400 ?terminate@@YAXXZ
0x180036408 wcschr
0x180036410 __C_specific_handler
0x180036418 free
0x180036420 wcscmp
Library CLUSAPI.dll:
0x180035a10 ClusterResourceTypeEnum
0x180035a18 GetClusterResourceKey
0x180035a20 CloseCluster
0x180035a28 CloseClusterResource
0x180035a30 ClusterRegOpenKey
0x180035a40 ClusterRegCloseKey
0x180035a48 GetClusterResourceState
0x180035a50 ClusterRegDeleteValue
0x180035a58 OpenClusterResourceEx
0x180035a60 ClusterRegEnumKey
0x180035a68 ClusterRegQueryValue
0x180035a70 OfflineClusterResource
0x180035a78 ClusterRegSetValue
0x180035a80 ClusterRegCreateKey
0x180035a88 ClusterRegDeleteKey
0x180035a90 ClusterGroupEnum
0x180035a98 ClusterControl
0x180035aa0 OpenClusterGroupEx
0x180035aa8 OnlineClusterResource
0x180035ab0 ClusterResourceControl
0x180035ac0 ClusterRegQueryInfoKey
0x180035ad0 GetClusterKey
0x180035ad8 ClusterGroupOpenEnum
0x180035ae0 ClusterRegEnumValue
0x180035af0 CloseClusterGroup
0x180035b00 OpenClusterEx
0x180035b08 CreateClusterNotifyPort
0x180035b10 GetClusterNotify
0x180035b20 ClusterGroupCloseEnum
0x180035b28 ClusterGetEnumCount
0x180035b30 GetNodeClusterState
0x180035b38 ClusterOpenEnum
0x180035b40 ClusterEnum
0x180035b48 ClusterCloseEnum
Library RESUTILS.dll:
0x180035bf0 ResUtilEnumResourcesEx
0x180035c08 ResUtilSetPropertyTable
0x180035c10 ResUtilGetProperties
0x180035c20 ResUtilDupParameterBlock
0x180035c30 ClusWorkerTerminate
0x180035c40 ResUtilEnumProperties
0x180035c48 ResUtilFindSzProperty
0x180035c58 ClusWorkerCheckTerminate
0x180035c70 ClusWorkerCreate
Library MSDTCPRX.dll:
0x180035bc8 CreateLegacyTmInstance
0x180035bd8 CreateLocalTmInstance
Library api-ms-win-core-profile-l1-1-0.dll:
0x180035f10 QueryPerformanceCounter
Library api-ms-win-core-version-l1-1-0.dll:
0x180036090 VerQueryValueW
Library api-ms-win-core-localization-l1-2-0.dll:
0x180035e40 FormatMessageW
Library api-ms-win-core-memory-l1-1-0.dll:
0x180035e50 VirtualAlloc
0x180035e58 VirtualQuery
0x180035e60 VirtualProtect

Exports

Ordinal Address Name
10 0x180013690 FailedClusterAPIToEventLog
11 0x180019ad0 MtxCluBringOnlineDTCW
12 0x180012080 MtxCluClearClusterTmMappings
13 0x180001e80 MtxCluCreateClusterProxyTmInstance
14 0x180001d10 MtxCluCreateClusterTmInstance
15 0x180001a40 MtxCluCreateTmInstanceForVirtualServer
16 0x180013060 MtxCluEnumerateClusterTmMappings
17 0x18000d320 MtxCluEnumerateDtcResources
18 0x18000ce70 MtxCluEnumerateDtcResourcesEx
19 0x1800116f0 MtxCluGetActiveClusterNode
20 0x1800114a0 MtxCluGetClusterResourceIdFromName
1 0x1800192f0 MtxCluGetComputerNameW
21 0x1800073a0 MtxCluGetDTCResourceForResource
2 0x180019540 MtxCluGetDTCStatusW
22 0x18000d380 MtxCluGetDTCVirtualServerNameW
23 0x180007820 MtxCluGetDefaultClusterResource
24 0x180007bb0 MtxCluGetDefaultClusterResourceNonAdmin
25 0x180009f80 MtxCluGetDtcDiskResourceDrive
26 0x18000fea0 MtxCluGetNameFromResourceIdString
27 0x180010020 MtxCluGetNameFromResourceIdStringNonAdmin
28 0x18000e3b0 MtxCluGetResourceId
29 0x18000fd10 MtxCluGetResourceIdStringFromName
3 0x180019d80 MtxCluGetSecurityRegValue
30 0x18000f6f0 MtxCluGetTmResource
31 0x180011100 MtxCluGetVirtualServerToken
4 0x180019ff0 MtxCluIsClusterPresent
32 0x18000d330 MtxCluIsClusterPresentExW
5 0x18001a450 MtxCluIsNetworkNameInLocalClusterW
6 0x18001b180 MtxCluIsSameClusterW
7 0x18001af60 MtxCluIsSameNodeW
33 0x180012630 MtxCluRemoveClusterTmMappingByName
34 0x180011b40 MtxCluSetClusterTmMapping
35 0x180008790 MtxCluSetDefaultClusterResource
8 0x180019e80 MtxCluSetSecurityRegValue
36 0x180019820 MtxCluTakeOfflineDTCW
37 0x18000d580 MtxCluVerifyLogPathInDependantDiskResource
38 0x18000b280 MtxCluVerifyLogPathIsValidCSV
9 0x180018a80 Startup
No antivirus signatures available.
No IRMA results available.