Cryptam


Recent document malware detections. This list is delayed by 5 days.

MD5filenamesizeseverityhas_exekey_lenrol
6e8f87eec6434b24b09e3d76de105f4d view report hentaiware11102017.zip 326682 60 X 0 0
embedded.file cheat.dll c3f1185646c4b14f7ba70053ccd18ba8
cheat.dll.78: string.This program cannot be run in DOS mode
cheat.dll.1177366: string.GetModuleHandleA
cheat.dll.1177574: string.GetProcAddress
cheat.dll.1180594: string.EnterCriticalSection
cheat.dll.1180580: string.CloseHandle
cheat.dll.1177652: string.KERNEL32
ebba8db69691d3525a74abb0a7ec23cd view report ebba8db69691d3525a74abb0a7ec23cd 100864 72 X 0 0
57627: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
58211: exploit.office embedded Visual Basic execute shell command Wscript.Shell
64704: exploit.office embedded Visual Basic accessing file OpenTextFile
92894: suspicious.office Visual Basic macro
54917: string.vbs On Error Resume Next
dropped.file vbs 74d27f45e05802afbf84a271739477cd / 19998 bytes / @ 61317
dropped.file vbs ecec6296f3717299312bd7c386b5feb7 / 19549 bytes / @ 81315
334ccc16ae79197b8e87e569fa05ec95 view report CSPGAB.doc 780930 12 X 0 0
embedded.file oleObject1.bin 20f075301b83868189e4939fc0476ad5
oleObject1.bin.1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
oleObject1.bin.8436: string.This program cannot be run in DOS mode
oleObject1.bin.dropped.file exe 4b5faab4760262f86656f400630a3cac / 773978 bytes / @ 8358
95fbec3f96b552238418a0763e79a452 view report 1-projet_vision_ordinateur_bon.rar 1903529 660 X 0 0
embedded.file main.o a70d5e2e5a9094a1a601390cab8fa861
main.o.257529: string.LoadLibraryA
main.o.256435: string.GetModuleHandleA
main.o.255808: string.GetCommandLineA
main.o.254877: string.CreateProcessA
main.o.256134: string.GetEnvironmentVariableA
main.o.254710: string.CreateFileA
main.o.357067: string.RegOpenKeyExA
main.o.356865: string.RegDeleteKeyA
main.o.335805: string.GetMessageA
main.o.332473: string.CreateWindowExA
embedded.file detection_multi_objets.o 4e01eb91ec49a839d98134c3ee5f9482
detection_multi_objets.o.260222: string.LoadLibraryA
detection_multi_objets.o.259128: string.GetModuleHandleA
detection_multi_objets.o.258501: string.GetCommandLineA
detection_multi_objets.o.257570: string.CreateProcessA
detection_multi_objets.o.258827: string.GetEnvironmentVariableA
detection_multi_objets.o.257403: string.CreateFileA
detection_multi_objets.o.359761: string.RegOpenKeyExA
detection_multi_objets.o.359559: string.RegDeleteKeyA
detection_multi_objets.o.338498: string.GetMessageA
detection_multi_objets.o.335166: string.CreateWindowExA
embedded.file detection_objet_barycentre.o 458c57752be66036cfdbd97368c3448a
detection_objet_barycentre.o.259330: string.LoadLibraryA
detection_objet_barycentre.o.258236: string.GetModuleHandleA
detection_objet_barycentre.o.257609: string.GetCommandLineA
detection_objet_barycentre.o.256678: string.CreateProcessA
detection_objet_barycentre.o.257935: string.GetEnvironmentVariableA
detection_objet_barycentre.o.256511: string.CreateFileA
detection_objet_barycentre.o.358869: string.RegOpenKeyExA
detection_objet_barycentre.o.358667: string.RegDeleteKeyA
detection_objet_barycentre.o.337606: string.GetMessageA
detection_objet_barycentre.o.334274: string.CreateWindowExA
embedded.file detection_multi_objets_moments.o 6207f6206783fbfc9665e86557abbd2d
detection_multi_objets_moments.o.263640: string.LoadLibraryA
detection_multi_objets_moments.o.262546: string.GetModuleHandleA
detection_multi_objets_moments.o.261919: string.GetCommandLineA
detection_multi_objets_moments.o.260988: string.CreateProcessA
detection_multi_objets_moments.o.262245: string.GetEnvironmentVariableA
detection_multi_objets_moments.o.260821: string.CreateFileA
detection_multi_objets_moments.o.363179: string.RegOpenKeyExA
detection_multi_objets_moments.o.362977: string.RegDeleteKeyA
detection_multi_objets_moments.o.341916: string.GetMessageA
detection_multi_objets_moments.o.338584: string.CreateWindowExA
embedded.file detection_multi_objets_caracteristiques.o 3a3749ac7a95e810747d92d1c554ee2b
detection_multi_objets_caracteristiques.o.264468: string.LoadLibraryA
detection_multi_objets_caracteristiques.o.263374: string.GetModuleHandleA
detection_multi_objets_caracteristiques.o.262747: string.GetCommandLineA
detection_multi_objets_caracteristiques.o.261816: string.CreateProcessA
detection_multi_objets_caracteristiques.o.263073: string.GetEnvironmentVariableA
detection_multi_objets_caracteristiques.o.261649: string.CreateFileA
detection_multi_objets_caracteristiques.o.364007: string.RegOpenKeyExA
detection_multi_objets_caracteristiques.o.363805: string.RegDeleteKeyA
detection_multi_objets_caracteristiques.o.342744: string.GetMessageA
detection_multi_objets_caracteristiques.o.339412: string.CreateWindowExA
embedded.file projet_vision_ordinateur.exe 4e351f08c2f454ed4ad012bd86428e4a
projet_vision_ordinateur.exe.78: string.This program cannot be run in DOS mode
projet_vision_ordinateur.exe.908338: string.LoadLibraryA
projet_vision_ordinateur.exe.475802: string.GetModuleHandleA
projet_vision_ordinateur.exe.906617: string.GetCommandLineA
projet_vision_ordinateur.exe.475822: string.GetProcAddress
projet_vision_ordinateur.exe.905686: string.CreateProcessA
projet_vision_ordinateur.exe.475698: string.EnterCriticalSection
projet_vision_ordinateur.exe.906943: string.GetEnvironmentVariableA
projet_vision_ordinateur.exe.475640: string.CloseHandle
projet_vision_ordinateur.exe.905519: string.CreateFileA
projet_vision_ordinateur.exe.1007876: string.RegOpenKeyExA
projet_vision_ordinateur.exe.1007674: string.RegDeleteKeyA
projet_vision_ordinateur.exe.476968: string.KERNEL32
projet_vision_ordinateur.exe.475722: string.ExitProcess
projet_vision_ordinateur.exe.986614: string.GetMessageA
projet_vision_ordinateur.exe.983282: string.CreateWindowExA
0191cf70bb11084fb126fe077c070293 view report /1/2/9/29c32abd4a8d81c8ca7e343ab92a162be12f6d81ebd45578defe58cca20e8d40.file 4520935 10 X 0 0
embedded.file Gel-A02.bin b4ab9380b7acb92c310816d396919ee7
Gel-A02.bin.8026588: string.PE Header
14ce7014ec99269d46e83da52c01879b view report TrueAncestor_BACKUP_Retailer_v2.20.zip 1518875 590 X 0 0
embedded.file make_c00_edat.exe de8381009d687f8524dd3fe810c16262
make_c00_edat.exe.78: string.This program cannot be run in DOS mode
make_c00_edat.exe.98844: string.GetModuleHandleA
make_c00_edat.exe.98864: string.GetProcAddress
make_c00_edat.exe.98790: string.EnterCriticalSection
make_c00_edat.exe.99440: string.KERNEL32
make_c00_edat.exe.98814: string.ExitProcess
embedded.file HashConsole.exe d7c646a6df655fe1e77ec35ec95d1539
HashConsole.exe.78: string.This program cannot be run in DOS mode
HashConsole.exe.115896: string.GetCommandLineA
HashConsole.exe.115756: string.GetProcAddress
HashConsole.exe.115848: string.EnterCriticalSection
HashConsole.exe.115312: string.GetEnvironmentVariableA
HashConsole.exe.115298: string.CloseHandle
HashConsole.exe.115338: string.CreateFileA
HashConsole.exe.115466: string.KERNEL32
HashConsole.exe.97607: string.ExitProcess
embedded.file sfo_extractor.exe 96463b8d374b7e724ec9bdeb43d70b03
sfo_extractor.exe.78: string.This program cannot be run in DOS mode
embedded.file sfk.exe 1c8421de8643d4199936682f7831f510
sfk.exe.78: string.This program cannot be run in DOS mode
sfk.exe.1272088: string.LoadLibraryA
sfk.exe.1273332: string.GetModuleHandleA
sfk.exe.1273524: string.GetCommandLineA
sfk.exe.1273314: string.GetProcAddress
sfk.exe.1274226: string.CreateProcessA
sfk.exe.1272458: string.EnterCriticalSection
sfk.exe.1271616: string.CloseHandle
sfk.exe.1271644: string.CreateFileA
sfk.exe.1270440: string.user32.dll
sfk.exe.1268796: string.KERNEL32
sfk.exe.1265843: string.ExitProcess
embedded.file msvcr120.dll 034ccadc1c073e4216e9466b720f9849
msvcr120.dll.78: string.This program cannot be run in DOS mode
msvcr120.dll.928360: string.GetModuleHandleA
msvcr120.dll.926332: string.GetCommandLineA
msvcr120.dll.926252: string.GetProcAddress
msvcr120.dll.927274: string.CreateProcessA
msvcr120.dll.926390: string.EnterCriticalSection
msvcr120.dll.926682: string.CloseHandle
msvcr120.dll.925412: string.KERNEL32
msvcr120.dll.209803: string.ExitProcess
embedded.file make_npdata.exe 75807cf714beb6331d2ccbe955c0f5d2
make_npdata.exe.78: string.This program cannot be run in DOS mode
make_npdata.exe.50572: string.KERNEL32
embedded.file ps3xport.exe 38645853ec496cf8931cdec707dec68a
ps3xport.exe.78: string.This program cannot be run in DOS mode
ps3xport.exe.130750: string.GetModuleHandleA
ps3xport.exe.130790: string.GetProcAddress
ps3xport.exe.130558: string.EnterCriticalSection
ps3xport.exe.132008: string.KERNEL32
embedded.file sfoprint.exe c451fde46ac28c79e99ba9fcaefa7fbe
sfoprint.exe.78: string.This program cannot be run in DOS mode
embedded.file retailer.exe fcae083aff784d8664383ad8a0a4d980
retailer.exe.35596: exploit.office cmd.exe shell command
retailer.exe.80: string.This program must be run under Win32
retailer.exe.40202: string.GetModuleHandleA
retailer.exe.40262: string.GetCommandLineA
retailer.exe.40540: string.GetSystemMetrics
retailer.exe.40184: string.GetProcAddress
retailer.exe.41154: string.CreateProcessA
retailer.exe.40976: string.GetEnvironmentVariableA
retailer.exe.41186: string.CloseHandle
retailer.exe.41172: string.CreateFileA
retailer.exe.39826: string.RegOpenKeyExA
retailer.exe.39854: string.user32.dll
retailer.exe.40324: string.ExitProcess
7b45df18a775954822f1d369e96d7fcf view report aacraid_ws08-ws12-ws16-w7-w8-w10-sbs_x64_b52013_cert.zip 1285608 20 X 0 0
embedded.file arcsas_sbs.sys 4ea61313f7f9113e697b37919d610f2a
arcsas_sbs.sys.78: string.This program cannot be run in DOS mode
embedded.file arcsas.sys 2c07b8ce3e283f6404def1c1a641019d
arcsas.sys.78: string.This program cannot be run in DOS mode
e28abb48aeb8c236db80e7f7882ff721 view report 9be5cb42ee0a562290e75ab8f998e0d054c6f478 41984 12 X 0 0
24846: suspicious.office Visual Basic macro
27794: string.shell32.dll
20f075301b83868189e4939fc0476ad5 view report oleObject1.bin 782336 12 X 0 0
1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
8436: string.This program cannot be run in DOS mode
dropped.file exe 4b5faab4760262f86656f400630a3cac / 773978 bytes / @ 8358
73cc16a3d59ec14dba651d0103fb4dd2 view report Qvidian.dotm 1580094 124 X 0 0
embedded.file vbaProject.bin aeb47169efef2472cd5a84232e1261ce
vbaProject.bin.875256: exploit.office embedded Visual Basic write to file Scripting.FileSystemObject
vbaProject.bin.119339: exploit.office embedded Visual Basic execute shell command Wscript.Shell
vbaProject.bin.2710302: exploit.office embedded Visual Basic accessing file OpenTextFile
vbaProject.bin.2661658: suspicious.office Visual Basic macro
vbaProject.bin.54656: exploit.office VB Macro auto execute
vbaProject.bin.1078489: suspicious.script potential active content
vbaProject.bin.2677355: string.shell32.dll
vbaProject.bin.2432210: string.KERNEL32
vbaProject.bin.190267: string.vbs On Error Resume Next
vbaProject.bin.1423164: string.vbs CreateObject
a66d52a060b1ab3024d463eaf38afde7 view report oleObject1.bin 205312 12 X 0 0
1104: suspicious.office Packager ClassID used by CVE-2014-6352 C
4329: string.This program cannot be run in DOS mode
dropped.file exe fbb5a140b4baff2aba7e69b0c7791847 / 201061 bytes / @ 4251
e61c7bf167a7409effa6a0758cb0873c view report O&R Register v4.0 GEP - 1 Empty template Navigator.xlsb 1432651 18 X 0 0
embedded.file vbaProject.bin b2307302c3ad4691aa766527d6f16f84
vbaProject.bin.804610: suspicious.office Visual Basic macro
embedded.file Microsoft_Excel_Binary_Worksheet.xlsb a503fbe884c9dfe46c9076dbc97cc48e
Microsoft_Excel_Binary_Worksheet.xlsb.embedded.file vbaProject.bin 821665447d21d7355f1747e4391173bc
Microsoft_Excel_Binary_Worksheet.xlsb.vbaProject.bin.50946: suspicious.office Visual Basic macro
embedded.file Microsoft_Excel_Binary_Worksheet2.xlsb ed329542a31f740fb4e91da3f3bb7b6b
Microsoft_Excel_Binary_Worksheet2.xlsb.embedded.file vbaProject.bin 3ae5810f1e5032b23da8ea369764b0cf
Microsoft_Excel_Binary_Worksheet2.xlsb.vbaProject.bin.145154: suspicious.office Visual Basic macro
Microsoft_Excel_Binary_Worksheet2.xlsb.vbaProject.bin.53431: string.vbs On Error Resume Next
embedded.file Microsoft_Excel_Binary_Worksheet1.xlsb 0a9e936b777a2cfc0a688e26a1927249
Microsoft_Excel_Binary_Worksheet1.xlsb.embedded.file vbaProject.bin 22fe83dd3acfe7f7d4a8b14f02a9cbc0
Microsoft_Excel_Binary_Worksheet1.xlsb.vbaProject.bin.50946: suspicious.office Visual Basic macro
Yara:
office_vb_dropper
6612fe498e6b9aea977cff3b10255d12 view report cpuminer-windows-x86.zip 3974705 1100 X 0 0
embedded.file libtasn1-6.dll 7db866576ec9fba9cb03f9652ab30433
libtasn1-6.dll.78: string.This program cannot be run in DOS mode
libtasn1-6.dll.98276: string.LoadLibraryA
libtasn1-6.dll.98104: string.GetModuleHandleA
libtasn1-6.dll.98144: string.GetProcAddress
libtasn1-6.dll.97986: string.EnterCriticalSection
libtasn1-6.dll.99104: string.KERNEL32
embedded.file libffi-6.dll 67da3bef31bbdec7e7a1cec95843e0ee
libffi-6.dll.78: string.This program cannot be run in DOS mode
libffi-6.dll.29420: string.LoadLibraryA
libffi-6.dll.29272: string.GetModuleHandleA
libffi-6.dll.29292: string.GetProcAddress
libffi-6.dll.29154: string.EnterCriticalSection
libffi-6.dll.29952: string.KERNEL32
embedded.file libidn2-0.dll b9f0226aab399ac8b0c5c03ae54166a4
libidn2-0.dll.78: string.This program cannot be run in DOS mode
libidn2-0.dll.150700: string.LoadLibraryA
libidn2-0.dll.150528: string.GetModuleHandleA
libidn2-0.dll.150568: string.GetProcAddress
libidn2-0.dll.150410: string.EnterCriticalSection
libidn2-0.dll.151840: string.KERNEL32
embedded.file libssh2-1.dll ff1d75966246c09031c7017f2dfb7fdf
libssh2-1.dll.78: string.This program cannot be run in DOS mode
libssh2-1.dll.199592: string.LoadLibraryA
libssh2-1.dll.199394: string.GetModuleHandleA
libssh2-1.dll.199434: string.GetProcAddress
libssh2-1.dll.199254: string.EnterCriticalSection
libssh2-1.dll.199194: string.CloseHandle
libssh2-1.dll.201980: string.KERNEL32
embedded.file libunistring-2.dll 470df953e414cb3c3efcda517f1c3fd0
libunistring-2.dll.78: string.This program cannot be run in DOS mode
libunistring-2.dll.1819444: string.LoadLibraryA
libunistring-2.dll.1819254: string.GetModuleHandleA
libunistring-2.dll.1819294: string.GetProcAddress
libunistring-2.dll.1819064: string.EnterCriticalSection
libunistring-2.dll.1819010: string.CloseHandle
libunistring-2.dll.1820488: string.KERNEL32
embedded.file cpuminer.exe 4803cb394e2b9a5b4482d62a220e217c
cpuminer.exe.78: string.This program cannot be run in DOS mode
cpuminer.exe.1692534: string.LoadLibraryA
cpuminer.exe.1692306: string.GetModuleHandleA
cpuminer.exe.1692346: string.GetProcAddress
cpuminer.exe.1692052: string.EnterCriticalSection
cpuminer.exe.1692014: string.CloseHandle
cpuminer.exe.1695228: string.KERNEL32
embedded.file libjansson-4.dll cec2e34a9e600151b184bfeb59a0c61b
libjansson-4.dll.78: string.This program cannot be run in DOS mode
libjansson-4.dll.73764: string.LoadLibraryA
libjansson-4.dll.73606: string.GetModuleHandleA
libjansson-4.dll.73626: string.GetProcAddress
libjansson-4.dll.73466: string.EnterCriticalSection
libjansson-4.dll.74576: string.KERNEL32
embedded.file libwinpthread-1.dll 0790c1d5952f347db544c15c90e91818
libwinpthread-1.dll.78: string.This program cannot be run in DOS mode
libwinpthread-1.dll.56130: string.LoadLibraryA
libwinpthread-1.dll.55850: string.GetModuleHandleA
libwinpthread-1.dll.55870: string.GetProcAddress
libwinpthread-1.dll.55664: string.EnterCriticalSection
libwinpthread-1.dll.55572: string.CloseHandle
libwinpthread-1.dll.57224: string.KERNEL32
embedded.file libp11-kit-0.dll 7604b18f104e8a4c7799def014f97a14
libp11-kit-0.dll.78: string.This program cannot be run in DOS mode
libp11-kit-0.dll.1032482: string.LoadLibraryA
libp11-kit-0.dll.1032310: string.GetModuleHandleA
libp11-kit-0.dll.1032350: string.GetProcAddress
libp11-kit-0.dll.1032092: string.EnterCriticalSection
libp11-kit-0.dll.1032002: string.CloseHandle
libp11-kit-0.dll.1032016: string.CreateFileA
libp11-kit-0.dll.1033932: string.KERNEL32
embedded.file libnettle-6.dll 7ba5c0a6e2821983f1d98da47e00014d
libnettle-6.dll.78: string.This program cannot be run in DOS mode
libnettle-6.dll.259038: string.LoadLibraryA
libnettle-6.dll.258866: string.GetModuleHandleA
libnettle-6.dll.258906: string.GetProcAddress
libnettle-6.dll.258726: string.EnterCriticalSection
libnettle-6.dll.259800: string.KERNEL32
embedded.file libiconv-2.dll 32ad4a75a66d30954e1b457b439ef851
libiconv-2.dll.78: string.This program cannot be run in DOS mode
libiconv-2.dll.1049532: string.LoadLibraryA
libiconv-2.dll.1049360: string.GetModuleHandleA
libiconv-2.dll.1049400: string.GetProcAddress
libiconv-2.dll.1049210: string.EnterCriticalSection
libiconv-2.dll.1050260: string.KERNEL32
embedded.file libhogweed-4.dll 6414beb0fadbb907e473e915931e5599
libhogweed-4.dll.78: string.This program cannot be run in DOS mode
libhogweed-4.dll.200150: string.LoadLibraryA
libhogweed-4.dll.200018: string.GetModuleHandleA
libhogweed-4.dll.200038: string.GetProcAddress
libhogweed-4.dll.199878: string.EnterCriticalSection
libhogweed-4.dll.202264: string.KERNEL32
embedded.file libcurl-4.dll 80538ceb62d4e0f16727c531fcbd11a3
libcurl-4.dll.78: string.This program cannot be run in DOS mode
libcurl-4.dll.525674: string.LoadLibraryA
libcurl-4.dll.525442: string.GetModuleHandleA
libcurl-4.dll.525504: string.GetProcAddress
libcurl-4.dll.525242: string.EnterCriticalSection
libcurl-4.dll.534572: string.KERNEL32
embedded.file libnghttp2-14.dll 6c4035b8984c5cc829f710cc5f8a8456
libnghttp2-14.dll.78: string.This program cannot be run in DOS mode
libnghttp2-14.dll.167414: string.LoadLibraryA
libnghttp2-14.dll.167242: string.GetModuleHandleA
libnghttp2-14.dll.167282: string.GetProcAddress
libnghttp2-14.dll.167102: string.EnterCriticalSection
libnghttp2-14.dll.168204: string.KERNEL32
embedded.file librtmp-1.dll be34aefb049711368dcabcec7d4ee9bd
librtmp-1.dll.78: string.This program cannot be run in DOS mode
librtmp-1.dll.166274: string.LoadLibraryA
librtmp-1.dll.166102: string.GetModuleHandleA
librtmp-1.dll.166142: string.GetProcAddress
librtmp-1.dll.165962: string.EnterCriticalSection
librtmp-1.dll.168564: string.KERNEL32
embedded.file libgnutls-30.dll b90907c5b7abddb3db98597423d53b62
libgnutls-30.dll.78: string.This program cannot be run in DOS mode
libgnutls-30.dll.1315682: string.LoadLibraryA
libgnutls-30.dll.1315510: string.GetModuleHandleA
libgnutls-30.dll.1315550: string.GetProcAddress
libgnutls-30.dll.1315334: string.EnterCriticalSection
libgnutls-30.dll.1325120: string.KERNEL32
libgnutls-30.dll.dropped.file macho 1934b9b1910f2262391deb59e6482e05 / 409840 bytes / @ 993225
embedded.file libintl-8.dll 3f6d8c9fdfd5ffde51264cf571612fce
libintl-8.dll.78: string.This program cannot be run in DOS mode
libintl-8.dll.125472: string.LoadLibraryA
libintl-8.dll.125262: string.GetModuleHandleA
libintl-8.dll.125302: string.GetProcAddress
libintl-8.dll.125026: string.EnterCriticalSection
libintl-8.dll.124972: string.CloseHandle
libintl-8.dll.124936: string.RegOpenKeyExA
libintl-8.dll.126652: string.KERNEL32
8baf4ed7e386ee27e5e1a0d0ac07a9c6 view report exeinfope.zip 2014245 170 X 0 0
embedded.file Ext_Detector.dll 62915438d43d1f7853f7f94f0a7e78ff
Ext_Detector.dll.80: string.This program must be run under Win32
Ext_Detector.dll.97334: string.LoadLibraryA
Ext_Detector.dll.97318: string.GetProcAddress
Ext_Detector.dll.97291: string.user32.dll
Ext_Detector.dll.97265: string.KERNEL32
embedded.file exeinfope.exe b76c08ce860116b4c578dab6df446300
exeinfope.exe.80: string.This program must be run under Win32
exeinfope.exe.1308438: string.LoadLibraryA
exeinfope.exe.1308422: string.GetProcAddress
exeinfope.exe.1308306: string.user32.dll
exeinfope.exe.1308294: string.shell32.dll
exeinfope.exe.1308258: string.KERNEL32
exeinfope.exe.1308408: string.ExitProcess
embedded.file Blank.dll 0d41838c0755eb18e2559790f05af03a
Blank.dll.80: string.This program must be run under Win32
Blank.dll.168170: string.LoadLibraryA
Blank.dll.168154: string.GetProcAddress
Blank.dll.168090: string.user32.dll
Blank.dll.168064: string.KERNEL32
2cf55244c52117aa6b9fe7f7f46366ab view report Dism 10.1.1000.40_0d059a8636918cb45e477068ef51bd9e3806d20d.zip 3036531 460 X 0 0
embedded.file Dism++x64.exe 60a258fa88800c08c08536e94a352c12
Dism++x64.exe.78: string.This program cannot be run in DOS mode
Dism++x64.exe.1049322: string.GetSystemMetrics
Dism++x64.exe.1062466: string.GetProcAddress
Dism++x64.exe.1062020: string.EnterCriticalSection
Dism++x64.exe.1053175: string.CloseHandle
Dism++x64.exe.1064916: string.KERNEL32
embedded.file Dism++x86.exe 3c13ffb18995c6666e3f68372bd977d7
Dism++x86.exe.78: string.This program cannot be run in DOS mode
Dism++x86.exe.798544: string.GetModuleHandleA
Dism++x86.exe.783644: string.GetSystemMetrics
Dism++x86.exe.794138: string.GetProcAddress
Dism++x86.exe.793692: string.EnterCriticalSection
Dism++x86.exe.787501: string.CloseHandle
Dism++x86.exe.796504: string.KERNEL32
embedded.file wimgapi.dll d71c395347f794b0328b49b5268f0f83
wimgapi.dll.78: string.This program cannot be run in DOS mode
wimgapi.dll.676496: string.GetProcAddress
wimgapi.dll.675578: string.EnterCriticalSection
wimgapi.dll.669589: string.CloseHandle
wimgapi.dll.673450: string.KERNEL32
embedded.file NCleaner.dll f7ffae87600749ada339f55f25b4709b
NCleaner.dll.78: string.This program cannot be run in DOS mode
NCleaner.dll.40564: string.GetProcAddress
NCleaner.dll.41578: string.CloseHandle
NCleaner.dll.40824: string.KERNEL32
embedded.file bcdboot.exe be14be7c8f7f0f4e397b89979cb9cf6b
bcdboot.exe.78: string.This program cannot be run in DOS mode
bcdboot.exe.160588: string.GetProcAddress
bcdboot.exe.163492: string.CloseHandle
bcdboot.exe.160618: string.KERNEL32
embedded.file wofadk.sys fba28d5ac166714737d1d8cdf0aef078
wofadk.sys.78: string.This program cannot be run in DOS mode
embedded.file CBSHost.dll 913adf9ff9892cb6edb5e7b1193d9812
CBSHost.dll.78: string.This program cannot be run in DOS mode
CBSHost.dll.144036: string.GetProcAddress
CBSHost.dll.145868: string.EnterCriticalSection
CBSHost.dll.143802: string.CloseHandle
CBSHost.dll.144964: string.KERNEL32
CBSHost.dll.144468: string.ExitProcess
embedded.file Plugin.amd64.dll b869b4549b0d87e8c21483607d1ba136
Plugin.amd64.dll.78: string.This program cannot be run in DOS mode
Plugin.amd64.dll.103520: string.GetProcAddress
Plugin.amd64.dll.103408: string.EnterCriticalSection
Plugin.amd64.dll.103112: string.CloseHandle
Plugin.amd64.dll.104460: string.KERNEL32
Plugin.amd64.dll.103668: string.ExitProcess
embedded.file PluginRes.dll cab1ebc67ee075f4844c0836b6b29d73
PluginRes.dll.78: string.This program cannot be run in DOS mode
embedded.file Plugin.x86.dll 31c3c550a6e9951deed3534c7bca8fc1
Plugin.x86.dll.78: string.This program cannot be run in DOS mode
Plugin.x86.dll.73784: string.GetProcAddress
Plugin.x86.dll.73672: string.EnterCriticalSection
Plugin.x86.dll.73376: string.CloseHandle
Plugin.x86.dll.74620: string.KERNEL32
Plugin.x86.dll.73932: string.ExitProcess