| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | unins000.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 8ee906caac99dba0f1f6885c9774cf727860a7be |
| MD5: | 17f033a3eda84cf94380ff746259331f |
| First Seen Date: | 2016-09-05 08:52:06.667456 ( ) |
| Number of Clients Seen: | 13 |
| Last Analysis Date: | 2016-09-30 09:32:54.678825 ( ) |
| Human Expert Analysis Date: | 2016-09-05 18:25:44.654580 ( ) |
| Human Expert Analysis Result: | Clean |
| Property | Value |
|---|---|
| number of sections | 8 |
| compilation time stamp | 0x5698AC5A [Fri Jan 15 08:22:50 2016 UTC] |
| FileVersion | 51.1052.0.0 |
| FileDescription | Setup/Uninstall |
| Translation | 0x0000 0x04b0 |
| entry point | 0x500004 (.itext) |
| machine type | Intel 386 or later - 32Bit |
| file size | 1548440 |
| sha256 | f5b00399d7fce49fa67ccf074fbc1eec344bde6f43ce42d48e8ca60f1960b959 |
| mime type | application/x-dosexec |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0xfdbd8 | 0xfdc00 | 6.480001 | - |
| .itext | 0xff000 | 0x1220 | 0x1400 | 5.712055 | - |
| .data | 0x101000 | 0x3068 | 0x3200 | 4.307429 | - |
| .bss | 0x105000 | 0x6190 | 0x0 | 0.000000[SUSPICIOUS] | - |
| .idata | 0x10c000 | 0x3840 | 0x3a00 | 5.164265 | - |
| .tls | 0x110000 | 0x3c | 0x0 | 0.000000[SUSPICIOUS] | - |
| .rdata | 0x111000 | 0x18 | 0x200 | 0.170146[SUSPICIOUS] | - |
| .rsrc | 0x112000 | 0x72700 | 0x72800 | 5.126799 | - |
-
oleaut32.dll
- SysFreeString
- SysReAllocStringLen
- SysAllocStringLen
-
advapi32.dll
- RegQueryValueExW
- RegOpenKeyExW
- RegCloseKey
-
user32.dll
- GetKeyboardType
- LoadStringW
- MessageBoxA
- CharNextW
-
kernel32.dll
- GetACP
- Sleep
- VirtualFree
- VirtualAlloc
- GetSystemInfo
- GetTickCount
- QueryPerformanceCounter
- GetVersion
- GetCurrentThreadId
- VirtualQuery
- WideCharToMultiByte
- SetCurrentDirectoryW
- MultiByteToWideChar
- lstrlenW
- lstrcpynW
- LoadLibraryExW
- GetThreadLocale
- GetStartupInfoA
- GetProcAddress
- GetModuleHandleW
- GetModuleFileNameW
- GetLocaleInfoW
- GetCurrentDirectoryW
- GetCommandLineW
- FreeLibrary
- FindFirstFileW
- FindClose
- ExitProcess
- ExitThread
- CreateThread
- CompareStringW
- WriteFile
- UnhandledExceptionFilter
- RtlUnwind
- RaiseException
- GetStdHandle
- CloseHandle
-
kernel32.dll
- TlsSetValue
- TlsGetValue
- LocalAlloc
- GetModuleHandleW
-
user32.dll
- CreateWindowExW
- WindowFromPoint
- WaitMessage
- WaitForInputIdle
- UpdateWindow
- UnregisterClassW
- UnhookWindowsHookEx
- TranslateMessage
- TranslateMDISysAccel
- TrackPopupMenu
- SystemParametersInfoW
- ShowWindow
- ShowScrollBar
- ShowOwnedPopups
- SetWindowsHookExW
- SetWindowTextW
- SetWindowPos
- SetWindowPlacement
- SetWindowLongW
- SetTimer
- SetScrollRange
- SetScrollPos
- SetScrollInfo
- SetRectEmpty
- SetRect
- SetPropW
- SetParent
- SetMenuItemInfoW
- SetMenu
- SetForegroundWindow
- SetFocus
- SetCursor
- SetClassLongW
- SetCapture
- SetActiveWindow
- SendNotifyMessageW
- SendMessageTimeoutW
- SendMessageA
- SendMessageW
- ScrollWindowEx
- ScrollWindow
- ScreenToClient
- ReplyMessage
- RemovePropW
- RemoveMenu
- ReleaseDC
- ReleaseCapture
- RegisterWindowMessageW
- RegisterClipboardFormatW
- RegisterClassW
- RedrawWindow
- PtInRect
- PostQuitMessage
- PostMessageW
- PeekMessageA
- PeekMessageW
- OffsetRect
- OemToCharBuffA
- MsgWaitForMultipleObjectsEx
- MsgWaitForMultipleObjects
- MessageBoxW
- MessageBeep
- MapWindowPoints
- MapVirtualKeyW
- LoadStringW
- LoadKeyboardLayoutW
- LoadIconW
- LoadCursorW
- LoadBitmapW
- KillTimer
- IsZoomed
- IsWindowVisible
- IsWindowUnicode
- IsWindowEnabled
- IsWindow
- IsRectEmpty
- IsIconic
- IsDialogMessageA
- IsDialogMessageW
- IsChild
- InvalidateRect
- IntersectRect
- InsertMenuItemW
- InsertMenuW
- InflateRect
- GetWindowThreadProcessId
- GetWindowTextW
- GetWindowRect
- GetWindowPlacement
- GetWindowLongW
- GetWindowDC
- GetTopWindow
- GetSystemMetrics
- GetSystemMenu
- GetSysColorBrush
- GetSysColor
- GetSubMenu
- GetScrollRange
- GetScrollPos
- GetScrollInfo
- GetPropW
- GetParent
- GetWindow
- GetMessagePos
- GetMessageW
- GetMenuStringW
- GetMenuState
- GetMenuItemInfoW
- GetMenuItemID
- GetMenuItemCount
- GetMenu
- GetLastActivePopup
- GetKeyboardState
- GetKeyboardLayoutNameW
- GetKeyboardLayoutList
- GetKeyboardLayout
- GetKeyState
- GetKeyNameTextW
- GetIconInfo
- GetForegroundWindow
- GetFocus
- GetDesktopWindow
- GetDCEx
- GetDC
- GetCursorPos
- GetCursor
- GetClientRect
- GetClassLongW
- GetClassInfoW
- GetCapture
- GetActiveWindow
- FrameRect
- FindWindowExW
- FindWindowW
- FillRect
- ExitWindowsEx
- EnumWindows
- EnumThreadWindows
- EnumChildWindows
- EndPaint
- EnableWindow
- EnableScrollBar
- EnableMenuItem
- DrawTextExW
- DrawTextW
- DrawMenuBar
- DrawIconEx
- DrawIcon
- DrawFrameControl
- DrawFocusRect
- DrawEdge
- DispatchMessageA
- DispatchMessageW
- DestroyWindow
- DestroyMenu
- DestroyIcon
- DestroyCursor
- DeleteMenu
- DefWindowProcW
- DefMDIChildProcW
- DefFrameProcW
- CreatePopupMenu
- CreateMenu
- CreateIcon
- ClientToScreen
- CheckMenuItem
- CharUpperBuffW
- CharNextW
- CharLowerBuffW
- CharLowerW
- CallWindowProcW
- CallNextHookEx
- BringWindowToTop
- BeginPaint
- AppendMenuW
- CharToOemBuffA
- AdjustWindowRectEx
- ActivateKeyboardLayout
-
msimg32.dll
- AlphaBlend
-
gdi32.dll
- UnrealizeObject
- StretchBlt
- SetWindowOrgEx
- SetViewportOrgEx
- SetTextColor
- SetStretchBltMode
- SetROP2
- SetPixel
- SetDIBColorTable
- SetBrushOrgEx
- SetBkMode
- SetBkColor
- SelectPalette
- SelectObject
- SaveDC
- RoundRect
- RestoreDC
- RemoveFontResourceW
- Rectangle
- RectVisible
- RealizePalette
- Polyline
- Pie
- PatBlt
- MoveToEx
- MaskBlt
- LineTo
- LineDDA
- IntersectClipRect
- GetWindowOrgEx
- GetTextMetricsW
- GetTextExtentPointW
- GetTextExtentPoint32W
- GetSystemPaletteEntries
- GetStockObject
- GetRgnBox
- GetPixel
- GetPaletteEntries
- GetObjectW
- GetDeviceCaps
- GetDIBits
- GetDIBColorTable
- GetDCOrgEx
- GetCurrentPositionEx
- GetClipBox
- GetBrushOrgEx
- GetBitmapBits
- GdiFlush
- FrameRgn
- ExtTextOutW
- ExtFloodFill
- ExcludeClipRect
- EnumFontsW
- Ellipse
- DeleteObject
- DeleteDC
- CreateSolidBrush
- CreateRectRgn
- CreatePenIndirect
- CreatePalette
- CreateHalftonePalette
- CreateFontIndirectW
- CreateDIBitmap
- CreateDIBSection
- CreateCompatibleDC
- CreateCompatibleBitmap
- CreateBrushIndirect
- CreateBitmap
- Chord
- BitBlt
- Arc
- AddFontResourceW
-
version.dll
- VerQueryValueW
- GetFileVersionInfoSizeW
- GetFileVersionInfoW
-
mpr.dll
- WNetOpenEnumW
- WNetGetUniversalNameW
- WNetGetConnectionW
- WNetEnumResourceW
- WNetCloseEnum
-
kernel32.dll
- lstrcpyW
- lstrcmpW
- WriteProfileStringW
- WritePrivateProfileStringW
- WriteFile
- WideCharToMultiByte
- WaitForSingleObject
- WaitForMultipleObjectsEx
- VirtualQueryEx
- VirtualQuery
- VirtualFree
- VirtualAlloc
- TransactNamedPipe
- TerminateProcess
- SwitchToThread
- SizeofResource
- SignalObjectAndWait
- SetThreadLocale
- SetNamedPipeHandleState
- SetLastError
- SetFileTime
- SetFilePointer
- SetFileAttributesW
- SetEvent
- SetErrorMode
- SetEndOfFile
- SetCurrentDirectoryW
- ResumeThread
- ResetEvent
- RemoveDirectoryW
- ReleaseMutex
- ReadFile
- QueryPerformanceCounter
- OpenProcess
- OpenMutexW
- MultiByteToWideChar
- MulDiv
- MoveFileExW
- MoveFileW
- LockResource
- LocalFree
- LocalFileTimeToFileTime
- LoadResource
- LoadLibraryExW
- LoadLibraryW
- LeaveCriticalSection
- IsDBCSLeadByte
- IsBadWritePtr
- InitializeCriticalSection
- GlobalFindAtomW
- GlobalDeleteAtom
- GlobalAddAtomW
- GetWindowsDirectoryW
- GetVersionExW
- GetVersion
- GetUserDefaultLangID
- GetTickCount
- GetThreadLocale
- GetSystemTimeAsFileTime
- GetSystemInfo
- GetSystemDirectoryW
- GetStdHandle
- GetShortPathNameW
- GetProfileStringW
- GetProcAddress
- GetPrivateProfileStringW
- GetOverlappedResult
- GetModuleHandleW
- GetModuleFileNameW
- GetLogicalDrives
- GetLocaleInfoW
- GetLocalTime
- GetLastError
- GetFullPathNameW
- GetFileSize
- GetFileAttributesW
- GetExitCodeThread
- GetExitCodeProcess
- GetEnvironmentVariableW
- GetDriveTypeW
- GetDiskFreeSpaceW
- GetDateFormatW
- GetCurrentThreadId
- GetCurrentThread
- GetCurrentProcessId
- GetCurrentProcess
- GetCurrentDirectoryW
- GetComputerNameW
- GetCommandLineW
- GetCPInfo
- FreeResource
- InterlockedIncrement
- InterlockedExchangeAdd
- InterlockedExchange
- InterlockedDecrement
- InterlockedCompareExchange
- FreeLibrary
- FormatMessageW
- FlushFileBuffers
- FindResourceW
- FindNextFileW
- FindFirstFileW
- FindClose
- FileTimeToSystemTime
- FileTimeToLocalFileTime
- EnumCalendarInfoW
- EnterCriticalSection
- DeviceIoControl
- DeleteFileW
- DeleteCriticalSection
- CreateThread
- CreateProcessW
- CreateNamedPipeW
- CreateMutexW
- CreateFileW
- CreateEventW
- CreateDirectoryW
- CopyFileW
- CompareStringW
- CompareFileTime
- CloseHandle
-
advapi32.dll
- SetSecurityDescriptorDacl
- RegSetValueExW
- RegQueryValueExW
- RegQueryInfoKeyW
- RegOpenKeyExW
- RegFlushKey
- RegEnumValueW
- RegEnumKeyExW
- RegDeleteValueW
- RegDeleteKeyW
- RegCreateKeyExW
- RegCloseKey
- OpenThreadToken
- OpenProcessToken
- LookupPrivilegeValueW
- InitializeSecurityDescriptor
- GetUserNameW
- GetTokenInformation
- FreeSid
- EqualSid
- AllocateAndInitializeSid
-
comctl32.dll
- InitCommonControls
-
kernel32.dll
- Sleep
-
oleaut32.dll
- GetErrorInfo
- GetActiveObject
- RegisterTypeLib
- LoadTypeLib
- SysFreeString
-
ole32.dll
- OleUninitialize
- OleInitialize
- CoTaskMemFree
- CLSIDFromProgID
- CLSIDFromString
- StringFromCLSID
- CoCreateInstance
- CoFreeUnusedLibraries
- CoUninitialize
- CoInitialize
- IsEqualGUID
-
oleaut32.dll
- SafeArrayPtrOfIndex
- SafeArrayPutElement
- SafeArrayGetElement
- SafeArrayGetUBound
- SafeArrayGetLBound
- SafeArrayCreate
- VariantChangeType
- VariantCopyInd
- VariantCopy
- VariantClear
- VariantInit
-
comctl32.dll
- InitializeFlatSB
- FlatSB_SetScrollProp
- FlatSB_SetScrollPos
- FlatSB_SetScrollInfo
- FlatSB_GetScrollPos
- FlatSB_GetScrollInfo
- _TrackMouseEvent
- ImageList_SetIconSize
- ImageList_GetIconSize
- ImageList_Write
- ImageList_Read
- ImageList_GetDragImage
- ImageList_DragShowNolock
- ImageList_DragMove
- ImageList_DragLeave
- ImageList_DragEnter
- ImageList_EndDrag
- ImageList_BeginDrag
- ImageList_Remove
- ImageList_DrawEx
- ImageList_Draw
- ImageList_GetBkColor
- ImageList_SetBkColor
- ImageList_Add
- ImageList_SetImageCount
- ImageList_GetImageCount
- ImageList_Destroy
- ImageList_Create
- InitCommonControls
-
shell32.dll
- ShellExecuteExW
- ShellExecuteW
- SHGetFileInfoW
- ExtractIconW
-
shell32.dll
- SHGetPathFromIDListW
- SHGetMalloc
- SHChangeNotify
- SHBrowseForFolderW
-
comdlg32.dll
- GetSaveFileNameW
- GetOpenFileNameW
-
ole32.dll
- CoDisconnectObject
-
advapi32.dll
- AdjustTokenPrivileges
-
oleaut32.dll
- SysFreeString
RT_CURSOR
RT_BITMAP
RT_ICON
RT_STRING
RT_RCDATA
RT_GROUP_CURSOR
RT_GROUP_ICON
RT_VERSION
RT_MANIFEST