0 means left end, 100 means right end of the screen, 50 center.VCenteringVertical position of the dialog on a 0-100 scale. Can be left blank.CustomActionPrimary key, name of action, normally appears in sequence table unless private use.The numeric custom action type, consisting of source location, code type, entry, option flags.SourceCustomSourceThe table reference of the source of the code.TargetExcecution parameter, depends on the type of custom actionExtendedTypeA numeric custom action type that extends code type or option flags of the Type column.Name of the dialog.HCenteringHorizontal position of the dialog on a 0-100 scale. ExitMainViaCRT"Main 222222222222222222222222222222222222222222222222222222222222222222222222222 DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMVVVVVVVVVVVVVVV\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\hhhhhsame control. "88\D4%+`.ETW0+ /InvokeMainViaCRT"Main Invoked."FileName. ExitMainViaCRT"Main Returned."FileName+Microsoft.CRTProvidersPOGvRSDSg13HK-OC:\build\work\eca3d12b\wix3\build\ship\x86\uica.pdb_.text_c.text$di.text$mn.idata$5.00cfg 32.dll]GetMessageWwSendMessageA|^FormatMessageWMlstrlenANlstrlenWgMultiByteToWideCharWideCharToMultiByte-LCMapStringWGetCurrentProcessId%WriteFileRCloseHandle?LoadLibraryWpGetSystemDirectoryWHeapAllocHeapReAllocHeapFreeHeapSizeJGetProcessHeapGetModuleFileNameWsSetLastErrorGlobalDeleteAtomGlobalAddAtomWGlobalFindAtomWKERNEå…ƒ2.dllSystemFunction0369RegCreateKeyExWDRegDeleteKeyWHRegDeleteValueWORegEnumKeyExWRRegEnumValueWhRegQueryInfoKeyW~RegSetValueExWGetFileVersionInfoSizeWGetFileVersionInfoWVerQueryValueWVERSION.dllUnhandledExceptionFilterSetUnhandledExceptionFilterGetCurrentProcessTerminateProcessIsProcessorFeaturePresentQueryPerformanceCounterGetCurrentThreadIdyGetSystemTimeAsFileTimeInitializeSListHeadIsDebuggerPresentcGetStartupInfoWGetModuleHandleWInterlockedFlushSListInitializeCriticalSectionAndSpinCountTlsAllocTlsGetValueTlsSetValueTlsFreeEGetProcAddress>LoadLibraryExWRtlUnwindEnterCriticalSection9LeaveCriticalSectionDeleteCriticalSectionExitProcessGetModuleHandleExWiGetStringTypeWhGetACPdGetStdHandleGetFileType" "sg\rNTpWETW0+ /InvokeMainViaCRT"Main Invoked."FileName. Source Hybrid Analysis Technology relevance 10/10 from msiexec.exe (PID: 280) ( Show Stream) Which is directly followed by "cmp dword ptr, 02h" and "jne 00BD8940h". Which is directly followed by "cmp dword ptr, 02h" and "jne 00BD88D8h". Which is directly followed by "cmp dword ptr, 02h" and "jne 00BD7BBCh".
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |