Extracted

• 4976709da0e043ffb107defb1ae96af01da41efe4ca201c690c441228de43e5d.bin

  .exe windows x86

  bb312fa6f53e023726e767b93e2e81a7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LocalAlloc

  LocalFree

  HeapAlloc

  GetProcessHeap

  HeapFree

  lstrcatA

  CreateDirectoryA

  FindClose

  FindNextFileW

  DeleteFileW

  lstrcmpW

  FindFirstFileW

  lstrcatW

  lstrcpyW

  FindNextFileA

  CopyFileA

  FindFirstFileA

  GetDriveTypeA

  GetLogicalDriveStringsA

  DeleteFileA

  GetCurrentProcessId

  SetCurrentDirectoryA

  CopyFileW

  CloseHandle

  WriteFile

  CreateFileA

  MultiByteToWideChar

  ReadFile

  GetFileSize

  GetVersionExA

  GetFileSizeEx

  GetCurrentDirectoryA

  GetPrivateProfileSectionNamesA

  Process32Next

  Process32First

  CreateToolhelp32Snapshot

  TerminateProcess

  OpenProcess

  GetProcAddress

  LoadLibraryA

  FreeLibrary

  GetFileAttributesA

  FileTimeToSystemTime

  GetFileAttributesW

  InterlockedCompareExchange

  OutputDebugStringW

  OutputDebugStringA

  WaitForSingleObjectEx

  WaitForSingleObject

  UnmapViewOfFile

  UnlockFileEx

  UnlockFile

  SystemTimeToFileTime

  SetFilePointer

  SetEndOfFile

  QueryPerformanceCounter

  MapViewOfFile

  LockFileEx

  LockFile

  LoadLibraryW

  HeapCompact

  HeapValidate

  HeapSize

  HeapReAlloc

  HeapDestroy

  lstrlenA

  GetVersionExW

  GetTickCount

  GetTempPathW

  GetTempPathA

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemInfo

  GetLastError

  GetFullPathNameW

  GetFullPathNameA

  GetFileAttributesExW

  GetDiskFreeSpaceW

  GetDiskFreeSpaceA

  FormatMessageW

  FormatMessageA

  FlushFileBuffers

  CreateMutexW

  CreateFileMappingW

  CreateFileMappingA

  CreateFileW

  AreFileApisANSI

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  TryEnterCriticalSection

  GetCurrentThreadId

  GetComputerNameA

  IsWow64Process

  GetCurrentProcess

  GlobalMemoryStatus

  GetModuleHandleA

  GetUserDefaultLocaleName

  TzSpecificLocalTimeToSystemTime

  GetTimeZoneInformation

  GetLocaleInfoA

  GetFileInformationByHandle

  GetLocalTime

  CompareStringW

  SetStdHandle

  WideCharToMultiByte

  Sleep

  IsValidLocale

  EnumSystemLocalesA

  GetUserDefaultLCID

  GetLocaleInfoW

  GetStringTypeW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetConsoleMode

  GetConsoleCP

  SetEnvironmentVariableA

  SetEnvironmentVariableW

  GetModuleFileNameW

  IsValidCodePage

  GetOEMCP

  GetACP

  GetFileType

  InitializeCriticalSectionAndSpinCount

  GetStdHandle

  SetHandleCount

  SetLastError

  TlsFree

  HeapCreate

  ExitProcess

  InterlockedIncrement

  InterlockedDecrement

  InterlockedExchange

  EncodePointer

  DecodePointer

  RaiseException

  RtlUnwind

  ExitThread

  CreateThread

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  LCMapStringW

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  IsProcessorFeaturePresent

  GetModuleHandleW

  TlsAlloc

  TlsGetValue

  TlsSetValue

  WriteConsoleW

  user32

  GetDesktopWindow

  shell32

  SHGetFolderPathA

  SHFileOperationA

  ShellExecuteA

  shlwapi

  PathMatchSpecA

  PathMatchSpecW

  psapi

  GetModuleFileNameExA

  GetModuleBaseNameA

  EnumProcessModules

  gdiplus

  GdiplusStartup

  GdipDisposeImage

  GdiplusShutdown

  GdipGetImageEncoders

  GdipGetImageEncodersSize

  GdipCreateBitmapFromHBITMAP

  GdipSaveImageToFile

  GdipFree

  GdipAlloc

  GdipCloneImage

  Sections

  .text

  Size: 501KB - Virtual size: 501KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 83KB - Virtual size: 83KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE