crackshere[.]com_jv16_PowerTools_v7[.]0[.]0[.]1274[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

crackshere.com_jv16_PowerTools_v7.0.0.1274.rar
Size

11.2MB
MD5

7ebe02ccffe3000647e411172281ae29
SHA1

96b391c82041e3e36a896d078ad8fecbf2ba0b11
SHA256

f8d24f19453973b7f2fc2c2957580bcc1c07073f96212bde97b31de8ccce05d2
SHA512

9da21093770717fccaa35ae9206ec1f842937091d819572d21f98d32e696c55e825c9acf9197b73f74b5c94b70c29d8a32ccd3ae364efc0035a020b72668131c
SSDEEP

196608:sd+hf8gw5fVeRnF/zTNVaLXB9eMMbFchr+T1UAGwQRwJ7nmf8vnEVcGPr:sd+hf8gFnRzBVaLHX14JUAJiIEZr

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/App/jv16pt/jv16DriveHelper.exe	upx
static1/unpack002/App/jv16pt/jv16Helper.exe	upx
static1/unpack002/App/jv16pt/jv16pt.exe	upx

Files

crackshere.com_jv16_PowerTools_v7.0.0.1274.rar
.rar

Password: 123
Password 123.txt
jv16_PowerTools_v7.0.0.1274/Instructions!.txt
jv16_PowerTools_v7.0.0.1274/jv16 PowerTools 7.0.0.1274/jv16 PowerTools 7.0.0.1274.zip
.zip

Password: 123
App/AppInfo/AppIcon.ico
App/AppInfo/AppInfo.ini
App/AppInfo/Launcher/jv16 PowerTools.ini
App/jv16pt/Cache/DriveCache_c.dat
App/jv16pt/Cache/DriveInfo_c.dat
App/jv16pt/Cache/English.txt_FHC.dat
App/jv16pt/Cache/English.txt_FSC.dat
App/jv16pt/Cache/English.txt_FTSC.dat
App/jv16pt/Cache/EventLog.dat
App/jv16pt/Cache/FDash_AppNames_SZ.dat
App/jv16pt/Cache/FDash_HasNoIcon_SZ.dat
App/jv16pt/Cache/FDash_MainExes_SZ.dat
App/jv16pt/Cache/GLOB_FU_GenericCache_SZ.dat
App/jv16pt/Cache/GLOB_FU_IsValidCache_SZ.dat
App/jv16pt/Cache/GLOB_FU_IsValidElemCache_SZ.dat
App/jv16pt/Cache/IS_BrowserCache2.dat
App/jv16pt/Cache/IS_ConflictTrim.dat
App/jv16pt/Cache/IS_Conflicts.dat
App/jv16pt/Cache/IS_Cont3.dat
App/jv16pt/Cache/IS_ElemFilter.dat
App/jv16pt/Cache/IS_ExeData.dat
App/jv16pt/Cache/IS_GetAppName.dat
App/jv16pt/Cache/IS_Minimize.dat
App/jv16pt/Cache/SDD_CacheAge_FileCollectionDirs.dat
App/jv16pt/Cache/SDD_CacheAge_ProgramDirs.dat
App/jv16pt/Cache/SDD_CacheAge_SearchDirs.dat
App/jv16pt/Cache/SDD_CacheAge_TempDirs.dat
App/jv16pt/Cache/SDD_FileCollectionDirs.dat
App/jv16pt/Cache/SDD_ProgramDirs.dat
App/jv16pt/Cache/SDD_SearchDirs.dat
App/jv16pt/Cache/SDD_TempDirs.dat
App/jv16pt/Cache/SLL_UTF.dat
App/jv16pt/Cache/SysInfo_AppDataDirs.dat
App/jv16pt/Cache/SysInfo_BrowserDirs.dat
App/jv16pt/Cache/SysInfo_DesktopDirs.dat
App/jv16pt/Cache/SysInfo_Last.dat
App/jv16pt/Cache/SysInfo_Meta_0.dat
App/jv16pt/Cache/SysInfo_Meta_1.dat
App/jv16pt/Cache/SysInfo_Meta_69.dat
App/jv16pt/Cache/SysInfo_Meta_70.dat
App/jv16pt/Cache/SysInfo_Meta_71.dat
App/jv16pt/Cache/SysInfo_ProgramDirExeFiles.dat
App/jv16pt/Cache/SysInfo_ProgramDirSizes.dat
App/jv16pt/Cache/SysInfo_ProgramDirs.dat
App/jv16pt/Cache/SysInfo_Shortcuts.dat
App/jv16pt/Cache/SysInfo_ShortcutsEx.dat
App/jv16pt/Cache/SysInfo_Software.dat
App/jv16pt/Cache/SysInfo_Software_LO.dat
App/jv16pt/Cache/SysInfo_Ver.dat
App/jv16pt/Cache/SysRestoreList.dat
App/jv16pt/Cache/Translation_PreLoad.dat
App/jv16pt/Cache/Widget_InitDone.dat
App/jv16pt/Debug/7.0.0.1274
App/jv16pt/Debug/Browser_List_Chrome_Bookmarks.log
App/jv16pt/Debug/Ext_DriveHelper_c.log
App/jv16pt/Debug/Ext_Helper_1.log
App/jv16pt/Debug/Ext_Helper_70.log
App/jv16pt/Debug/Ext_Helper_71.log
App/jv16pt/Debug/ML_Backups.log
App/jv16pt/Debug/ML_DNS.log
App/jv16pt/Debug/ML_IS_GenLog_Helper.log
App/jv16pt/Debug/ML_IS_GetSoftwareType.log
App/jv16pt/Debug/ML_InitialSetup.log
App/jv16pt/Debug/ML_InternetUpdate.log
App/jv16pt/Debug/ML_MainWindow.log
App/jv16pt/Debug/ML_MainWindow_Home.log
App/jv16pt/Debug/ML_SU_Scan.log
App/jv16pt/Debug/ML_Search.log
App/jv16pt/Debug/ML_Search_Results.log
App/jv16pt/Debug/ML_Settings.log
App/jv16pt/Debug/ML_SysRestore_GRP.log
App/jv16pt/Debug/ML_SysRestore_ISRE.log
App/jv16pt/Debug/ML_SysRestore_RC.log
App/jv16pt/Debug/ML_TaskCloser.log
App/jv16pt/Debug/ML_UI_Messages.log
App/jv16pt/Debug/ML_UI_ScanProgress.log
App/jv16pt/Debug/ML_UI_UpdateRate.log
App/jv16pt/Debug/ProgressHelper.log
App/jv16pt/Debug/SysInfo_BrowserDirs.txt
App/jv16pt/Debug/SysInfo_DesktopDirs.txt
App/jv16pt/Debug/SysInfo_Last.txt
App/jv16pt/Debug/SysInfo_Meta_0.txt
App/jv16pt/Debug/SysInfo_Meta_1.txt
App/jv16pt/Debug/SysInfo_Meta_69.txt
App/jv16pt/Debug/SysInfo_Meta_70.txt
App/jv16pt/Debug/SysInfo_Meta_71.txt
App/jv16pt/Debug/SysInfo_ProgramDirExeFiles.txt
App/jv16pt/Debug/SysInfo_ProgramDirSizes.txt
App/jv16pt/Debug/SysInfo_ProgramDirs.txt
App/jv16pt/Debug/SysInfo_Shortcuts.txt
App/jv16pt/Debug/SysInfo_ShortcutsEx.txt
App/jv16pt/Debug/SysInfo_Software.txt
App/jv16pt/Debug/SysInfo_Software_LO.txt
App/jv16pt/Debug/SysInfo_Ver.txt
App/jv16pt/Debug/__connection.log
App/jv16pt/Debug/__eventlog.txt
App/jv16pt/Debug/__eventlog_raw.txt
App/jv16pt/Debug/__init.log
App/jv16pt/Debug/__init_async.log
App/jv16pt/Debug/__performance_summary.log
App/jv16pt/Debug/__run_sys_0.txt
App/jv16pt/Debug/__run_sys_0_summary.log
App/jv16pt/Help/License Agreement.txt
App/jv16pt/Languages/Chinese_Simplified.txt
App/jv16pt/Languages/Chinese_Traditional.txt
App/jv16pt/Languages/Danish.txt
App/jv16pt/Languages/Dutch.txt
App/jv16pt/Languages/Finnish.txt
App/jv16pt/Languages/French.txt
App/jv16pt/Languages/German.txt
App/jv16pt/Languages/Italian.txt
App/jv16pt/Languages/Japanese.txt
App/jv16pt/Languages/Korean.txt
App/jv16pt/Languages/Norwegian.txt
App/jv16pt/Languages/Polish.txt
App/jv16pt/Languages/Portuguese.txt
App/jv16pt/Languages/Romanian.txt
App/jv16pt/Languages/Spanish.txt
App/jv16pt/Languages/Swedish.txt
App/jv16pt/Languages/Thai.txt
App/jv16pt/Languages/Turkish.txt
App/jv16pt/Settings/DNS_IPv4_Providers.dat
App/jv16pt/Settings/DNS_IPv6_Providers.dat
App/jv16pt/Settings/FindAll.dat
App/jv16pt/Settings/NAK.dat
App/jv16pt/Settings/Settings.dat
App/jv16pt/Settings/Stats.dat
App/jv16pt/Settings/Translation.dat
App/jv16pt/Settings/UI.dat
App/jv16pt/Settings/User.dat
App/jv16pt/Settings/update.dat
App/jv16pt/Translations/English.txt
App/jv16pt/Translations/Russian.txt
App/jv16pt/cURL/curl-ca-bundle.crt
App/jv16pt/cURL/curl.exe
.exe windows x86

Password: 123

c6a0f228be83b7d55e2701770ea67d06

Code Sign

01
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

30/08/2021, 12:18

Subject

CN=curl-for-win Code Signing Authority,OU=curl-for-win Code Signing Authority,O=curl-for-win

af:42:e4:09:5d:94:1d:14
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

31/08/2023, 12:18

Subject

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f0:92:64:c9:6a:dd:81:de:85:7a:56:99:9b:d5:d6:27:e6:54:f8:a6:03:4d:88:49:ba:09:7d:a5:89:1e:d6:74
Signer

Actual PE Digest

f0:92:64:c9:6a:dd:81:de:85:7a:56:99:9b:d5:d6:27:e6:54:f8:a6:03:4d:88:49:ba:09:7d:a5:89:1e:d6:74

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=curl-for-win Code Signing Authority,OU=curl-for-win Code Signing Authority,O=curl-for-win

03/10/2022, 12:53
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptHashData
CryptReleaseContext
DeregisterEventSource
RegisterEventSourceW
ReportEventW

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertGetNameStringW
CertOpenStore
CertOpenSystemStoreW
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryW
PFXImportCertStore

kernel32

CloseHandle
CompareFileTime
ConvertFiberToThread
ConvertThreadToFiber
CreateFiber
CreateFileMappingA
CreateFileW
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFiber
EnterCriticalSection
FindClose
FindFirstFileW
FindNextFileW
FormatMessageW
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileSizeEx
GetFileTime
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
GetStdHandle
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
GetVersion
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleA
ReadConsoleW
ReadFile
SearchPathW
SetConsoleMode
SetEndOfFile
SetFileTime
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepEx
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile

msvcrt

__lconv_init
__mb_cur_max
__p__commode
__p__fmode
__p__wcmdln
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_access
_amsg_exit
_beginthreadex
_cexit
_errno
_chmod
_exit
_fileno
_fstati64
_get_osfhandle
_getpid
_initterm
_iob
_lock
_lseeki64
_onexit
_setmode
_snwprintf
_sys_nerr
_unlock
_vsnprintf
_waccess
_wcsdup
_wfopen
abort
atoi
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
getenv
islower
isprint
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
localtime
gmtime
difftime
putchar
puts
qsort
raise
realloc
rewind
setbuf
setlocale
setvbuf
signal
strcat
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
tolower
ungetc
vfprintf
time
_strdup
_stricmp
_strnicmp
_strtoi64
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsncpy
wcspbrk
wcsstr
wcstombs
_wstati64
_vsnwprintf
_stat
_stati64
_fstat
_write
_unlink
_strdup
_setmode
_read
_open
_mkdir
_isatty
_getch
_fileno
_fdopen
_close

normaliz

IdnToAscii
IdnToUnicode

user32

FindWindowA
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
SendMessageA

wldap32

ber_free
ldap_bind_sW
ldap_err2stringA
ldap_first_attributeW
ldap_first_entry
ldap_get_dnW
ldap_get_values_lenW
ldap_initW
ldap_memfreeW
ldap_msgfree
ldap_next_attributeW
ldap_next_entry
ldap_search_sW
ldap_set_optionW
ldap_simple_bind_sW
ldap_sslinitW
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 791KB - Virtual size: 791KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 49B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/jv16pt/cURL/libcurl.def
App/jv16pt/cURL/libcurl.dll
.dll windows x86

Password: 123

f5dca50695d12e3d38611a36a6f83d38

Code Sign

01
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

30/08/2021, 12:18

Subject

CN=curl-for-win Code Signing Authority,OU=curl-for-win Code Signing Authority,O=curl-for-win

af:42:e4:09:5d:94:1d:14
Certificate

Issuer

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Not Before

31/08/2018, 12:18

Not After

31/08/2023, 12:18

Subject

CN=curl-for-win Root CA,OU=curl-for-win Root CA,O=curl-for-win

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

83:f2:51:69:ac:ab:c9:74:80:fa:5a:e1:b8:4a:2e:ce:d4:5f:52:bf:17:6a:ba:95:f0:6b:ca:3c:7c:3f:45:02
Signer

Actual PE Digest

83:f2:51:69:ac:ab:c9:74:80:fa:5a:e1:b8:4a:2e:ce:d4:5f:52:bf:17:6a:ba:95:f0:6b:ca:3c:7c:3f:45:02

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=curl-for-win Code Signing Authority,OU=curl-for-win Code Signing Authority,O=curl-for-win

03/10/2022, 12:53
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libcrypto-1_1

ASN1_OCTET_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_length
ASN1_STRING_print
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_TIME_print
BIO_ctrl
BIO_free
BIO_new
BIO_new_file
BIO_new_mem_buf
BIO_printf
BIO_puts
BIO_s_file
BIO_s_mem
BN_CTX_free
BN_CTX_new
BN_bin2bn
BN_bn2bin
BN_clear_free
BN_div
BN_mod_exp
BN_new
BN_num_bits
BN_print
BN_rand
BN_set_word
BN_sub
BN_value_one
CRYPTO_free
CRYPTO_get_ex_new_index
CRYPTO_malloc
DES_ecb_encrypt
DES_set_key
DES_set_odd_parity
DH_get0_key
DH_get0_pqg
DSA_SIG_free
DSA_SIG_get0
DSA_SIG_new
DSA_SIG_set0
DSA_do_sign
DSA_do_verify
DSA_free
DSA_get0_key
DSA_get0_pqg
DSA_new
DSA_set0_key
DSA_set0_pqg
ECDH_compute_key
ECDSA_SIG_free
ECDSA_SIG_get0
ECDSA_SIG_new
ECDSA_SIG_set0
ECDSA_do_sign
ECDSA_do_verify
EC_GROUP_get_curve_name
EC_GROUP_get_degree
EC_KEY_free
EC_KEY_generate_key
EC_KEY_get0_group
EC_KEY_get0_public_key
EC_KEY_new_by_curve_name
EC_KEY_set_private_key
EC_KEY_set_public_key
EC_POINT_free
EC_POINT_new
EC_POINT_oct2point
EC_POINT_point2oct
ENGINE_by_id
ENGINE_ctrl
ENGINE_ctrl_cmd
ENGINE_finish
ENGINE_free
ENGINE_get_first
ENGINE_get_id
ENGINE_get_next
ENGINE_init
ENGINE_load_builtin_engines
ENGINE_load_private_key
ENGINE_register_all_complete
ENGINE_set_default
ERR_clear_error
ERR_error_string_n
ERR_get_error
ERR_peek_error
ERR_peek_last_error
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_get_app_data
EVP_CIPHER_CTX_key_length
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_set_app_data
EVP_CIPHER_CTX_set_padding
EVP_CIPHER_meth_free
EVP_CIPHER_meth_new
EVP_CIPHER_meth_set_cleanup
EVP_CIPHER_meth_set_do_cipher
EVP_CIPHER_meth_set_init
EVP_CIPHER_meth_set_iv_length
EVP_Cipher
EVP_CipherInit
EVP_DigestFinal
EVP_DigestFinal_ex
EVP_DigestInit
EVP_DigestSign
EVP_DigestSignInit
EVP_DigestUpdate
EVP_DigestVerify
EVP_DigestVerifyInit
EVP_EncryptInit
EVP_EncryptUpdate
EVP_MD_CTX_free
EVP_MD_CTX_new
EVP_PKEY2PKCS8
EVP_PKEY_CTX_free
EVP_PKEY_CTX_new
EVP_PKEY_CTX_new_id
EVP_PKEY_copy_parameters
EVP_PKEY_derive
EVP_PKEY_derive_init
EVP_PKEY_derive_set_peer
EVP_PKEY_free
EVP_PKEY_get0_DH
EVP_PKEY_get0_DSA
EVP_PKEY_get0_RSA
EVP_PKEY_get1_DSA
EVP_PKEY_get1_EC_KEY
EVP_PKEY_get1_RSA
EVP_PKEY_id
EVP_PKEY_keygen
EVP_PKEY_keygen_init
EVP_PKEY_new
EVP_PKEY_new_raw_private_key
EVP_PKEY_new_raw_public_key
EVP_PKEY_set1_DSA
EVP_PKEY_set1_EC_KEY
EVP_PKEY_set1_RSA
EVP_aes_128_cbc
EVP_aes_128_ecb
EVP_aes_192_cbc
EVP_aes_192_ecb
EVP_aes_256_cbc
EVP_aes_256_ecb
EVP_bf_cbc
EVP_cast5_cbc
EVP_des_ede3_cbc
EVP_get_digestbyname
EVP_md5
EVP_rc4
EVP_ripemd160
EVP_sha1
EVP_sha256
EVP_sha512
GENERAL_NAMES_free
HMAC_CTX_free
HMAC_CTX_new
HMAC_Final
HMAC_Init_ex
HMAC_Update
MD4_Final
MD4_Init
MD4_Update
MD5_Final
MD5_Init
MD5_Update
OCSP_BASICRESP_free
OCSP_CERTID_free
OCSP_RESPONSE_free
OCSP_basic_verify
OCSP_cert_status_str
OCSP_cert_to_id
OCSP_check_validity
OCSP_crl_reason_str
OCSP_resp_find_status
OCSP_response_get1_basic
OCSP_response_status
OCSP_response_status_str
OPENSSL_sk_num
OPENSSL_sk_pop
OPENSSL_sk_pop_free
OPENSSL_sk_value
OpenSSL_version_num
PEM_read_bio_DSAPrivateKey
PEM_read_bio_ECPrivateKey
PEM_read_bio_PrivateKey
PEM_read_bio_RSAPrivateKey
PEM_read_bio_X509
PEM_read_bio_X509_AUX
PEM_write_bio_X509
PKCS12_PBE_add
PKCS12_free
PKCS12_parse
PKCS8_PRIV_KEY_INFO_free
PKCS8_pkey_get0
RAND_add
RAND_bytes
RAND_file_name
RAND_load_file
RAND_status
RSA_flags
RSA_free
RSA_get0_factors
RSA_get0_key
RSA_new
RSA_set0_crt_params
RSA_set0_factors
RSA_set0_key
RSA_sign
RSA_size
RSA_verify
SHA256_Final
SHA256_Init
SHA256_Update
UI_OpenSSL
UI_create_method
UI_destroy_method
UI_get0_user_data
UI_get_input_flags
UI_get_string_type
UI_method_get_closer
UI_method_get_opener
UI_method_get_reader
UI_method_get_writer
UI_method_set_closer
UI_method_set_opener
UI_method_set_reader
UI_method_set_writer
UI_set_result
X509V3_EXT_print
X509_EXTENSION_get_data
X509_EXTENSION_get_object
X509_LOOKUP_file
X509_NAME_ENTRY_get_data
X509_NAME_get_entry
X509_NAME_get_index_by_NID
X509_NAME_print_ex
X509_PUBKEY_free
X509_PUBKEY_get0_param
X509_PUBKEY_new
X509_PUBKEY_set
X509_STORE_add_cert
X509_STORE_add_lookup
X509_STORE_set_flags
X509_check_issued
X509_free
X509_get0_extensions
X509_get0_notAfter
X509_get0_notBefore
X509_get0_signature
X509_get_X509_PUBKEY
X509_get_ext_d2i
X509_get_issuer_name
X509_get_pubkey
X509_get_serialNumber
X509_get_subject_name
X509_get_version
X509_load_crl_file
X509_verify_cert_error_string
d2i_ASN1_OCTET_STRING
d2i_OCSP_RESPONSE
d2i_PKCS12_bio
d2i_PrivateKey_bio
d2i_X509
d2i_X509_bio
i2a_ASN1_OBJECT
i2d_X509_PUBKEY
i2t_ASN1_OBJECT

libssl-1_1

BIO_f_ssl
OPENSSL_init_ssl
SSL_CIPHER_get_name
SSL_CTX_add_client_CA
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_sess_set_new_cb
SSL_CTX_set_alpn_protos
SSL_CTX_set_cipher_list
SSL_CTX_set_ciphersuites
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_keylog_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_options
SSL_CTX_set_post_handshake_auth
SSL_CTX_set_srp_password
SSL_CTX_set_srp_username
SSL_CTX_set_verify
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_free
SSL_alert_desc_string_long
SSL_connect
SSL_ctrl
SSL_free
SSL_get0_alpn_selected
SSL_get_certificate
SSL_get_current_cipher
SSL_get_error
SSL_get_ex_data
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_privatekey
SSL_get_shutdown
SSL_get_verify_result
SSL_new
SSL_pending
SSL_read
SSL_set_bio
SSL_set_connect_state
SSL_set_ex_data
SSL_set_fd
SSL_set_session
SSL_shutdown
SSL_version
SSL_write
TLS_client_method

advapi32

CryptAcquireContextW
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptHashData
CryptReleaseContext

crypt32

CertAddCertificateContextToStore
CertCloseStore
CertCreateCertificateChainEngine
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetEnhancedKeyUsage
CertGetIntendedKeyUsage
CertGetNameStringW
CertOpenStore
CertOpenSystemStoreW
CryptDecodeObjectEx
CryptQueryObject
CryptStringToBinaryW
PFXImportCertStore

kernel32

CloseHandle
CompareFileTime
CreateFileMappingA
CreateFileW
DeleteCriticalSection
EnterCriticalSection
FormatMessageW
FreeLibrary
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSizeEx
GetFileType
GetLastError
GetModuleHandleW
GetProcAddress
GetStdHandle
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MapViewOfFile
MoveFileExW
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
SetLastError
Sleep
SleepEx
TlsGetValue
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__mb_cur_max
_access
_amsg_exit
_beginthreadex
_errno
_fstati64
_getpid
_initterm
_iob
_lock
_lseeki64
_sys_nerr
_unlock
_waccess
_wcsdup
_wfopen
abort
atoi
calloc
fclose
feof
fflush
fgets
fopen
fputc
fputs
fread
free
fseek
ftell
fwrite
getc
islower
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
gmtime
difftime
qsort
realloc
rewind
setlocale
setvbuf
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
tolower
ungetc
vfprintf
time
_strtoi64
wcschr
wcscpy
wcslen
wcsncmp
wcsncpy
wcspbrk
wcstombs
_wstati64
_stati64
_write
_unlink
_strdup
_read
_open
_close

normaliz

IdnToAscii
IdnToUnicode

user32

FindWindowA
SendMessageA

wldap32

ber_free
ldap_bind_sW
ldap_err2stringA
ldap_first_attributeW
ldap_first_entry
ldap_get_dnW
ldap_get_values_lenW
ldap_initW
ldap_memfreeW
ldap_msgfree
ldap_next_attributeW
ldap_next_entry
ldap_search_sW
ldap_set_optionW
ldap_simple_bind_sW
ldap_sslinitW
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 773KB - Virtual size: 773KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
App/jv16pt/jv16DriveHelper.exe
.exe windows x86

Password: 123

Code Sign

42:dd:5b:c3:80:a3:a5:e3:d2:a9:27:16:45:d8:d2:81
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/06/2019, 00:00

Not After

22/06/2022, 23:59

Subject

CN=Macecraft Software,O=Macecraft Software,POSTALCODE=28101,STREET=PL 1,L=PORI,ST=PORI,C=FI,2.5.4.18=#13053238313031

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:76:70:30:19:18:63:e2:7b:4e:14:1d:6e:92:64:37:f9:3a:d2:14
Signer

Actual PE Digest

bf:76:70:30:19:18:63:e2:7b:4e:14:1d:6e:92:64:37:f9:3a:d2:14

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Macecraft Software,O=Macecraft Software,POSTALCODE=28101,STREET=PL 1,L=PORI,ST=PORI,C=FI,2.5.4.18=#13053238313031

03/10/2022, 12:53
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 502KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 31KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/jv16pt/jv16Helper.exe
.exe windows x86

Password: 123

Code Sign

42:dd:5b:c3:80:a3:a5:e3:d2:a9:27:16:45:d8:d2:81
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/06/2019, 00:00

Not After

22/06/2022, 23:59

Subject

CN=Macecraft Software,O=Macecraft Software,POSTALCODE=28101,STREET=PL 1,L=PORI,ST=PORI,C=FI,2.5.4.18=#13053238313031

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:1f:23:11:30:09:e3:69:d4:e9:b3:bd:a7:28:30:bb:f9:68:d0:98
Signer

Actual PE Digest

bf:1f:23:11:30:09:e3:69:d4:e9:b3:bd:a7:28:30:bb:f9:68:d0:98

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Macecraft Software,O=Macecraft Software,POSTALCODE=28101,STREET=PL 1,L=PORI,ST=PORI,C=FI,2.5.4.18=#13053238313031

03/10/2022, 12:53
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 415KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
App/jv16pt/jv16pt.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 11.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
App/jv16pt/sqlite3.dll
.dll windows x86

Password: 123

b6b717510bf0f538ce941b9675264c78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
GetVersionExW
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InterlockedCompareExchange
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
TlsGetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
__setusermatherr
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_onexit
localtime
calloc
fprintf
free
fwrite
malloc
memcmp
memmove
qsort
realloc
strcmp
strcspn
strlen
strncmp
_unlock
abort
vfprintf

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_fts5_may_be_corrupt
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_rtree_geometry_callback
sqlite3_rtree_query_callback
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_trace_v2
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_free
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug

Sections

.text
Size: 593KB - Virtual size: 593KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 617B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Data/settings/jv16 PowerToolsSettings.ini
Visit CracksHash.com.url
.url
jv16 PowerTools.exe
.exe windows x86

Password: 123

32f3282581436269b3a75b6675fe3e08

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 123

Password: 123

Password: 123

c6a0f228be83b7d55e2701770ea67d06

Code Sign

01Certificate

af:42:e4:09:5d:94:1d:14Certificate

Key Usages

f0:92:64:c9:6a:dd:81:de:85:7a:56:99:9b:d5:d6:27:e6:54:f8:a6:03:4d:88:49:ba:09:7d:a5:89:1e:d6:74Signer

Signature Validations

Verification

03/10/2022, 12:53 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

crypt32

kernel32

msvcrt

normaliz

user32

wldap32

ws2_32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.data Size: 15KB - Virtual size: 15KB

.rdata Size: 791KB - Virtual size: 791KB

.eh_fram Size: 512B - Virtual size: 488B

.bss Size: - Virtual size: 18KB

.edata Size: 512B - Virtual size: 49B

.idata Size: 8KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 99KB - Virtual size: 99KB

Password: 123

f5dca50695d12e3d38611a36a6f83d38

Code Sign

01Certificate

af:42:e4:09:5d:94:1d:14Certificate

Key Usages

83:f2:51:69:ac:ab:c9:74:80:fa:5a:e1:b8:4a:2e:ce:d4:5f:52:bf:17:6a:ba:95:f0:6b:ca:3c:7c:3f:45:02Signer

Signature Validations

Verification

03/10/2022, 12:53 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

libcrypto-1_1

libssl-1_1

advapi32

crypt32

kernel32

msvcrt

normaliz

user32

wldap32

ws2_32

Exports

Exports

Sections

.text Size: 773KB - Virtual size: 773KB

.data Size: 5KB - Virtual size: 5KB

.rdata Size: 289KB - Virtual size: 289KB

.eh_fram Size: 512B - Virtual size: 376B

.bss Size: - Virtual size: 3KB

.edata Size: 2KB - Virtual size: 2KB

.idata Size: 16KB - Virtual size: 16KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1024B - Virtual size: 1016B

.reloc Size: 31KB - Virtual size: 30KB

Password: 123

01
Certificate

af:42:e4:09:5d:94:1d:14
Certificate

f0:92:64:c9:6a:dd:81:de:85:7a:56:99:9b:d5:d6:27:e6:54:f8:a6:03:4d:88:49:ba:09:7d:a5:89:1e:d6:74
Signer

03/10/2022, 12:53
Valid: false

.text
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 15KB - Virtual size: 15KB

.rdata
Size: 791KB - Virtual size: 791KB

.eh_fram
Size: 512B - Virtual size: 488B

.bss
Size: - Virtual size: 18KB

.edata
Size: 512B - Virtual size: 49B

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 99KB - Virtual size: 99KB

01
Certificate

af:42:e4:09:5d:94:1d:14
Certificate

83:f2:51:69:ac:ab:c9:74:80:fa:5a:e1:b8:4a:2e:ce:d4:5f:52:bf:17:6a:ba:95:f0:6b:ca:3c:7c:3f:45:02
Signer

03/10/2022, 12:53
Valid: false

.text
Size: 773KB - Virtual size: 773KB

.data
Size: 5KB - Virtual size: 5KB

.rdata
Size: 289KB - Virtual size: 289KB

.eh_fram
Size: 512B - Virtual size: 376B

.bss
Size: - Virtual size: 3KB

.edata
Size: 2KB - Virtual size: 2KB

.idata
Size: 16KB - Virtual size: 16KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1024B - Virtual size: 1016B

.reloc
Size: 31KB - Virtual size: 30KB

42:dd:5b:c3:80:a3:a5:e3:d2:a9:27:16:45:d8:d2:81
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

bf:76:70:30:19:18:63:e2:7b:4e:14:1d:6e:92:64:37:f9:3a:d2:14
Signer

03/10/2022, 12:53
Valid: false

UPX0
Size: - Virtual size: 1.3MB

UPX1
Size: 502KB - Virtual size: 504KB

.rsrc
Size: 111KB - Virtual size: 112KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.itext
Size: 9KB - Virtual size: 9KB

.data
Size: 29KB - Virtual size: 29KB

.bss
Size: - Virtual size: 31KB

.idata
Size: 10KB - Virtual size: 9KB

.didata
Size: 1024B - Virtual size: 524B

.edata
Size: 512B - Virtual size: 187B

.tls
Size: - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 125KB - Virtual size: 124KB

.rsrc
Size: 122KB - Virtual size: 122KB

42:dd:5b:c3:80:a3:a5:e3:d2:a9:27:16:45:d8:d2:81
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

bf:1f:23:11:30:09:e3:69:d4:e9:b3:bd:a7:28:30:bb:f9:68:d0:98
Signer

03/10/2022, 12:53
Valid: false

UPX0
Size: - Virtual size: 3.0MB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.itext
Size: 6KB - Virtual size: 6KB

.data
Size: 71KB - Virtual size: 71KB

.bss
Size: - Virtual size: 415KB

.idata
Size: 16KB - Virtual size: 15KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 182B

.tls
Size: - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 258KB - Virtual size: 257KB