Extracted

• file.exe

  .exe windows x86

  60bb0d2dd7f05b1108344c408631a289

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetCurrentDirectoryA

  MultiByteToWideChar

  Sleep

  GetTempPathA

  GetModuleHandleExA

  GetTimeZoneInformation

  CopyFileA

  GetLastError

  GetFileAttributesA

  CreateFileA

  LoadLibraryA

  GetVersionExA

  LockResource

  DeleteFileA

  CloseHandle

  GetSystemInfo

  LoadResource

  SetFileAttributesA

  GetProcAddress

  LocalFree

  RemoveDirectoryA

  FreeLibrary

  WideCharToMultiByte

  CreateDirectoryA

  GetSystemTime

  GetPrivateProfileStringA

  ReadFile

  SetFilePointer

  CreateFileW

  AreFileApisANSI

  TryEnterCriticalSection

  HeapCreate

  HeapFree

  EnterCriticalSection

  FreeResource

  GetDiskFreeSpaceW

  lstrlenA

  LockFile

  LeaveCriticalSection

  InitializeCriticalSection

  GetFullPathNameA

  SetEndOfFile

  UnlockFileEx

  GetTempPathW

  CreateMutexW

  WaitForSingleObject

  GetFileAttributesW

  GetCurrentThreadId

  UnmapViewOfFile

  HeapValidate

  HeapSize

  FormatMessageW

  GetDiskFreeSpaceA

  GetFileAttributesExW

  OutputDebugStringW

  FlushViewOfFile

  WaitForSingleObjectEx

  DeleteFileW

  HeapReAlloc

  LoadLibraryW

  HeapAlloc

  HeapCompact

  HeapDestroy

  UnlockFile

  LockFileEx

  GetFileSize

  DeleteCriticalSection

  GetCurrentProcessId

  GetProcessHeap

  SystemTimeToFileTime

  GetSystemTimeAsFileTime

  FormatMessageA

  CreateFileMappingW

  MapViewOfFile

  QueryPerformanceCounter

  GetTickCount

  FlushFileBuffers

  VirtualQuery

  VirtualProtect

  WriteConsoleW

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  GetCommandLineA

  GetOEMCP

  LoadLibraryExA

  GetModuleHandleA

  GetFullPathNameW

  FindClose

  FindResourceA

  FindNextFileA

  WriteFile

  GetCurrentProcess

  SetPriorityClass

  FindFirstFileA

  GetPrivateProfileSectionNamesA

  GetACP

  IsValidCodePage

  SizeofResource

  OutputDebugStringA

  SetStdHandle

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetFileSizeEx

  GetConsoleOutputCP

  ReadConsoleW

  GetConsoleMode

  GetStdHandle

  GetModuleFileNameW

  FindFirstFileExW

  FindNextFileW

  GetFinalPathNameByHandleW

  SetFilePointerEx

  GetFileInformationByHandleEx

  LCMapStringEx

  InitializeCriticalSectionEx

  EncodePointer

  DecodePointer

  CompareStringEx

  GetCPInfo

  GetStringTypeW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  IsProcessorFeaturePresent

  InitializeCriticalSectionAndSpinCount

  CreateEventW

  GetModuleHandleW

  IsDebuggerPresent

  GetStartupInfoW

  InitializeSListHead

  RtlUnwind

  RaiseException

  SetLastError

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  LoadLibraryExW

  GetFileType

  ExitProcess

  GetModuleHandleExW

  CreateThread

  ExitThread

  FreeLibraryAndExitThread

  advapi32

  CredEnumerateA

  CredFree

  shell32

  SHGetFolderPathA

  crypt32

  CryptUnprotectData

  CryptStringToBinaryA

  Sections

  .text

  Size: 1.5MB - Virtual size: 1.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 147KB - Virtual size: 146KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 5.8MB - Virtual size: 5.8MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 28KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ