runningrat | cb5892e66ce5c2e7b5ab9946e77e1e634fdc5588a729ad6fdaaa4fd822f27051

Sharing

Copy URL

Twitter E-mail

General

Target

cb5892e66ce5c2e7b5ab9946e77e1e634fdc5588a729ad6fdaaa4fd822f27051
Size

1.5MB
MD5

fae9be3b3ea035816b3f8649f51bbf77
SHA1

baea3fae072e014881706ae7eee5bb766ef94374
SHA256

cb5892e66ce5c2e7b5ab9946e77e1e634fdc5588a729ad6fdaaa4fd822f27051
SHA512

43696b4169ddfe3ccff1a24d5850257cfd69b2c228af132649833d10c6a272e7030fa3fdab7a25d0890d92957f233cbe389c079d86c5fa2e3c825be5ed0ca69e
SSDEEP

24576:tSnO3Wvw9Ngolr0kycTrNlFCatJFhfHni0NCXsFh74C/D0cG6OZU1:tNWvwsoh0HqNlBt9lC8Fh74QD0KX1

Score

10^/10

runningrat

Malware Config

Signatures

RunningRat payload 2 IoCs

resource	yara_rule
static1/unpack001/Install.dat	family_runningrat
static1/unpack001/server.exe	family_runningrat

Runningrat family
runningrat

Files

cb5892e66ce5c2e7b5ab9946e77e1e634fdc5588a729ad6fdaaa4fd822f27051
.rar
Gh0st.exe
.exe windows x86

656a9f5fe5a9b953f09fa0f8346e94e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamRelease
AVIFileRelease
AVIStreamWrite
AVIFileOpenA
AVIFileCreateStreamA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileExit
AVIFileInit

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

winmm

PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveOutClose

kernel32

IsBadWritePtr
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
VirtualFree
VirtualAlloc
GetFileAttributesA
lstrcatA
GetModuleFileNameA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
WriteFile
lstrlenA
lstrcpyA
ReadFile
GetFileSize
CreateFileA
GetDriveTypeA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetProfileIntA
GetProfileStringA
GetTempPathA
GetPrivateProfileSectionNamesA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
GetExitCodeThread
ResetEvent
LocalFree
LocalAlloc
FindClose
FindNextFileA
FindFirstFileA
SetFilePointer
DeleteFileA
RemoveDirectoryA
MoveFileA
GetLastError
CreateDirectoryA
GetProcAddress
LoadLibraryA
SetUnhandledExceptionFilter
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
InitializeCriticalSection
LeaveCriticalSection
PostQueuedCompletionStatus
EnterCriticalSection
GetSystemInfo
CreateIoCompletionPort
InterlockedDecrement
GetQueuedCompletionStatus
InterlockedExchange
GetTickCount
CancelIo
DeleteCriticalSection
GetLocalTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
LocalSize
LocalReAlloc
lstrcmpA
LoadResource
FindResourceA
LockResource
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
FreeLibrary
InterlockedIncrement
FormatMessageA
lstrcpynA
DuplicateHandle
GetCurrentProcess
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
SetLastError
MulDiv
GetCurrentThread
SetThreadPriority
GetTempFileNameA
SetFileTime
GetFileTime
GetDiskFreeSpaceA
GlobalFlags
SizeofResource
CopyFileA
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
SetErrorMode
GetCurrentDirectoryA
HeapFree
HeapAlloc
RtlUnwind
ExitThread
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetACP
HeapReAlloc
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate

user32

GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
SetWindowContextHelpId
MapDialogRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
CreateMenu
GetMenuStringA
InsertMenuA
FillRect
GetSysColor
GetKeyState
GetDlgCtrlID
DrawIconEx
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawTextA
GetMenuState
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
AdjustWindowRectEx
ShowScrollBar
IntersectRect
CheckMenuRadioItem
GetIconInfo
GetDC
ReleaseDC
SetClassLongA
DestroyCursor
CreatePopupMenu
RedrawWindow
KillTimer
GetDesktopWindow
SetFocus
IsZoomed
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
SetMenuItemBitmaps
ModifyMenuA
DispatchMessageA
TranslateMessage
GetMessageA
RegisterWindowMessageA
LoadIconA
EnableWindow
SendMessageA
InvalidateRect
SetRect
PostMessageA
wsprintfA
DestroyIcon
LoadImageA
MessageBoxA
GetWindow
GetClientRect
SetCapture
LoadCursorA
SetCursor
ScreenToClient
UpdateWindow
WindowFromPoint
ClientToScreen
ReleaseCapture
GetParent
UnregisterClassA
GetMenuCheckMarkDimensions
GetDlgItemTextA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
wvsprintfA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
DestroyMenu
PostQuitMessage
ShowOwnedPopups
InvertRect
IsRectEmpty
SetParent
PostThreadMessageA
LockWindowUpdate
GetDCEx
RegisterClipboardFormatA
GetNextDlgGroupItem
CopyAcceleratorTableA
GetSysColorBrush
GetDialogBaseUnits
GetClassNameA
LoadStringA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetTabbedTextExtentA
GetClipboardFormatNameA
GetAsyncKeyState
SendMessageTimeoutA
UnionRect
IsWindowUnicode
GetWindowLongW
SetWindowLongW
GetDoubleClickTime
SetCursorPos
SetWindowRgn
GetCursor
GetMenuStringW
ValidateRect
LookupIconIdFromDirectoryEx
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
BringWindowToTop
LoadBitmapA
SetTimer
GetSystemMenu
AppendMenuA
CheckMenuItem
MessageBeep
InflateRect
GetSystemMetrics
OffsetRect
GetWindowRect
PtInRect
CharNextA
LoadMenuA
GetSubMenu
DeleteMenu
EnableMenuItem
GetMenuItemCount
GetCursorPos
GetFocus
IsWindowVisible
DrawStateA
DrawEdge
GetMenuItemInfoA
GetMenuDefaultItem
CreateIconFromResourceEx
CreateIconIndirect
CopyIcon
IsMenu
MapVirtualKeyA
ShowCaret
HideCaret
GetWindowRgn
WaitMessage
IsClipboardFormatAvailable
DrawFocusRect
SetMenuDefaultItem
EnumChildWindows
FindWindowA
DrawAnimatedRects
DrawFrameControl

gdi32

Polyline
CreateFontA
ExtCreateRegion
GetBitmapBits
EnumFontFamiliesExA
GetCurrentObject
GetWindowOrgEx
GetViewportOrgEx
GetPixel
SetPixel
GetDIBits
StretchBlt
GetTextAlign
Polygon
GetRgnBox
CreatePolygonRgn
ExtFloodFill
Ellipse
SetBrushOrgEx
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
GetTextExtentPoint32W
ExtTextOutW
GetCharWidthA
GetTextExtentPointA
CreateDIBitmap
PtInRegion
RoundRect
LPtoDP
GetBkColor
GetTextColor
DPtoLP
CombineRgn
SetRectRgn
GetMapMode
CopyMetaFileA
CreateFontIndirectA
GetTextMetricsA
GetTextExtentPoint32A
CreateRectRgnIndirect
PatBlt
Escape
RectVisible
PtVisible
CreatePatternBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
ExtSelectClipRgn
CreateRectRgn
GetClipRgn
PolyBezierTo
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetStretchBltMode
SetPolyFillMode
GetStockObject
RestoreDC
SaveDC
CreateBitmap
GetObjectA
GetClipBox
CreatePen
CreateCompatibleBitmap
CreateSolidBrush
SetBkMode
TextOutA
BitBlt
SetBkColor
SetTextColor
ExtTextOutA
StretchDIBits
CreateCompatibleDC
CreateDIBSection
SelectObject
DeleteDC
DeleteObject

comdlg32

ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA

shell32

ShellExecuteA
SHGetMalloc
Shell_NotifyIconA
SHAppBarMessage
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish

comctl32

ImageList_Remove
ImageList_Draw
ImageList_GetImageInfo
ImageList_Add
ImageList_GetIcon
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord1
ord8

ole32

ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
OleFlushClipboard
OleIsCurrentClipboard
OleDuplicateData
CreateILockBytesOnHGlobal
OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CoDisconnectObject

olepro32

ord253

oleaut32

OleLoadPicturePath
VariantChangeTypeEx
LoadTypeLi
SysStringLen
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VarBstrFromDate
VarDateFromStr
SysStringByteLen
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
VariantClear
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData

ws2_32

inet_ntoa
getpeername
closesocket
WSACleanup
select
connect
htons
gethostbyname
ioctlsocket
socket
WSAStartup
listen
bind
accept
WSAEventSelect
WSACreateEvent
WSASocketA
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAIoctl
setsockopt
WSAGetLastError
WSARecv
WSASend
WSACloseEvent
gethostname
ntohs
getsockname
shutdown

shlwapi

PathRemoveFileSpecA
SHAutoComplete

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 624KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 744KB - Virtual size: 741KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Gh0st.ini
Install.dat
.exe windows x86

ae100eaf7a91030df326149b65c0e32a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5683
ord825
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4129
ord4425
ord3597
ord693
ord641
ord324
ord2302
ord4234
ord3996
ord4710
ord755
ord470
ord6907
ord3499
ord2818
ord540
ord2515
ord355
ord1168
ord2379
ord1146
ord2582
ord6055
ord1776
ord4402
ord5290
ord3370
ord3640
ord567
ord3998
ord2621
ord537
ord800
ord815
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4627
ord4673
ord1576

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_setmbcp
_mkdir
strlen
memset
strstr
__CxxFrameHandler
_access
memcpy
sprintf
exit
_XcptFilter
_exit
_onexit
__dllonexit
_except_handler3
__p__pgmptr
_controlfp

kernel32

GetCurrentProcess
CreateFileA
WriteFile
CloseHandle
lstrcpyA
GetCommandLineA
Process32Next
lstrcmpiA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetModuleHandleA
GetStartupInfoA
Process32First
CreateToolhelp32Snapshot
HeapFree
WaitForSingleObject
HeapAlloc
GetProcessHeap
GetLastError
OpenProcess
FreeLibrary
GetTickCount
GetFileAttributesA
ExpandEnvironmentStringsA
Sleep
LoadLibraryA
GetProcAddress

user32

EnableWindow
SendMessageA
DrawIcon
LoadIconA
IsIconic
GetClientRect
GetSystemMetrics
wsprintfA

advapi32

GetKernelObjectSecurity
GetSecurityDescriptorDacl
SetEntriesInAclA
MakeAbsoluteSD
SetSecurityDescriptorDacl
SetKernelObjectSecurity
DuplicateTokenEx
ImpersonateLoggedOnUser
CreateProcessAsUserA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
BuildExplicitAccessWithNameA

shlwapi

StrCmpNIA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
server.exe
.exe windows x86

ae100eaf7a91030df326149b65c0e32a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5683
ord825
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4129
ord4425
ord3597
ord693
ord641
ord324
ord2302
ord4234
ord3996
ord4710
ord755
ord470
ord6907
ord3499
ord2818
ord540
ord2515
ord355
ord1168
ord2379
ord1146
ord2582
ord6055
ord1776
ord4402
ord5290
ord3370
ord3640
ord567
ord3998
ord2621
ord537
ord800
ord815
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4627
ord4673
ord1576

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_setmbcp
_mkdir
strlen
memset
strstr
__CxxFrameHandler
_access
memcpy
sprintf
exit
_XcptFilter
_exit
_onexit
__dllonexit
_except_handler3
__p__pgmptr
_controlfp

kernel32

GetCurrentProcess
CreateFileA
WriteFile
CloseHandle
lstrcpyA
GetCommandLineA
Process32Next
lstrcmpiA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetModuleHandleA
GetStartupInfoA
Process32First
CreateToolhelp32Snapshot
HeapFree
WaitForSingleObject
HeapAlloc
GetProcessHeap
GetLastError
OpenProcess
FreeLibrary
GetTickCount
GetFileAttributesA
ExpandEnvironmentStringsA
Sleep
LoadLibraryA
GetProcAddress

user32

EnableWindow
SendMessageA
DrawIcon
LoadIconA
IsIconic
GetClientRect
GetSystemMetrics
wsprintfA

advapi32

GetKernelObjectSecurity
GetSecurityDescriptorDacl
SetEntriesInAclA
MakeAbsoluteSD
SetSecurityDescriptorDacl
SetKernelObjectSecurity
DuplicateTokenEx
ImpersonateLoggedOnUser
CreateProcessAsUserA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
BuildExplicitAccessWithNameA

shlwapi

StrCmpNIA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

656a9f5fe5a9b953f09fa0f8346e94e8

Headers

File Characteristics

Imports

avifil32

msvfw32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

shlwapi

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rodata Size: 12KB - Virtual size: 11KB

.rotext Size: 112KB - Virtual size: 108KB

.rdata Size: 292KB - Virtual size: 289KB

.data Size: 624KB - Virtual size: 1.1MB

.rsrc Size: 744KB - Virtual size: 741KB

ae100eaf7a91030df326149b65c0e32a

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 12KB - Virtual size: 8KB

.data Size: 36KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 2KB

ae100eaf7a91030df326149b65c0e32a

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 12KB - Virtual size: 8KB

.data Size: 36KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rodata
Size: 12KB - Virtual size: 11KB

.rotext
Size: 112KB - Virtual size: 108KB

.rdata
Size: 292KB - Virtual size: 289KB

.data
Size: 624KB - Virtual size: 1.1MB

.rsrc
Size: 744KB - Virtual size: 741KB

.text
Size: 12KB - Virtual size: 8KB

.data
Size: 36KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 8KB

.data
Size: 36KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 2KB