Cuphead[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Cuphead.rar
Size

7.5MB
MD5

61c44dd7ab730fcb548b7ebeed55d25e
SHA1

66c3533cfe1a3534f98ebdfa4e477b77f9faaca6
SHA256

ae61842c8ac21b0ef5d113703930dc7178a7eedb6ab0c6800631fdf810cdf7e1
SHA512

0cd998803f3360e38414992d582d6eb39672450492d3475f1d40f7d012fc2b7aa8e6e89a1967e927faeb97bd8f56d203034e62b239eb14603c205ed518508a02
SSDEEP

196608:eRrXxRTKiP7aWTbvEVeUZ6j++ri6NTac6MtEL30:eVX2WaWTwVhZQ++ri6NG/M3

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/x32/d3d9.dll
unpack001/x32/libEGL.dll
unpack001/x32/libGLESv2.dll
unpack001/x64/d3d9.dll
unpack001/x64/libEGL.dll
unpack001/x64/libGLESv2.dll

Files

Cuphead.rar
.rar
x32/d3d9.dll
.dll windows x86

33db2502c4e910d11f62484687e3a819

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
ReleaseDC
GetDC
EnumDisplaySettingsA
SetWindowPos
ChangeDisplaySettingsA
ClientToScreen
SetRect
SetWindowLongA
GetWindowLongA
ScreenToClient
GetWindowRect
GetCursorPos
GetClientRect

gdi32

DeleteDC
GetDeviceGammaRamp
CreateDIBSection
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
GetDeviceCaps
SetDeviceGammaRamp

kernel32

DisableThreadLibraryCalls
FreeLibrary
GetCurrentProcess
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetModuleHandleA
K32GetModuleBaseNameA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
SetLastError
DeleteCriticalSection
GetFileAttributesW
DeleteFileA
GetTempPathA
FindNextFileA
SetFileAttributesA
RemoveDirectoryA
FindFirstFileA
CreateDirectoryA
VirtualQuery
VirtualFree
VirtualAlloc
HeapValidate
HeapWalk
InitializeCriticalSection
WaitForSingleObject
SetEvent
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemInfo
VirtualProtect
CreateEventA
CloseHandle
CreateThread
GetProcessAffinityMask
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
IsProcessorFeaturePresent
IsDebuggerPresent
GetLastError
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetConsoleCtrlHandler
GetCurrentThread
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
DeleteFileW
RtlUnwind
ReadConsoleW
FindClose
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
LoadLibraryExW
HeapReAlloc
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
WriteConsoleW
GetStringTypeW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
OutputDebugStringW
GetTimeZoneInformation
SetEndOfFile
SetEnvironmentVariableA
GetFileAttributesExA
GetConsoleScreenBufferInfo
GetProcessTimes
SetConsoleTextAttribute
SetErrorMode
FormatMessageA
LocalFree

ws2_32

recv
bind
socket
closesocket
send
listen
accept
WSACleanup
select
getaddrinfo
WSAStartup

dbghelp

EnumerateLoadedModules
SymGetLineFromAddr64
SymFunctionTableAccess64
SymSetOptions
SymGetModuleBase64
SymGetSymFromAddr64
SymInitialize
StackWalk64

advapi32

CryptReleaseContext

Exports

Exports

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_SetMarker
D3DPERF_SetOptions
D3DPERF_SetRegion
DebugSetLevel
DebugSetMute
Direct3DCreate9
Direct3DCreate9Ex
Direct3DShaderValidatorCreate9
PSGPError
PSGPSampleTexture

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 557KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 486KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x32/libEGL.dll
.dll windows x86

6268e7249a33220bc520ea5826ada070

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleExA
DecodePointer
WriteConsoleW
SetFilePointerEx
TlsFree
Sleep
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
InterlockedFlushSList
SetLastError
RtlUnwind
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
CreateFileW
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetEndOfFile
ReadFile
ReadConsoleW

user32

GetDC
IsWindow
ReleaseDC
GetClientRect

gdi32

GetDeviceCaps

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurfaceEXT
eglCreateSyncKHR
eglCreateWindowSurface
eglDestroyContext
eglDestroyImageKHR
eglDestroySurface
eglDestroySyncKHR
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttribKHR
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
libEGL_swiftshader

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x32/libGLESv2.dll
.dll windows x86

ed396f7ecb19791b72ffe9ae13937da1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
socket
send
WSAStartup
getaddrinfo
listen
select
closesocket
bind
recv
accept

kernel32

FreeLibrary
WaitForSingleObject
SetEvent
CloseHandle
CreateThread
CreateEventA
GetCurrentProcess
GetProcessAffinityMask
VirtualProtect
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
RemoveVectoredExceptionHandler
GetLastError
LocalFree
FormatMessageA
VirtualFree
VirtualAlloc
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReadFile
GetModuleFileNameA
GetFileAttributesExA
FindFirstFileA
SetLastError
FindNextFileA
FindClose
GetTempPathA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
GetCurrentProcessId
CreateDirectoryA
GetProcAddress
CreateFileW
GetFileAttributesW
GetModuleHandleA
MultiByteToWideChar
GetCurrentDirectoryW
WideCharToMultiByte
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
SetErrorMode
GetConsoleMode
GetProcessTimes
TerminateProcess
SetConsoleCtrlHandler
GetCurrentThread
SetUnhandledExceptionFilter
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetSystemTimeAsFileTime
ReadConsoleW
GetConsoleCP
WriteFile
HeapFree
HeapReAlloc
HeapAlloc
WriteConsoleW
GetModuleFileNameW
HeapWalk
LoadLibraryA
GetModuleHandleExA
Sleep
GetTimeZoneInformation
OutputDebugStringW
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
HeapValidate
GetProcessHeap
GetFullPathNameW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
FlushFileBuffers
GetACP
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
CreateEventW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
LoadLibraryExW
InterlockedFlushSList
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
SetEndOfFile
SetStdHandle
SetEnvironmentVariableA
SetFilePointerEx

user32

GetDC
SetWindowPos
GetWindowRect
ReleaseDC
GetSystemMetrics
SetWindowLongA
ClientToScreen
GetWindowLongA
GetClientRect
SetRect
ChangeDisplaySettingsA

gdi32

SetDeviceGammaRamp
CreateDIBSection
CreateCompatibleDC
StretchBlt
GetDeviceGammaRamp
DeleteDC
DeleteObject
SelectObject

advapi32

CryptReleaseContext

dbghelp

EnumerateLoadedModules
SymGetSymFromAddr64
SymGetModuleBase64
SymGetLineFromAddr64
SymFunctionTableAccess64
SymInitialize
StackWalk64
SymSetOptions

Exports

Exports

Register
glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindFramebufferOES
glBindRenderbuffer
glBindRenderbufferOES
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glCheckFramebufferStatusOES
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteFramebuffersOES
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteRenderbuffersOES
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFramebufferRenderbuffer
glFramebufferRenderbufferOES
glFramebufferTexture2D
glFramebufferTexture2DOES
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenFramebuffersOES
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenRenderbuffersOES
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenerateMipmap
glGenerateMipmapOES
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivOES
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetRenderbufferParameterivOES
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsFramebufferOES
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
glIsRenderbufferOES
glIsSampler
glIsShader
glIsSync
glIsTexture
glIsTransformFeedback
glIsVertexArray
glLineWidth
glLinkProgram
glMapBufferRange
glPauseTransformFeedback
glPixelStorei
glPolygonOffset
glProgramBinary
glProgramParameteri
glReadBuffer
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisample
glRenderbufferStorageMultisampleANGLE
glRenderbufferStorageOES
glResumeTransformFeedback
glSampleCoverage
glSamplerParameterf
glSamplerParameterfv
glSamplerParameteri
glSamplerParameteriv
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2D
glTexStorage3D
glTexSubImage2D
glTexSubImage3D
glTransformFeedbackVaryings
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform1ui
glUniform1uiv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform2ui
glUniform2uiv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform3ui
glUniform3uiv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniform4ui
glUniform4uiv
glUniformBlockBinding
glUniformMatrix2fv
glUniformMatrix2x3fv
glUniformMatrix2x4fv
glUniformMatrix3fv
glUniformMatrix3x2fv
glUniformMatrix3x4fv
glUniformMatrix4fv
glUniformMatrix4x2fv
glUniformMatrix4x3fv
glUnmapBuffer
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribDivisor
glVertexAttribI4i
glVertexAttribI4iv
glVertexAttribI4ui
glVertexAttribI4uiv
glVertexAttribIPointer
glVertexAttribPointer
glViewport
glWaitSync
libGLESv2_swiftshader

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 697KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 490KB - Virtual size: 507KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/d3d9.dll
.dll windows x64

45650eb7d6bf627b8292f3d3746b71d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetSystemMetrics
ReleaseDC
GetDC
EnumDisplaySettingsA
SetWindowPos
ChangeDisplaySettingsA
ClientToScreen
SetRect
SetWindowLongA
GetWindowLongA
ScreenToClient
GetWindowRect
GetCursorPos
GetClientRect

gdi32

DeleteDC
GetDeviceGammaRamp
CreateDIBSection
StretchBlt
DeleteObject
SelectObject
CreateCompatibleDC
GetDeviceCaps
SetDeviceGammaRamp

kernel32

DisableThreadLibraryCalls
FreeLibrary
GetCurrentProcess
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetModuleHandleA
K32GetModuleBaseNameA
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
SetLastError
DeleteCriticalSection
GetFileAttributesW
DeleteFileA
GetTempPathA
FindNextFileA
SetFileAttributesA
RemoveDirectoryA
FindFirstFileA
CreateDirectoryA
VirtualQuery
VirtualFree
VirtualAlloc
HeapValidate
HeapWalk
InitializeCriticalSection
TlsSetValue
WaitForSingleObject
SetEvent
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemInfo
VirtualProtect
CreateEventA
CloseHandle
CreateThread
GetProcessAffinityMask
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
IsProcessorFeaturePresent
IsDebuggerPresent
GetLastError
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
RtlPcToFileHeader
RaiseException
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
HeapSize
RtlUnwindEx
GetCurrentThread
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetModuleHandleW
SetConsoleCtrlHandler
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
DeleteFileW
ReadConsoleW
FindClose
FindFirstFileExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
LoadLibraryExW
HeapReAlloc
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
WriteConsoleW
GetStringTypeW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
OutputDebugStringW
GetTimeZoneInformation
SetEndOfFile
SetEnvironmentVariableA
GetFileAttributesExA
GetConsoleScreenBufferInfo
GetProcessTimes
SetConsoleTextAttribute
SetErrorMode
FormatMessageA
LocalFree

ws2_32

recv
bind
socket
closesocket
send
listen
accept
WSACleanup
select
getaddrinfo
WSAStartup

dbghelp

EnumerateLoadedModules64
SymGetLineFromAddr64
SymFunctionTableAccess64
SymSetOptions
SymGetModuleBase64
SymGetSymFromAddr64
SymInitialize
StackWalk64

advapi32

CryptReleaseContext

Exports

Exports

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_SetMarker
D3DPERF_SetOptions
D3DPERF_SetRegion
DebugSetLevel
DebugSetMute
Direct3DCreate9
Direct3DCreate9Ex
Direct3DShaderValidatorCreate9
PSGPError
PSGPSampleTexture

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 742KB - Virtual size: 742KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 574KB - Virtual size: 590KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/libEGL.dll
.dll windows x64

67a91c2b73338ae85bff8e5227b65fa9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleExA
WriteConsoleW
SetFilePointerEx
ReadConsoleW
TlsFree
Sleep
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
EncodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
RtlUnwindEx
InterlockedFlushSList
SetLastError
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
CreateFileW
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetEndOfFile
ReadFile

user32

GetDC
IsWindow
ReleaseDC
GetClientRect

gdi32

GetDeviceCaps

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurfaceEXT
eglCreateSyncKHR
eglCreateWindowSurface
eglDestroyContext
eglDestroyImageKHR
eglDestroySurface
eglDestroySyncKHR
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttribKHR
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
libEGL_swiftshader

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/libGLESv2.dll
.dll windows x64

13bb45ea7388a4cec32a9525dcadd00f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

WSACleanup
socket
send
WSAStartup
getaddrinfo
listen
select
closesocket
bind
recv
accept

kernel32

FreeLibrary
WaitForSingleObject
SetEvent
CloseHandle
CreateThread
CreateEventA
GetCurrentProcess
GetProcessAffinityMask
VirtualProtect
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
RemoveVectoredExceptionHandler
GetLastError
LocalFree
FormatMessageA
VirtualFree
VirtualAlloc
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReadFile
GetModuleFileNameA
GetFileAttributesExA
FindFirstFileA
SetLastError
FindNextFileA
FindClose
GetTempPathA
DeleteFileA
SetFileAttributesA
RemoveDirectoryA
GetCurrentProcessId
CreateDirectoryA
GetProcAddress
CreateFileW
GetFileAttributesW
GetModuleHandleA
MultiByteToWideChar
GetCurrentDirectoryW
WideCharToMultiByte
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
SetErrorMode
GetConsoleMode
GetProcessTimes
TerminateProcess
SetConsoleCtrlHandler
GetCurrentThread
SetUnhandledExceptionFilter
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
GetSystemTimeAsFileTime
ReadConsoleW
GetConsoleCP
WriteFile
HeapFree
HeapReAlloc
HeapAlloc
WriteConsoleW
GetModuleFileNameW
HeapWalk
LoadLibraryA
GetModuleHandleExA
Sleep
GetTimeZoneInformation
OutputDebugStringW
FindFirstFileExA
IsValidCodePage
GetOEMCP
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapSize
HeapValidate
GetProcessHeap
GetFullPathNameW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
FlushFileBuffers
GetACP
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
CreateEventW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentThreadId
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
LoadLibraryExW
InterlockedFlushSList
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
SetEndOfFile
SetStdHandle
SetEnvironmentVariableA
SetFilePointerEx

user32

GetDC
SetWindowPos
GetWindowRect
ReleaseDC
GetSystemMetrics
SetWindowLongA
ClientToScreen
GetWindowLongA
GetClientRect
SetRect
ChangeDisplaySettingsA

gdi32

SetDeviceGammaRamp
CreateDIBSection
CreateCompatibleDC
StretchBlt
GetDeviceGammaRamp
DeleteDC
DeleteObject
SelectObject

advapi32

CryptReleaseContext

dbghelp

EnumerateLoadedModules64
SymGetSymFromAddr64
SymGetModuleBase64
SymGetLineFromAddr64
SymFunctionTableAccess64
SymInitialize
StackWalk64
SymSetOptions

Exports

Exports

Register
glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindFramebufferOES
glBindRenderbuffer
glBindRenderbufferOES
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glCheckFramebufferStatusOES
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteFramebuffersOES
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteRenderbuffersOES
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFramebufferRenderbuffer
glFramebufferRenderbufferOES
glFramebufferTexture2D
glFramebufferTexture2DOES
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenFramebuffersOES
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenRenderbuffersOES
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenerateMipmap
glGenerateMipmapOES
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivOES
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetRenderbufferParameterivOES
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsFramebufferOES
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
glIsRenderbufferOES
glIsSampler
glIsShader
glIsSync
glIsTexture
glIsTransformFeedback
glIsVertexArray
glLineWidth
glLinkProgram
glMapBufferRange
glPauseTransformFeedback
glPixelStorei
glPolygonOffset
glProgramBinary
glProgramParameteri
glReadBuffer
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisample
glRenderbufferStorageMultisampleANGLE
glRenderbufferStorageOES
glResumeTransformFeedback
glSampleCoverage
glSamplerParameterf
glSamplerParameterfv
glSamplerParameteri
glSamplerParameteriv
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2D
glTexStorage3D
glTexSubImage2D
glTexSubImage3D
glTransformFeedbackVaryings
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform1ui
glUniform1uiv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform2ui
glUniform2uiv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform3ui
glUniform3uiv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniform4ui
glUniform4uiv
glUniformBlockBinding
glUniformMatrix2fv
glUniformMatrix2x3fv
glUniformMatrix2x4fv
glUniformMatrix3fv
glUniformMatrix3x2fv
glUniformMatrix3x4fv
glUniformMatrix4fv
glUniformMatrix4x2fv
glUniformMatrix4x3fv
glUnmapBuffer
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribDivisor
glVertexAttribI4i
glVertexAttribI4iv
glVertexAttribI4ui
glVertexAttribI4uiv
glVertexAttribIPointer
glVertexAttribPointer
glViewport
glWaitSync
libGLESv2_swiftshader

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 998KB - Virtual size: 997KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 576KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33db2502c4e910d11f62484687e3a819

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

ws2_32

dbghelp

advapi32

Exports

Exports

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 557KB - Virtual size: 556KB

.data Size: 486KB - Virtual size: 509KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 103KB - Virtual size: 103KB

6268e7249a33220bc520ea5826ada070

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 85KB - Virtual size: 85KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 2KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 264B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

ed396f7ecb19791b72ffe9ae13937da1

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

dbghelp

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 697KB - Virtual size: 696KB

.data Size: 490KB - Virtual size: 507KB

.gfids Size: 1024B - Virtual size: 700B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 132KB - Virtual size: 131KB

45650eb7d6bf627b8292f3d3746b71d3

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

ws2_32

dbghelp

advapi32

Exports

Exports

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 742KB - Virtual size: 742KB

.data Size: 574KB - Virtual size: 590KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 557KB - Virtual size: 556KB

.data
Size: 486KB - Virtual size: 509KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 103KB - Virtual size: 103KB

.text
Size: 85KB - Virtual size: 85KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 2KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 264B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 697KB - Virtual size: 696KB

.data
Size: 490KB - Virtual size: 507KB

.gfids
Size: 1024B - Virtual size: 700B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 132KB - Virtual size: 131KB

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 742KB - Virtual size: 742KB

.data
Size: 574KB - Virtual size: 590KB

.pdata
Size: 120KB - Virtual size: 119KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 42KB - Virtual size: 41KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 6KB - Virtual size: 6KB

.gfids
Size: 512B - Virtual size: 216B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 5.0MB - Virtual size: 5.0MB

.rdata
Size: 998KB - Virtual size: 997KB

.data
Size: 576KB - Virtual size: 591KB

.pdata
Size: 147KB - Virtual size: 147KB

.gfids
Size: 1024B - Virtual size: 636B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 43KB - Virtual size: 43KB