Use_2023_As_Passw0rd[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Use_2023_As_Passw0rd.rar
Size

4.1MB
MD5

71fe30792575121d8cd8e18069402f82
SHA1

88dec5598ae9f8a2c9219aab2d73a4c5545a45ca
SHA256

025717c7f771095bfd2a02ba5a4a3cf7601648bb1dfd8adcfe1550eedc9367d3
SHA512

d73238a8fc608763c23ea3b0223a106991b8c01f00a7e7bcbd47d97c3bf9e17fbfa4c33541e919a74f8ba6981f297daf31c1d1e4a962755272a3281be7593edf
SSDEEP

98304:CGmBj4iv/wYjesAW9T/UxuAoOKdROPD94FPDs7+gIZxbBOmOMA3zqm:Cxj4ivIYjSW+oROPGFPDsrwbZOMA3zqm

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/Use_2023_As_Passw0rd/Setup.exe	vmprotect

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Use_2023_As_Passw0rd/Setup.exe
unpack001/Use_2023_As_Passw0rd/libEGL.dll
unpack001/Use_2023_As_Passw0rd/libgcc_s_dw2-1.dll
unpack001/Use_2023_As_Passw0rd/nssckbi.dll

Files

Use_2023_As_Passw0rd.rar
.rar
Use_2023_As_Passw0rd/Setup.exe
.exe windows x86

Password: 2023

27e66bdb91601a8ed917a5991e113a03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
lstrlenA
LocalAlloc
LoadLibraryA
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

IsWindowEnabled
IsChild
IsWindow
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW

ole32

CoInitialize

wtsapi32

WTSSendMessageW

Sections

.text
Size: - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Use_2023_As_Passw0rd/libEGL.dll
.dll windows x86

Password: 2023

6e2195fe2e198301b6f36a4a4a6fabe5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libgcc_s_dw2-1

__deregister_frame_info
__register_frame_info

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
strlen
strncmp
vfprintf

libglesv2

_ZN3egl10CreateSyncEPvjPKi@12
_ZN3egl10GetConfigsEPvPS0_iPi@16
_ZN3egl10GetDisplayEP5HDC__@4
_ZN3egl10InitializeEPvPiS1_@12
_ZN3egl10WaitClientEv@0
_ZN3egl10WaitNativeEi@4
_ZN3egl11CopyBuffersEPvS0_P9HBITMAP__@12
_ZN3egl11CreateImageEPvS0_jS0_PKi@20
_ZN3egl11DestroySyncEPvS0_@8
_ZN3egl11MakeCurrentEPvS0_S0_S0_@16
_ZN3egl11QueryStringEPvi@8
_ZN3egl11SwapBuffersEPvS0_@8
_ZN3egl12BindTexImageEPvS0_i@12
_ZN3egl12ChooseConfigEPvPKiPS0_iPi@20
_ZN3egl12DestroyImageEPvS0_@8
_ZN3egl12QueryContextEPvS0_iPi@16
_ZN3egl12QuerySurfaceEPvS0_iPi@16
_ZN3egl12SwapIntervalEPvi@8
_ZN3egl13CreateContextEPvS0_S0_PKi@16
_ZN3egl13GetSyncAttribEPvS0_iPi@16
_ZN3egl13ReleaseThreadEv@0
_ZN3egl13SurfaceAttribEPvS0_ii@16
_ZN3egl14ClientWaitSyncEPvS0_iy@20
_ZN3egl14CreateImageKHREPvS0_jS0_PKi@20
_ZN3egl14DestroyContextEPvS0_@8
_ZN3egl14DestroySurfaceEPvS0_@8
_ZN3egl14GetProcAddressEPKc@4
_ZN3egl15DestroyImageKHREPvS0_@8
_ZN3egl15GetConfigAttribEPvS0_iPi@16
_ZN3egl15PostSubBufferNVEPvS0_iiii@24
_ZN3egl15ReleaseTexImageEPvS0_i@12
_ZN3egl17CreateDeviceANGLEEiPvPKi@12
_ZN3egl17GetCurrentContextEv@0
_ZN3egl17GetCurrentDisplayEv@0
_ZN3egl17GetCurrentSurfaceEi@4
_ZN3egl18GetPlatformDisplayEjPvPKi@12
_ZN3egl18ReleaseDeviceANGLEEPv@4
_ZN3egl19CreatePixmapSurfaceEPvS0_P9HBITMAP__PKi@16
_ZN3egl19CreateWindowSurfaceEPvS0_P6HWND__PKi@16
_ZN3egl20CreatePbufferSurfaceEPvS0_PKi@12
_ZN3egl20QueryDeviceAttribEXTEPviPi@12
_ZN3egl20QueryDeviceStringEXTEPvi@8
_ZN3egl21GetPlatformDisplayEXTEjPvPKi@12
_ZN3egl21QueryDisplayAttribEXTEPviPi@12
_ZN3egl24QuerySurfacePointerANGLEEPvS0_iPS0_@16
_ZN3egl27CreatePlatformPixmapSurfaceEPvS0_S0_PKi@16
_ZN3egl27CreatePlatformWindowSurfaceEPvS0_S0_PKi@16
_ZN3egl29CreatePbufferFromClientBufferEPvjS0_S0_PKi@20
_ZN3egl6WaitGLEv@0
_ZN3egl7BindAPIEj@4
_ZN3egl8GetErrorEv@0
_ZN3egl8QueryAPIEv@0
_ZN3egl8WaitSyncEPvS0_i@12
_ZN3egl9TerminateEPv@4

Exports

Exports

eglBindAPI@4
eglBindTexImage@12
eglChooseConfig@20
eglClientWaitSync
eglCopyBuffers@12
eglCreateContext@16
eglCreateDeviceANGLE@12
eglCreateImage
eglCreateImageKHR@20
eglCreatePbufferFromClientBuffer@20
eglCreatePbufferSurface@12
eglCreatePixmapSurface@16
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateSync
eglCreateWindowSurface@16
eglDestroyContext@8
eglDestroyImage
eglDestroyImageKHR@8
eglDestroySurface@8
eglDestroySync
eglGetConfigAttrib@16
eglGetConfigs@16
eglGetCurrentContext@0
eglGetCurrentDisplay@0
eglGetCurrentSurface@4
eglGetDisplay@4
eglGetError@0
eglGetPlatformDisplay
eglGetPlatformDisplayEXT@12
eglGetProcAddress@4
eglGetSyncAttrib
eglInitialize@12
eglMakeCurrent@16
eglPostSubBufferNV@24
eglQueryAPI@0
eglQueryContext@16
eglQueryDeviceAttribEXT@12
eglQueryDeviceStringEXT@8
eglQueryDisplayAttribEXT@12
eglQueryString@8
eglQuerySurface@16
eglQuerySurfacePointerANGLE@16
eglReleaseDeviceANGLE@4
eglReleaseTexImage@12
eglReleaseThread@0
eglSurfaceAttrib@16
eglSwapBuffers@8
eglSwapInterval@8
eglTerminate@4
eglWaitClient@0
eglWaitGL@0
eglWaitNative@4
eglWaitSync

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Use_2023_As_Passw0rd/libgcc_s_dw2-1.dll
.dll windows x86

Password: 2023

5a18b12e92e997d2ca370de96393cb7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_initterm
_iob
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
memset
memcpy
realloc
strlen
strncmp
vfprintf

libwinpthread-1

pthread_getspecific
pthread_key_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

Exports

Exports

_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_Find_FDE
_Unwind_ForcedUnwind
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__absvdi2
__absvsi2
__addtf3
__addvdi3
__addvsi3
__ashldi3
__ashrdi3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbsi2
__clzdi2
__clzsi2
__cmpdi2
__ctzdi2
__ctzsi2
__deregister_frame
__deregister_frame_info
__deregister_frame_info_bases
__divdc3
__divdi3
__divsc3
__divtc3
__divtf3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffssi2
__fixdfdi
__fixsfdi
__fixtfdi
__fixtfsi
__fixunsdfdi
__fixunsdfsi
__fixunssfdi
__fixunssfsi
__fixunstfdi
__fixunstfsi
__fixunsxfdi
__fixunsxfsi
__fixxfdi
__floatdidf
__floatdisf
__floatditf
__floatdixf
__floatsitf
__floatundidf
__floatundisf
__floatunditf
__floatundixf
__floatunsitf
__gcc_personality_v0
__getf2
__gttf2
__letf2
__lshrdi3
__lttf2
__moddi3
__muldc3
__muldi3
__mulsc3
__multc3
__multf3
__mulvdi3
__mulvsi3
__mulxc3
__negdi2
__negtf2
__negvdi2
__negvsi2
__netf2
__paritydi2
__paritysi2
__popcountdi2
__popcountsi2
__powidf2
__powisf2
__powitf2
__powixf2
__register_frame
__register_frame_info
__register_frame_info_bases
__register_frame_info_table
__register_frame_info_table_bases
__register_frame_table
__subtf3
__subvdi3
__subvsi3
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpdi2
__udivdi3
__udivmoddi4
__umoddi3
__unordtf2

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Use_2023_As_Passw0rd/nssckbi.dll
.dll windows x64

Password: 2023

66e78bf7d69bdd6325645d2f50ee516a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

nss3

PL_ArenaAllocate
PL_ArenaRelease
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_strcasecmp
PL_strlen
PR_CallOnce
PR_Calloc
PR_DestroyLock
PR_Free
PR_GetThreadPrivate
PR_Lock
PR_NewLock
PR_NewThreadPrivateIndex
PR_SetThreadPrivate
PR_Unlock

api-ms-win-crt-private-l1-1-0

memcmp
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort

api-ms-win-crt-string-l1-1-0

memset
strlen
strncmp

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
_close
_open
_write
fwrite

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

Exports

Exports

C_GetFunctionList

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2023

27e66bdb91601a8ed917a5991e113a03

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

wtsapi32

Sections

.text Size: - Virtual size: 97KB

.rdata Size: - Virtual size: 10KB

.data Size: - Virtual size: 1KB

.vmp0 Size: - Virtual size: 2.3MB

.vmp1 Size: 3.9MB - Virtual size: 3.9MB

.rsrc Size: 129KB - Virtual size: 128KB

Password: 2023

6e2195fe2e198301b6f36a4a4a6fabe5

Headers

File Characteristics

Imports

libgcc_s_dw2-1

kernel32

msvcrt

libglesv2

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 2KB - Virtual size: 1KB

.eh_fram Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 1KB

.edata Size: 2KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 1024B - Virtual size: 652B

Password: 2023

5a18b12e92e997d2ca370de96393cb7f

Headers

File Characteristics

Imports

kernel32

msvcrt

libwinpthread-1

Exports

Exports

Sections

.text Size: 86KB - Virtual size: 85KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 10KB - Virtual size: 10KB

/4 Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 1KB

.edata Size: 3KB - Virtual size: 2KB

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 2KB - Virtual size: 1KB

Password: 2023

66e78bf7d69bdd6325645d2f50ee516a

Headers

DLL Characteristics

File Characteristics

Imports

nss3

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

kernel32

advapi32

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

.text
Size: - Virtual size: 97KB

.rdata
Size: - Virtual size: 10KB

.data
Size: - Virtual size: 1KB

.vmp0
Size: - Virtual size: 2.3MB

.vmp1
Size: 3.9MB - Virtual size: 3.9MB

.rsrc
Size: 129KB - Virtual size: 128KB

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 2KB - Virtual size: 1KB

.eh_fram
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 652B

.text
Size: 86KB - Virtual size: 85KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 10KB - Virtual size: 10KB

/4
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 3KB - Virtual size: 2KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 82KB - Virtual size: 82KB

.rdata
Size: 288KB - Virtual size: 288KB

.buildid
Size: 512B - Virtual size: 171B

.data
Size: 37KB - Virtual size: 37KB

.pdata
Size: 4KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 10KB - Virtual size: 9KB