b18c2e1f887b8685f3d639d5894d8b81982e4012f138a1ccd705d5b4b4b78436[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

b18c2e1f887b8685f3d639d5894d8b81982e4012f138a1ccd705d5b4b4b78436.zip.zip
Size

6.6MB
MD5

127610d0df08664c3bf23abbc0090ac2
SHA1

f7d0c55531055960c4ac5563e6311dd52e6b87ee
SHA256

6d6d89f0b827a53d5595cda1b24367ebf85c0394fe1b64700a7fa46bfbb8ffc1
SHA512

11a613e93d304bd15bf039499ee7584509a354fbad4ef86fb59c3fdf214d7782680f8a81480b7eea2a11d6f8c39f4e1f47e5425dfc70ff7a34ffcb9dfecd651c
SSDEEP

196608:BUCbO9TdRg6L4c6RCqDBuZhaW4eyZo10b6LhY6e:9baNPZIW4eyZo1/e

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 10 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack003/asvcb.exe	upx
static1/unpack005/asvfaf.exe	upx
static1/unpack007/asvmxp.exe	upx
static1/unpack009/asvpc.exe	upx
static1/unpack009/p3080c.dat	upx
static1/unpack009/p40700c.dat	upx
static1/unpack009/p50301c.dat	upx
static1/unpack009/p60790c.dat	upx
static1/unpack009/p70190c.dat	upx
static1/unpack002/install/asv5.exe	upx

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
unpack003/asvcb.exe
unpack005/asvfaf.exe
unpack007/asvmxp.exe
unpack009/asvpc.exe
unpack009/p3080.dat
unpack009/p3080c.dat
unpack009/p40700.dat
unpack009/p40700c.dat
unpack009/p50301.dat
unpack009/p50301c.dat
unpack009/p60790.dat
unpack009/p60790c.dat
unpack009/p70190.dat
unpack009/p70190c.dat
unpack002/install/UnzDll.dll
unpack002/install/asv5.exe

Files

b18c2e1f887b8685f3d639d5894d8b81982e4012f138a1ccd705d5b4b4b78436.zip.zip
.zip

Password: infected
b18c2e1f887b8685f3d639d5894d8b81982e4012f138a1ccd705d5b4b4b78436.zip
.zip
addons/asvcb200.zip
.zip
asvcb.chm
.chm
asvcb.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 572KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
asvcb.ini
addons/asvfaf101.zip
.zip
asvfaf.chm
.chm
asvfaf.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 584KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
asvfaf.ini
addons/asvmxp101.zip
.zip
asvmxp.chm
.chm
asvmxp.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 600KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 320KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
asvmxp.ini
addons/asvpc201.zip
.zip
asvpc.chm
.chm
asvpc.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 412KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 240KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
asvpc.ini
p3080.dat
.exe windows:4 windows x86

e0f41be3cb937dabff34123390991845

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GlobalAlloc
ExitProcess
GetModuleHandleA
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WinExec
CopyFileA
WriteFile
SetEndOfFile
DeleteFileA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetModuleFileNameA
GlobalUnlock
GlobalLock
GetCommandLineA
GetStartupInfoA
QueryPerformanceCounter
GlobalFree

user32

ClientToScreen
GetCursorPos
ScreenToClient
FillRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
SetCursor
EndPaint
BeginPaint
DestroyMenu
CheckMenuItem
InvalidateRect
SetWindowLongA
GetMenu
SetMenu
LoadMenuA
GetCapture
DialogBoxParamA
TrackPopupMenu
GetSubMenu
EnableMenuItem
DefWindowProcA
DestroyWindow
PostQuitMessage
LoadStringA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetWindow
GetDesktopWindow
MoveWindow
EndDialog
GetWindowRect
SetWindowPos
GetDC
ReleaseDC
GetWindowLongA
GetClientRect
WindowFromPoint

gdi32

GetTextMetricsA
CreateFontIndirectA
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
GdiFlush
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
CreateSolidBrush
GetClipBox
RestoreDC
IntersectClipRect
SaveDC
GetSystemPaletteEntries
ExtTextOutA
CreatePalette
EnumFontFamiliesA
SetBkMode
SetTextColor
SetTextAlign

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegSetValueA
RegCloseKey

shell32

DragQueryFileA
DragAcceptFiles

winmm

waveOutPrepareHeader
waveOutUnprepareHeader
timeKillEvent
timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
waveOutWrite
waveOutReset
timeSetEvent
waveOutOpen
waveOutGetDevCapsA
waveOutClose

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
p3080c.dat
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
p40700.dat
.exe windows:4 windows x86

75c3811b239a6c75e270610d830e276d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
SetErrorMode
LoadLibraryA
GetACP
IsDBCSLeadByte
GetCPInfo
Sleep
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
CreateProcessA
WaitForMultipleObjects
CreateThread
GetLastError
ExitThread
WinExec
CopyFileA
WriteFile
SetEndOfFile
DeleteFileA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetStartupInfoA
GetCommandLineA
GlobalUnlock
GlobalLock
lstrlenA
GetModuleHandleA
ExitProcess
GetProcAddress
GlobalAlloc
QueryPerformanceCounter
GlobalFree

user32

ClientToScreen
DeleteMenu
LoadMenuA
ScreenToClient
TrackPopupMenu
WindowFromPoint
GetCursorPos
FillRect
SetTimer
KillTimer
SetCapture
ReleaseCapture
SetCursor
EndPaint
BeginPaint
MessageBoxA
PostMessageA
GetDlgItem
GetWindowTextLengthA
GetDlgItemTextA
EnableWindow
GetWindowLongA
GetClientRect
CheckMenuItem
DestroyMenu
SetMenu
InvalidateRect
MoveWindow
DialogBoxParamA
EndDialog
GetSubMenu
EnableMenuItem
DefWindowProcA
DestroyWindow
PostQuitMessage
LoadStringA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetWindow
GetWindowRect
SetWindowPos
GetKeyState
GetClipboardData
GetMenu
SetWindowLongA
GetDesktopWindow
OpenClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC
SetFocus
SetDlgItemTextA
GetCapture

gdi32

CreatePalette
SetTextAlign
SetDIBitsToDevice
GdiFlush
StretchDIBits
DeleteObject
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
LineTo
MoveToEx
SetBkColor
GetBkColor
SetBkMode
GetBkMode
ExtTextOutA
GetTextExtentPoint32A
CreatePen
Rectangle
GetStockObject
CreateSolidBrush
SetTextColor
GetTextMetricsA
CreateFontIndirectA
RealizePalette
SelectPalette
GetClipBox
SaveDC
SelectObject
RestoreDC
GetSystemPaletteEntries
IntersectClipRect

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegSetValueA
RegCloseKey
RegQueryValueExA

shell32

DragAcceptFiles
DragQueryFileA

winmm

waveOutPrepareHeader
waveOutUnprepareHeader
timeKillEvent
timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
waveOutWrite
waveOutReset
timeSetEvent
waveOutOpen
waveOutGetDevCapsA
waveOutClose

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
p40700c.dat
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
p50301.dat
.exe windows:4 windows x86

aca7b64d2ff622a479557e51639b3ba8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalAlloc
LoadLibraryA
SetErrorMode
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
IsDBCSLeadByte
GetACP
GetCPInfo
Sleep
WaitForMultipleObjects
CreateThread
ExitThread
CopyFileA
WriteFile
SetEndOfFile
DeleteFileA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetModuleFileNameA
GlobalLock
QueryPerformanceCounter
GetCommandLineA
GetModuleHandleA
ExitProcess
lstrlenA
GetStartupInfoA
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
GlobalFree
LeaveCriticalSection
GlobalUnlock

user32

SetTimer
GetFocus
SetCapture
ReleaseCapture
SetCursor
EndPaint
BeginPaint
MessageBoxA
DeleteMenu
ClientToScreen
DestroyMenu
GetCapture
GetCursorPos
WindowFromPoint
ScreenToClient
MapVirtualKeyA
CheckMenuItem
InvalidateRect
GetWindowTextLengthA
GetDlgItemTextA
EnableWindow
SetDlgItemTextA
SetFocus
GetClientRect
GetMenu
SetMenu
GetDesktopWindow
MoveWindow
DialogBoxParamA
FillRect
KillTimer
EnableMenuItem
PostQuitMessage
LoadMenuA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
GetMessageA
TranslateMessage
DispatchMessageA
TranslateAcceleratorA
GetWindow
GetWindowRect
SetWindowPos
GetWindowLongA
DefWindowProcA
IsWindow
DestroyWindow
CreateWindowExA
SetWindowLongA
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
GetKeyState
EmptyClipboard
SetClipboardData
EndDialog
GetSubMenu
LoadStringA
OpenClipboard
GetClipboardData
CloseClipboard
GetDC
ReleaseDC
PostMessageA
GetDlgItem
TrackPopupMenu

gdi32

SetPolyFillMode
StrokePath
FillPath
ExtCreatePen
SelectObject
StretchDIBits
SetDIBitsToDevice
GdiFlush
CreateCompatibleBitmap
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
EnumFontFamiliesA
ExtTextOutA
SetBkColor
GetBkColor
SetTextAlign
SetBkMode
SetTextColor
SelectClipRgn
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32A
GetTextMetricsA
GetTextAlign
GetBkMode
GetTextColor
IntersectClipRect
GetClipRgn
CreateRectRgn
CreateFontIndirectA
DPtoLP
GetObjectA
RealizePalette
StartDocA
LPtoDP
StartPage
EndPage
EndDoc
BeginPath
CreatePalette
EndPath
GetSystemPaletteEntries
SaveDC
DeleteObject
SelectClipPath
PolyBezierTo
CreateSolidBrush
RestoreDC
GetClipBox
SelectPalette

comdlg32

GetSaveFileNameA
GetOpenFileNameA
PrintDlgA

advapi32

RegQueryValueExA
RegSetValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

winmm

timeKillEvent
timeSetEvent
waveOutReset
timeEndPeriod
timeGetTime
timeBeginPeriod
timeGetDevCaps
waveOutGetDevCapsA
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutOpen

Sections

.text
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
p50301c.dat
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
p60790.dat
.exe windows:4 windows x86

1f54a79e6dfab96202140f8e5fc197f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htonl
gethostbyname
htons
WSACleanup
WSAStartup
ioctlsocket
setsockopt

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree

oleaut32

SysFreeString

kernel32

MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GlobalLock
GlobalUnlock
SetFilePointer
ExitProcess
GetModuleHandleA
GetCommandLineA
GetProcessTimes
SetEndOfFile
CopyFileA
SetThreadPriority
CreateThread
ExitThread
InterlockedIncrement
InterlockedDecrement
ResetEvent
WaitForMultipleObjects
GetCurrentThreadId
GetThreadPriority
GetCurrentThread
Sleep
GetModuleFileNameA
WaitForSingleObject
GetTickCount
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateMutexA
SetErrorMode
LoadLibraryA
GetProcAddress
FindClose
FindNextFileA
FindFirstFileA
GetFileSize
WriteFile
ReadFile
CreateFileA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
DeleteFileA
GetFileAttributesA
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
GetUserDefaultLangID
GetLastError
GetStartupInfoA
CreateProcessA
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
IsDBCSLeadByte
GetACP
GetCPInfo
GetVersionExA
GlobalFree
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
GetCurrentProcess
FreeLibrary
CreateEventA

user32

DestroyWindow
SetClipboardData
EmptyClipboard
SetWindowPos
GetWindowRect
GetWindow
UnregisterClassA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RegisterClassA
LoadIconA
UpdateWindow
ShowWindow
PostQuitMessage
DialogBoxParamA
EndDialog
MoveWindow
GetDesktopWindow
SetDlgItemTextA
EnableWindow
GetDlgItemTextA
GetWindowTextLengthA
GetDlgItem
SetMenu
PostThreadMessageA
GetQueueStatus
PeekMessageA
MsgWaitForMultipleObjects
RegisterWindowMessageA
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
GetWindowLongA
DefWindowProcA
IsWindow
CreateWindowExA
OpenClipboard
GetMenu
BeginPaint
EndPaint
LoadCursorA
SetCursor
KillTimer
SetTimer
PostMessageA
FillRect
GetSubMenu
ReleaseCapture
GetCapture
LoadMenuA
GetMenuItemID
DeleteMenu
ClientToScreen
TrackPopupMenu
SetCapture
GetCursorPos
ScreenToClient
GetClientRect
LoadStringA
EnableMenuItem
CheckMenuItem
InvalidateRect
SetWindowLongA
WaitForInputIdle
MapVirtualKeyA
GetKeyState
MessageBoxA
GetSystemMetrics
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
GetDC
ReleaseDC
GetDoubleClickTime
SetFocus
DestroyMenu
WindowFromPoint
GetFocus

gdi32

StartDocA
GetClipBox
CreateSolidBrush
BeginPath
FillPath
ExtCreatePen
StrokePath
EndPath
PolyBezierTo
SelectClipPath
RestoreDC
SaveDC
EndPage
StartPage
GdiFlush
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
CreateCompatibleBitmap
GetObjectA
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
MoveToEx
LineTo
EnumFontFamiliesA
SetBkMode
LPtoDP
SetTextAlign
IntersectClipRect
SelectClipRgn
ExtTextOutA
ExtTextOutW
SetTextColor
GetTextMetricsA
CreateFontIndirectA
CreatePen
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
DPtoLP
GetTextExtentPoint32A
GetTextExtentPoint32W
GetCurrentObject
SetBkColor
GetBkColor
CreatePalette
SetPolyFillMode
EndDoc
GetSystemPaletteEntries

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

winmm

timeGetDevCaps
waveInGetDevCapsA
waveInReset
waveInUnprepareHeader
waveInClose
waveInOpen
waveInPrepareHeader
waveInStop
waveInAddBuffer
waveInStart
waveInGetNumDevs
timeBeginPeriod
waveOutGetNumDevs
waveOutReset
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
timeSetEvent
timeGetTime
timeEndPeriod
waveOutOpen
waveOutGetDevCapsA
timeKillEvent
waveOutClose

Sections

.text
Size: 648KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 826KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
p60790c.dat
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 394KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
p70190.dat
.exe windows:4 windows x86

b167c936a5840d8cd91f401b087acf08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

setsockopt
WSAStartup
WSACleanup
htons
htonl
gethostbyname
ioctlsocket

ole32

CoUninitialize
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance

oleaut32

SysFreeString

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

kernel32

FindFirstFileA
FindNextFileA
FindClose
GetSystemDirectoryA
CreateMutexA
ReleaseMutex
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetTickCount
WaitForSingleObject
WideCharToMultiByte
GetModuleFileNameA
GetFileSize
CreateThread
ExitThread
GlobalUnlock
GlobalLock
IsDBCSLeadByteEx
lstrlenA
SetEndOfFile
CopyFileA
ExitProcess
GetModuleHandleA
GetCommandLineA
GetProcessTimes
GetCurrentProcess
SetThreadPriority
CreateEventA
SetEvent
InterlockedIncrement
InterlockedDecrement
ResetEvent
WaitForMultipleObjects
GetThreadPriority
GetCurrentThread
SetFilePointer
GetTempPathA
GetTempFileNameA
WriteFile
ReadFile
CreateFileA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
DeleteFileA
GetFileAttributesA
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
LeaveCriticalSection
GetSystemDefaultLangID
FreeLibrary
GetUserDefaultLangID
GetLastError
GetStartupInfoA
CreateProcessA
CloseHandle
GetCurrentThreadId
GetLocaleInfoA
SetErrorMode
LoadLibraryA
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
IsDBCSLeadByte
GetACP
GetCPInfo
MultiByteToWideChar
GetVersionExA
GlobalFree
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
Sleep

user32

EndPaint
BeginPaint
GetMenu
DestroyWindow
GetFocus
CreateWindowExA
IsWindow
DefWindowProcA
GetWindowLongA
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
SetClipboardData
EmptyClipboard
SetWindowPos
GetWindowRect
GetWindow
UnregisterClassA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RegisterClassA
LoadIconA
UpdateWindow
ShowWindow
PostQuitMessage
DialogBoxParamA
EndDialog
MoveWindow
GetDesktopWindow
SetDlgItemTextA
EnableWindow
GetDlgItemTextA
GetWindowTextLengthA
GetDlgItem
SetMenu
PostThreadMessageA
GetQueueStatus
PeekMessageA
MsgWaitForMultipleObjects
RegisterWindowMessageA
LoadCursorA
SetCursor
KillTimer
SetTimer
PostMessageA
GetSubMenu
LoadMenuA
GetMenuItemID
DeleteMenu
ClientToScreen
TrackPopupMenu
DestroyMenu
SetFocus
SetCapture
ReleaseCapture
SystemParametersInfoA
ScreenToClient
GetCapture
GetCursorPos
WindowFromPoint
GetClientRect
LoadStringA
EnableMenuItem
CheckMenuItem
InvalidateRect
SetWindowLongA
WaitForInputIdle
MapVirtualKeyA
GetKeyState
MessageBoxA
GetMenuItemInfoA
InsertMenuItemA
GetSystemMetrics
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
DdeClientTransaction
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
GetKeyboardLayout
GetDC
ReleaseDC
GetDoubleClickTime
GetMenuItemCount
FillRect

gdi32

StartPage
GetCurrentObject
SelectClipPath
FillPath
ExtCreatePen
StrokePath
EndDoc
EndPath
PolyBezierTo
SetBkColor
StartDocA
LPtoDP
GetClipBox
CreateSolidBrush
GetSystemPaletteEntries
CreatePalette
GetBkColor
LineTo
MoveToEx
SetPolyFillMode
BeginPath
RestoreDC
SaveDC
GdiFlush
DeleteObject
SelectObject
StretchDIBits
SetDIBitsToDevice
CreateCompatibleBitmap
GetObjectA
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
EnumFontFamiliesA
SetBkMode
SetTextAlign
IntersectClipRect
SelectClipRgn
ExtTextOutA
ExtTextOutW
SetTextColor
GetTextMetricsA
CreateFontIndirectA
CreatePen
GetClipRgn
CreateRectRgn
GetTextAlign
GetBkMode
GetTextColor
DPtoLP
GetTextExtentPoint32A
GetTextExtentPoint32W
EndPage

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA
RegCloseKey
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

winmm

waveOutReset
waveOutWrite
waveOutPrepareHeader
waveInGetDevCapsA
waveOutGetNumDevs
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutGetDevCapsA
waveInGetNumDevs
waveInStart
waveInAddBuffer
waveInStop
waveInPrepareHeader
waveInOpen
waveInClose
waveInUnprepareHeader
waveInReset
timeGetTime
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeSetEvent
timeKillEvent

Sections

.text
Size: 784KB - Virtual size: 782KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 829KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
p70190c.dat
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 453KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
addons/asvsol101.zip
.zip
install/UnzDll.dll
.dll windows:4 windows x86

a27e4821c065b9b6d827149e0f0c5e63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
DosDateTimeToFileTime
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentDirectoryA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MultiByteToWideChar
OpenFile
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
_lclose
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

shell32

SHChangeNotify

user32

CharToOemBuffA
DialogBoxParamA
EndDialog
EnumThreadWindows
GetDesktopWindow
MessageBoxA
OemToCharBuffA
SendDlgItemMessageA
SendMessageA
wsprintfA

Exports

Exports

DllEntryPoint
GetUnzDllPrivVersion
GetUnzDllVersion
UnzDllExec
___CPPdebugHook

Sections

.text
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
install/asv40.pke
install/asv5.chm
.chm
install/asv5.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
install/ctt1.td1
.js
install/ctt1.td2
install/cttdef.dat
.png
install/readme.txt
install/upx125w.zip
.zip

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 572KB

UPX1 Size: 314KB - Virtual size: 316KB

.rsrc Size: 9KB - Virtual size: 12KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 584KB

UPX1 Size: 316KB - Virtual size: 316KB

.rsrc Size: 10KB - Virtual size: 12KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 600KB

UPX1 Size: 320KB - Virtual size: 324KB

.rsrc Size: 10KB - Virtual size: 12KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 412KB

UPX1 Size: 240KB - Virtual size: 244KB

.rsrc Size: 9KB - Virtual size: 12KB

e0f41be3cb937dabff34123390991845

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

winmm

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 22KB - Virtual size: 21KB

.reloc Size: 2KB - Virtual size: 2KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 96KB

UPX1 Size: 71KB - Virtual size: 72KB

.rsrc Size: 8KB - Virtual size: 12KB

75c3811b239a6c75e270610d830e276d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

winmm

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 10KB

.data1 Size: 4KB - Virtual size: 176B

.rsrc Size: 32KB - Virtual size: 30KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 160KB

UPX1 Size: 130KB - Virtual size: 132KB

.rsrc Size: 9KB - Virtual size: 12KB

aca7b64d2ff622a479557e51639b3ba8

Headers

File Characteristics

UPX0
Size: - Virtual size: 572KB

UPX1
Size: 314KB - Virtual size: 316KB

.rsrc
Size: 9KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 584KB

UPX1
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 10KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 600KB

UPX1
Size: 320KB - Virtual size: 324KB

.rsrc
Size: 10KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 412KB

UPX1
Size: 240KB - Virtual size: 244KB

.rsrc
Size: 9KB - Virtual size: 12KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 22KB - Virtual size: 21KB

.reloc
Size: 2KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 96KB

UPX1
Size: 71KB - Virtual size: 72KB

.rsrc
Size: 8KB - Virtual size: 12KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 10KB

.data1
Size: 4KB - Virtual size: 176B

.rsrc
Size: 32KB - Virtual size: 30KB

UPX0
Size: - Virtual size: 160KB

UPX1
Size: 130KB - Virtual size: 132KB

.rsrc
Size: 9KB - Virtual size: 12KB

.text
Size: 276KB - Virtual size: 274KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 12KB - Virtual size: 17KB

.data1
Size: 4KB - Virtual size: 176B

.rsrc
Size: 40KB - Virtual size: 37KB

UPX0
Size: - Virtual size: 204KB

UPX1
Size: 174KB - Virtual size: 176KB

.rsrc
Size: 9KB - Virtual size: 12KB

.text
Size: 648KB - Virtual size: 645KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 48KB - Virtual size: 826KB

.data1
Size: 4KB - Virtual size: 912B

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 88KB - Virtual size: 85KB

UPX0
Size: - Virtual size: 1.2MB

UPX1
Size: 394KB - Virtual size: 396KB

.rsrc
Size: 30KB - Virtual size: 32KB