0576965a6941f828bc946495eec125d7

Sharing

Copy URL Twitter E-mail

General

Target

0576965a6941f828bc946495eec125d7
Size

822KB
MD5

0576965a6941f828bc946495eec125d7
SHA1

607e0cc1bcd695a7d48f6104b7aa1c06eb7b9ba2
SHA256

27a4d43071a073bbb4522c7d3058d8ff3098b99f6862db05c8ee2546b5a43b8b
SHA512

95ff4b23e4570d9ad06103e4e403aba62ba3d7255e0464ae864dd700bdff7659a41b3fb496ed59028f5ba8a7ed21cc5991c653bedafaf5d3d1ebfcdf5b685c9c
SSDEEP

24576:yOwcgj6LX/r0/eDz9y5qjSd/iRmhSsfuLKPPSRnwb+FL:VgMvlE5q2dEm53f6FL

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Quick_Unpack_v2.0final_by_aiflyer/Engine.sys
unpack001/Quick_Unpack_v2.0final_by_aiflyer/ImportTracers/PECompactv2.x.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/Force.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/Human.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/UsAr.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/UsArdll.d11
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/cadt.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/deroko.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/doer.sys
unpack001/Quick_Unpack_v2.0final_by_aiflyer/PESniffer.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/PEiDLL.DLL
unpack001/Quick_Unpack_v2.0final_by_aiflyer/Plugins/PluginEx.dll
unpack001/Quick_Unpack_v2.0final_by_aiflyer/QUnpack.exe
unpack001/Quick_Unpack_v2.0final_by_aiflyer/selfscan.dll

Files

0576965a6941f828bc946495eec125d7
.rar
Quick_Unpack_v2.0final_by_aiflyer/Engine.sys
.dll windows:4 windows x86 arch:x86

1fb225ebd9f2dcd267286077ced52344

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntoskrnl.exe

IofCompleteRequest
ZwSetInformationThread
memmove
PsGetCurrentThreadId
ZwYieldExecution
PsGetCurrentProcessId
ZwQueryInformationProcess
KeNumberProcessors
RtlAppendUnicodeStringToString
IoDeleteDevice
IoCreateSymbolicLink
IoDeleteSymbolicLink
IoRegisterShutdownNotification
IoUnregisterShutdownNotification
IoCreateDevice
RtlIntegerToUnicodeString
ZwOpenKey
ZwCreateKey
RtlCopyUnicodeString
memcpy
IoAcquireCancelSpinLock
IoReleaseCancelSpinLock
ExQueueWorkItem
KeInitializeSpinLock
KeBugCheckEx
RtlInitUnicodeString
ZwClose
ExFreePoolWithTag
ZwQueryValueKey
ExAllocatePoolWithTag

hal

KeGetCurrentIrql
KfReleaseSpinLock
KfAcquireSpinLock
KfLowerIrql

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 609B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.STL
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/ImportTracers/PECompactv2.x.dll
.dll windows:4 windows x86 arch:x86

ff22697165d98bb65eb88dc24cc02224

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
MapViewOfFile
UnmapViewOfFile
CloseHandle

Exports

Exports

Trace

Sections

.text
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/License.txt
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/Force.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetDllOEPNow
GetOEPNow
ShortFinderName

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/Human.dll
.dll windows:4 windows x86 arch:x86

2f7a27781249d80e04656b6a0ecbac06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cadt

InstrDasm
MakeMnemonic
InstrDecode

comctl32

InitCommonControls

kernel32

CloseHandle
ContinueDebugEvent
CreateFileA
CreateProcessA
CreateToolhelp32Snapshot
DebugActiveProcessStop
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
GetThreadContext
GetThreadSelectorEntry
GlobalAlloc
GlobalFree
Process32First
Process32Next
ReadFile
ReadProcessMemory
SetThreadContext
TerminateProcess
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtectEx
WaitForDebugEvent
WriteFile
WriteProcessMemory
lstrcatA

user32

CheckDlgButton
DialogBoxParamA
EnableWindow
EndDialog
GetAsyncKeyState
GetDlgItem
GetDlgItemTextA
IsDlgButtonChecked
MessageBoxA
SendMessageA
SetDlgItemTextA

Exports

Exports

GetOEPNow
ShortFinderName

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/UsAr.dll
.dll windows:4 windows x86 arch:x86

99efa5bb5c500263c336bea472b98a7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
GetExitCodeProcess
GetModuleFileNameA
GetThreadContext
LoadLibraryA
ResumeThread
SetThreadContext
VirtualAllocEx
WaitForSingleObject
WriteProcessMemory
lstrcatA
lstrcpyA

Exports

Exports

GetOEPNow
ShortFinderName

Sections

.text
Size: 1024B - Virtual size: 970B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 130B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/UsArdll.d11
.dll windows:4 windows x86 arch:x86

c99042b29dc86c8860da31076fa694f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetLayeredWindowAttributes
UnhookWindowsHookEx
TranslateAcceleratorA
ShowWindow
SetWindowsHookExA
SetWindowTextA
SetWindowLongA
SetDlgItemTextA
SetCursor
SendMessageA
MessageBoxA
LoadIconA
LoadCursorA
LoadAcceleratorsA
KillTimer
InflateRect
GetWindowTextA
GetWindowLongA
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
GetDC
GetClientRect
FrameRect
FillRect
EndDialog
DrawTextA
DialogBoxParamA
DestroyAcceleratorTable
CallWindowProcA
CallNextHookEx

kernel32

ExitProcess
OpenThread
lstrcatA
VirtualProtect
Thread32Next
Thread32First
SuspendThread
ResumeThread
IsBadReadPtr
GlobalFree
GlobalAlloc
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
CreateToolhelp32Snapshot

cadt

InstrDecode
MakeMnemonic
InstrDasm

gdi32

CreateBrushIndirect
CreateSolidBrush
DeleteObject
GetObjectA
GetStockObject
SelectObject
SetBkColor
SetBkMode
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

MakeDump

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/cadt.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetCadtVersion
InstrDasm
InstrDecode
MakeMnemonic

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/deroko.dll
.dll windows:4 windows x86 arch:x86

065a07397bdde5756fc6951d3aeb5e2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cadt

MakeMnemonic
InstrDasm
InstrDecode

advapi32

DeleteService
StartServiceA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
CreateServiceA

comctl32

InitCommonControls

kernel32

CloseHandle
CreateFileA
CreateFileW
CreateProcessA
DebugActiveProcessStop
DeviceIoControl
GetModuleFileNameA
GlobalAlloc
GlobalFree
ReadFile
ReadProcessMemory
ResumeThread
SwitchToThread
TerminateProcess
VirtualAlloc
VirtualFree
WriteFile
WriteProcessMemory
lstrcatA

user32

DialogBoxParamA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
IsDlgButtonChecked
MessageBoxA
SendMessageA
SetDlgItemTextA

Exports

Exports

GetOEPNow
ShortFinderName

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/OEPFinders/doer.sys
.sys windows:5 windows x86 arch:x86

e8708ab10c74089bf834bf0c505c543e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
ObfDereferenceObject
KeDetachProcess
ProbeForRead
KeAttachProcess
PsLookupProcessByProcessId
DbgPrint
_except_handler3
ZwYieldExecution
PsGetCurrentProcessId
RtlInitUnicodeString
IoCreateSymbolicLink
IoCreateDevice
PsSetCreateProcessNotifyRoutine
KeSetAffinityThread
KeNumberProcessors
KeGetCurrentThread
KeTickCount
NtCreateFile

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 640B - Virtual size: 610B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 384B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/PESniffer.dll
.dll windows:4 windows x86 arch:x86

8e4121032692da8c5f65944d2b4c896a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetFileSize
lstrlenA
MapViewOfFile
UnmapViewOfFile
lstrcpynA
HeapAlloc
HeapFree
FlushViewOfFile
GetProcessHeap
ReadFile
lstrcatA
DisableThreadLibraryCalls
CreateFileMappingA
GetModuleFileNameA
CloseHandle
lstrcpyA
HeapReAlloc
IsBadReadPtr
LCMapStringW
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
RaiseException
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapSize
WriteFile
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA

user32

CharUpperA

imagehlp

ImageNtHeader

Exports

Exports

AnalyzeFile
GetTotalSignatures
IsDataBaseLoaded

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/PEiDLL.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

FileEntropy
GetInternalDatabase
GetPEiDScanMode
MultiScanDir
PEiDLLVersion
PEiDVersion
ScanWithPEiD
Scan_Deep
Scan_Hard
Scan_Norm
SetPluginOptions
SetScanOptions

Sections

packerBY
Size: - Virtual size: 627KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 668B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Quick_Unpack_v2.0final_by_aiflyer/Plugins/PluginEx.dll
.dll windows:4 windows x86 arch:x86

7e45ecb69f553c3cfb5bde11088a7f5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls

user32

MessageBoxA

Exports

Exports

GetPluginName
StartPlugin

Sections

.data
Size: 512B - Virtual size: 371B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/QU.ini
Quick_Unpack_v2.0final_by_aiflyer/QUnpack.exe
.exe windows:4 windows x86 arch:x86

23f148e873033d782c74955623486787

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

ImageNtHeader
ImageRvaToVa

psapi

GetModuleFileNameExA
GetMappedFileNameA

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
VirtualProtect
GetSystemInfo
VirtualQuery
GetCommandLineA
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetACP
IsValidCodePage
GetCurrentThreadId
GetVersion
MultiByteToWideChar
CompareStringW
CompareStringA
InterlockedExchange
lstrcpynA
WritePrivateProfileStructA
GetPrivateProfileStructA
HeapReAlloc
HeapAlloc
HeapFree
IsBadReadPtr
GetProcessHeap
MulDiv
FindNextFileA
FindFirstFileA
FreeLibrary
FindClose
TerminateThread
SetThreadPriority
lstrcpyA
GetCPInfo
ExitProcess
GlobalUnlock
GlobalLock
GlobalAlloc
SetThreadContext
SetThreadAffinityMask
SetProcessAffinityMask
SwitchToThread
SetCurrentDirectoryA
GetCurrentDirectoryA
WriteProcessMemory
WriteFile
QueryDosDeviceA
GetLogicalDriveStringsA
GetExitCodeProcess
VirtualQueryEx
OpenThread
SetFilePointer
VirtualFreeEx
VirtualAllocEx
GetFileSize
VirtualFree
VirtualAlloc
VirtualProtectEx
ResumeThread
DeviceIoControl
GetCurrentThread
WaitForSingleObject
UnmapViewOfFile
GetCurrentProcess
DuplicateHandle
MapViewOfFile
CreateFileMappingA
OpenProcess
CreateFileA
lstrlenA
WideCharToMultiByte
GetModuleHandleA
GetLastError
SetLastError
DeleteFileA
GetThreadContext
ReadFile
Sleep
lstrcatA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
TerminateProcess
ReadProcessMemory
SuspendThread
CreateThread
CreateProcessA
lstrcmpA
CloseHandle
LockResource
lstrcmpiA
GetVersionExA
FreeResource
LoadResource
SizeofResource
FileTimeToSystemTime
WritePrivateProfileStringA
FindResourceA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
CreatePipe
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetOEMCP
InterlockedIncrement
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
FormatMessageA
LocalFree
_lopen
_lclose
_lread
_llseek
LocalAlloc
GlobalFree
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentProcessId
GetModuleFileNameW
InterlockedDecrement
MoveFileA
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetFullPathNameA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
HeapDestroy

user32

GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EndDialog
GetNextDlgTabItem
IsWindowEnabled
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
GetWindowPlacement
DefWindowProcA
DeferWindowPos
AdjustWindowRectEx
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
GetMenuItemID
TrackPopupMenu
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetLastActivePopup
GetWindowTextA
GetWindowTextLengthA
SetFocus
GetClassLongA
IsChild
WinHelpA
SendDlgItemMessageA
RegisterWindowMessageA
CheckDlgButton
ModifyMenuA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
GetWindowDC
BeginPaint
EndPaint
TranslateMessage
ShowOwnedPopups
GetWindowThreadProcessId
UnregisterClassA
MapDialogRect
SetWindowContextHelpId
DestroyMenu
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorA
RedrawWindow
SetMenu
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
GetSubMenu
UnpackDDElParam
SetRect
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
GetMenuState
CheckMenuItem
KillTimer
ClientToScreen
SendMessageA
GetCapture
CreatePopupMenu
EnableMenuItem
AppendMenuA
GetClientRect
IsIconic
LoadImageA
IntersectRect
SetRectEmpty
GetForegroundWindow
GetSystemMenu
EqualRect
GetMenuItemInfoA
GetMenuItemCount
IsMenu
OffsetRect
IsWindowVisible
UnhookWindowsHookEx
SetWindowsHookExA
DrawStateA
GetMenuItemRect
GetClassNameA
DestroyIcon
SetMenuItemInfoA
SystemParametersInfoA
CallNextHookEx
TabbedTextOutA
IsRectEmpty
ReleaseDC
PostMessageA
GetCursorPos
ScreenToClient
DispatchMessageA
GetMessageA
GetDlgCtrlID
GrayStringA
DrawTextExA
DrawTextA
ValidateRect
GetFocus
GetKeyState
GetWindow
InflateRect
CopyRect
CharUpperA
RemoveMenu
LoadBitmapA
MessageBoxExA
GetDC
FillRect
UnregisterHotKey
RegisterHotKey
GetSysColor
CloseClipboard
GetWindowRect
InvalidateRect
SetCapture
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
SetClipboardData
EmptyClipboard
OpenClipboard
MessageBoxA
PostQuitMessage
SetForegroundWindow
UpdateWindow
GetSystemMetrics
ReuseDDElParam
SetWindowPos
GetParent
GetWindowLongA
SetPropA
GetDlgItem
EnableWindow
GetPropA
CallWindowProcA
SetWindowLongA
RemovePropA
DrawIcon
WaitForInputIdle
SetTimer
wsprintfA
GetMenu
LoadIconA

gdi32

GetTextMetricsA
Ellipse
GetCurrentObject
ExtTextOutA
RectVisible
PtVisible
CreatePen
Escape
GetTextColor
GetClipBox
GetStockObject
Rectangle
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
GetPixel
DeleteDC
BitBlt
TextOutA
CreateSolidBrush
GetTextExtentPoint32A
SetBkMode
SetBkColor
CreateFontA
SetTextColor
CreateFontIndirectA
GetObjectA
DeleteObject
RestoreDC
LineTo
MoveToEx
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetRgnBox
SetMapMode
ExcludeClipRect
SaveDC
CreateBitmap

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CloseServiceHandle
CreateServiceA
StartServiceA
OpenSCManagerA
OpenServiceA
RegDeleteKeyA
RegSetValueA
RegCreateKeyA
DeleteService
ControlService

shell32

DragFinish
DragQueryFileA
ShellExecuteA
ShellExecuteExA

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleInitialize

oleaut32

SysFreeString
OleLoadPicture
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
VariantCopy

comctl32

ImageList_GetIcon
ord17
ImageList_Draw

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
StrToIntA

oledlg

ord8

peidll

Scan_Deep
Scan_Hard
Scan_Norm

pesniffer

AnalyzeFile

oleacc

LresultFromObject
CreateStdAccessibleObject

winmm

waveOutClose
waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

Exports

Exports

luaL_addlstring
luaL_addstring
luaL_addvalue
luaL_argerror
luaL_buffinit
luaL_callmeta
luaL_checkany
luaL_checkinteger
luaL_checklstring
luaL_checknumber
luaL_checkoption
luaL_checkstack
luaL_checktype
luaL_checkudata
luaL_error
luaL_findtable
luaL_getmetafield
luaL_gsub
luaL_loadbuffer
luaL_loadfile
luaL_loadstring
luaL_newmetatable
luaL_newstate
luaL_openlib
luaL_openlibs
luaL_optinteger
luaL_optlstring
luaL_optnumber
luaL_prepbuffer
luaL_pushresult
luaL_ref
luaL_register
luaL_typerror
luaL_unref
luaL_where
lua_atpanic
lua_call
lua_checkstack
lua_close
lua_concat
lua_cpcall
lua_createtable
lua_dump
lua_equal
lua_error
lua_gc
lua_getallocf
lua_getfenv
lua_getfield
lua_gethook
lua_gethookcount
lua_gethookmask
lua_getinfo
lua_getlocal
lua_getmetatable
lua_getstack
lua_gettable
lua_gettop
lua_getupvalue
lua_insert
lua_iscfunction
lua_isnumber
lua_isstring
lua_isuserdata
lua_lessthan
lua_load
lua_newstate
lua_newthread
lua_newuserdata
lua_next
lua_objlen
lua_pcall
lua_pushboolean
lua_pushcclosure
lua_pushfstring
lua_pushinteger
lua_pushlightuserdata
lua_pushlstring
lua_pushnil
lua_pushnumber
lua_pushstring
lua_pushthread
lua_pushvalue
lua_pushvfstring
lua_rawequal
lua_rawget
lua_rawgeti
lua_rawset
lua_rawseti
lua_remove
lua_replace
lua_resume
lua_setallocf
lua_setfenv
lua_setfield
lua_sethook
lua_setlocal
lua_setmetatable
lua_settable
lua_settop
lua_setupvalue
lua_status
lua_toboolean
lua_tocfunction
lua_tointeger
lua_tolstring
lua_tonumber
lua_topointer
lua_tothread
lua_touserdata
lua_type
lua_typename
lua_xmove
lua_yield
luaopen_base
luaopen_debug
luaopen_io
luaopen_math
luaopen_os
luaopen_package
luaopen_string
luaopen_table

Sections

CODE
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/Readme.eng.txt
Quick_Unpack_v2.0final_by_aiflyer/SDK/OEPFinders/UPack OEP Finder/PELIB.PAS
Quick_Unpack_v2.0final_by_aiflyer/SDK/OEPFinders/UPack OEP Finder/UPackOEP.bdsproj
Quick_Unpack_v2.0final_by_aiflyer/SDK/OEPFinders/UPack OEP Finder/UPackOEP.bdsproj.local
Quick_Unpack_v2.0final_by_aiflyer/SDK/OEPFinders/UPack OEP Finder/UPackOEP.cfg
Quick_Unpack_v2.0final_by_aiflyer/SDK/OEPFinders/UPack OEP Finder/UPackOEP.dpr
Quick_Unpack_v2.0final_by_aiflyer/SDK/OEPFinders/UPack OEP Finder/pelib.dcu
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.cpp
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.def
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.dsp
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.dsw
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.h
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.sln
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.suo
Quick_Unpack_v2.0final_by_aiflyer/SDK/Plugins/C++/PluginEx.vcproj
.xml
Quick_Unpack_v2.0final_by_aiflyer/Scripts.eng.txt
Quick_Unpack_v2.0final_by_aiflyer/Scripts/2Processes.txt
Quick_Unpack_v2.0final_by_aiflyer/Scripts/LUA Manual.html
.html .js polyglot
Quick_Unpack_v2.0final_by_aiflyer/Scripts/OllyAttach.txt
Quick_Unpack_v2.0final_by_aiflyer/Scripts/print.txt
Quick_Unpack_v2.0final_by_aiflyer/Signs.txt
Quick_Unpack_v2.0final_by_aiflyer/replace.ini
Quick_Unpack_v2.0final_by_aiflyer/selfscan.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DetectPacker

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Quick_Unpack_v2.0final_by_aiflyer/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

1fb225ebd9f2dcd267286077ced52344

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 609B

.CRT Size: 512B - Virtual size: 12B

.STL Size: 512B - Virtual size: 16B

PAGE Size: 2KB - Virtual size: 2KB

INIT Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

ff22697165d98bb65eb88dc24cc02224

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 230B

.rdata Size: 512B - Virtual size: 234B

.reloc Size: 512B - Virtual size: 28B

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 16KB - Virtual size: 16KB

DATA Size: 1024B - Virtual size: 556B

BSS Size: - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 119B

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 512B

2f7a27781249d80e04656b6a0ecbac06

Headers

File Characteristics

Imports

cadt

comctl32

kernel32

user32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1010B

99efa5bb5c500263c336bea472b98a7f

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 970B

.rdata Size: 512B - Virtual size: 511B

.data Size: 512B - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 130B

c99042b29dc86c8860da31076fa694f0

Headers

File Characteristics

Imports

user32

kernel32

cadt

gdi32

shell32

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 609B

.CRT
Size: 512B - Virtual size: 12B

.STL
Size: 512B - Virtual size: 16B

PAGE
Size: 2KB - Virtual size: 2KB

INIT
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 512B - Virtual size: 230B

.rdata
Size: 512B - Virtual size: 234B

.reloc
Size: 512B - Virtual size: 28B

CODE
Size: 16KB - Virtual size: 16KB

DATA
Size: 1024B - Virtual size: 556B

BSS
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 119B

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1010B

.text
Size: 1024B - Virtual size: 970B

.rdata
Size: 512B - Virtual size: 511B

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 130B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

CODE
Size: 19KB - Virtual size: 18KB

DATA
Size: 9KB - Virtual size: 8KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.edata
Size: 512B - Virtual size: 139B

.reloc
Size: 1024B - Virtual size: 1020B

.rsrc
Size: 512B - Virtual size: 512B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 456B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 384B - Virtual size: 292B

.data
Size: 256B - Virtual size: 232B

INIT
Size: 640B - Virtual size: 610B

.reloc
Size: 384B - Virtual size: 360B

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 5KB - Virtual size: 5KB