2204e5fa23a3b4b40871ca770d5cfc69

Sharing

Copy URL Twitter E-mail

General

Target

2204e5fa23a3b4b40871ca770d5cfc69
Size

1.1MB
MD5

2204e5fa23a3b4b40871ca770d5cfc69
SHA1

f802effdb1f0af1b62dae5ba5ae21b24b4cee47d
SHA256

9b1a77bd25b84e19f101d5524421e714b2ccb87b02393bd39ec890f44322e0fb
SHA512

5290ff73bf27ca0ca6e6e5d9d51d8509acb101c38bec091b2e89448325bc2c26603798d5aa90797e49162f5e8ba558f519410e252d126a493fb8a1a3122ac085
SSDEEP

24576:mvEhPRkJuigeNMZDnpvN3PbMw3Bw/5AOH7kEDUQsIOv61uc:eUCJuje+pvN/Awu/2ePUEXuc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/opk/Opk.exe	upx

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/opk/Opk.exe
unpack002/out.upx
unpack001/opk/browser/brsplus.exe
unpack001/opk/browser/components/browsercomps.dll
unpack001/opk/browser/freebl3.dll
unpack001/opk/browser/mozalloc.dll
unpack001/opk/data/pxy/mgwz.dll

Files

2204e5fa23a3b4b40871ca770d5cfc69
.rar
opk/Opk.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 256KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 432KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
opk/browser/application.ini
opk/browser/brsplus.exe
.exe windows:5 windows x86 arch:x86

b7e32ea9c7ef37ea6da80ee435e9f53a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

xul

NS_SetDllDirectory
XRE_GetBinaryPath
XRE_GetFileFromPath
XRE_CreateAppData
XRE_main
XRE_FreeAppData
?NS_SetHasLoadedNewDLLs@@YAXXZ

xpcom

NS_StringGetData
NS_CStringToUTF16
NS_CStringContainerInit2
NS_CStringContainerFinish
NS_StringContainerFinish
NS_StringContainerInit
NS_LogTerm
NS_LogInit

mozalloc

moz_xmalloc
moz_free
moz_malloc

nspr4

PR_SetEnv
PR_smprintf_free
PR_smprintf
PR_GetEnv

plc4

PL_strcasecmp

kernel32

IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
SearchPathW
GetProcAddress
VirtualProtectEx
LoadLibraryExA
GetCurrentProcess
VirtualAllocEx

user32

MessageBoxW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msvcr90

_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
_onexit
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_dup
_fdopen
vfprintf
fclose
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
__p__fmode
_vsnwprintf
strcmp
memcpy
wcslen
wcsrchr

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 715KB - Virtual size: 715KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
opk/browser/chrome/browser/content/browser/inspector.html
.html
opk/browser/chrome/browser/content/browser/license.html
.js
opk/browser/chrome/browser/content/browser/tabview.html
.xml
opk/browser/chrome/toolkit/content/global/buildconfig.html
.html
opk/browser/chrome/toolkit/content/global/cpow/child.html
.html
opk/browser/chrome/toolkit/content/global/directionDetector.html
.html
opk/browser/chrome/toolkit/content/global/license.html
.js
opk/browser/chrome/toolkit/content/global/plugins.html
.html .js polyglot
opk/browser/chrome/toolkit/res/hiddenWindow.html
.html
opk/browser/components/browsercomps.dll
.dll windows:5 windows x86 arch:x86

11caeeb7631d291e805c9bee62140611

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

xpcom

NS_CStringContainerFinish
NS_StringGetData
NS_GetComponentManager
NS_GetServiceManager
NS_CStringGetMutableData
NS_StringGetMutableData
NS_StringSetData
NS_Realloc
NS_StringCloneData
NS_CStringCloneData
NS_Free
NS_UTF16ToCString
NS_NewLocalFile
NS_CStringToUTF16
NS_StringContainerInit2
NS_StringSetDataRange
NS_StringCopy
NS_NewNativeLocalFile
NS_CStringCopy
NS_StringContainerInit
NS_CStringContainerInit2
NS_StringContainerFinish
NS_CStringSetDataRange
NS_CStringSetData
NS_CStringGetData
NS_CStringContainerInit

xul

?Release@gfxASurface@@QAEKXZ

mozalloc

moz_malloc
moz_realloc
moz_xrealloc
moz_free
moz_xmalloc

nspr4

PR_Malloc
PR_Free
PR_Read
PR_sscanf
PR_ImplodeTime
PR_Close
PR_Now
PR_StringToNetAddr
PR_Calloc
PR_SetError
PR_NewLock
PR_Unlock
PR_Lock
PR_GetError
PR_DestroyLock

plc4

PL_strncpy
PL_strcasecmp
PL_strlen
PL_strcmp
PL_strdup
PL_strcpy

kernel32

CreateFileA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
LoadLibraryA
HeapAlloc
SetStdHandle
GetModuleHandleA
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
RtlUnwind
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
GetCurrentDirectoryA
GetFullPathNameA
GetSystemTimeAsFileTime
WriteConsoleA
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
HeapFree
IsValidCodePage
GetOEMCP
GetACP
CloseHandle
CreateProcessW
GetEnvironmentVariableW
GetLongPathNameW
GetModuleFileNameW
FileTimeToSystemTime
ExpandEnvironmentStringsW
InterlockedDecrement
GetProcAddress
LoadLibraryW
GetWindowsDirectoryA
MultiByteToWideChar
GetCPInfo
GetTimeZoneInformation
WideCharToMultiByte
ExitProcess
HeapSize
Sleep
WriteConsoleW
GetConsoleOutputCP
CreateFileW
SetEndOfFile
GetProcessHeap
CompareStringA
CompareStringW
GetCurrentProcessId
SetEnvironmentVariableA
IsDebuggerPresent
TerminateProcess
SetLastError
InterlockedIncrement
TlsSetValue
TlsAlloc
TlsGetValue
GetCurrentThreadId
GetCommandLineA
GetLastError
FindClose
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsFree

user32

SystemParametersInfoW
SetSysColors
ReleaseDC
GetDC
GetSysColor

gdi32

EnumFontFamiliesExW

advapi32

RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Exports

Exports

NSModule

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
opk/browser/defaults/profile/bookmarks.html
opk/browser/freebl3.dll
.dll windows:5 windows x86 arch:x86

52463392d0dff600b0987106efec19d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

NSS_SecureMemcmp
SECITEM_CompareItem_Util
PORT_GetError_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_CopyItem_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
SECITEM_AllocItem_Util
PORT_ZFree_Util
PORT_ZAlloc_Util
PORT_SetError_Util
PORT_Free_Util
PORT_Alloc_Util

nspr4

PR_GetLibraryFilePathname
PR_Seek
PR_Free
PR_DestroyCondVar
PR_WaitCondVar
PR_NotifyCondVar
PR_NotifyAllCondVar
PR_NewCondVar
PR_Lock
PR_Unlock
PR_CallOnce
PR_NewLock
PR_DestroyLock
PR_Open
PR_Read
PR_Close

shell32

SHGetSpecialFolderPathW

msvcr90

isupper
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_time64
_stat64i32
memcpy
_snwprintf
fclose
fread
fopen
memset
strncmp
rand
free
malloc
abort
calloc
islower
_strdup
isdigit
toupper
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook

kernel32

GlobalMemoryStatus
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LoadLibraryA
GetProcAddress
FreeLibrary
QueryPerformanceCounter
GetLogicalDrives
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetVolumeInformationA
GetDiskFreeSpaceA
WideCharToMultiByte
GetTempPathW
FindFirstFileW
FindNextFileW
FindClose
GetTickCount

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
opk/browser/mozalloc.dll
.dll windows:5 windows x86 arch:x86

8aaef5c6d0618c00c5d7d5bf42dfaf80

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_amsg_exit
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
_initterm_e
_initterm
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
__iob_func
fputs
_exit
_msize
realloc
calloc
malloc
_unlock
free
_strdup

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

??4fallible_t@vvtbrse@@QAEAAU01@ABU01@@Z
?mozalloc_abort@@YAXQBD@Z
?mozalloc_handle_oom@@YAXXZ
?vvtbrse_Throw@std@@YAXABVexception@stdext@@@Z
moz_calloc
moz_free
moz_malloc
moz_malloc_usable_size
moz_realloc
moz_strdup
moz_xcalloc
moz_xmalloc
moz_xrealloc
moz_xstrdup

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
opk/browser/platform.ini
opk/data/appdata/compatibility.ini
opk/data/appdata/extensions.ini
opk/data/appdata/urlclassifierkey3.txt
opk/data/click.log
opk/data/pxy/config.txt
opk/data/pxy/mgwz.dll
.dll windows:4 windows x86 arch:x86

6e0d411d3fcca5990423266db759d223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

_fdopen
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_vsnprintf
clearerr
fclose
fflush
fopen
fputc
fread
free
fseek
ftell
fwrite
getenv
localeconv
malloc
memcpy
memset
strcat
strcpy
strerror
strlen
wcslen

kernel32

DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
WideCharToMultiByte

Exports

Exports

_dist_code
_get_output_format
_length_code
_tr_align
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gzclearerr
gzclose
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
inflate_copyright
inflate_fast
inflate_table
uncompress
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
opk/data/pxy/templates/bat.bat
opk/data/pxy/templates/tmp.txt
.html
opk/使用说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 256KB - Virtual size: 260KB

.rsrc Size: 38KB - Virtual size: 40KB

Headers

File Characteristics

Sections

.text Size: 432KB - Virtual size: 428KB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 56KB - Virtual size: 53KB

b7e32ea9c7ef37ea6da80ee435e9f53a

Headers

DLL Characteristics

File Characteristics

Imports

xul

xpcom

mozalloc

nspr4

plc4

kernel32

user32

version

msvcr90

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 715KB - Virtual size: 715KB

.reloc Size: 3KB - Virtual size: 2KB

11caeeb7631d291e805c9bee62140611

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

xul

mozalloc

nspr4

plc4

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 162KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 12KB - Virtual size: 11KB

52463392d0dff600b0987106efec19d7

Headers

DLL Characteristics

File Characteristics

Imports

nssutil3

nspr4

shell32

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 256KB - Virtual size: 260KB

.rsrc
Size: 38KB - Virtual size: 40KB

.text
Size: 432KB - Virtual size: 428KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 56KB - Virtual size: 53KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 715KB - Virtual size: 715KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 163KB - Virtual size: 162KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 12KB - Virtual size: 11KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 876B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B

.text
Size: 60KB - Virtual size: 59KB

.data
Size: 512B - Virtual size: 100B

.rdata
Size: 18KB - Virtual size: 17KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB