5401ac54f4f8e9b06a95acde38cc948d

Sharing

Copy URL

Twitter E-mail

General

Target

5401ac54f4f8e9b06a95acde38cc948d
Size

1.2MB
MD5

5401ac54f4f8e9b06a95acde38cc948d
SHA1

2081f30052f050fa4d0341b4c9e27aa665361449
SHA256

6e95aeb33d6452681c95ef8a96a4302c8dea8a320b7e438f1407cb074520f880
SHA512

364d2ada2735f6ee1b56c0889059b0d443ccbf6053ce68b0a2da8c67236953c948a2ada4163d16216bf7085107b4480e760d684003afce4f8c86db3ac79927c3
SSDEEP

24576:BQNb0GdakEWrkV9MbU/evUhWzyiYF06fhX/Nj/EFLWnaQt6tjpxorapy:WNb0hkEWrKMbU/CUhWK0EvNj/h5Wxor9

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
5401ac54f4f8e9b06a95acde38cc948d
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/KillProcDLL.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/MessengerSkinnerDll_new.dll
unpack001/MessengerSkinner_new.exe
unpack001/uninst.exe
unpack003/$PLUGINSDIR/KillProcDLL.dll
unpack003/$PLUGINSDIR/LangDLL.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_1

Files

5401ac54f4f8e9b06a95acde38cc948d
.exe windows:4 windows x86 arch:x86

ef428f59ef523870c863d520caf0904c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
SearchPathA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
lstrcpyA
CreateProcessW
lstrcatW
lstrcpyW
lstrlenW
GetVersionExA
CreateFileW
GetSystemDirectoryW
ReleaseMutex
GlobalFindAtomA
CreateMutexA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetModuleFileNameW
GlobalAddAtomA
GlobalDeleteAtom
SetLastError
FindFirstFileW
WideCharToMultiByte
TerminateThread
GetExitCodeThread
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
RemoveDirectoryA
MulDiv

user32

EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
SetClipboardData
CharLowerW
FindWindowA
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
CloseClipboard
IsWindowVisible
CallWindowProcA
LoadBitmapA
GetMessagePos
CharLowerA
CheckDlgButton
GetWindowRect
ScreenToClient
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
EndPaint
DrawTextA
FillRect
GetClientRect
BeginPaint
DefWindowProcA
SendMessageA
InvalidateRect
EnableWindow
GetDC
LoadImageA
SetWindowLongA
GetDlgItem
IsWindow
FindWindowExA
SendMessageTimeoutA
GetClassInfoA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoInitializeEx
CoSetProxyBlanket
CoUninitialize
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
CoInitializeSecurity

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

HttpQueryInfoA
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntry
InternetOpenA
InternetOpenUrlA

msvcrt

free
rand
srand
time
memcpy
strncmp
malloc
strchr
sprintf
strncat
realloc
_except_handler3
strstr
memset

oleaut32

VariantClear

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
MessengerSkinnerDll_new.dll
.dll windows:4 windows x86 arch:x86

4d9828a2b6a8afa82440b613cdad44cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
HttpQueryInfoA
DeleteUrlCacheEntry

kernel32

FileTimeToSystemTime
GetCurrentThread
GetFileTime
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitThread
HeapAlloc
GetFullPathNameA
GetCommandLineA
SetStdHandle
GetFileType
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
lstrcmpA
SuspendThread
SetThreadPriority
GetThreadLocale
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LocalFree
SetFileAttributesA
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersion
lstrcmpiA
GetDriveTypeA
lstrcpynA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
SetFilePointer
IsBadWritePtr
WideCharToMultiByte
GetACP
GetLocaleInfoA
lstrcpyA
FindResourceA
LoadResource
LockResource
GetEnvironmentVariableA
CopyFileA
FormatMessageA
LocalAlloc
GetVersionExA
GetCurrentProcess
SetLastError
FindNextFileA
FindFirstFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemDefaultLangID
GetTempFileNameA
GetTempPathA
SetEvent
ResetEvent
CreateEventA
GetUserDefaultLangID
GetModuleFileNameA
SystemTimeToTzSpecificLocalTime
GetLastError
GetExitCodeThread
GetTickCount
CreateThread
GlobalReAlloc
WriteFile
MulDiv
CreateFileA
GetFileSize
ReadFile
CloseHandle
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalSize
GlobalLock
MultiByteToWideChar
InterlockedIncrement
Sleep
DeleteFileA
WaitForSingleObject
CreateDirectoryA
ResumeThread
lstrlenA
InterlockedDecrement
HeapFree

user32

UnregisterClassA
GetSysColorBrush
PtInRect
DestroyMenu
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
ValidateRect
GetCursorPos
CharNextA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
GetClassLongA
LoadStringA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindow
RegisterWindowMessageA
OffsetRect
IsIconic
GetWindowPlacement
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetParent
GetNextDlgTabItem
CopyRect
GetSysColor
FillRect
SetRect
MapVirtualKeyA
GetKeyboardState
ToAscii
SetKeyboardState
SetFocus
SetWindowPos
GetForegroundWindow
EnableMenuItem
CreateMenu
AppendMenuA
CallWindowProcW
CallWindowProcA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetMenu
GetMenuItemCount
GetMenuItemInfoA
DeleteMenu
DrawMenuBar
KillTimer
GetClassNameA
IsWindowUnicode
SetWindowLongW
SetWindowLongA
MessageBoxA
FindWindowExA
EnumWindows
SetForegroundWindow
keybd_event
SetTimer
InvalidateRect
SetCursor
SetWindowRgn
LoadCursorA
PostThreadMessageA
GetWindowRect
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
CharUpperA
SetPropA
EndPaint
wsprintfA
SystemParametersInfoA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
IsWindow
PostMessageA
GrayStringA
DrawTextA
TabbedTextOutA
LoadBitmapA
GetDesktopWindow
GetDC
ReleaseDC
EmptyClipboard
RegisterClipboardFormatA
SetClipboardData
OpenClipboard
EnumClipboardFormats
GetClipboardFormatNameA
GetClipboardData
CloseClipboard
SendMessageA
GetSystemMetrics
GetClientRect
EnableWindow
LoadIconA
ModifyMenuA

gdi32

GetViewportExtEx
GetWindowExtEx
DPtoLP
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetBitmapDimensionEx
CreateDIBitmap
CreateDIBSection
DeleteDC
GetDeviceCaps
CreateCompatibleDC
BitBlt
LPtoDP
GetObjectA
SetMapMode
RestoreDC
SaveDC
GetBkColor
GetTextColor
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
DeleteObject
ExtCreateRegion
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
IIDFromString
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject

olepro32

ord251
ord253

oleaut32

VariantCopy
SysStringLen
SysAllocString
SysAllocStringLen
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysFreeString
VariantClear
GetErrorInfo
VariantTimeToSystemTime
VariantChangeType

urlmon

URLDownloadToFileA

oleacc

AccessibleChildren
AccessibleObjectFromWindow

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Exports

Exports

InitializeDllFromExe

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MessengerSkinner_new.exe
.exe windows:4 windows x86 arch:x86

cb3f48cb75fdd6f9a813dbb4a7d49f94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
MulDiv
SetErrorMode
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
SizeofResource
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapReAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
GetACP
LockResource
SetStdHandle
GetFileType
HeapSize
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindResourceA
LoadResource
GlobalLock
GlobalDeleteAtom
GetCurrentThread
GetProfileStringA
GetCurrentThreadId
GetFileAttributesA
FileTimeToLocalFileTime
lstrcmpiA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
WideCharToMultiByte
MoveFileA
GetEnvironmentVariableA
CopyFileA
SetLastError
FindNextFileA
FindFirstFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateFileMappingA
OpenFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemDefaultLangID
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
lstrcatA
FormatMessageA
MultiByteToWideChar
InterlockedIncrement
TerminateProcess
CreateEventA
GetSystemDirectoryA
CreateDirectoryA
GetWindowsDirectoryA
WriteFile
GetFileSize
DeleteFileA
CreateMutexA
ReleaseMutex
lstrcpyA
CreateProcessA
GetVersionExA
SetFilePointer
ReadFile
GetFileTime
FileTimeToSystemTime
GetDateFormatA
CreateFileA
SetEvent
TerminateThread
GetUserDefaultLangID
GetModuleFileNameA
SystemTimeToTzSpecificLocalTime
GetLastError
GetExitCodeThread
GetTickCount
CreateThread
ResumeThread
WaitForSingleObject
CloseHandle
OutputDebugStringA
lstrcmpA
GlobalAlloc
GlobalFree
GetModuleHandleA
LocalAlloc
LocalReAlloc
LocalFree
lstrlenA
InterlockedDecrement
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
EnterCriticalSection

user32

GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
PtInRect
GetClassNameA
LoadCursorA
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
DestroyMenu
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
MessageBoxA
PostMessageA
IsWindow
DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
UnregisterClassA
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
MapDialogRect
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
PostThreadMessageA
RegisterClipboardFormatA
InflateRect
GetFocus
GetNextDlgTabItem
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
InvalidateRect
GetClassInfoA
SystemParametersInfoA
GetSystemMetrics
wsprintfA
ScreenToClient
ClientToScreen
LoadIconA
SetTimer
SetWindowPos
SendMessageA
EnableWindow
DrawIcon
GetClientRect
IsIconic
KillTimer
GetDesktopWindow
GetWindowTextA
MessageBeep
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
UnhookWindowsHookEx
CharUpperA

gdi32

ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
TextOutA
GetMapMode
PatBlt
RectVisible
PtVisible
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
LPtoDP
CreateBitmap
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateDIBitmap
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoRevokeClassObject
OleFlushClipboard
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SysAllocStringLen
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
GetErrorInfo
VariantClear

urlmon

URLDownloadToFileA

iphlpapi

GetAdaptersInfo
GetIfEntry

wininet

InternetCloseHandle
HttpSendRequestA
InternetReadFile
InternetSetOptionA
HttpOpenRequestA
InternetConnectA
InternetSetStatusCallback
InternetOpenA
HttpQueryInfoA
InternetGetConnectedState
InternetOpenUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ws2_32

WSAStartup
gethostname
WSACleanup
inet_addr
send
select
htons
closesocket
socket
bind
listen
accept
shutdown
recv
gethostbyname

shlwapi

PathFileExistsA

Sections

.text
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

72hovnpo
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pg86ihcl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
download/defaultPack.cab
.cab
02247.gif
.gif
02331.gif
.gif
02469.gif
.gif
02555.gif
.gif
02559.gif
.gif
02564.gif
.gif
02573.gif
.gif
02632.gif
.gif
02645.gif
.gif
02662.gif
.gif
02668.gif
.gif
02858.gif
.gif
03523.gif
.gif
03874.gif
.gif
03875.gif
.gif
03876.gif
.gif
03877.gif
.gif
03878.gif
.gif
03879.gif
.gif
03880.gif
.gif
03881.gif
.gif
03882.gif
.gif
03883.gif
.gif
03884.gif
.gif
03885.gif
.gif
content.xml
.xml
resources/appconfig.xml
.xml
resources/btn.rgn
resources/btnBnr.rgn
resources/btnIn.rgn
resources/btnInNormal.bmp
resources/btnInOver.bmp
resources/btnNormal.bmp
resources/btnNormal.gif
.gif
resources/btnNormalBnr.bmp
resources/btnNormalBnr.gif
.gif
resources/btnOver.bmp
resources/btnOver.gif
.gif
resources/btnOverBnr.bmp
resources/btnOverBnr.gif
.gif
resources/languages_v2.xml
.xml
uninst.exe
.exe windows:4 windows x86 arch:x86

ef428f59ef523870c863d520caf0904c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
SearchPathA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
lstrcpyA
CreateProcessW
lstrcatW
lstrcpyW
lstrlenW
GetVersionExA
CreateFileW
GetSystemDirectoryW
ReleaseMutex
GlobalFindAtomA
CreateMutexA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetModuleFileNameW
GlobalAddAtomA
GlobalDeleteAtom
SetLastError
FindFirstFileW
WideCharToMultiByte
TerminateThread
GetExitCodeThread
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
RemoveDirectoryA
MulDiv

user32

EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
SetClipboardData
CharLowerW
FindWindowA
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
CloseClipboard
IsWindowVisible
CallWindowProcA
LoadBitmapA
GetMessagePos
CharLowerA
CheckDlgButton
GetWindowRect
ScreenToClient
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
EndPaint
DrawTextA
FillRect
GetClientRect
BeginPaint
DefWindowProcA
SendMessageA
InvalidateRect
EnableWindow
GetDC
LoadImageA
SetWindowLongA
GetDlgItem
IsWindow
FindWindowExA
SendMessageTimeoutA
GetClassInfoA

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoInitializeEx
CoSetProxyBlanket
CoUninitialize
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
CoInitializeSecurity

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

wininet

HttpQueryInfoA
InternetReadFile
InternetCloseHandle
DeleteUrlCacheEntry
InternetOpenA
InternetOpenUrlA

msvcrt

free
rand
srand
time
memcpy
strncmp
malloc
strchr
sprintf
strncat
realloc
_except_handler3
strstr
memset

oleaut32

VariantClear

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GlobalFree
lstrcpyA
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP

Exports

Exports

KillProc

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GlobalFree
lstrcpynA
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GlobalAlloc

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp

Sharing

General

Malware Config

Signatures

Files

ef428f59ef523870c863d520caf0904c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

wininet

msvcrt

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 2KB - Virtual size: 109KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 18KB - Virtual size: 17KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 1012B

815c88741b87a0210c457b00b57bf9c6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 2KB

946eb0a1e85c9ade4acaf634eb5a64f1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 697B

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 264B

4d9828a2b6a8afa82440b613cdad44cc

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 109KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 18KB - Virtual size: 17KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 1012B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 697B

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 264B

.text
Size: 236KB - Virtual size: 235KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 24KB - Virtual size: 35KB

Shared
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 32KB - Virtual size: 28KB

.reloc
Size: 32KB - Virtual size: 30KB

.text
Size: 192KB - Virtual size: 192KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 28KB - Virtual size: 28KB

72hovnpo
Size: 106KB - Virtual size: 108KB

pg86ihcl
Size: 4KB - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 2KB - Virtual size: 109KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 18KB - Virtual size: 17KB