WoR_Release_2[.]3[.]1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

WoR_Release_2.3.1.zip
Size

17.5MB
MD5

8b971263400e3c4919bfef1324735362
SHA1

a51727d1cf4931404675499d7f8e68189d672a36
SHA256

fc3f6a98e1744adaa8c514514c35176805aac8bb44e16514c2a979683fa0ae1f
SHA512

6c2c3195614c7c0753e8028d083a168139e7b292df812526f599d219cc7caa0b31fe2f5bc0d57140c695eb8960e10d51221b47bf9a2455e86c8d40f8f0dbfd89
SSDEEP

393216:+TcyG4cagMODpFO8zQVHyjp2tfRRPbdoU18uj4nUhocBoUWua4P/UtvTUGtY:ybG4tOdk8RjEPh3jxvrak/UtRW

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/INIFileParser.dll
unpack001/Joveler.DynLoader.dll
unpack001/ManagedWimLib.dll
unpack001/Microsoft.Dism.dll
unpack001/Microsoft.Wim.dll
unpack001/Microsoft.WindowsAPICodePack.Shell.dll
unpack001/Microsoft.WindowsAPICodePack.dll
unpack001/NLog.Windows.Forms.dll
unpack001/NLog.dll
unpack001/System.Management.Automation.dll
unpack001/WoR.FlatUI.dll
unpack001/WoR.exe
unpack001/lib/x64/libwim-15.dll
unpack001/lib/x86/libwim-15.dll

Files

WoR_Release_2.3.1.zip
.zip
INIFileParser.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Joveler.DynLoader.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ManagedWimLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Microsoft.Dism.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Microsoft.Wim.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Microsoft.WindowsAPICodePack.Shell.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Microsoft.WindowsAPICodePack.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NLog.Windows.Forms.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NLog.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 848KB - Virtual size: 847KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/04/2018, 12:41

Not After

27/04/2028, 12:41

Subject

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

Issuer

CN=.NET Foundation Projects Code Signing CA,O=.NET Foundation,C=US

Not Before

25/10/2018, 00:00

Not After

29/10/2021, 12:00

Subject

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=wa,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:10:56:8e:61:ed:4a:db:b2:78:fe:51:cd:63:62:ed:e4:18:e6:f9:b5:44:af:42:d1:80:41:52:2d:66:12:81
Signer

Actual PE Digest

8c:10:56:8e:61:ed:4a:db:b2:78:fe:51:cd:63:62:ed:e4:18:e6:f9:b5:44:af:42:d1:80:41:52:2d:66:12:81

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 673KB - Virtual size: 673KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.Management.Automation.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 982KB - Virtual size: 982KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WoR.FlatUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WoR.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WoR.exe.config
.xml
assets/bootstrap/css/bootstrap-grid.css
assets/bootstrap/css/bootstrap-grid.css.map
assets/bootstrap/css/bootstrap-grid.min.css
assets/bootstrap/css/bootstrap-grid.min.css.map
assets/bootstrap/css/bootstrap-reboot.css
assets/bootstrap/css/bootstrap-reboot.css.map
assets/bootstrap/css/bootstrap-reboot.min.css
assets/bootstrap/css/bootstrap-reboot.min.css.map
assets/bootstrap/css/bootstrap.css
assets/bootstrap/css/bootstrap.css.map
assets/bootstrap/css/bootstrap.min.css
assets/bootstrap/css/bootstrap.min.css.map
assets/bootstrap/js/bootstrap.bundle.js
.js
assets/bootstrap/js/bootstrap.bundle.js.map
.js
assets/bootstrap/js/bootstrap.bundle.min.js
.js
assets/bootstrap/js/bootstrap.bundle.min.js.map
assets/bootstrap/js/bootstrap.js
.js
assets/bootstrap/js/bootstrap.js.map
.js
assets/bootstrap/js/bootstrap.min.js
.js
assets/bootstrap/js/bootstrap.min.js.map
.js
assets/bootstrap/js/jquery-3.3.1.min.js
.js
assets/changelog.htm
.html
assets/credits.htm
.html
assets/css/shared.css
assets/images/device/RPi-ARM32.png
.png
assets/images/device/RPi3-ARM64.png
.png
assets/images/device/RPi4-ARM64.png
.png
assets/images/logo_4096x4096.png
.png
assets/images/welcome_img_2048x4308.png
.png
assets/licenses.htm
.html
lang/cs-CZ.lng
lang/de-DE.lng
lang/en-US.lng
lang/es-ES.lng
lang/fi-FI.lng
lang/fr-FR.lng
lang/hr-HR.lng
lang/hu-HU.lng
lang/it-IT.lng
lang/ja-JP.lng
lang/ko-KR.lng
lang/ms-MY.lng
lang/nl-NL.lng
lang/pl-PL.lng
lang/pt-BR.lng
lang/pt-PT.lng
lang/ro-RO.lng
lang/ru-RU.lng
lang/sk-SK.lng
lang/sr-SP.lng
lang/sv-SE.lng
lang/tr-TR.lng
lang/uk-UA.lng
lang/zh-CN.lng
lang/zh-TW.lng
lib/x64/libwim-15.dll
.dll windows:4 windows x64 arch:x64

538fc77d4a74ee72537e7bdd62b25332

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
CloseEncryptedFileRaw
LookupPrivilegeValueW
OpenEncryptedFileRawW
OpenProcessToken
ReadEncryptedFileRaw
RegCloseKey
RegCreateKeyExW
RegFlushKey
RegLoadKeyW
RegSetValueExW
RegUnLoadKeyW
SystemFunction036
WriteEncryptedFileRaw

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileW
CreateSemaphoreA
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
FindFirstFileW
FindFirstVolumeW
FindNextFileW
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetVolumeInformationW
GlobalMemoryStatusEx
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryW
MoveFileExW
MoveFileW
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEndOfFile
SetEvent
SetFilePointer
SetFilePointerEx
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_beginthreadex
_endthreadex
_errno
_exit
_fstat64
_get_osfhandle
_gmtime64
_initterm
_lock
_lseeki64
_open_osfhandle
_setjmp
_snwprintf
_stat64
fwprintf
_telli64
_time64
_ultoa
_unlock
_vsnprintf
_waccess
_wcsicmp
_wfopen
_wgetenv
_wmkdir
_wopen
_wstat64
_wtempnam
_wunlink
abort
calloc
exit
fclose
feof
ferror
fflush
fgetwc
fopen
fprintf
fputc
fputs
fputwc
fputws
fread
free
fwprintf
fwrite
getenv
islower
isspace
isupper
iswctype
localeconv
longjmp
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
printf
putc
qsort
raise
rand
realloc
signal
srand
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
toupper
towlower
ungetwc
vfprintf
wcschr
wcscmp
wcscpy
wcsftime
wcslen
wcsncmp
wcspbrk
wcsrchr
wcsstr
wcstol
wcstoul
_wstat
_write
_strdup
_read
_getcwd
_fdopen
_close

ntdll

NtClose
NtCreateFile
NtFsControlFile
NtOpenFile
NtOpenSymbolicLinkObject
NtQueryDirectoryFile
NtQueryEaFile
NtQueryInformationFile
NtQuerySecurityObject
NtQueryVolumeInformationFile
NtReadFile
NtSetEaFile
NtSetInformationFile
NtSetSecurityObject
NtWaitForSingleObject
NtWriteFile
RtlDosPathNameToNtPathName_U
RtlInitUnicodeString
RtlNtStatusToDosError

user32

MessageBoxW
wsprintfW

Exports

Exports

wimlib_add_empty_image
wimlib_add_image
wimlib_add_image_multisource
wimlib_add_tree
wimlib_compress
wimlib_create_compressor
wimlib_create_decompressor
wimlib_create_new_wim
wimlib_decompress
wimlib_delete_image
wimlib_delete_path
wimlib_export_image
wimlib_extract_image
wimlib_extract_image_from_pipe
wimlib_extract_image_from_pipe_with_progress
wimlib_extract_pathlist
wimlib_extract_paths
wimlib_extract_xml_data
wimlib_free
wimlib_free_compressor
wimlib_free_decompressor
wimlib_get_compression_type_string
wimlib_get_compressor_needed_memory
wimlib_get_error_string
wimlib_get_image_description
wimlib_get_image_name
wimlib_get_image_property
wimlib_get_version
wimlib_get_version_string
wimlib_get_wim_info
wimlib_get_xml_data
wimlib_global_cleanup
wimlib_global_init
wimlib_image_name_in_use
wimlib_iterate_dir_tree
wimlib_iterate_lookup_table
wimlib_join
wimlib_join_with_progress
wimlib_mount_image
wimlib_open_wim
wimlib_open_wim_with_progress
wimlib_overwrite
wimlib_print_available_images
wimlib_print_header
wimlib_reference_resource_files
wimlib_reference_resources
wimlib_reference_template_image
wimlib_register_progress_function
wimlib_rename_path
wimlib_resolve_image
wimlib_set_default_compression_level
wimlib_set_error_file
wimlib_set_error_file_by_name
wimlib_set_image_descripton
wimlib_set_image_flags
wimlib_set_image_name
wimlib_set_image_property
wimlib_set_memory_allocator
wimlib_set_output_chunk_size
wimlib_set_output_compression_type
wimlib_set_output_pack_chunk_size
wimlib_set_output_pack_compression_type
wimlib_set_print_errors
wimlib_set_wim_info
wimlib_split
wimlib_unmount_image
wimlib_unmount_image_with_progress
wimlib_update_image
wimlib_verify_wim
wimlib_write
wimlib_write_to_fd

Sections

.text
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 134KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lib/x86/libwim-15.dll
.dll windows:4 windows x86 arch:x86

cf5ab950207c09b4f2086ec848eb2677

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
CloseEncryptedFileRaw
LookupPrivilegeValueW
OpenEncryptedFileRawW
OpenProcessToken
ReadEncryptedFileRaw
RegCloseKey
RegCreateKeyExW
RegFlushKey
RegLoadKeyW
RegSetValueExW
RegUnLoadKeyW
SystemFunction036
WriteEncryptedFileRaw

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileW
CreateSemaphoreA
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
FindFirstFileW
FindFirstVolumeW
FindNextFileW
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetVolumeInformationW
GlobalMemoryStatusEx
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
IsWow64Process
LeaveCriticalSection
LoadLibraryW
MoveFileExW
MoveFileW
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEndOfFile
SetEvent
SetFilePointer
SetFilePointerEx
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

___mb_cur_max_func
_amsg_exit
_beginthreadex
_endthreadex
_errno
_exit
_fstat64
_get_osfhandle
_gmtime64
_initterm
_iob
_lock
_lseeki64
_open_osfhandle
_setjmp3
_telli64
_ultoa
_unlock
_vsnprintf
_waccess
_wcsicmp
_wfopen
_wgetenv
_wmkdir
_wopen
_wstat64
fwprintf
_wtempnam
_wunlink
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetwc
fopen
fprintf
fputc
fputs
fputwc
fputws
fread
free
fwprintf
fwrite
getenv
islower
isspace
isupper
iswctype
localeconv
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
printf
putc
qsort
raise
rand
realloc
setlocale
srand
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
toupper
towlower
ungetwc
vfprintf
time
wcschr
wcscmp
wcscpy
wcsftime
wcslen
wcsncmp
wcspbrk
wcsrchr
wcsstr
wcstol
wcstoul
_wstat
_stat
_snwprintf
longjmp
_write
_strdup
_read
_getcwd
_fdopen
_close

ntdll

NtClose
NtCreateFile
NtFsControlFile
NtOpenFile
NtOpenSymbolicLinkObject
NtQueryDirectoryFile
NtQueryEaFile
NtQueryInformationFile
NtQuerySecurityObject
NtQueryVolumeInformationFile
NtReadFile
NtSetEaFile
NtSetInformationFile
NtSetSecurityObject
NtWaitForSingleObject
NtWriteFile
RtlDosPathNameToNtPathName_U
RtlInitUnicodeString
RtlNtStatusToDosError

user32

MessageBoxW
wsprintfW

Exports

Exports

wimlib_add_empty_image
wimlib_add_image
wimlib_add_image_multisource
wimlib_add_tree
wimlib_compress
wimlib_create_compressor
wimlib_create_decompressor
wimlib_create_new_wim
wimlib_decompress
wimlib_delete_image
wimlib_delete_path
wimlib_export_image
wimlib_extract_image
wimlib_extract_image_from_pipe
wimlib_extract_image_from_pipe_with_progress
wimlib_extract_pathlist
wimlib_extract_paths
wimlib_extract_xml_data
wimlib_free
wimlib_free_compressor
wimlib_free_decompressor
wimlib_get_compression_type_string
wimlib_get_compressor_needed_memory
wimlib_get_error_string
wimlib_get_image_description
wimlib_get_image_name
wimlib_get_image_property
wimlib_get_version
wimlib_get_version_string
wimlib_get_wim_info
wimlib_get_xml_data
wimlib_global_cleanup
wimlib_global_init
wimlib_image_name_in_use
wimlib_iterate_dir_tree
wimlib_iterate_lookup_table
wimlib_join
wimlib_join_with_progress
wimlib_mount_image
wimlib_open_wim
wimlib_open_wim_with_progress
wimlib_overwrite
wimlib_print_available_images
wimlib_print_header
wimlib_reference_resource_files
wimlib_reference_resources
wimlib_reference_template_image
wimlib_register_progress_function
wimlib_rename_path
wimlib_resolve_image
wimlib_set_default_compression_level
wimlib_set_error_file
wimlib_set_error_file_by_name
wimlib_set_image_descripton
wimlib_set_image_flags
wimlib_set_image_name
wimlib_set_image_property
wimlib_set_memory_allocator
wimlib_set_output_chunk_size
wimlib_set_output_compression_type
wimlib_set_output_pack_chunk_size
wimlib_set_output_pack_compression_type
wimlib_set_print_errors
wimlib_set_wim_info
wimlib_split
wimlib_unmount_image
wimlib_unmount_image_with_progress
wimlib_update_image
wimlib_verify_wim
wimlib_write
wimlib_write_to_fd

Sections

.text
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
res/bootpackage/RPi3-ARM64/RPI_EFI.fd
res/bootpackage/RPi3-ARM64/Readme.md
res/bootpackage/RPi3-ARM64/_wor_boot_config.txt
res/bootpackage/RPi3-ARM64/bcm2710-rpi-3-b-plus.dtb
res/bootpackage/RPi3-ARM64/bcm2710-rpi-3-b.dtb
res/bootpackage/RPi3-ARM64/bcm2710-rpi-cm3.dtb
res/bootpackage/RPi3-ARM64/bootcode.bin
res/bootpackage/RPi3-ARM64/config.txt
res/bootpackage/RPi3-ARM64/firmware/LICENCE_bin+clm_blob.txt
res/bootpackage/RPi3-ARM64/firmware/LICENSE_txt.txt
res/bootpackage/RPi3-ARM64/firmware/Readme.txt
res/bootpackage/RPi3-ARM64/firmware/brcmfmac43430-sdio.bin
res/bootpackage/RPi3-ARM64/firmware/brcmfmac43430-sdio.clm_blob
res/bootpackage/RPi3-ARM64/firmware/brcmfmac43430-sdio.txt
res/bootpackage/RPi3-ARM64/firmware/brcmfmac43455-sdio.bin
res/bootpackage/RPi3-ARM64/firmware/brcmfmac43455-sdio.clm_blob
res/bootpackage/RPi3-ARM64/firmware/brcmfmac43455-sdio.txt
res/bootpackage/RPi3-ARM64/fixup.dat
res/bootpackage/RPi3-ARM64/release
res/bootpackage/RPi3-ARM64/start.elf
.elf linux
res/bootpackage/RPi4-ARM64/RPI_EFI.fd
res/bootpackage/RPi4-ARM64/Readme.md
res/bootpackage/RPi4-ARM64/_wor_boot_config.txt
res/bootpackage/RPi4-ARM64/bcm2711-rpi-4-b.dtb
res/bootpackage/RPi4-ARM64/bcm2711-rpi-400.dtb
res/bootpackage/RPi4-ARM64/bcm2711-rpi-cm4.dtb
res/bootpackage/RPi4-ARM64/config.txt
res/bootpackage/RPi4-ARM64/firmware/LICENCE.txt
res/bootpackage/RPi4-ARM64/firmware/Readme.txt
res/bootpackage/RPi4-ARM64/firmware/brcm/brcmfmac43455-sdio.Raspberry
res/bootpackage/RPi4-ARM64/firmware/brcm/brcmfmac43455-sdio.bin
res/bootpackage/RPi4-ARM64/firmware/brcm/brcmfmac43455-sdio.clm_blob
res/bootpackage/RPi4-ARM64/firmware/brcm/brcmfmac43455-sdio.txt
res/bootpackage/RPi4-ARM64/fixup4.dat
res/bootpackage/RPi4-ARM64/overlays/miniuart-bt.dtbo
res/bootpackage/RPi4-ARM64/overlays/upstream-pi4.dtbo
res/bootpackage/RPi4-ARM64/release
res/bootpackage/RPi4-ARM64/start4.elf
.elf linux
res/drivers/RPi3-ARM64/RPIQ/RPIQ.inf
res/drivers/RPi3-ARM64/RPIQ/rpiq.cat
res/drivers/RPi3-ARM64/RPIQ/rpiq.pdb
res/drivers/RPi3-ARM64/RPIQ/rpiq.sys
res/drivers/RPi3-ARM64/RpiLanPropertyChange/RpiLanPropertyChange.dll
res/drivers/RPi3-ARM64/RpiLanPropertyChange/RpiLanPropertyChange.inf
res/drivers/RPi3-ARM64/RpiLanPropertyChange/RpiLanPropertyChange.pdb
res/drivers/RPi3-ARM64/RpiLanPropertyChange/rpilanpropertychange.cat
res/drivers/RPi3-ARM64/SerPL011/SerPL011.inf
res/drivers/RPi3-ARM64/SerPL011/SerPL011.sys
res/drivers/RPi3-ARM64/SerPL011/serpl011.cat
res/drivers/RPi3-ARM64/bcm2836pwm/bcm2836pwm.cat
res/drivers/RPi3-ARM64/bcm2836pwm/bcm2836pwm.inf
res/drivers/RPi3-ARM64/bcm2836pwm/bcm2836pwm.pdb
res/drivers/RPi3-ARM64/bcm2836pwm/bcm2836pwm.sys
res/drivers/RPi3-ARM64/bcm2836sdhc/bcm2836sdhc.cat
res/drivers/RPi3-ARM64/bcm2836sdhc/bcm2836sdhc.inf
res/drivers/RPi3-ARM64/bcm2836sdhc/bcm2836sdhc.pdb
res/drivers/RPi3-ARM64/bcm2836sdhc/bcm2836sdhc.sys
res/drivers/RPi3-ARM64/bcmauxspi/bcmauxspi.cat
res/drivers/RPi3-ARM64/bcmauxspi/bcmauxspi.inf
res/drivers/RPi3-ARM64/bcmauxspi/bcmauxspi.pdb
res/drivers/RPi3-ARM64/bcmauxspi/bcmauxspi.sys
res/drivers/RPi3-ARM64/bcmgpio/bcmgpio.cat
res/drivers/RPi3-ARM64/bcmgpio/bcmgpio.inf
res/drivers/RPi3-ARM64/bcmgpio/bcmgpio.pdb
res/drivers/RPi3-ARM64/bcmgpio/bcmgpio.sys
res/drivers/RPi3-ARM64/bcmi2c/bcmi2c.cat
res/drivers/RPi3-ARM64/bcmi2c/bcmi2c.inf
res/drivers/RPi3-ARM64/bcmi2c/bcmi2c.pdb
res/drivers/RPi3-ARM64/bcmi2c/bcmi2c.sys
res/drivers/RPi3-ARM64/bcmspi/bcmspi.cat
res/drivers/RPi3-ARM64/bcmspi/bcmspi.inf
res/drivers/RPi3-ARM64/bcmspi/bcmspi.pdb
res/drivers/RPi3-ARM64/bcmspi/bcmspi.sys
res/drivers/RPi3-ARM64/critical
res/drivers/RPi3-ARM64/lan7800-arm64-n650f/lan7800-arm64-n650f.cat
res/drivers/RPi3-ARM64/lan7800-arm64-n650f/lan7800-arm64-n650f.sys
res/drivers/RPi3-ARM64/lan7800-arm64-n650f/net7800-arm64-n650f.inf
res/drivers/RPi3-ARM64/lan9500-arm64-n650f/lan9500-arm64-n650f.cat
res/drivers/RPi3-ARM64/lan9500-arm64-n650f/lan9500-arm64-n650f.sys
res/drivers/RPi3-ARM64/lan9500-arm64-n650f/net9500-arm64-n650f.inf
res/drivers/RPi3-ARM64/licenses/MCCI_TrueTask_USB.htm
.html
res/drivers/RPi3-ARM64/licenses/Microchip_LAN.htm
.html
res/drivers/RPi3-ARM64/mcci_dwchsotg/arm64/mcci_dwchsotg_hcd.sys
res/drivers/RPi3-ARM64/mcci_dwchsotg/arm64/mcci_dwchsotg_hub.sys
res/drivers/RPi3-ARM64/mcci_dwchsotg/mcci_dwchsotg_hcd.cat
res/drivers/RPi3-ARM64/mcci_dwchsotg/mcci_dwchsotg_hcd.inf
res/drivers/RPi3-ARM64/mcci_dwchsotg/mcci_dwchsotg_hub.cat
res/drivers/RPi3-ARM64/mcci_dwchsotg/mcci_dwchsotg_hub.inf
res/drivers/RPi3-ARM64/pi_miniuart/pi_miniuart.cat
res/drivers/RPi3-ARM64/pi_miniuart/pi_miniuart.inf
res/drivers/RPi3-ARM64/pi_miniuart/pi_miniuart.pdb
res/drivers/RPi3-ARM64/pi_miniuart/pi_miniuart.sys
res/drivers/RPi3-ARM64/release
res/drivers/RPi3-ARM64/rpisdhc/rpisdhc.cat
res/drivers/RPi3-ARM64/rpisdhc/rpisdhc.inf
res/drivers/RPi3-ARM64/rpisdhc/rpisdhc.pdb
res/drivers/RPi3-ARM64/rpisdhc/rpisdhc.sys
res/drivers/RPi3-ARM64/rpiwav/rpiwav.cat
res/drivers/RPi3-ARM64/rpiwav/rpiwav.inf
res/drivers/RPi3-ARM64/rpiwav/rpiwav.pdb
res/drivers/RPi3-ARM64/rpiwav/rpiwav.sys
res/drivers/RPi4-ARM64/RPIQ/RPIQ.inf
res/drivers/RPi4-ARM64/RPIQ/rpiq.cat
res/drivers/RPi4-ARM64/RPIQ/rpiq.pdb
res/drivers/RPi4-ARM64/RPIQ/rpiq.sys
res/drivers/RPi4-ARM64/SerPL011/SerPL011.inf
res/drivers/RPi4-ARM64/SerPL011/SerPL011.sys
res/drivers/RPi4-ARM64/SerPL011/serpl011.cat
res/drivers/RPi4-ARM64/bcm2836pwm/bcm2836pwm.cat
res/drivers/RPi4-ARM64/bcm2836pwm/bcm2836pwm.inf
res/drivers/RPi4-ARM64/bcm2836pwm/bcm2836pwm.sys
res/drivers/RPi4-ARM64/bcmauxspi/bcmauxspi.cat
res/drivers/RPi4-ARM64/bcmauxspi/bcmauxspi.inf
res/drivers/RPi4-ARM64/bcmauxspi/bcmauxspi.pdb
res/drivers/RPi4-ARM64/bcmauxspi/bcmauxspi.sys
res/drivers/RPi4-ARM64/bcmemmc2/bcmemmc2.cat
res/drivers/RPi4-ARM64/bcmemmc2/bcmemmc2.inf
res/drivers/RPi4-ARM64/bcmgenet/bcmgenet.cat
res/drivers/RPi4-ARM64/bcmgenet/bcmgenet.inf
res/drivers/RPi4-ARM64/bcmgenet/bcmgenet_netadaptercx20.sys
res/drivers/RPi4-ARM64/bcmgenet/bcmgenet_netadaptercx21.sys
res/drivers/RPi4-ARM64/bcmgpio/bcmgpio.cat
res/drivers/RPi4-ARM64/bcmgpio/bcmgpio.inf
res/drivers/RPi4-ARM64/bcmgpio/bcmgpio.pdb
res/drivers/RPi4-ARM64/bcmgpio/bcmgpio.sys
res/drivers/RPi4-ARM64/bcmi2c/bcmi2c.cat
res/drivers/RPi4-ARM64/bcmi2c/bcmi2c.inf
res/drivers/RPi4-ARM64/bcmi2c/bcmi2c.pdb
res/drivers/RPi4-ARM64/bcmi2c/bcmi2c.sys
res/drivers/RPi4-ARM64/bcmspi/bcmspi.cat
res/drivers/RPi4-ARM64/bcmspi/bcmspi.inf
res/drivers/RPi4-ARM64/bcmspi/bcmspi.pdb
res/drivers/RPi4-ARM64/bcmspi/bcmspi.sys
res/drivers/RPi4-ARM64/critical
res/drivers/RPi4-ARM64/cywbtserialbus/cywbtserialbus.cat
res/drivers/RPi4-ARM64/cywbtserialbus/cywbtserialbus.inf
res/drivers/RPi4-ARM64/cywbtserialbus/cywbtserialbus.sys
res/drivers/RPi4-ARM64/cywbtserialbus/fw/BCM43430A1.hcd
res/drivers/RPi4-ARM64/cywbtserialbus/fw/BCM4345C0.hcd
res/drivers/RPi4-ARM64/cywbtserialbus/fw/BCM4345C5.hcd
res/drivers/RPi4-ARM64/dsdtpatch/ACPITABL.dat
res/drivers/RPi4-ARM64/dsdtpatch/dsdtpatch.cat
res/drivers/RPi4-ARM64/dsdtpatch/dsdtpatch.inf
res/drivers/RPi4-ARM64/licenses/MCCI_TrueTask_USB.htm
.html
res/drivers/RPi4-ARM64/mcci_dwchsotg/arm64/mcci_dwchsotg_hcd.sys
res/drivers/RPi4-ARM64/mcci_dwchsotg/arm64/mcci_dwchsotg_hub.sys
res/drivers/RPi4-ARM64/mcci_dwchsotg/mcci_dwchsotg_hcd.cat
res/drivers/RPi4-ARM64/mcci_dwchsotg/mcci_dwchsotg_hcd.inf
res/drivers/RPi4-ARM64/mcci_dwchsotg/mcci_dwchsotg_hub.cat
res/drivers/RPi4-ARM64/mcci_dwchsotg/mcci_dwchsotg_hub.inf
res/drivers/RPi4-ARM64/pi_miniuart/pi_miniuart.cat
res/drivers/RPi4-ARM64/pi_miniuart/pi_miniuart.inf
res/drivers/RPi4-ARM64/pi_miniuart/pi_miniuart.pdb
res/drivers/RPi4-ARM64/pi_miniuart/pi_miniuart.sys
res/drivers/RPi4-ARM64/release
res/drivers/RPi4-ARM64/rpi4hdmiwav/rpi4hdmiwav.cat
res/drivers/RPi4-ARM64/rpi4hdmiwav/rpi4hdmiwav.inf
res/drivers/RPi4-ARM64/rpi4hdmiwav/rpi4hdmiwav.sys
res/drivers/RPi4-ARM64/rpi4hdmiwavbridge/rpi4hdmiwavbridge.cat
res/drivers/RPi4-ARM64/rpi4hdmiwavbridge/rpi4hdmiwavbridge.inf
res/drivers/RPi4-ARM64/rpi4hdmiwavbridge/rpi4hdmiwavbridge.sys
res/drivers/RPi4-ARM64/rpiuxflt/rpiuxflt.cat
res/drivers/RPi4-ARM64/rpiuxflt/rpiuxflt.inf
res/drivers/RPi4-ARM64/rpiuxflt/rpiuxflt.sys
res/drivers/RPi4-ARM64/rpiwav/rpiwav.cat
res/drivers/RPi4-ARM64/rpiwav/rpiwav.inf
res/drivers/RPi4-ARM64/rpiwav/rpiwav.sys
res/drivers/RPi4-ARM64/uaspdisabler/uaspdisabler.cat
res/drivers/RPi4-ARM64/uaspdisabler/uaspdisabler.inf

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 26KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 9KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 68KB - Virtual size: 67KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 54KB - Virtual size: 53KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 47KB - Virtual size: 47KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 498KB - Virtual size: 498KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 98KB - Virtual size: 98KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 47KB - Virtual size: 47KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 498KB - Virtual size: 498KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 94KB - Virtual size: 93KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 848KB - Virtual size: 847KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

07:b0:41:8d:a5:1e:14:8c:33:1b:bc:de:b7:13:83:23
Certificate

0a:71:a1:b0:c2:96:f5:c7:90:65:47:0a:3c:20:53:7e
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

8c:10:56:8e:61:ed:4a:db:b2:78:fe:51:cd:63:62:ed:e4:18:e6:f9:b5:44:af:42:d1:80:41:52:2d:66:12:81
Signer

.text
Size: 673KB - Virtual size: 673KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5.9MB - Virtual size: 5.9MB

.rsrc
Size: 982KB - Virtual size: 982KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 157KB - Virtual size: 156KB

.rsrc
Size: 1024B - Virtual size: 988B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 552KB - Virtual size: 552KB

.rsrc
Size: 66KB - Virtual size: 66KB