654af6d0625dfa0eaef6f21576a1076d

Sharing

Copy URL Twitter E-mail

General

Target

654af6d0625dfa0eaef6f21576a1076d
Size

844KB
MD5

654af6d0625dfa0eaef6f21576a1076d
SHA1

d78b4156f61c1c831c3f9b2da1d37eaebef07942
SHA256

244688f5771d24e9e3d179ddfbb44db2189df8c9d0e857249dfcfe05875d8681
SHA512

4dd665590a2942df9053ce2ec0845a942af0d6b4636baf4ad50f8f60e32c3264ca746ac8760eab4a9f7d4826c8901abe40e1e25789bd26f750bac159fc6e7ee9
SSDEEP

24576:yhWvwzf/fri83HnafWoolNEtJzR/I9peDzfiDBh:yo4j/zB61jR/I9oDzS

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/avanti-v0.5.4/Avanti-GUI.exe	upx

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/avanti-v0.5.4/Avanti-GUI.exe
unpack002/out.upx
unpack001/avanti-v0.5.4/avcom32.dll
unpack001/avanti-v0.5.4/avdshow32.dll
unpack001/avanti-v0.5.4/avtools32.dll

Files

654af6d0625dfa0eaef6f21576a1076d
.rar
avanti-v0.5.4/Avanti-GUI.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 428KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 284KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
avanti-v0.5.4/Avanti-help.chm
.chm
avanti-v0.5.4/Avanti_license.txt
avanti-v0.5.4/Gui4Cli_license.txt
avanti-v0.5.4/UPGRADE_INFO_!!!.txt
avanti-v0.5.4/avcom32.dll
.dll windows:4 windows x86 arch:x86

467020c9f9f892ae43a37afb341ece7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegOpenKeyExA

kernel32

CloseHandle
CompareFileTime
CreateFileA
CreateFileMappingA
CreateFileW
CreatePipe
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
DeleteFileW
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetSystemInfo
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsValidLocale
LCMapStringA
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MoveFileExA
MultiByteToWideChar
OpenProcess
PeekNamedPipe
Process32First
Process32Next
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
SetLastError
SetThreadLocale
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHAppBarMessage

user32

EnumThreadWindows
ExitWindowsEx
FindWindowA
GetKeyState
MessageBoxA
SendInput
SetFocus
SetForegroundWindow
SystemParametersInfoA
VkKeyScanA
keybd_event
wsprintfA

Exports

Exports

AVISETHEADER
AVSEXISTS
AVSVER
CANCEL
CLOSEPIPE
CONVTIME
CONVTOSECS
CTRLSTATE
DELETEFILE
DLL_Init
FFMPACTIVE
FFMPEGSUP
FLOOR
GETCPUCORES
GETCURDIR
GETDATADIR
GETDRIVESTATS
GETFILESTATS
GETIMPORTS
GETMPEG2TIME
GETWORKAREA
LIBAVFILTERSUP
MOVE
OPENPIPE
PEEKPIPE
PPACTIVE
PPGETTIME
PPRUN
PPTERMINATE
QUITPROC
READPIPE
REMID3TAG
ROUND
RUN
SAVEANSI
SETDEBUG
SHIFTSTATE
SYSPOWEROFF
TASKBARSTATE
TERMINATEPROGRAM
WRITEDATABUF
___CPPdebugHook

Sections

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
avanti-v0.5.4/avdshow32.dll
.dll windows:4 windows x86 arch:x86

06e7a5d6adde1d7a75c817eebd8f9c67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
MultiByteToWideChar
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

EnumThreadWindows
MessageBoxA
wsprintfA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Exports

Exports

DLL_Init
DXA_CLOSE
DXA_GETDUR
DXA_GETPOS
DXA_GETVOLUME
DXA_OPEN
DXA_PAUSE
DXA_PLAY
DXA_SETPOS
DXA_SETVOLUME
DXA_STATE
DXA_STOP
DXV_CLOSE
DXV_FULLSCREEN
DXV_GETDUR
DXV_GETPOS
DXV_GETSIZE
DXV_OPEN
DXV_OPENWINDOW
DXV_PAUSE
DXV_PLAY
DXV_PUTDESTIN
DXV_PUTSOURCE
DXV_PUTWINDOW
DXV_SETPOS
DXV_STATE
DXV_STOP
DX_GETINFO
DX_SARDISPLAY
___CPPdebugHook

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
avanti-v0.5.4/avsplugins/README_Avisynth.txt
avanti-v0.5.4/avsplugins/favorites.000
.rtf .000
avanti-v0.5.4/avsplugins/favorites.ini
avanti-v0.5.4/avsplugins/favorites2.000
.rtf .000
avanti-v0.5.4/avsplugins/favorites2.ini
avanti-v0.5.4/avsplugins/subtitle_styles/Default.sty
avanti-v0.5.4/avsystem/AVANTI_log.rtf
.rtf
avanti-v0.5.4/avsystem/av.gif
.gif
avanti-v0.5.4/avsystem/avabout.gc
avanti-v0.5.4/avsystem/avaplay.gc
avanti-v0.5.4/avsystem/avbitcalc.gc
avanti-v0.5.4/avsystem/avbrowse.gc
avanti-v0.5.4/avsystem/avcodecw.gc
avanti-v0.5.4/avsystem/avdirreq.gc
avanti-v0.5.4/avsystem/avintro.rtf
.rtf
avanti-v0.5.4/avsystem/avmetaed.gc
avanti-v0.5.4/avsystem/avoptsed.gc
avanti-v0.5.4/avsystem/avprefs.gc
avanti-v0.5.4/avsystem/avpurun.gc
avanti-v0.5.4/avsystem/avschnsw.gc
avanti-v0.5.4/avsystem/avsdelay.gc
avanti-v0.5.4/avsystem/avsfavs.gc
avanti-v0.5.4/avsystem/avtload.gc
avanti-v0.5.4/avsystem/avtsave.gc
avanti-v0.5.4/avsystem/avtshow.gc
avanti-v0.5.4/avsystem/avudatabase.gc
avanti-v0.5.4/avsystem/avutools.gc
avanti-v0.5.4/avsystem/codecs.000
avanti-v0.5.4/avsystem/default.ini
avanti-v0.5.4/avsystem/ffmpeg_log.rtf
.rtf
avanti-v0.5.4/avsystem/formats.000
avanti-v0.5.4/avsystem/utools.update
avanti-v0.5.4/avtools32.dll
.dll windows:4 windows x86 arch:x86

11fa29a17f78cd7025590407017f4bcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

avifil32

AVIFileRelease
AVIFileOpenA
AVIFileInit
AVIFileGetStream
AVIFileExit
AVIStreamRelease

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LCMapStringA
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile

user32

EnumThreadWindows
MessageBoxA
wsprintfA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Exports

Exports

AVSERROR
CANCELPULLDOWN
DLL_Init
DOPULLDOWN
DXGETINFO
GETPULLDOWNPOS
SETPULLDOWN
___CPPdebugHook

Sections

.text
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
avanti-v0.5.4/change_log.txt
avanti-v0.5.4/ffmpeg/README_FFmpeg.txt
avanti-v0.5.4/ffmpeg/ffpresets/README_ffpresets.txt
avanti-v0.5.4/ffmpeg/ffpresets/libx264-fast-pass1.ffpreset
avanti-v0.5.4/ffmpeg/ffpresets/libx264-hq-pass2.ffpreset
avanti-v0.5.4/readme.txt
avanti-v0.5.4/templates/NTSC_3GP_FOR_MOBILE.tpl
avanti-v0.5.4/templates/NTSC_AUDIO_TO_PAL.tpl
avanti-v0.5.4/templates/NTSC_DIVX_2_PASS_FAST.tpl
avanti-v0.5.4/templates/NTSC_DIVX_2_PASS_HQ.tpl
avanti-v0.5.4/templates/NTSC_DIVX_HQ.tpl
avanti-v0.5.4/templates/NTSC_DVSD_VIDEO.tpl
avanti-v0.5.4/templates/NTSC_FILM_TO_PAL.tpl
avanti-v0.5.4/templates/NTSC_H264_AVI_HQ.tpl
avanti-v0.5.4/templates/NTSC_H264_MP4_HQ.tpl
avanti-v0.5.4/templates/NTSC_H264_MP4_HQ2.tpl
avanti-v0.5.4/templates/NTSC_MPEG2_CQ_ES_HQ.tpl
avanti-v0.5.4/templates/NTSC_MPEG2_ES_DVD_24.tpl
avanti-v0.5.4/templates/NTSC_MPEG2_ES_DVD_30.tpl
avanti-v0.5.4/templates/NTSC_MPEG2_IL_ES_HQ.tpl
avanti-v0.5.4/templates/NTSC_MPEG2_VBR_ES_HQ.tpl
avanti-v0.5.4/templates/NTSC_MPEG2_VBR_ES_VHQ.tpl
avanti-v0.5.4/templates/NTSC_OGG_THEORA.tpl
avanti-v0.5.4/templates/NTSC_STILL_IMAGE_CLIP.tpl
avanti-v0.5.4/templates/NTSC_TO_IPOD.tpl
avanti-v0.5.4/templates/NTSC_TO_IPOD_HR.tpl
avanti-v0.5.4/templates/NTSC_TO_PS3.tpl
avanti-v0.5.4/templates/NTSC_TO_PSP.tpl
avanti-v0.5.4/templates/NTSC_VIDEO_TO_PAL.tpl
avanti-v0.5.4/templates/PAL_3GP_FOR_MOBILE.tpl
avanti-v0.5.4/templates/PAL_AUDIO_TO_NTSC.tpl
avanti-v0.5.4/templates/PAL_DIVX_2_PASS_FAST.tpl
avanti-v0.5.4/templates/PAL_DIVX_2_PASS_HQ.tpl
avanti-v0.5.4/templates/PAL_DIVX_HQ.tpl
avanti-v0.5.4/templates/PAL_DVSD_VIDEO.tpl
avanti-v0.5.4/templates/PAL_H264_AVI_HQ.tpl
avanti-v0.5.4/templates/PAL_H264_MP4_HQ.tpl
avanti-v0.5.4/templates/PAL_H264_MP4_HQ2.tpl
avanti-v0.5.4/templates/PAL_MPEG2_CQ_ES_HQ.tpl
avanti-v0.5.4/templates/PAL_MPEG2_ES_DVD.tpl
avanti-v0.5.4/templates/PAL_MPEG2_IL_ES_HQ.tpl
avanti-v0.5.4/templates/PAL_MPEG2_PS_DVD.tpl
avanti-v0.5.4/templates/PAL_MPEG2_VBR_ES_HQ.tpl
avanti-v0.5.4/templates/PAL_MPEG2_VBR_ES_VHQ.tpl
avanti-v0.5.4/templates/PAL_OGG_THEORA.tpl
avanti-v0.5.4/templates/PAL_STILL_IMAGE_CLIP.tpl
avanti-v0.5.4/templates/PAL_TO_IPOD.tpl
avanti-v0.5.4/templates/PAL_TO_IPOD_HR.tpl
avanti-v0.5.4/templates/PAL_TO_NTSC_ES_DVD_30.tpl
avanti-v0.5.4/templates/PAL_TO_NTSC_FILM_ES.tpl
avanti-v0.5.4/templates/PAL_TO_NTSC_VIDEO.tpl
avanti-v0.5.4/templates/PAL_TO_PS3.tpl
avanti-v0.5.4/templates/PAL_TO_PSP.tpl
avanti-v0.5.4/templates/UNI_COPY_SETUP.tpl
avanti-v0.5.4/templates/UNI_D10_IMX.tpl
avanti-v0.5.4/templates/UNI_DEMUX_SETUP.tpl
avanti-v0.5.4/templates/UNI_DNxHD_1080i_50.tpl
avanti-v0.5.4/templates/UNI_FLAC_AUDIO.tpl
avanti-v0.5.4/templates/UNI_FLAC_AUDIO2.tpl
avanti-v0.5.4/templates/UNI_FLASH_HQ.tpl
avanti-v0.5.4/templates/UNI_GSM_AUDIO.tpl
avanti-v0.5.4/templates/UNI_HUFFYUV_LOSSLESS.tpl
avanti-v0.5.4/templates/UNI_HUFFYUV_LOSSLESS_2.tpl
avanti-v0.5.4/templates/UNI_IMAGE_TO_JPG.tpl
avanti-v0.5.4/templates/UNI_INFO.tpl
avanti-v0.5.4/templates/UNI_MATRIX_EXAMPLE.tpl
avanti-v0.5.4/templates/UNI_META_DUMP.tpl
avanti-v0.5.4/templates/UNI_MUX_SETUP.tpl
avanti-v0.5.4/templates/UNI_MUX_SETUP_M2V.tpl
avanti-v0.5.4/templates/UNI_PS_USING_NEW.tpl
avanti-v0.5.4/templates/UNI_REMUX_SETUP.tpl
avanti-v0.5.4/templates/UNI_RGB_TO_SEPIA.tpl
avanti-v0.5.4/templates/UNI_VBR_MP3_AUDIO.tpl
avanti-v0.5.4/templates/UNI_WEBM_VP8.tpl
avanti-v0.5.4/templates/UNI_WMV_8.tpl
avanti-v0.5.4/templates/UNI_XDCAM_HD.tpl
avanti-v0.5.4/templates_meta/basic_meta_keys.mtp
avanti-v0.5.4/user_tools/README_tools.txt
avanti-v0.5.4/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 428KB

UPX1 Size: 284KB - Virtual size: 288KB

.rsrc Size: 134KB - Virtual size: 136KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 449KB - Virtual size: 449KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 13KB - Virtual size: 27KB

.rsrc Size: 133KB - Virtual size: 133KB

467020c9f9f892ae43a37afb341ece7d

Headers

File Characteristics

Imports

advapi32

kernel32

version

shell32

user32

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 64KB

.data Size: 14KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 1024B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

06e7a5d6adde1d7a75c817eebd8f9c67

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 40KB

.data Size: 11KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 1024B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

11fa29a17f78cd7025590407017f4bcb

Headers

File Characteristics

Imports

avifil32

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 48KB

.data Size: 12KB - Virtual size: 80KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 428KB

UPX1
Size: 284KB - Virtual size: 288KB

.rsrc
Size: 134KB - Virtual size: 136KB

.text
Size: 449KB - Virtual size: 449KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 13KB - Virtual size: 27KB

.rsrc
Size: 133KB - Virtual size: 133KB

.text
Size: 62KB - Virtual size: 64KB

.data
Size: 14KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 40KB

.data
Size: 11KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 80KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB