Shahid Script GLHF[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Shahid Script GLHF.rar
Size

49.2MB
MD5

7aa9b67c644e673d19b7b361f9ced62a
SHA1

733c80911060069d49cfa1131fb2c2676b6724b5
SHA256

c3ccf121e686f11f9f7eeb03bd3efb74180fc43ac6704d8488c57d12b6b3616b
SHA512

75c8b71cba3dc582c7146f2484a0763796adcb6a15c34e9d5360a46af69baba39dff756266fce1f591b145ffc60ad3317828ee4773d6b9091f7d7167015d24b1
SSDEEP

786432:OBLc300b1sb4gRI7XbsiXHFdNZ7iFk/xMJGs8dAt94KAAzYYg:5fb+XI7LZXlBiCx+v8dAn4rpYg

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 2 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/Shahid Script GLHF/files/yt-dlp.exe	pyinstaller
static1/unpack001/Shahid Script GLHF/shahidlol.exe	pyinstaller

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Shahid Script GLHF/files/ffmpeg.exe
unpack001/Shahid Script GLHF/files/mp4decrypt.exe
unpack001/Shahid Script GLHF/files/yt-dlp.exe
unpack001/Shahid Script GLHF/shahidlol.exe

Files

Shahid Script GLHF.rar
.rar
Shahid Script GLHF/1080p edit me.bat
Shahid Script GLHF/720p edit me.bat
Shahid Script GLHF/files/ffmpeg.exe
.exe windows:6 windows x64 arch:x64

0e0d327f4eb38c626f694d48d0654cbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AreFileApisANSI
CancelIo
CancelIoEx
CloseHandle
CompareStringOrdinal
CopyFileExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateHardLinkW
CreateMutexA
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateSymbolicLinkW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindNextFileA
FindNextFileW
FlsAlloc
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileSize
GetFileSizeEx
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLastError
GetLogicalProcessorInformation
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetNumaNodeProcessorMaskEx
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetProcessTimes
GetStdHandle
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetSystemTimePreciseAsFileTime
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadGroupAffinity
GetThreadId
GetThreadPriority
GetTickCount64
GetTimeZoneInformation
GetUserDefaultLocaleName
GetWindowsDirectoryA
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
IsDebuggerPresent
IsValidCodePage
IsWow64Process
K32GetProcessMemoryInfo
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExA
MoveFileExW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadFileEx
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetCurrentDirectoryW
SetDllDirectoryA
SetDllDirectoryW
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadErrorMode
SetThreadGroupAffinity
SetThreadPriority
SetThreadStackGuarantee
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SleepEx
SuspendThread
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
UnmapViewOfFile
UnregisterWait
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFileEx
__C_specific_handler
lstrcmpiW
lstrcpyA
lstrcpynA

shell32

CommandLineToArgvW
SHGetFolderPathA
SHGetFolderPathW
SHGetSpecialFolderPathA

api-ms-win-crt-convert-l1-1-0

_itoa_s
_strtod_l
_strtoi64_l
_strtoui64_l
_ultoa
atof
atoi
mbrtowc
mbsrtowcs
mbstowcs
strtod
strtof
strtol
strtoll
strtoul
strtoull
strtoumax
wcrtomb
wcrtomb_s
wcstod
wcstol
wcstombs
wcstombs_s
wcstoul

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
_putenv
_wgetenv
getenv

api-ms-win-crt-heap-l1-1-0

_aligned_free
_aligned_malloc
_aligned_realloc
_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-math-l1-1-0

__setusermatherr
_fdopen
_hypot
_j1
acos
asin
atan
cosh
frexp
log10
nextafter
sinh
tan
tanh

api-ms-win-crt-private-l1-1-0

__intrinsic_setjmpex
longjmp
memchr
memcmp
memcpy
memmove
strchr
strrchr
strstr
wcsrchr
wcsstr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__sys_nerr
_assert
_beginthreadex
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_endthreadex
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_register_thread_local_exe_atexit_callback
_set_app_type
_set_invalid_parameter_handler
_wassert
abort
exit
perror
raise
signal
strerror
strerror_s

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vsnprintf_s
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
_close
_dup
_fileno
_fseeki64
_ftelli64
_get_osfhandle
_getcwd
_isatty
_kbhit
_locking
_lseeki64
_open
_read
_setmode
_sopen
_wfopen
_wfopen_s
_wopen
_write
_wsopen
clearerr
fclose
feof
ferror
fflush
fgetc
fgets
fgetwc
fopen
fopen_s
fputc
fputs
fputwc
fread
fseek
ftell
fwrite
getc
getchar
putchar
puts
rewind
setbuf
setvbuf
ungetc
ungetwc

api-ms-win-crt-string-l1-1-0

_isctype
_isctype_l
_iswalpha_l
_iswcntrl_l
_iswdigit_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_strcoll_l
_strdup
_stricmp
_strnicmp
_strxfrm_l
_tolower_l
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsdup
_wcsicmp
_wcsxfrm_l
isalnum
isalpha
islower
isprint
isspace
isupper
iswctype
isxdigit
mbrlen
memset
strcat
strcmp
strcpy
strcspn
strlen
strncat
strncat_s
strncmp
strncpy
strncpy_s
strpbrk
strspn
strtok
strtok_s
tolower
toupper
wcscat
wcscmp
wcscpy
wcscpy_s
wcslen
wcsncmp
wcsncpy_s

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_ftime64
_gmtime64
_gmtime64_s
_localtime64
_localtime64_s
_mktime64
_strftime_l
_time64
_tzset
clock
strftime

api-ms-win-crt-utility-l1-1-0

bsearch
div
qsort
rand
rand_s
srand

ws2_32

WSACleanup
WSACloseEvent
WSADuplicateSocketW
WSAGetLastError
WSAGetOverlappedResult
WSARecv
WSARecvFrom
WSASend
WSASendTo
WSASetLastError
WSASocketW
WSAStartup
WSAStringToAddressA
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyaddr
gethostbyname
gethostname
getnameinfo
getpeername
getservbyname
getservbyport
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

api-ms-win-crt-filesystem-l1-1-0

_access
_chmod
_findclose
_findfirst64
_findnext64
_fstat64
_lock_file
_mkdir
_rmdir
_stat64
_unlink
_unlock_file
_waccess
_wfindfirst64
_wfindnext64
_wmkdir
_wremove
_wrename
_wrmdir
_wstat64
_wunlink
remove
rename

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
__pctype_func
_configthreadlocale
_create_locale
_free_locale
localeconv
setlocale

api-ms-win-crt-conio-l1-1-0

_getch

oleaut32

OleCreatePropertyFrame

ole32

CoCreateInstance
CoGetMalloc
CoInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
OleLoadFromStream
OleSaveToStream
StringFromGUID2

shlwapi

PathRemoveFileSpecW
SHCreateStreamOnFileA

user32

AdjustWindowRectEx
BeginPaint
CopyIcon
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyWindow
DispatchMessageA
DrawIcon
EndPaint
FindWindowW
FrameRect
GetClientRect
GetCursorInfo
GetDC
GetDesktopWindow
GetIconInfo
GetSystemMetrics
GetWindowLongPtrA
GetWindowRect
LoadCursorA
PeekMessageA
ReleaseDC
SendMessageA
SetWindowLongPtrA
SetWindowRgn
ShowWindow
wsprintfA

gdi32

BitBlt
CombineRgn
CreateCompatibleDC
CreateDIBSection
CreateFontIndirectW
CreateRectRgn
DeleteDC
DeleteObject
EnumFontFamiliesExW
EnumFontFamiliesW
GetDIBColorTable
GetDeviceCaps
GetObjectA
GetStockObject
GetTextFaceW
SelectObject

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

ntdll

NtCreateFile
NtReadFile
NtWriteFile
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlNtStatusToDosError
RtlRestoreContext
RtlUnwindEx
RtlVirtualUnwind
VerSetConditionMask

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

api-ms-win-crt-multibyte-l1-1-0

_mbsrchr
_mbtowc_l

advapi32

GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetUserNameA
OpenProcessToken
RegCloseKey
RegEnumKeyExW
RegEnumValueA
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
SystemFunction036

userenv

GetUserProfileDirectoryW

cfgmgr32

CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_Sibling
CM_Locate_DevNodeW
CM_Open_DevNode_Key

dwrite

DWriteCreateFactory

d2d1

D2D1CreateFactory

Exports

Exports

FT_Activate_Size
FT_Add_Default_Modules
FT_Add_Module
FT_Angle_Diff
FT_Atan2
FT_Attach_File
FT_Attach_Stream
FT_Bitmap_Blend
FT_Bitmap_Convert
FT_Bitmap_Copy
FT_Bitmap_Done
FT_Bitmap_Embolden
FT_Bitmap_Init
FT_Bitmap_New
FT_CeilFix
FT_Cos
FT_DivFix
FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Done_Library
FT_Done_MM_Var
FT_Done_Size
FT_Error_String
FT_Face_GetCharVariantIndex
FT_Face_GetCharVariantIsDefault
FT_Face_GetCharsOfVariant
FT_Face_GetVariantSelectors
FT_Face_GetVariantsOfChar
FT_Face_Properties
FT_FloorFix
FT_Get_Advance
FT_Get_Advances
FT_Get_BDF_Charset_ID
FT_Get_BDF_Property
FT_Get_CMap_Format
FT_Get_CMap_Language_ID
FT_Get_Char_Index
FT_Get_Charmap_Index
FT_Get_Color_Glyph_ClipBox
FT_Get_Color_Glyph_Layer
FT_Get_Color_Glyph_Paint
FT_Get_Colorline_Stops
FT_Get_Default_Named_Instance
FT_Get_First_Char
FT_Get_Font_Format
FT_Get_Glyph
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Get_MM_Blend_Coordinates
FT_Get_MM_Var
FT_Get_MM_WeightVector
FT_Get_Module
FT_Get_Multi_Master
FT_Get_Name_Index
FT_Get_Next_Char
FT_Get_PS_Font_Info
FT_Get_PS_Font_Private
FT_Get_PS_Font_Value
FT_Get_Paint
FT_Get_Paint_Layers
FT_Get_Postscript_Name
FT_Get_Renderer
FT_Get_Sfnt_LangTag
FT_Get_Sfnt_Name
FT_Get_Sfnt_Name_Count
FT_Get_Sfnt_Table
FT_Get_SubGlyph_Info
FT_Get_Track_Kerning
FT_Get_Transform
FT_Get_TrueType_Engine_Type
FT_Get_Var_Axis_Flags
FT_Get_Var_Blend_Coordinates
FT_Get_Var_Design_Coordinates
FT_Get_X11_Font_Format
FT_GlyphSlot_AdjustWeight
FT_GlyphSlot_Embolden
FT_GlyphSlot_Oblique
FT_GlyphSlot_Own_Bitmap
FT_GlyphSlot_Slant
FT_Glyph_Copy
FT_Glyph_Get_CBox
FT_Glyph_Stroke
FT_Glyph_StrokeBorder
FT_Glyph_To_Bitmap
FT_Glyph_Transform
FT_Gzip_Uncompress
FT_Has_PS_Glyph_Names
FT_Init_FreeType
FT_Library_SetLcdFilter
FT_Library_SetLcdFilterWeights
FT_Library_SetLcdGeometry
FT_Library_Version
FT_List_Add
FT_List_Finalize
FT_List_Find
FT_List_Insert
FT_List_Iterate
FT_List_Remove
FT_List_Up
FT_Load_Char
FT_Load_Glyph
FT_Load_Sfnt_Table
FT_Matrix_Invert
FT_Matrix_Multiply
FT_MulDiv
FT_MulFix
FT_New_Face
FT_New_Glyph
FT_New_Library
FT_New_Memory_Face
FT_New_Size
FT_Open_Face
FT_Outline_Check
FT_Outline_Copy
FT_Outline_Decompose
FT_Outline_Done
FT_Outline_Embolden
FT_Outline_EmboldenXY
FT_Outline_GetInsideBorder
FT_Outline_GetOutsideBorder
FT_Outline_Get_Bitmap
FT_Outline_Get_CBox
FT_Outline_Get_Orientation
FT_Outline_New
FT_Outline_Render
FT_Outline_Reverse
FT_Outline_Transform
FT_Outline_Translate
FT_Palette_Data_Get
FT_Palette_Select
FT_Palette_Set_Foreground_Color
FT_Property_Get
FT_Property_Set
FT_Reference_Face
FT_Reference_Library
FT_Remove_Module
FT_Render_Glyph
FT_Request_Size
FT_RoundFix
FT_Select_Charmap
FT_Select_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Debug_Hook
FT_Set_Default_Log_Handler
FT_Set_Default_Properties
FT_Set_Log_Handler
FT_Set_MM_Blend_Coordinates
FT_Set_MM_Design_Coordinates
FT_Set_MM_WeightVector
FT_Set_Named_Instance
FT_Set_Pixel_Sizes
FT_Set_Renderer
FT_Set_Transform
FT_Set_Var_Blend_Coordinates
FT_Set_Var_Design_Coordinates
FT_Sfnt_Table_Info
FT_Sin
FT_Stream_OpenBzip2
FT_Stream_OpenGzip
FT_Stream_OpenLZW
FT_Stroker_BeginSubPath
FT_Stroker_ConicTo
FT_Stroker_CubicTo
FT_Stroker_Done
FT_Stroker_EndSubPath
FT_Stroker_Export
FT_Stroker_ExportBorder
FT_Stroker_GetBorderCounts
FT_Stroker_GetCounts
FT_Stroker_LineTo
FT_Stroker_New
FT_Stroker_ParseOutline
FT_Stroker_Rewind
FT_Stroker_Set
FT_Tan
FT_Trace_Set_Default_Level
FT_Trace_Set_Level
FT_Vector_From_Polar
FT_Vector_Length
FT_Vector_Polarize
FT_Vector_Rotate
FT_Vector_Transform
FT_Vector_Unit
Java_java_awt_BDFontMetrics_charWidthN
Java_java_awt_BDFontMetrics_charsWidthN
Java_java_awt_BDFontMetrics_destroyFontN
Java_java_awt_BDFontMetrics_destroyN
Java_java_awt_BDFontMetrics_getFontFamilyAndStyleN
Java_java_awt_BDFontMetrics_initN
Java_java_awt_BDFontMetrics_loadFontN
Java_java_awt_BDFontMetrics_resolveFontN
Java_java_awt_BDFontMetrics_stringWidthN
Java_java_awt_BDFontMetrics_unloadFontConfigN
Java_java_awt_BDGraphics_drawStringN
Java_org_videolan_Libbluray_cacheBdRomFileN
Java_org_videolan_Libbluray_getAacsDataN
Java_org_videolan_Libbluray_getBdjoN
Java_org_videolan_Libbluray_getPlaylistInfoN
Java_org_videolan_Libbluray_getTitleInfosN
Java_org_videolan_Libbluray_getUOMaskN
Java_org_videolan_Libbluray_listBdFilesN
Java_org_videolan_Libbluray_readRegN
Java_org_videolan_Libbluray_seekN
Java_org_videolan_Libbluray_selectAngleN
Java_org_videolan_Libbluray_selectPlaylistN
Java_org_videolan_Libbluray_selectRateN
Java_org_videolan_Libbluray_selectTitleN
Java_org_videolan_Libbluray_setKeyInterestN
Java_org_videolan_Libbluray_setUOMaskN
Java_org_videolan_Libbluray_setVirtualPackageN
Java_org_videolan_Libbluray_soundEffectN
Java_org_videolan_Libbluray_tellTimeN
Java_org_videolan_Libbluray_updateGraphicN
Java_org_videolan_Libbluray_writeRegN
Java_org_videolan_Logger_logN
JxlColorEncodingSetToLinearSRGB
JxlColorEncodingSetToSRGB
JxlDecoderCloseInput
JxlDecoderCreate
JxlDecoderDestroy
JxlDecoderExtraChannelBufferSize
JxlDecoderFlushImage
JxlDecoderGetBasicInfo
JxlDecoderGetBoxSizeRaw
JxlDecoderGetBoxType
JxlDecoderGetColorAsEncodedProfile
JxlDecoderGetColorAsICCProfile
JxlDecoderGetExtraChannelBlendInfo
JxlDecoderGetExtraChannelInfo
JxlDecoderGetExtraChannelName
JxlDecoderGetFrameHeader
JxlDecoderGetFrameName
JxlDecoderGetICCProfileSize
JxlDecoderGetIntendedDownsamplingRatio
JxlDecoderImageOutBufferSize
JxlDecoderPreviewOutBufferSize
JxlDecoderProcessInput
JxlDecoderReleaseBoxBuffer
JxlDecoderReleaseInput
JxlDecoderReleaseJPEGBuffer
JxlDecoderReset
JxlDecoderRewind
JxlDecoderSetBoxBuffer
JxlDecoderSetCoalescing
JxlDecoderSetDecompressBoxes
JxlDecoderSetDesiredIntensityTarget
JxlDecoderSetExtraChannelBuffer
JxlDecoderSetImageOutBitDepth
JxlDecoderSetImageOutBuffer
JxlDecoderSetImageOutCallback
JxlDecoderSetInput
JxlDecoderSetJPEGBuffer
JxlDecoderSetKeepOrientation
JxlDecoderSetMultithreadedImageOutCallback
JxlDecoderSetParallelRunner
JxlDecoderSetPreferredColorProfile
JxlDecoderSetPreviewOutBuffer
JxlDecoderSetProgressiveDetail
JxlDecoderSetRenderSpotcolors
JxlDecoderSetUnpremultiplyAlpha
JxlDecoderSizeHintBasicInfo
JxlDecoderSkipCurrentFrame
JxlDecoderSkipFrames
JxlDecoderSubscribeEvents
JxlDecoderVersion
JxlEncoderAddBox
JxlEncoderAddChunkedFrame
JxlEncoderAddImageFrame
JxlEncoderAddJPEGFrame
JxlEncoderAllowExpertOptions
JxlEncoderCloseBoxes
JxlEncoderCloseFrames
JxlEncoderCloseInput
JxlEncoderCollectStats
JxlEncoderCreate
JxlEncoderDestroy
JxlEncoderFlushInput
JxlEncoderFrameSettingsCreate
JxlEncoderFrameSettingsSetFloatOption
JxlEncoderFrameSettingsSetOption
JxlEncoderGetError
JxlEncoderGetRequiredCodestreamLevel
JxlEncoderInitBasicInfo
JxlEncoderInitBlendInfo
JxlEncoderInitExtraChannelInfo
JxlEncoderInitFrameHeader
JxlEncoderProcessOutput
JxlEncoderReset
JxlEncoderSetBasicInfo
JxlEncoderSetCms
JxlEncoderSetCodestreamLevel
JxlEncoderSetColorEncoding
JxlEncoderSetDebugImageCallback
JxlEncoderSetExtraChannelBlendInfo
JxlEncoderSetExtraChannelBuffer
JxlEncoderSetExtraChannelDistance
JxlEncoderSetExtraChannelInfo
JxlEncoderSetExtraChannelName
JxlEncoderSetFrameBitDepth
JxlEncoderSetFrameDistance
JxlEncoderSetFrameHeader
JxlEncoderSetFrameLossless
JxlEncoderSetFrameName
JxlEncoderSetICCProfile
JxlEncoderSetOutputProcessor
JxlEncoderSetParallelRunner
JxlEncoderSetUpsamplingMode
JxlEncoderStatsCreate
JxlEncoderStatsDestroy
JxlEncoderStatsGet
JxlEncoderStatsMerge
JxlEncoderStoreJPEGMetadata
JxlEncoderUseBoxes
JxlEncoderUseContainer
JxlEncoderVersion
JxlSignatureCheck
TT_New_Context
TT_RunIns
memcpy_layout
pl_alpha_overlay
pl_bit_encoding_equal
pl_buf_copy
pl_buf_create
pl_buf_destroy
pl_buf_export
pl_buf_poll
pl_buf_read
pl_buf_recreate
pl_buf_write
pl_cache_create
pl_cache_default_params
pl_cache_destroy
pl_cache_get
pl_cache_iterate
pl_cache_load
pl_cache_load_ex
pl_cache_objects
pl_cache_reset
pl_cache_save
pl_cache_save_ex
pl_cache_set
pl_cache_size
pl_cache_try_set
pl_chroma_location_offset
pl_color_adjustment_neutral
pl_color_levels_guess
pl_color_map_default_params
pl_color_map_high_quality_params
pl_color_primaries_guess
pl_color_primaries_is_wide_gamut
pl_color_repr_decode
pl_color_repr_equal
pl_color_repr_hdtv
pl_color_repr_jpeg
pl_color_repr_merge
pl_color_repr_normalize
pl_color_repr_rgb
pl_color_repr_sdtv
pl_color_repr_uhdtv
pl_color_repr_unknown
pl_color_space_bt2020_hlg
pl_color_space_bt709
pl_color_space_equal
pl_color_space_hdr10
pl_color_space_infer
pl_color_space_infer_map
pl_color_space_infer_ref
pl_color_space_is_black_scaled
pl_color_space_is_hdr
pl_color_space_merge
pl_color_space_monitor
pl_color_space_nominal_luma_ex
pl_color_space_srgb
pl_color_space_unknown
pl_color_system_guess_ycbcr
pl_color_system_is_linear
pl_color_system_is_ycbcr_like
pl_color_transfer_nominal_peak
pl_deband_default_params
pl_deinterlace_default_params
pl_desc_access_glsl_name
pl_desc_namespace
pl_dispatch_abort
pl_dispatch_begin
pl_dispatch_callback
pl_dispatch_compute
pl_dispatch_create
pl_dispatch_destroy
pl_dispatch_finish
pl_dispatch_load
pl_dispatch_reset_frame
pl_dispatch_save
pl_dispatch_vertex
pl_distort_default_params
pl_dither_default_params
pl_error_diffusion_atkinson
pl_error_diffusion_burkes
pl_error_diffusion_false_fs
pl_error_diffusion_floyd_steinberg
pl_error_diffusion_jarvis_judice_ninke
pl_error_diffusion_kernels
pl_error_diffusion_shmem_req
pl_error_diffusion_sierra2
pl_error_diffusion_sierra3
pl_error_diffusion_sierra_lite
pl_error_diffusion_simple
pl_error_diffusion_stucki
pl_filter_bicubic
pl_filter_bilinear
pl_filter_box
pl_filter_catmull_rom
pl_filter_config_eq
pl_filter_configs
pl_filter_ewa_ginseng
pl_filter_ewa_hann
pl_filter_ewa_jinc
pl_filter_ewa_lanczos
pl_filter_ewa_lanczos4sharpest
pl_filter_ewa_lanczossharp
pl_filter_ewa_robidoux
pl_filter_ewa_robidouxsharp
pl_filter_free
pl_filter_function_blackman
pl_filter_function_bohman
pl_filter_function_box
pl_filter_function_cosine
pl_filter_function_cubic
pl_filter_function_eq
pl_filter_function_gaussian
pl_filter_function_hamming
pl_filter_function_hann
pl_filter_function_hermite
pl_filter_function_jinc
pl_filter_function_kaiser
pl_filter_function_oversample
pl_filter_function_presets
pl_filter_function_quadratic
pl_filter_function_sinc
pl_filter_function_sphinx
pl_filter_function_spline16
pl_filter_function_spline36
pl_filter_function_spline64
pl_filter_function_triangle
pl_filter_function_welch
pl_filter_functions
pl_filter_gaussian
pl_filter_generate
pl_filter_ginseng
pl_filter_hermite
pl_filter_lanczos
pl_filter_mitchell
pl_filter_mitchell_clamp
pl_filter_nearest
pl_filter_oversample
pl_filter_presets
pl_filter_robidoux
pl_filter_robidouxsharp
pl_filter_sample
pl_filter_sinc
pl_filter_spline16
pl_filter_spline36
pl_filter_spline64
pl_find_error_diffusion_kernel
pl_find_filter_config
pl_find_filter_function
pl_find_filter_function_preset
pl_find_filter_preset
pl_find_fmt
pl_find_fourcc
pl_find_gamut_map_function
pl_find_named_fmt
pl_find_option
pl_find_tone_map_function
pl_find_vertex_fmt
pl_fix_ver
pl_fmt_has_modifier
pl_fmt_is_float
pl_fmt_is_ordered
pl_frame_clear_rgba
pl_frame_from_swapchain
pl_frame_is_cropped
pl_frame_mix_current
pl_frame_mix_nearest
pl_frame_mixers
pl_frame_set_chroma_location
pl_frames_infer
pl_frames_infer_mix
pl_gamut_map_absolute
pl_gamut_map_clip
pl_gamut_map_darken
pl_gamut_map_desaturate
pl_gamut_map_functions
pl_gamut_map_generate
pl_gamut_map_highlight
pl_gamut_map_linear
pl_gamut_map_params_equal
pl_gamut_map_params_noop
pl_gamut_map_perceptual

Sections

.text
Size: 68.8MB - Virtual size: 68.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16.1MB - Virtual size: 16.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 24.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 704KB - Virtual size: 703KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Shahid Script GLHF/files/mp4decrypt.exe
.exe windows:6 windows x64 arch:x64

b0749227ae772c82e2022cc8013c1cba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

MultiByteToWideChar
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW

vcruntime140

__std_exception_copy
__std_exception_destroy
_purecall
__RTDynamicCast
__current_exception_context
memset
_CxxThrowException
__std_terminate
memcpy
__C_specific_handler
__current_exception

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-stdio-l1-1-0

_fseeki64
__stdio_common_vfprintf
__p__commode
_set_fmode
__stdio_common_vsnprintf_s
_setmode
fwrite
_ftelli64
__acrt_iob_func
fread
_fileno
fflush
feof
fclose
_wfopen_s

api-ms-win-crt-runtime-l1-1-0

_exit
__p___argc
__p___argv
_cexit
_c_exit
_initterm
_initterm_e
_get_initial_narrow_environment
_configure_narrow_argv
terminate
_set_app_type
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_seh_filter_exe
exit
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
_set_new_mode
free

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Shahid Script GLHF/files/yt-dlp.exe
.exe windows:4 windows x86 arch:x86

17af060c224fc5de9b4d0c76d0b4db69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTokenInformation
OpenProcessToken

kernel32

CloseHandle
CreateDirectoryW
CreateProcessW
DeleteCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FormatMessageW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetEnvironmentVariableW
GetExitCodeProcess
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoW
GetTempPathW
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LocalFree
MultiByteToWideChar
SetConsoleCtrlHandler
SetDllDirectoryW
SetEnvironmentVariableW
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__argc
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wargv
__wgetmainargs
__winitenv
_amsg_exit
_cexit
_errno
_filelengthi64
_fileno
_fileno
_findclose
_get_osfhandle
_getpid
_initterm
_iob
_lock
_onexit
_setmode
_snwprintf
_stat
_strdup
_unlock
_wcsdup
_wfindfirst
_wfindnext
_wfopen
_wfullpath
_wputenv_s
_wremove
_wrmdir
_wstat
_wtempnam
abort
atoi
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgetpos
fprintf
fputc
fputwc
fread
free
fsetpos
fwprintf
fwrite
iswctype
localeconv
malloc
mbstowcs
memcpy
memset
memcmp
perror
realloc
setbuf
setlocale
signal
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strtok
vfprintf
wcscat
wcschr
wcscmp
wcscpy
wcslen
wcsncpy
wcstombs

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 59KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
__main__.pyc
Shahid Script GLHF/screenshots/1200x600wa.png
.png
Shahid Script GLHF/screenshots/Mbc_Shahid_logo.svg.png
.png
Shahid Script GLHF/screenshots/channels4_profile.jpg
.jpg
Shahid Script GLHF/screenshots/imagwdes.jpg
.jpg
Shahid Script GLHF/screenshots/rtaImage.png
.png
Shahid Script GLHF/shahidlol.exe
.exe windows:5 windows x64 arch:x64

380d2cbec5e800eecb6612f15b9ac012

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

GetWindowThreadProcessId
ShowWindow

kernel32

GetModuleFileNameW
CreateSymbolicLinkW
GetProcAddress
GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
SetDllDirectoryW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetConsoleWindow
GetTimeZoneInformation
GetLastError
HeapSize
WriteConsoleW
GetStartupInfoW
TlsSetValue
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
SetEndOfFile
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
HeapReAlloc
GetFileAttributesExW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 167KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shahidlol.pyc

Sharing

General

Malware Config

Signatures

Files

0e0d327f4eb38c626f694d48d0654cbd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

ws2_32

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-conio-l1-1-0

oleaut32

ole32

shlwapi

user32

gdi32

avicap32

ntdll

bcrypt

api-ms-win-crt-multibyte-l1-1-0

advapi32

userenv

cfgmgr32

dwrite

d2d1

Exports

Exports

Sections

.text Size: 68.8MB - Virtual size: 68.8MB

.rdata Size: 16.1MB - Virtual size: 16.1MB

.buildid Size: 512B - Virtual size: 163B

.data Size: 152KB - Virtual size: 24.0MB

.pdata Size: 704KB - Virtual size: 703KB

.00cfg Size: 512B - Virtual size: 16B

.rodata Size: 14KB - Virtual size: 14KB

.rodata Size: 6KB - Virtual size: 6KB

.tls Size: 1024B - Virtual size: 704B

.rsrc Size: 1024B - Virtual size: 592B

.reloc Size: 247KB - Virtual size: 247KB

b0749227ae772c82e2022cc8013c1cba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

vcruntime140_1

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 115KB - Virtual size: 115KB

.data Size: 12KB - Virtual size: 13KB

.pdata Size: 16KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 5KB

17af060c224fc5de9b4d0c76d0b4db69

Headers

DLL Characteristics

File Characteristics

.text
Size: 68.8MB - Virtual size: 68.8MB

.rdata
Size: 16.1MB - Virtual size: 16.1MB

.buildid
Size: 512B - Virtual size: 163B

.data
Size: 152KB - Virtual size: 24.0MB

.pdata
Size: 704KB - Virtual size: 703KB

.00cfg
Size: 512B - Virtual size: 16B

.rodata
Size: 14KB - Virtual size: 14KB

.rodata
Size: 6KB - Virtual size: 6KB

.tls
Size: 1024B - Virtual size: 704B

.rsrc
Size: 1024B - Virtual size: 592B

.reloc
Size: 247KB - Virtual size: 247KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 115KB - Virtual size: 115KB

.data
Size: 12KB - Virtual size: 13KB

.pdata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 85KB - Virtual size: 84KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 23KB - Virtual size: 23KB

/4
Size: 15KB - Virtual size: 15KB

.bss
Size: - Virtual size: 59KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 43KB - Virtual size: 42KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 167KB - Virtual size: 167KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 2KB - Virtual size: 1KB