#NEW IDM + ITM + S4Unhidder +Bypass + Teleport[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

#NEW IDM + ITM + S4Unhidder +Bypass + Teleport.zip
Size

3.8MB
MD5

a3ae5b78ee409002ab2b4ac65ba91694
SHA1

91fcc1b88573fdf558cecddce64bfd20e83ece78
SHA256

69dbfa026d09939e45a2ebe62e71a8f28e79f9adcabba7736e26e7813ec59ab1
SHA512

383965393189ac419de133c455283df50a74c1a89fc387e8c269df7e03602463b39e54605eb80eded5f28f8c0444389f3fc5dd6c6ff65b0323900b71b9554c92
SSDEEP

98304:5RixdcNkWGxxQQnlIMiax84GhFcDLsDhPb/V:5RixdB1C94GbuqhjV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Bypass (2)/Bypass (2).exe	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack002/out.upx	autoit_exe

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bypass (2)/Bypass (2).exe
unpack002/out.upx
unpack001/Olympus Team IDM+ITM/Olympus Team [IDM+ITM].exe
unpack001/Olympus Team Teleport Manager/Olympus Team [Teleport Manager].exe
unpack001/S4Unhidder/S4Unhidder.exe
unpack001/S4Unhidder/drvr.sys
unpack001/S4Unhidder/xtrap.sys
unpack001/S4Unhidder/xtrap_v.dll

Files

#NEW IDM + ITM + S4Unhidder +Bypass + Teleport.zip
.zip
Bypass (2)/Bypass (2).exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 460KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Olympus Team IDM+ITM/ITMData/CrowundTaser/ID.xt
Olympus Team IDM+ITM/ITMData/Item/Datos.txt
Olympus Team IDM+ITM/ITMData/Item/IDM/1.txt
Olympus Team IDM+ITM/ITMData/SR.xt
Olympus Team IDM+ITM/Olympus Team [IDM+ITM].exe
.exe windows:4 windows x86 arch:x86

e2e22158e61de7cfe602b9b547f84f15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueW
RegSetValueA
RegSetValueW

kernel32

CloseHandle
CreateFileW
ExitProcess
GetFileSize
InitializeCriticalSection
SetFilePointer
SetUnhandledExceptionFilter
WriteFile

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memcpy
memset
realloc
signal
sprintf
sscanf
strcpy
wcscpy

user32

AdjustWindowRectEx
AppendMenuW
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefWindowProcW
DestroyAcceleratorTable
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
EnableMenuItem
EnableWindow
EndPaint
EnumWindows
ExitWindowsEx
FillRect
FlashWindow
GetActiveWindow
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetSysColor
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetWindow
GetWindowDC
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
ReleaseDC
ScreenToClient
SendMessageW
SetClipboardData
SetParent
SetTimer
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
WaitForInputIdle
WindowFromPoint

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Olympus Team Teleport Manager/Olympus Team [Teleport Manager].exe
.exe windows:4 windows x86 arch:x86

e2e22158e61de7cfe602b9b547f84f15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyW
RegQueryValueW
RegSetValueA
RegSetValueW

kernel32

CloseHandle
CreateFileW
ExitProcess
GetFileSize
InitializeCriticalSection
SetFilePointer
SetUnhandledExceptionFilter
WriteFile

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memcpy
memset
realloc
signal
sprintf
sscanf
strcpy
wcscpy

user32

AdjustWindowRectEx
AppendMenuW
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateMenu
CreatePopupMenu
CreateWindowExW
DefFrameProcW
DefWindowProcW
DestroyAcceleratorTable
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
EnableMenuItem
EnableWindow
EndPaint
EnumWindows
ExitWindowsEx
FillRect
FlashWindow
GetActiveWindow
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetSysColor
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetWindow
GetWindowDC
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
ReleaseDC
ScreenToClient
SendMessageW
SetClipboardData
SetParent
SetTimer
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
WaitForInputIdle
WindowFromPoint

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Olympus Team Teleport Manager/TMData/name.xt
Olympus Team Teleport Manager/TMData/x.xt
Olympus Team Teleport Manager/TMData/y.xt
Olympus Team Teleport Manager/TMData/z.xt
S4Unhidder/S4Unhidder.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 166KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
S4Unhidder/drvr.sys
.sys windows:5 windows x86 arch:x86

d23f78a43e9e42cbabdd6157630b32a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\article\bin\Release\i386\drvUnhooker.pdb

Imports

ntoskrnl.exe

KeInitializeEvent
KeWaitForSingleObject
KeSetEvent
KeWaitForMultipleObjects
RtlInitAnsiString
ZwClose
ObReferenceObjectByHandle
PsCreateSystemThread
_purecall
KeEnterCriticalRegion
KeLeaveCriticalRegion
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
KeTickCount
IofCompleteRequest
ObfDereferenceObject
IoDeleteDevice
ExAllocatePoolWithTag
ExFreePoolWithTag
_except_handler3
KeServiceDescriptorTable
NtQuerySystemInformation
_strnicmp
NtClose
IoCreateFile
RtlAppendUnicodeStringToString
RtlAnsiStringToUnicodeString
RtlAppendUnicodeToString
ObMakeTemporaryObject
MmUnmapViewOfSection
MmMapViewOfSection
IoGetCurrentProcess
MmCreateSection
NtQueryInformationFile

hal

ExAcquireFastMutex
ExReleaseFastMutex

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
S4Unhidder/xtrap.sys
.exe windows:4 windows x86 arch:x86

d4eac1228d736b74c9ad85f7134ddd69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\article\bin\Release\unhooker.pdb

Imports

kernel32

CloseHandle
GetLastError
DeviceIoControl
CreateFileW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
ExitProcess
GetModuleHandleA
GetVersionExA
GetCPInfo
HeapFree
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
VirtualQuery
HeapReAlloc
HeapSize
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
SetFilePointer
VirtualProtect
GetSystemInfo
GetACP
GetOEMCP
LoadLibraryA
GetLocaleInfoW
SetStdHandle
ReadFile

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
S4Unhidder/xtrap_v.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 460KB

UPX1 Size: 264KB - Virtual size: 268KB

.rsrc Size: 19KB - Virtual size: 20KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 514KB - Virtual size: 513KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 26KB - Virtual size: 105KB

.rsrc Size: 27KB - Virtual size: 27KB

e2e22158e61de7cfe602b9b547f84f15

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 176B

.idata Size: 4KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 608B

.bss Size: - Virtual size: 1.4MB

.rsrc Size: 59KB - Virtual size: 59KB

e2e22158e61de7cfe602b9b547f84f15

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 176B

.idata Size: 4KB - Virtual size: 4KB

.rdata Size: 1024B - Virtual size: 608B

.bss Size: - Virtual size: 1.1MB

.rsrc Size: 59KB - Virtual size: 59KB

Headers

DLL Characteristics

File Characteristics

Sections

Size: 2KB - Virtual size: 8KB

Size: - Virtual size: 8KB

Size: - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 8KB

Size: 166KB - Virtual size: 2.6MB

.data Size: 1.0MB - Virtual size: 1.0MB

d23f78a43e9e42cbabdd6157630b32a8

Headers

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

hal

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 452B

.data Size: 128B - Virtual size: 20B

INIT Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 392B

d4eac1228d736b74c9ad85f7134ddd69

Headers

File Characteristics

PDB Paths

Imports

kernel32

Sections

UPX0
Size: - Virtual size: 460KB

UPX1
Size: 264KB - Virtual size: 268KB

.rsrc
Size: 19KB - Virtual size: 20KB

.text
Size: 514KB - Virtual size: 513KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 26KB - Virtual size: 105KB

.rsrc
Size: 27KB - Virtual size: 27KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 176B

.idata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 608B

.bss
Size: - Virtual size: 1.4MB

.rsrc
Size: 59KB - Virtual size: 59KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 176B

.idata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1024B - Virtual size: 608B

.bss
Size: - Virtual size: 1.1MB

.rsrc
Size: 59KB - Virtual size: 59KB

.rsrc
Size: 1KB - Virtual size: 8KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 452B

.data
Size: 128B - Virtual size: 20B

INIT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 392B

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 11KB

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 512B - Virtual size: 12B