86a04af65a919f8da80e3e70ddc5ffe4fc08dcdc6c6f4669133dd3e54968992a

Sharing

Copy URL

Twitter E-mail

General

Target

86a04af65a919f8da80e3e70ddc5ffe4fc08dcdc6c6f4669133dd3e54968992a
Size

6.4MB
MD5

a76d6a2cfacd251b9a9aee026743a7ea
SHA1

7a12c0234eab2f4f0e5706e1ecce04a74bcdbc8c
SHA256

86a04af65a919f8da80e3e70ddc5ffe4fc08dcdc6c6f4669133dd3e54968992a
SHA512

ebbfec25b01b1e8addd08523c5bb85c6b41bab777ec49275440a9fad64197775c7e764ff63ee223f160a31812b2834703701ade3b177bff7d9d655968b80cee2
SSDEEP

98304:6itU7HXNjHoCSK0AEXLk8dWziw0cbLzHIKpJSZX6u67dulonMBRkD/DdLpt+XK03:6iUDIKfEXLksWzycLIcXNu+nwk1P+QLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CShell.dll
unpack001/crossfire.exe

Files

86a04af65a919f8da80e3e70ddc5ffe4fc08dcdc6c6f4669133dd3e54968992a
.zip
CShell.dll
.dll windows:4 windows x86 arch:x86

27c70d9664257c3f87ffcb37c3dd0784

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy
ExitProcess

avifil32

DllGetClassObject

Exports

Exports

SetMasterDatabase

Sections

.text
Size: 2.3MB - Virtual size: 17.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
crossfire.exe
.exe windows:4 windows x86 arch:x86

eaf69757a1f41128a83e408579fed2a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atl80

AtlComPtrAssign
AtlAxWinInit

bugtrap

BT_InstallSehFilter
BT_SetAppName
BT_SetAppVersion
_BT_SetGameSSN@4
BT_SetDumpType
BT_UninstallSehFilter
BT_SetFlags
BT_SetSupportServer

dinput8

DirectInput8Create

gdi32

GetTextMetricsA
GetTextFaceA
GetGlyphOutline
CreateFontIndirectA
GetGlyphOutlineW
CreateFontIndirectW
SetMapMode
TextOutW
GetTextMetricsW
GetCharWidth32W
GdiFlush
Rectangle
SetBkColor
CreateCompatibleDC
TextOutA
SetTextCharacterExtra
SetTextColor
SetBkMode
DeleteObject
DeleteDC
GetTextExtentPoint32A
CreateDIBSection
SelectObject
CreateFontA
GetTextCharacterExtra
RemoveFontResourceA
AddFontResourceA
GetStockObject

kernel32

InterlockedDecrement
GetPrivateProfileStringA
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
HeapCompact
GetProcessHeap
SetFilePointer
WriteFile
lstrlen
FormatMessageA
GetTempPathA
GetTempFileNameA
DebugBreak
GetTickCount
WideCharToMultiByte
ResetEvent
CreateEventA
PulseEvent
WaitForMultipleObjects
SetEvent
lstrcpy
GetModuleHandleA
TerminateThread
ExitThread
SetThreadPriority
SuspendThread
ResumeThread
VirtualProtect
HeapFree
VirtualFree
GetPrivateProfileIntA
GetVersionExA
VirtualQuery
IsBadWritePtr
GetSystemInfo
LocalFree
MulDiv
CreateThread
LoadResource
FindResourceA
LockResource
SizeofResource
GetExitCodeThread
LoadLibraryW
UnmapViewOfFile
ExitProcess
FindNextFileA
GetModuleFileNameW
InterlockedExchange
GetThreadPriority
GetCurrentThread
FindNextFileW
FindFirstFileW
InterlockedCompareExchange
GetStartupInfoA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
FindClose
FindFirstFileA
DuplicateHandle
DeleteFileA
OutputDebugStringA
GetLastError
RaiseException
SetUnhandledExceptionFilter
GetModuleFileNameA
GetCurrentProcessId
CreateFileMappingA
CreateFileW
MapViewOfFile
lstrcat
GetSystemDefaultLangID
GetThreadLocale
GetLocaleInfoA
GetACP
IsDebuggerPresent
WritePrivateProfileStringA
WaitForSingleObject
GetLocalTime
InterlockedIncrement
GetCurrentDirectoryA
FindCloseChangeNotification
SetPriorityClass
EnterCriticalSection
MoveFileA
FindFirstChangeNotificationA
FindNextChangeNotification
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
ReadFile
CloseHandle
GetFileAttributesA
FreeLibrary
GetCurrentProcess
MultiByteToWideChar
SetCurrentDirectoryA
GetCurrentThreadId
GetFileSize
LoadLibraryA
CreateDirectoryA
CreateFileA
VirtualProtect
Sleep

msvcp80

?_Myptr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEPADXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??1?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?length@?$char_traits@D@std@@SAIPBD@Z
?narrow@?$ctype@D@std@@QBEPBDPBD0DPAD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?uncaught_exception@std@@YA_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??0?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAE@PBG@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?begin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?find_last_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??4?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QAEAAV01@ABV01@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?find_last_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?rbegin@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AV?$reverse_iterator@V?$_String_iterator@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??_7facet@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7?$codecvt@_WDH@std@@6B@

msvcr80

_findclose
_setjmp3
isspace
free
fread
strncmp
_findfirst64i32
strncat
_findnext64i32
strstr
ftell
_purecall
??8type_info@@QBE_NABV0@@Z
isdigit
sqrt
sin
tolower
strcpy_s
tan
cos
sscanf
_stricmp
__RTDynamicCast
strcat_s
fabs
_isnan
fputs
fputc
fgets
fwrite
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_mbsstr
memcmp
abs
_mbslwr
longjmp
fflush
rand
isalnum
floor
atan2
acos
wcslen
wcsncpy
fmod
strrchr
exp
toupper
clock
srand
_mbsicmp
_mbsinc
_mbscmp
iswspace
memmove
abs
pow
qsort
_wtoi64
wcstombs_s
_vsnwprintf_s
_CIatan
__CxxFrameHandler
_CxxThrowException
ferror
div
strtok_s
sscanf_s
strncpy_s
atol
_CIsqrt
malloc
_time64
_stat64i32
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
_crt_debugger_hook
fseek
_endthreadex
strncpy
memset
memmove_s
strcmp
printf
fprintf
_set_purecall_handler
_set_invalid_parameter_handler
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
_splitpath
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
?what@exception@std@@UBEPBDXZ
_beginthreadex
_access
strcat
sprintf
sprintf_s
strchr
fopen
strcpy
memcpy
atan
fgetc
fclose
strlen
atoi
atof
feof
??_V@YAXPAX@Z
_strupr
_strlwr
_itoa
_strnicmp
_chkesp
__CxxFrameHandler
_except_handler3
_time32
wcsncmp
wcsrchr
wcscpy
strtoul
_swprintf
_vsnprintf

oleaut32

VariantClear
VariantInit

user32

GetWindowRect
SetWindowPos
CreateWindowExA
GetAsyncKeyState
LoadIconA
GetDesktopWindow
EndPaint
DestroyWindow
ShowWindow
DefWindowProcA
LoadCursorA
BeginPaint
DispatchMessageA
KillTimer
EnumDisplaySettingsA
ClipCursor
LoadStringA
SetFocus
TranslateMessage
SendMessageA
ChangeDisplaySettingsExA
RegisterClassA
GetSystemMetrics
ToAscii
GetKeyboardState
LoadImageA
SetCursor
ShowCursor
PeekMessageA
MessageBoxA
ChangeDisplaySettingsA
SetCursorPos
IsIconic
SetTimer
wvsprintfA
SendMessageTimeoutA
wsprintfA
PostQuitMessage
GetWindowLongA
AdjustWindowRect
RegisterClipboardFormatA
MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageA

winhttp

WinHttpConnect
WinHttpOpenRequest
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpen
WinHttpCloseHandle
WinHttpWriteData

winmm

timeSetEvent
timeKillEvent
timeEndPeriod
timeGetTime
timeBeginPeriod

ws2_32

htons
inet_addr
htonl
WSAStartup
WSACleanup
WSASetLastError
sendto
socket
WSACreateEvent
select
gethostname
WSAResetEvent
WSAEventSelect
WSACloseEvent
ioctlsocket
htons
WSAGetLastError
bind
closesocket
htonl
recvfrom
getsockname
inet_ntoa
connect
send
WSAWaitForMultipleEvents
setsockopt
gethostbyname

d3dx9_29

D3DXMatrixPerspectiveFovLH
D3DXAssembleShader
D3DXVec3TransformCoord
D3DXMatrixPerspectiveLH
D3DXMatrixTranslation
D3DXLoadSurfaceFromSurface
D3DXGetImageInfoFromFileA
D3DXCreateTextureFromFileExA
D3DXSaveSurfaceToFileA
D3DXSaveTextureToFileA
D3DXLoadSurfaceFromMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXMatrixTranspose
D3DXCreateEffectPool
D3DXVec3Transform
D3DXCreateCubeTextureFromFileA
D3DXVec4Normalize
D3DXVec3Normalize
D3DXMatrixRotationY
D3DXMatrixInverse
D3DXCreateEffect
D3DXMatrixScaling
D3DXMatrixRotationZ
D3DXCreateSprite
D3DXMatrixRotationYawPitchRoll
D3DXMatrixMultiply
D3DXMatrixLookAtLH

dbghelp

MiniDumpWriteDump

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree

crossfirebase

ord1

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
LTGetILTMemory
SetMasterDatabase
fcEXP

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Tut4you
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 992KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 788KB - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PE_ADS
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27c70d9664257c3f87ffcb37c3dd0784

Headers

File Characteristics

Imports

kernel32

avifil32

Exports

Exports

Sections

.text Size: 2.3MB - Virtual size: 17.4MB

.rsrc Size: 4KB - Virtual size: 752B

.idata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2.5MB

.data Size: 1.7MB - Virtual size: 1.7MB

.data Size: 4KB - Virtual size: 4KB

eaf69757a1f41128a83e408579fed2a2

Headers

File Characteristics

Imports

atl80

bugtrap

dinput8

gdi32

kernel32

msvcp80

msvcr80

oleaut32

user32

winhttp

winmm

ws2_32

d3dx9_29

dbghelp

ole32

crossfirebase

Exports

Exports

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rsrc Size: 37KB - Virtual size: 40KB

.Tut4you Size: 4KB - Virtual size: 4KB

.data Size: 992KB - Virtual size: 992KB

.data Size: 788KB - Virtual size: 788KB

.data Size: 4KB - Virtual size: 5.9MB

PE_ADS Size: 72KB - Virtual size: 69KB

.text
Size: 2.3MB - Virtual size: 17.4MB

.rsrc
Size: 4KB - Virtual size: 752B

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2.5MB

.data
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 4KB - Virtual size: 4KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rsrc
Size: 37KB - Virtual size: 40KB

.Tut4you
Size: 4KB - Virtual size: 4KB

.data
Size: 992KB - Virtual size: 992KB

.data
Size: 788KB - Virtual size: 788KB

.data
Size: 4KB - Virtual size: 5.9MB

PE_ADS
Size: 72KB - Virtual size: 69KB