Extracted

Extracted

• 9dba3c80346817d71ad06a9143dbbe0d419a929c3a6acaf8d12f25ca07a60a23

  .exe windows:4 windows x86 arch:x86

  21314122cd4542a6b9b297f52a87acbe

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateFileW

  CloseHandle

  WriteFile

  DeleteFileW

  HeapDestroy

  HeapSize

  HeapReAlloc

  HeapFree

  HeapAlloc

  GetProcessHeap

  SizeofResource

  LockResource

  LoadResource

  FindResourceW

  FindResourceExW

  CreateEventExW

  WaitForSingleObject

  CreateProcessW

  GetLastError

  GetExitCodeProcess

  SetEvent

  RemoveDirectoryW

  GetProcAddress

  GetModuleHandleW

  GetWindowsDirectoryW

  CreateDirectoryW

  GetTempPathW

  GetTempFileNameW

  MoveFileW

  EnterCriticalSection

  LeaveCriticalSection

  GetModuleFileNameW

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  GetCurrentThreadId

  RaiseException

  SetLastError

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  MulDiv

  lstrcmpW

  CreateEventW

  FindClose

  FindFirstFileW

  GetFullPathNameW

  InitializeCriticalSection

  lstrcpynW

  CreateThread

  LoadLibraryExW

  GetCurrentProcess

  Sleep

  WideCharToMultiByte

  GetDiskFreeSpaceExW

  DecodePointer

  GetExitCodeThread

  GetCurrentProcessId

  FreeLibrary

  GetSystemDirectoryW

  lstrlenW

  VerifyVersionInfoW

  VerSetConditionMask

  lstrcmpiW

  LoadLibraryW

  GetDriveTypeW

  CompareStringW

  FindNextFileW

  GetLogicalDriveStringsW

  GetFileSize

  GetFileAttributesW

  GetShortPathNameW

  GetFinalPathNameByHandleW

  SetFileAttributesW

  GetFileTime

  CopyFileW

  ReadFile

  SetFilePointer

  SetFileTime

  SystemTimeToFileTime

  MultiByteToWideChar

  GetSystemInfo

  WaitForMultipleObjects

  GetVersionExW

  VirtualProtect

  VirtualQuery

  LoadLibraryExA

  GetStringTypeW

  LocalFree

  LocalAlloc

  SetUnhandledExceptionFilter

  FileTimeToSystemTime

  GetEnvironmentVariableW

  GetSystemTime

  GetDateFormatW

  GetTimeFormatW

  GetLocaleInfoW

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  FormatMessageW

  GetEnvironmentStringsW

  InitializeCriticalSectionEx

  LoadLibraryA

  GetModuleFileNameA

  GetCurrentThread

  GetConsoleOutputCP

  FlushFileBuffers

  Wow64DisableWow64FsRedirection

  Wow64RevertWow64FsRedirection

  IsWow64Process

  SetConsoleTextAttribute

  GetStdHandle

  GetConsoleScreenBufferInfo

  OutputDebugStringW

  GetTickCount

  GetCommandLineW

  SetCurrentDirectoryW

  SetEndOfFile

  EnumResourceLanguagesW

  GetSystemDefaultLangID

  GetUserDefaultLangID

  GetLocalTime

  ResetEvent

  GlobalFree

  GetPrivateProfileStringW

  GetPrivateProfileSectionNamesW

  WritePrivateProfileStringW

  CreateNamedPipeW

  ConnectNamedPipe

  TerminateThread

  CompareFileTime

  CopyFileExW

  OpenEventW

  PeekNamedPipe

  WaitForSingleObjectEx

  QueryPerformanceCounter

  QueryPerformanceFrequency

  EncodePointer

  LCMapStringEx

  CompareStringEx

  GetCPInfo

  GetSystemTimeAsFileTime

  IsDebuggerPresent

  InitializeSListHead

  InterlockedPopEntrySList

  InterlockedPushEntrySList

  FlushInstructionCache

  IsProcessorFeaturePresent

  VirtualAlloc

  VirtualFree

  UnhandledExceptionFilter

  TerminateProcess

  GetStartupInfoW

  RtlUnwind

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  ExitThread

  FreeLibraryAndExitThread

  GetModuleHandleExW

  ExitProcess

  GetFileType

  LCMapStringW

  IsValidLocale

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetTimeZoneInformation

  GetConsoleMode

  GetFileSizeEx

  SetFilePointerEx

  FindFirstFileExW

  IsValidCodePage

  GetACP

  GetOEMCP

  GetCommandLineA

  FreeEnvironmentStringsW

  SetEnvironmentVariableW

  SetStdHandle

  ReadConsoleW

  WriteConsoleW

  GetProcessAffinityMask

  GetModuleHandleA

  GlobalMemoryStatus

  ReleaseSemaphore

  CreateSemaphoreW

  Sections

  .text

  Size: 2.4MB - Virtual size: 2.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 571KB - Virtual size: 570KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 15KB - Virtual size: 52KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 154KB - Virtual size: 154KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 162KB - Virtual size: 162KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .srvs

  Size: 1024B - Virtual size: 868B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 154KB - Virtual size: 154KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 162KB - Virtual size: 162KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ