c022ac3dc63025459d1bb39395540f49

Sharing

Copy URL Twitter E-mail

General

Target

c022ac3dc63025459d1bb39395540f49
Size

5.2MB
MD5

c022ac3dc63025459d1bb39395540f49
SHA1

9eeb62b25088e86fd12ac120851a30663852b7cf
SHA256

e47cf059dddedee16e0cbbc1d360d97cffd91d033acc91555bea63fcf25b78e1
SHA512

7f74f055b8877984c498931c84328f8e42afb32e1659a35fe4cc101fae07b361a53979926696b4f2c6edad67191cb0cd10474ba0694983a33038d2879d791834
SSDEEP

98304:Asy+QhE0GG4gmt9A2c3Ohq2a+A0/7AteGZzDWNLBGBmE9q05P4e4JPFeVByrnNMr:AsiE0Gq2yOhLa+Am7IN1AF7w4ecFPrN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
c022ac3dc63025459d1bb39395540f49
unpack001/$PLUGINSDIR/NSISdl.dll
unpack001/$TEMP/windll.dll
unpack001/$TEMP/windows-7-manager-1.2.1.exe

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_2

Files

c022ac3dc63025459d1bb39395540f49
.exe windows:4 windows x86 arch:x86

28a099a911237a28521d8b7ea250f089

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 150KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/NSISdl.dll
.dll windows:4 windows x86 arch:x86

826f63babc644cdb846b4d888d102fa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateFileA
CreateSemaphoreA
CreateThread
DeleteFileA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
InterlockedDecrement
InterlockedIncrement
MulDiv
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

_write
__dllonexit
_errno
_iob
abort
fflush
fputc
fputs
free
fwrite
malloc
memcpy
realloc
strcmp
strcpy
strlen

user32

CallWindowProcA
CharPrevA
CreateWindowExA
DestroyWindow
EnableWindow
FindWindowExA
GetClientRect
GetDlgItem
GetFocus
GetWindowLongA
GetWindowRect
IsWindowVisible
RegisterWindowMessageA
SendMessageA
SetDlgItemTextA
SetWindowLongA
SetWindowTextA
ShowWindow
wsprintfA

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
closesocket
connect
gethostbyname
getsockname
htons
inet_addr
ioctlsocket
recv
select
send
shutdown
socket

Exports

Exports

download
download_quiet

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/windll.dll
.dll regsvr32 windows:4 windows x86 arch:x86

4ff0568c1517848d190b1b06b0445f87

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
OpenMutexA
GetDiskFreeSpaceExW
WaitForSingleObjectEx
SetEndOfFile
SetTimeZoneInformation
FindResourceExA
ProcessIdToSessionId
DeleteTimerQueueEx
GetConsoleScreenBufferInfo
GetCurrentProcess
GetNumberFormatW
HeapReAlloc
SetConsoleCtrlHandler
GetHandleInformation
GetFileSize
GetDateFormatA
GetProcessAffinityMask
ExpandEnvironmentStringsW
GetEnvironmentStringsW
CallNamedPipeA
SetVolumeMountPointW
PeekNamedPipe
GetCurrentThread
lstrlenW
GetCurrentThreadId
GetProfileSectionA
GlobalFree
IsValidLanguageGroup
GetThreadLocale
ReadConsoleInputW
SetHandleCount
ReleaseSemaphore
VirtualUnlock
LocalSize
SetHandleInformation
GetFileSizeEx
FileTimeToDosDateTime
FindFirstFileExW
QueueUserWorkItem
GetSystemDefaultUILanguage
GetProfileStringA
CreateFileMappingW
WriteConsoleW
ReadProcessMemory
TransactNamedPipe
LocalAlloc
GetExitCodeThread
GetTapeParameters
SetNamedPipeHandleState
GetDriveTypeA
CreateDirectoryW
GetLogicalDrives
LocalFileTimeToFileTime
IsValidLocale
GetFileInformationByHandle
FindFirstChangeNotificationA
Beep
GetVolumePathNamesForVolumeNameW
GetLocaleInfoA
WriteConsoleInputA
GetLogicalDriveStringsW
FormatMessageA
GetFileType
ExitProcess
GetShortPathNameA
lstrcatA
lstrcatW
GetBinaryTypeW
GetProfileIntA
GetFileAttributesA
OpenFileMappingA
DeleteCriticalSection
CancelWaitableTimer
GetUserDefaultUILanguage
FindResourceExW
GlobalDeleteAtom
EnumSystemLocalesA
FlushConsoleInputBuffer
AllocConsole
SetStdHandle
GetUserDefaultLCID
VerSetConditionMask
UnlockFile
SetConsoleCursorPosition
GetEnvironmentVariableW
GetComputerNameExW
GetSystemInfo
IsBadStringPtrA
LockResource
AddAtomA
WaitForMultipleObjectsEx
FindNextChangeNotification
SystemTimeToFileTime
GetLongPathNameW
GetFullPathNameA
DisconnectNamedPipe
OpenSemaphoreW
GetSystemDirectoryA
GetVolumeInformationA
HeapValidate
GetTempFileNameA
GetVolumeNameForVolumeMountPointW
SetComputerNameA
CancelIo
CreateFileW
SetFilePointerEx
SetFileApisToOEM
GetTickCount
CreateDirectoryA
EnterCriticalSection
ExpandEnvironmentStringsA
ReadFile
DeleteFileA
CreateThread
InterlockedExchange
WriteFile
GetLastError
GetSystemTimeAsFileTime
ReleaseMutex
VirtualProtect
GlobalAlloc
InterlockedDecrement
GetProcAddress
VirtualQuery
WaitForSingleObject
Sleep
CloseHandle
CreateFileMappingA
LoadLibraryA
InitializeCriticalSection
GetModuleHandleA
CreateFileA
CopyFileA
GetComputerNameA
lstrcmpW
CreateMutexA

ole32

RevokeDragDrop
CoTaskMemRealloc
OleRegGetUserType
CoCreateFreeThreadedMarshaler
StringFromGUID2
CreateGenericComposite
CoInitializeEx
CoMarshalInterface
StgCreateDocfileOnILockBytes
IIDFromString
CreateBindCtx
OleRegEnumVerbs
OleIsRunning
OleLockRunning
StgOpenStorageEx
OleSetMenuDescriptor
OleGetAutoConvert
OleDuplicateData
CreateAntiMoniker
GetHGlobalFromILockBytes
OleUninitialize
CoFreeUnusedLibraries
OleCreate
CoCreateInstance
CoTaskMemFree
OleSetContainedObject

advapi32

RegEnumKeyExA
GetSecurityDescriptorSacl
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
NotifyChangeEventLog
RevertToSelf
CreateServiceW
GetTokenInformation
StartServiceW
QueryServiceStatus
LockServiceDatabase
RegNotifyChangeKeyValue
UnlockServiceDatabase
StartServiceCtrlDispatcherA
RegOpenCurrentUser
MakeSelfRelativeSD
RegQueryValueA
RegRestoreKeyW
SetEntriesInAclW
GetInheritanceSourceW
CloseEventLog
ReportEventW
RegUnLoadKeyA
CreateServiceA
RegDeleteValueA
NotifyBootConfigStatus
RegCreateKeyW
RegDeleteValueW
MapGenericMask
ClearEventLogW
GetUserNameW
RegRestoreKeyA
GetAclInformation
ChangeServiceConfigA
RegConnectRegistryW
RegOpenKeyExA

gdi32

GetTextExtentPoint32A
CreateBrushIndirect
EnumFontFamiliesExW
GetCharWidth32W
GetCharWidthA
CreateMetaFileW
SetWindowExtEx
StartDocA
CloseFigure
RectVisible
BeginPath
CreateDiscardableBitmap
CreateRectRgnIndirect
TextOutW
EqualRgn
SetBrushOrgEx
CloseMetaFile
MoveToEx
GetOutlineTextMetricsA
SetTextCharacterExtra
GetStretchBltMode
PatBlt
IntersectClipRect
GetTextCharset
StartDocW
FlattenPath
GetCharacterPlacementA
GetPixel
InvertRgn
SelectPalette
ScaleViewportExtEx
CreateEnhMetaFileA
OffsetViewportOrgEx
CreateDCW
PlayMetaFile
DeleteEnhMetaFile
GetTextFaceW
GetPath
SetMetaFileBitsEx
GetDIBits
SetDIBits
GetNearestPaletteIndex
GetObjectType
GetSystemPaletteEntries
SetTextAlign
ExtEscape
GetTextExtentExPointA
SetRectRgn
PathToRegion
SetBitmapBits
SetROP2
GetTextCharacterExtra
GetClipRgn
CreateDIBSection
GetTextMetricsA
SelectObject
AbortPath
RoundRect
CreateCompatibleDC
CreateScalableFontResourceA
SetWindowOrgEx
CreatePen
SetTextJustification
RealizePalette
GetGlyphOutlineW
StrokePath
SetBkMode

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/windows-7-manager-1.2.1.exe
.exe windows:5 windows x86 arch:x86

37b336b6c78a487a462f7f5156f921f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
FlushInstructionCache
GetCurrentProcess
CopyFileW
SetFileAttributesW
GetFileAttributesW
GetDriveTypeW
CreateMutexW
CloseHandle
GetCurrentThreadId
LoadLibraryW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
lstrcmpiW
FreeLibrary
GetLastError
GetTempPathW
GetTempFileNameW
DeleteFileW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
GetLogicalDriveStringsW
CreateDirectoryW
SetFilePointer
ReadFile
FlushFileBuffers
InterlockedExchange
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesW
GetLocaleInfoW
GlobalMemoryStatus
OutputDebugStringW
GetSystemDirectoryW
GetWindowsDirectoryW
GetProcAddress
GetEnvironmentVariableW
GetSystemTime
CreateThread
MulDiv
WaitForSingleObject
GetExitCodeThread
TerminateThread
SetEvent
WriteFile
GetFileSize
MoveFileW
Sleep
ResetEvent
CreateFileA
GetDiskFreeSpaceExW
FormatMessageW
CreateProcessW
GetExitCodeProcess
GetVersion
CreateNamedPipeW
SearchPathW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
LocalAlloc
LoadLibraryA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
HeapCreate
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
RaiseException
GetVersionExW
lstrlenW
MultiByteToWideChar
CreateEventW
WideCharToMultiByte

user32

RedrawWindow
InvalidateRect
SetFocus
LoadStringW
SetForegroundWindow
LoadImageW
GetForegroundWindow
MsgWaitForMultipleObjects
GetSystemMenu
ModifyMenuW
DestroyMenu
FindWindowW
ExitWindowsEx
GetDlgCtrlID
SetPropW
RemovePropW
EnableMenuItem
TrackPopupMenu
LoadMenuW
GetSubMenu
SetTimer
KillTimer
IsWindowVisible
GetWindowDC
ReleaseDC
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
UnregisterClassA
GetWindow
GetWindowLongW
SystemParametersInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowTextW
GetDlgItem
IsWindow
PostMessageW
GetPropW
ShowWindow
PostQuitMessage
CallWindowProcW
GetDesktopWindow
ScreenToClient
EnableWindow
CreateWindowExW
SendMessageW
DispatchMessageW
TranslateMessage
PeekMessageW
GetDC
GetSystemMetrics
CreateDialogParamW
LoadIconW
DialogBoxParamW
MessageBoxW
GetActiveWindow
SetWindowLongW
DefWindowProcW
CharNextW
DestroyWindow
EndDialog

gdi32

GetWindowExtEx
CreateFontIndirectW
GetViewportExtEx
SetMapMode
GetMapMode
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
GetStockObject
SetBkMode
DeleteDC
GetObjectW
GetDeviceCaps

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
UnlockServiceDatabase
CloseServiceHandle
OpenServiceW
QueryServiceStatus
StartServiceW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
GetUserNameW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
OpenSCManagerW
LockServiceDatabase

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
SHBrowseForFolderW
ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize

oleaut32

VarUI4FromStr
OleLoadPicture

comctl32

PropertySheetW
CreatePropertySheetPageW
DestroyPropertySheetPage

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28a099a911237a28521d8b7ea250f089

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

version

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 144B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 150KB

.idata Size: 5KB - Virtual size: 4KB

.ndata Size: 1024B - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 2KB

826f63babc644cdb846b4d888d102fa0

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

ws2_32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 24KB

.edata Size: 512B - Virtual size: 95B

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

4ff0568c1517848d190b1b06b0445f87

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

37b336b6c78a487a462f7f5156f921f2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 144B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 150KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 1024B - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 2KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 24KB

.edata
Size: 512B - Virtual size: 95B

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 60KB - Virtual size: 59KB