c2cf8b0fd50f29442e49870229b219d4

Sharing

Copy URL Twitter E-mail

General

Target

c2cf8b0fd50f29442e49870229b219d4
Size

4.3MB
MD5

c2cf8b0fd50f29442e49870229b219d4
SHA1

9c73651398eddf30a7f6b31bb3725426d2a3829e
SHA256

2e0a0f57bbfc85b7b74c6b202fe00c8c2b4e66818b44e439248b4d76da11a5ad
SHA512

72c9aa561e8d80aa0eaf191492a995321150f57871635b561415f056bf7b0a1f9492de1a64ca24e823a947eeee0f0e5272f3f8b062b6b32ebc9b5f4843f74d95
SSDEEP

98304:a7Sr3e59AL8+cBEKVHBnUogQDEWV+9zySDQ7UrQQX4/UyWrS:aQQ9mOVTQXsfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
c2cf8b0fd50f29442e49870229b219d4
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/bitcoin.exe
unpack001/daemon/bitcoind.exe
unpack001/uninstall.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_2
static1/unpack001/uninstall.exe	nsis_installer_2

Files

c2cf8b0fd50f29442e49870229b219d4
.exe windows:4 windows x86 arch:x86

28a099a911237a28521d8b7ea250f089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 107KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

bdab983d6ad23427df2ffbe18eafb197

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

GetTextMetricsA
SelectObject

kernel32

FindClose
FindFirstFileA
FindNextFileA
GetModuleHandleA
GlobalAlloc
GlobalFree
MulDiv
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA

ole32

CoTaskMemFree

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

user32

CallWindowProcA
CheckDlgButton
CreateDialogParamA
DestroyWindow
DispatchMessageA
EnableWindow
GetClientRect
GetDC
GetDlgItem
GetMessageA
GetWindowLongA
GetWindowRect
GetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
LoadIconA
MoveWindow
PostMessageA
ReleaseDC
ScreenToClient
SendMessageA
SetWindowLongA
SetWindowTextA
ShowWindow
TranslateMessage
wsprintfA

Exports

Exports

Init
Select
Show

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

38e5d87efd24fb4005f186879a64501c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
GlobalSize
LoadLibraryA
MultiByteToWideChar
VirtualAlloc
VirtualProtect
WideCharToMultiByte
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

__dllonexit
_errno
fflush
free
malloc

ole32

CLSIDFromString
StringFromGUID2

user32

wsprintfA

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

4fb4d15e957b6564bf15c23e80f0202a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

SetTextColor

kernel32

GetCurrentDirectoryA
GetFileAttributesA
GetProcessHeap
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
HeapReAlloc
MulDiv
SetCurrentDirectoryA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

ole32

CoTaskMemFree

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

user32

CallWindowProcA
CharNextA
CharPrevA
CreateDialogParamA
CreateWindowExA
DestroyWindow
DispatchMessageA
DrawFocusRect
DrawTextA
GetClientRect
GetDlgItem
GetMessageA
GetPropA
GetWindowLongA
GetWindowRect
GetWindowTextA
IsDialogMessageA
IsWindow
KillTimer
LoadCursorA
MapDialogRect
MapWindowPoints
RemovePropA
SendMessageA
SetCursor
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
ShowWindow
TranslateMessage
wsprintfA

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bitcoin.exe
.exe windows:4 windows x86 arch:x86

61594542a76c22c011717cc6d5bd6148

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
DeregisterEventSource
GetUserNameW
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegisterEventSourceA
ReportEventA
SetSecurityDescriptorDacl

comctl32

CreateUpDownControl
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitCommonControls

comdlg32

ChooseColorW
ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW

gdi32

Arc
BitBlt
CloseEnhMetaFile
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
GdiFlush
GetBitmapBits
GetBkColor
GetCharABCWidthsW
GetClipBox
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetMetaFileBitsEx
GetNearestPaletteIndex
GetObjectA
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
GetWinMetaFileBits
LineTo
MaskBlt
MoveToEx
OffsetRgn
Pie
PlayEnhMetaFile
PolyBezier
PolyPolygon
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetMapMode
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StartDocW
StartPage
StretchBlt
StretchDIBits

iphlpapi

GetBestRoute
GetIpAddrTable

kernel32

AreFileApisANSI
CloseHandle
CopyFileW
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreatePipe
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateWaitableTimerA
CreateWaitableTimerW
DebugBreak
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EnumResourceNamesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputCharacterW
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeConsole
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameW
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProfileStringW
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LocalFree
LockFile
LockFileEx
LockResource
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileExW
MulDiv
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
PulseEvent
QueryPerformanceCounter
QueueUserAPC
ReadConsoleOutputCharacterA
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ResetEvent
ResumeThread
SetConsoleCursorPosition
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetFileTime
SetLastError
SetNamedPipeHandleState
SetThreadAffinityMask
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
SizeofResource
Sleep
SleepEx
SuspendThread
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualLock
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile

msvcrt

_fdopen
_memicmp
_read
_strdup
_strlwr
_timezone
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_close
_commit
_endthreadex
_errno
_exit
_fdopen
_filbuf
_filelengthi64
_flsbuf
_ftime
_get_osfhandle
_getch
_getcwd
_iob
_isctype
_lseeki64
_onexit
_open
_open_osfhandle
_pctype
_putws
_read
_setmode
_snprintf
_stat
_strdup
_stricmp
_strlwr
_strnicmp
_telli64
_unlink
_vsnprintf
_waccess
_wcsdup
_wfopen
_wgetenv
_wmkdir
_wopen
_wperror
_wputenv
_wremove
_wrename
_write
_wrmdir
_wtoi
_wtol
abort
atan2
atexit
atof
atoi
atol
bsearch
calloc
ceil
clearerr
cos
ctime
difftime
exit
fclose
fflush
fgetc
fgetpos
fgets
floor
fopen
fprintf
fputc
fputs
fputwc
fputws
fread
free
frexp
fseek
fsetpos
ftell
fwprintf
fwrite
getenv
getwc
gmtime
isalpha
isprint
isspace
iswctype
ldexp
localeconv
localtime
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
perror
pow
printf
putchar
puts
putwc
qsort
raise
rand
realloc
remove
setbuf
setlocale
setvbuf
signal
sin
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
strxfrm
swprintf
swscanf
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
vprintf
vswprintf
wcscat
wcschr
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsncpy
wcspbrk
wcsspn
wcsstr
wcstod
wcstol
wcstoul
wcsxfrm

ole32

CoCreateInstance
CoInitialize
CoLockObjectExternal
CoTaskMemAlloc
CoUninitialize
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

oleaut32

SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
SafeArrayUnaccessData
SysAllocString
SysFreeString
SysReAllocString
SysStringLen
SystemTimeToVariantTime
VariantInit
VariantTimeToSystemTime

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractIconExW
ExtractIconW
SHFileOperationW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW

shlwapi

PathRemoveFileSpecW

user32

AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleW
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeInitializeW
DdeNameService
DdePostAdvise
DdeQueryStringW
DdeUninitialize
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndPaint
EnumClipboardFormats
EnumDisplaySettingsW
EnumWindows
ExitWindowsEx
FillRect
FindWindowA
FindWindowExW
FlashWindow
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameW
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyState
GetMenu
GetMenuItemCount
GetMenuItemInfoW
GetMenuState
GetMenuStringW
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetProcessWindowStation
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRgn
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoW
SetParent
SetRect
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UpdateWindow
ValidateRect
ValidateRgn
VkKeyScanW
WaitForInputIdle
WindowFromPoint
keybd_event

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

ws2_32

WSAAddressToStringA
WSACleanup
WSAGetLastError
WSARecv
WSASend
WSASetLastError
WSASocketW
WSAStartup
WSAStringToAddressA
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getservbyname
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
ntohs
recv
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 975KB - Virtual size: 975KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 218KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
daemon/bitcoind.exe
.exe windows:4 windows x86 arch:x86

b09f88b96c368f70f25048d2597c4c12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

DeregisterEventSource
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegisterEventSourceA
ReportEventA
SetSecurityDescriptorDacl

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetBitmapBits
GetDeviceCaps
GetObjectA
SelectObject

iphlpapi

GetBestRoute
GetIpAddrTable

kernel32

AreFileApisANSI
CloseHandle
CopyFileW
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateSemaphoreA
CreateThread
CreateWaitableTimerA
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeLibrary
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetEnvironmentVariableA
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetQueuedCompletionStatus
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
LockFile
LockFileEx
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileExW
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OutputDebugStringA
PostQueuedCompletionStatus
PulseEvent
QueryPerformanceCounter
QueueUserAPC
ReadFile
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ResetEvent
ResumeThread
SetCurrentDirectoryW
SetEndOfFile
SetEvent
SetFilePointer
SetFilePointerEx
SetFileTime
SetLastError
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SleepEx
SystemTimeToFileTime
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFile
UnmapViewOfFile
VirtualLock
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_fdopen
_memicmp
_read
_strdup
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_close
_commit
_errno
_exit
_filbuf
_filelengthi64
_flsbuf
_ftime
_getch
_getcwd
_iob
_isctype
_lseeki64
_onexit
_open
_pctype
_setmode
_snprintf
_stat
_stricmp
_strlwr
_strnicmp
_unlink
_vsnprintf
_wfopen
abort
atexit
atoi
atol
calloc
ctime
exit
fclose
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwrite
getenv
getwc
gmtime
isalpha
isprint
isspace
iswctype
localeconv
localtime
malloc
memchr
memcmp
memcpy
memmove
memset
perror
pow
printf
putchar
puts
putwc
qsort
raise
rand
realloc
setbuf
setlocale
setvbuf
signal
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtol
strtoul
strxfrm
swprintf
time
tolower
towlower
towupper
ungetc
ungetwc
vfprintf
vprintf
wcscoll
wcsftime
wcslen
wcsstr
wcsxfrm

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA

ws2_32

WSAAddressToStringA
WSACleanup
WSAGetLastError
WSARecv
WSASend
WSASetLastError
WSASocketA
WSAStartup
WSAStringToAddressA
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
gethostname
getnameinfo
getservbyname
getsockname
getsockopt
htonl
htons
inet_addr
ioctlsocket
listen
ntohl
ntohs
recv
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 419KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
license.txt
locale/cs/LC_MESSAGES/bitcoin.mo
locale/cs/LC_MESSAGES/bitcoin.po
locale/de/LC_MESSAGES/bitcoin.mo
locale/de/LC_MESSAGES/bitcoin.po
locale/eo/LC_MESSAGES/bitcoin.mo
locale/eo/LC_MESSAGES/bitcoin.po
locale/es/LC_MESSAGES/bitcoin.mo
locale/es/LC_MESSAGES/bitcoin.po
locale/fr/LC_MESSAGES/bitcoin.mo
locale/fr/LC_MESSAGES/bitcoin.po
locale/it/LC_MESSAGES/bitcoin.mo
locale/it/LC_MESSAGES/bitcoin.po
locale/lt/LC_MESSAGES/bitcoin.mo
locale/lt/LC_MESSAGES/bitcoin.po
locale/nl/LC_MESSAGES/bitcoin.mo
locale/nl/LC_MESSAGES/bitcoin.po
locale/pl/LC_MESSAGES/bitcoin.po
locale/pt/LC_MESSAGES/bitcoin.mo
locale/pt/LC_MESSAGES/bitcoin.po
locale/readme.txt
locale/ro/LC_MESSAGES/bitcoin.mo
locale/ro/LC_MESSAGES/bitcoin.po
locale/ru/LC_MESSAGES/bitcoin.mo
locale/ru/LC_MESSAGES/bitcoin.po
locale/sv/LC_MESSAGES/bitcoin.mo
locale/sv/LC_MESSAGES/bitcoin.po
locale/zh_cn/LC_MESSAGES/bitcoin.mo
locale/zh_cn/LC_MESSAGES/bitcoin.po
readme.txt
src/base58.h
src/bignum.h
src/checkpoints.cpp
src/checkpoints.h
src/crypter.cpp
src/crypter.h
src/cryptopp/License.txt
src/cryptopp/Readme.txt
src/cryptopp/config.h
src/cryptopp/cpu.cpp
src/cryptopp/cpu.h
src/cryptopp/cryptlib.h
src/cryptopp/iterhash.h
src/cryptopp/misc.h
.js
src/cryptopp/obj/.gitignore
src/cryptopp/pch.h
src/cryptopp/secblock.h
src/cryptopp/sha.cpp
src/cryptopp/sha.h
src/cryptopp/simple.h
src/cryptopp/smartptr.h
src/cryptopp/stdcpp.h
src/db.cpp
.js
src/db.h
src/headers.h
src/init.cpp
.js
src/init.h
src/irc.cpp
.js
src/irc.h
src/json/LICENSE.txt
src/json/json_spirit.h
src/json/json_spirit_error_position.h
src/json/json_spirit_reader.cpp
src/json/json_spirit_reader.h
src/json/json_spirit_reader_template.h
.js
src/json/json_spirit_stream_reader.h
src/json/json_spirit_utils.h
src/json/json_spirit_value.cpp
src/json/json_spirit_value.h
src/json/json_spirit_writer.cpp
src/json/json_spirit_writer.h
src/json/json_spirit_writer_template.h
src/key.h
src/keystore.cpp
src/keystore.h
src/main.cpp
src/main.h
src/makefile.linux-mingw
src/makefile.mingw
src/makefile.osx
src/makefile.unix
src/makefile.vc
src/net.cpp
.js
src/net.h
.js
src/noui.h
src/obj/.gitignore
src/obj/nogui/.gitignore
src/obj/test/.gitignore
src/protocol.cpp
src/protocol.h
src/rpc.cpp
.js
src/rpc.h
src/script.cpp
.js
src/script.h
src/serialize.h
src/strlcpy.h
src/test/Checkpoints_tests.cpp
src/test/README
src/test/script_tests.cpp
src/test/test_bitcoin.cpp
src/test/transaction_tests.cpp
src/test/uint160_tests.cpp
src/test/uint256_tests.cpp
src/ui.cpp
src/ui.h
src/uibase.cpp
src/uibase.h
src/uint256.h
src/util.cpp
src/util.h
.js
src/wallet.cpp
src/wallet.h
src/xpm/about.xpm
src/xpm/addressbook16.xpm
src/xpm/addressbook20.xpm
src/xpm/bitcoin16.xpm
src/xpm/bitcoin20.xpm
src/xpm/bitcoin32.xpm
src/xpm/bitcoin48.xpm
src/xpm/bitcoin80.xpm
src/xpm/check.xpm
src/xpm/send16.xpm
src/xpm/send16noshadow.xpm
src/xpm/send20.xpm
uninstall.exe
.exe windows:4 windows x86 arch:x86

28a099a911237a28521d8b7ea250f089

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 107KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/modern-header.bmp

Sharing

General

Malware Config

Signatures

Files

28a099a911237a28521d8b7ea250f089

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

version

Sections

.text Size: 33KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 140B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 107KB

.idata Size: 5KB - Virtual size: 4KB

.ndata Size: 1024B - Virtual size: 84KB

.rsrc Size: 303KB - Virtual size: 303KB

bdab983d6ad23427df2ffbe18eafb197

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 240B

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 101B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 292B

.reloc Size: 512B - Virtual size: 360B

38e5d87efd24fb4005f186879a64501c

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

user32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 1024B - Virtual size: 540B

.bss Size: - Virtual size: 284B

.edata Size: 512B - Virtual size: 160B

.idata Size: 1024B - Virtual size: 856B

.reloc Size: 1024B - Virtual size: 624B

4fb4d15e957b6564bf15c23e80f0202a

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 512B - Virtual size: 176B

.bss Size: - Virtual size: 4KB

.edata Size: 512B - Virtual size: 363B

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 140B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 107KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 1024B - Virtual size: 84KB

.rsrc
Size: 303KB - Virtual size: 303KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 240B

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 101B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 292B

.reloc
Size: 512B - Virtual size: 360B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 1024B - Virtual size: 540B

.bss
Size: - Virtual size: 284B

.edata
Size: 512B - Virtual size: 160B

.idata
Size: 1024B - Virtual size: 856B

.reloc
Size: 1024B - Virtual size: 624B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 176B

.bss
Size: - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 363B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 140B

.reloc
Size: 512B - Virtual size: 416B

.text
Size: 9.7MB - Virtual size: 9.7MB

.data
Size: 113KB - Virtual size: 112KB

.rdata
Size: 975KB - Virtual size: 975KB

.bss
Size: - Virtual size: 218KB

.idata
Size: 22KB - Virtual size: 21KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 332KB - Virtual size: 332KB

.text
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 103KB - Virtual size: 102KB

.rdata
Size: 419KB - Virtual size: 419KB

.bss
Size: - Virtual size: 17KB

.idata
Size: 8KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 332KB - Virtual size: 332KB

.text
Size: 33KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 140B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 107KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 1024B - Virtual size: 84KB