EMVTOOLS[.]zip

Resubmissions

13/03/2024, 02:12

240313-cm98jsbg79 7

Sharing

Copy URL Twitter E-mail

General

Target

EMVTOOLS.zip
Size

14.0MB
MD5

d46436cf2224866fa9b7606c10b89228
SHA1

c8fa5547f15686abae507248d7d587a0eb3106c8
SHA256

098abefe170fe33781858e8f1fd5593d35851af47c1dae8eeab6050ef1e0191f
SHA512

afd5ec7f1af268822bd8f9be1e6cf230fd8ff1cd391f27226e3855c27ba17369a4f1a6da0f764f6a76df1bd703afab0cd11ce2e1c3e201213a63c720d3de58ec
SSDEEP

196608:2pV9wnj855F506D3g1R2L0ZU1jVv9LP/+Ye1uLB26+1w6s/D7D4Ig3V3m8pTJfOc:sw455F5v3yDev9LP//EbK/DfBKV3Xn

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/jcopmgr.exe	upx

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/X2-ARQC - update/GPPcScConnectionPlugin.dll
unpack001/X2-ARQC - update/GlobalPlatform.dll
unpack001/X2-ARQC - update/X2A.exe
unpack001/X2-ARQC - update/bins.dll
unpack001/X2-ARQC - update/sqlite3.dll
unpack001/X2-ARQC - update/zlib1.dll
unpack001/arqc_gen.exe
unpack001/cardpeek-0.8.4-win32-setup.exe
unpack001/jcopenglish.exe
unpack001/jcopmgr.exe
unpack004/out.upx

Files

EMVTOOLS.zip
.zip
MSRX.lnk
.lnk
X2-ARQC - update/Bin.db
X2-ARQC - update/GPPcScConnectionPlugin.dll
.dll windows:5 windows x86 arch:x86

51f482122a4539ad8067c7a3a24dcede

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\2015PRJ\2015-03-16-smartCARD\JOB2\NEWJOB\WORK\GPPcScConnectionPlugin\Release\GPPcScConnectionPlugin.pdb

Imports

globalplatform

OPGP_stringify_error

winscard

g_rgSCardT0Pci
g_rgSCardT1Pci
SCardTransmit
SCardDisconnect
SCardStatusA
SCardConnectA
SCardListReadersA
SCardReleaseContext
SCardEstablishContext

msvcr90

_encode_pointer
_malloc_crt
memmove
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
free
_mbsnbcpy
malloc
_encoded_null
memcpy

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess

Exports

Exports

OPGP_PL_card_connect
OPGP_PL_card_disconnect
OPGP_PL_establish_context
OPGP_PL_list_readers
OPGP_PL_release_context
OPGP_PL_send_APDU

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
X2-ARQC - update/GlobalPlatform.dll
.dll windows:5 windows x86 arch:x86

ceff59b9ba519e82e18f92798bbffd55

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\2015PRJ\2015-03-16-smartCARD\JOB2\NEWJOB\WORK\GlobalPlatform-DLL\Release\GlobalPlatform.pdb

Imports

zlib1

inflateEnd
inflate
inflateInit2_
crc32

kernel32

GetLastError
GetProcAddress
LoadLibraryA
FormatMessageA
LocalFree
WriteFile
CloseHandle
FreeLibrary
GetModuleHandleA
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
FlushConsoleInputBuffer
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

msvcr90

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
_mbsnbcpy
__iob_func
fprintf
free
malloc
_errno
fopen
fclose
fputs
fflush
_snprintf
vfprintf
_localtime64
getenv
_time64
realloc
fread
ferror
fwrite
ftell
fseek
memmove
memset
memcpy
strchr
strtoul
sscanf
wcsstr
_vsnprintf
_exit
raise
strncpy
strerror
_strnicmp
isdigit
isspace
qsort
strncmp
_setmode
_fileno
feof
fgets
_wfopen
_time32
strcmp
isxdigit
atoi
tolower
isupper
_gmtime32
signal
_getch
sprintf
strstr
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common

Exports

Exports

EMV_CPS11_derive_keys
GP211_EMV_CPS11_derive_keys
GP211_VISA1_derive_keys
GP211_VISA2_derive_keys
GP211_begin_R_MAC
GP211_calculate_3des_DAP
GP211_calculate_install_token
GP211_calculate_load_file_data_block_hash
GP211_calculate_load_token
GP211_calculate_rsa_DAP
GP211_delete_application
GP211_delete_key
GP211_end_R_MAC
GP211_get_data
GP211_get_data_iso7816_4
GP211_get_extradition_token_signature_data
GP211_get_install_token_signature_data
GP211_get_key_information_templates
GP211_get_load_token_signature_data
GP211_get_secure_channel_protocol_details
GP211_get_sequence_counter
GP211_get_status
GP211_init_implicit_secure_channel
GP211_install_for_extradition
GP211_install_for_install
GP211_install_for_install_and_make_selectable
GP211_install_for_load
GP211_install_for_make_selectable
GP211_install_for_personalization
GP211_load
GP211_load_from_buffer
GP211_mutual_authentication
GP211_pin_change
GP211_put_3des_key
GP211_put_data
GP211_put_delegated_management_keys
GP211_put_rsa_key
GP211_put_secure_channel_keys
GP211_send_APDU
GP211_set_status
GP211_store_data
GP211_validate_delete_receipt
GP211_validate_install_receipt
GP211_validate_load_receipt
OP201_EMV_CPS11_derive_keys
OP201_VISA1_derive_keys
OP201_VISA2_derive_keys
OP201_calculate_3des_DAP
OP201_calculate_install_token
OP201_calculate_load_file_DAP
OP201_calculate_load_token
OP201_calculate_rsa_DAP
OP201_delete_application
OP201_delete_key
OP201_get_data
OP201_get_install_token_signature_data
OP201_get_key_information_templates
OP201_get_load_token_signature_data
OP201_get_status
OP201_install_for_install
OP201_install_for_install_and_make_selectable
OP201_install_for_load
OP201_install_for_make_selectable
OP201_load
OP201_load_from_buffer
OP201_mutual_authentication
OP201_pin_change
OP201_put_3desKey
OP201_put_data
OP201_put_delegated_management_keys
OP201_put_rsa_key
OP201_put_secure_channel_keys
OP201_send_APDU
OP201_set_status
OP201_validate_delete_receipt
OP201_validate_install_receipt
OP201_validate_load_receipt
OPGP_cap_to_ijc
OPGP_card_connect
OPGP_card_disconnect
OPGP_enable_trace_mode
OPGP_establish_context
OPGP_extract_cap_file
OPGP_list_readers
OPGP_log_End
OPGP_log_Hex
OPGP_log_Msg
OPGP_log_Start
OPGP_manage_channel
OPGP_read_executable_load_file_parameters
OPGP_read_executable_load_file_parameters_from_buffer
OPGP_release_context
OPGP_select_application
OPGP_select_channel
OPGP_send_APDU
OPGP_stringify_error
VISA1_derive_keys
VISA2_derive_keys

Sections

.text
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
X2-ARQC - update/X2A.exe
.exe windows:5 windows x86 arch:x86

d2eee834a4a96b94f8295740ae76cc8a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\dev\_current\smart card reader\NoProtect_bk\Src\X1\Release\X1.pdb

Imports

sqlite3

sqlite3_finalize
sqlite3_column_double
sqlite3_column_int
sqlite3_column_text
sqlite3_column_type
sqlite3_column_count
sqlite3_step
sqlite3_exec
sqlite3_changes
sqlite3_prepare
sqlite3_close
sqlite3_open

globalplatform

OP201_get_status
GP211_put_delegated_management_keys
OP201_send_APDU
GP211_send_APDU
OPGP_enable_trace_mode
OP201_put_delegated_management_keys
GP211_put_secure_channel_keys
GP211_VISA1_derive_keys
GP211_VISA2_derive_keys
GP211_EMV_CPS11_derive_keys
OP201_put_secure_channel_keys
OP201_VISA1_derive_keys
OP201_VISA2_derive_keys
OP201_EMV_CPS11_derive_keys
OPGP_card_disconnect
GP211_install_for_install_and_make_selectable
OPGP_establish_context
OP201_install_for_install_and_make_selectable
GP211_install_for_load
OP201_install_for_load
OPGP_read_executable_load_file_parameters
GP211_delete_key
OP201_delete_key
GP211_delete_application
OP201_delete_application
GP211_load
OP201_load
GP211_get_data
OP201_get_data
OPGP_select_application
GP211_mutual_authentication
GP211_get_secure_channel_protocol_details
OP201_mutual_authentication
OPGP_card_connect
OPGP_list_readers
OPGP_release_context
GP211_get_status

mfc90

ord4434
ord9945
ord7746
ord12597
ord12145
ord13116
ord10284
ord10437
ord9952
ord13174
ord12384
ord1108
ord1137
ord6615
ord4431
ord2591
ord4113
ord6557
ord6787
ord5167
ord339
ord1145
ord2243
ord6584
ord3506
ord4029
ord4952
ord899
ord4477
ord5776
ord3141
ord5753
ord1555
ord6793
ord5520
ord663
ord6329
ord2590
ord1692
ord790
ord3654
ord3273
ord686
ord436
ord3579
ord5761
ord6802
ord2084
ord5852
ord6784
ord324
ord404
ord2458
ord2523
ord1568
ord6815
ord5528
ord780
ord579
ord3390
ord2209
ord664
ord405
ord305
ord3213
ord1611
ord5878
ord1607
ord1334
ord1321
ord1654
ord4502
ord6255
ord2904
ord6257
ord2899
ord2360
ord1938
ord615
ord3487
ord4640
ord1670
ord2277
ord4496
ord1604
ord2103
ord781
ord580
ord266
ord265
ord5615
ord4617
ord5152
ord5309
ord4993
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1496
ord4650
ord5636
ord4668
ord3987
ord639
ord374
ord3783
ord2082
ord4223
ord2481
ord4481
ord4506
ord4507
ord4392
ord6153
ord4409
ord6154
ord1603
ord945
ord310
ord1339
ord1358
ord6527
ord6079
ord6170
ord6166
ord744
ord524
ord2069
ord4030
ord3534
ord2106
ord1183
ord3528
ord777
ord595
ord4667
ord4895
ord4334
ord2886
ord4057
ord4067
ord4066
ord3277
ord2759
ord2888
ord2769
ord3135
ord2961
ord4714
ord3107
ord2978
ord2766
ord5633
ord1728
ord2047
ord1792
ord2139
ord5608
ord1446
ord2368
ord2375
ord2625
ord2607
ord2605
ord2623
ord2635
ord2612
ord2628
ord2633
ord2616
ord2618
ord2620
ord2614
ord2630
ord2610
ord969
ord965
ord967
ord963
ord958
ord5666
ord5668
ord6446
ord1729
ord4688
ord5139
ord3732
ord5647
ord4589
ord6780
ord5497
ord6783
ord4159
ord6781
ord4733
ord1276
ord2206
ord6018
ord4165
ord1046
ord5533
ord6721
ord1644
ord4199
ord2087
ord3209
ord5657
ord5659
ord8432
ord4333
ord4981
ord5663
ord5646
ord6001
ord3110
ord2074
ord5585
ord4646
ord1497
ord4331
ord1752
ord1755
ord6391
ord3346
ord1720
ord2283
ord3920
ord300
ord2539
ord311
ord307
ord6791
ord1280
ord1247
ord5750
ord1219
ord820
ord1069
ord3856
ord817
ord1254
ord1258
ord316
ord3621
ord554
ord1252
ord1039
ord5869
ord601
ord798
ord758
ord800
ord4890
ord9252
ord6462
ord1098
ord4197
ord7312
ord6494
ord3218
ord6356
ord5389
ord3671
ord6782
ord4160
ord7118
ord5813
ord2251

msvcr90

memmove_s
_setmode
_open
_close
_unlink
_write
_read
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
frexp
modf
strtok
vfprintf
isalpha
vsprintf
tmpnam
_lseek
abort
strrchr
isupper
tmpfile
strstr
perror
fgetc
isspace
_errno
_getcwd
strchr
putc
isdigit
_stricmp
_mktime64
_gmtime64
getenv
__iob_func
memcmp
atan2
fabs
sqrt
log
exp
bsearch
fprintf
pow
memmove
strcpy
strlen
isprint
_CIlog
ceil
rand
qsort
_CIexp
ldiv
_CIsin
_CIfmod
_CIcos
realloc
strncmp
longjmp
__CxxLongjmpUnwind
_setjmp3
_swab
_CxxThrowException
_CIpow
_strnicmp
calloc
strncpy
_CIsqrt
floor
fopen
__CxxFrameHandler3
fscanf
fgets
fputc
feof
fflush
ftell
fseek
fwrite
fread
fclose
_purecall
memcpy
memset
memcpy_s
_mbsncmp
exit
printf
_mbscmp
_snprintf
_mbstok
sscanf
_mbsnbcpy
_invalid_parameter_noinfo
atoi
sprintf
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_itoa
strtol
atof
malloc
free
_setmbcp

kernel32

SizeofResource
LoadResource
LockResource
GetCurrentDirectoryA
FindResourceA
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrlenA
ExitProcess
ResumeThread
WaitForSingleObject
CloseHandle
GlobalFree
GlobalAlloc

user32

GetClientRect
SendMessageA
LoadIconA
GetDlgItem
GetSysColor
GetDC
ReleaseDC
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
DrawIcon
GetSystemMetrics
IsIconic
AppendMenuA
GetSystemMenu
InvalidateRect
CopyRect
GetWindowPlacement
EnableWindow

gdi32

SelectObject
DeleteObject
DeleteDC
CreateDIBSection
ExtTextOutA
CreateCompatibleDC
GetDIBits
RealizePalette
RestoreDC
BitBlt
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SaveDC
SetBkColor
CreateCompatibleBitmap
SetWinMetaFileBits
GetDeviceCaps
DeleteEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
PlayEnhMetaFile
SelectPalette
CreatePalette
GetEnhMetaFilePaletteEntries
CreateFontA

comctl32

InitCommonControlsEx

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z

ws2_32

htonl
ntohl
ntohs
htons

Exports

Exports

png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_name
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.0MB - Virtual size: 12.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
X2-ARQC - update/X2A.exp
X2-ARQC - update/X2A.lib
X2-ARQC - update/X2A.pdb
X2-ARQC - update/bins.dll
.exe windows:5 windows x86 arch:x86

eff288c73326a0f72de0d33711dd5d7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\dev\_current\smart card reader\NoProtect_bk\Src\X1\Release\X1.pdb

Imports

sqlite3

sqlite3_finalize
sqlite3_column_double
sqlite3_column_int
sqlite3_column_text
sqlite3_column_type
sqlite3_column_count
sqlite3_step
sqlite3_exec
sqlite3_changes
sqlite3_prepare
sqlite3_close
sqlite3_open

globalplatform

OP201_get_status
GP211_put_delegated_management_keys
OP201_send_APDU
GP211_send_APDU
OPGP_enable_trace_mode
OP201_put_delegated_management_keys
GP211_put_secure_channel_keys
GP211_VISA1_derive_keys
GP211_VISA2_derive_keys
GP211_EMV_CPS11_derive_keys
OP201_put_secure_channel_keys
OP201_VISA1_derive_keys
OP201_VISA2_derive_keys
OP201_EMV_CPS11_derive_keys
OPGP_card_disconnect
GP211_install_for_install_and_make_selectable
OPGP_establish_context
OP201_install_for_install_and_make_selectable
GP211_install_for_load
OP201_install_for_load
OPGP_read_executable_load_file_parameters
GP211_delete_key
OP201_delete_key
GP211_delete_application
OP201_delete_application
GP211_load
OP201_load
GP211_get_data
OP201_get_data
OPGP_select_application
GP211_mutual_authentication
GP211_get_secure_channel_protocol_details
OP201_mutual_authentication
OPGP_card_connect
OPGP_list_readers
OPGP_release_context
GP211_get_status

mfc90

ord4434
ord9945
ord7746
ord12597
ord12145
ord13116
ord10284
ord10437
ord9952
ord13174
ord12384
ord1108
ord1137
ord6615
ord4431
ord2591
ord4113
ord6557
ord6787
ord5167
ord339
ord1145
ord2243
ord6584
ord3506
ord4029
ord4952
ord899
ord4477
ord5776
ord3141
ord5753
ord1555
ord6793
ord5520
ord663
ord6329
ord2590
ord1692
ord790
ord3654
ord3273
ord686
ord436
ord3579
ord5761
ord6802
ord2084
ord5852
ord6784
ord324
ord404
ord2458
ord2523
ord1568
ord6815
ord5528
ord780
ord579
ord3390
ord2209
ord664
ord405
ord305
ord3213
ord1611
ord5878
ord1607
ord1334
ord1321
ord1654
ord4502
ord6255
ord2904
ord6257
ord2899
ord2360
ord1938
ord615
ord3487
ord4640
ord1670
ord2277
ord4496
ord1604
ord2103
ord781
ord580
ord266
ord265
ord5615
ord4617
ord5152
ord5309
ord4993
ord2208
ord1810
ord1809
ord1678
ord3344
ord6388
ord1496
ord4650
ord5636
ord4668
ord3987
ord639
ord374
ord3783
ord2082
ord4223
ord2481
ord4481
ord4506
ord4507
ord4392
ord6153
ord4409
ord6154
ord1603
ord945
ord310
ord1339
ord1358
ord6527
ord6079
ord6170
ord6166
ord744
ord524
ord2069
ord4030
ord3534
ord2106
ord1183
ord3528
ord777
ord595
ord4667
ord4895
ord4334
ord2886
ord4057
ord4067
ord4066
ord3277
ord2759
ord2888
ord2769
ord3135
ord2961
ord4714
ord3107
ord2978
ord2766
ord5633
ord1728
ord1791
ord1792
ord2139
ord5608
ord1446
ord2368
ord2375
ord2625
ord2607
ord2605
ord2623
ord2635
ord2612
ord2628
ord2633
ord2616
ord2618
ord2620
ord2614
ord2630
ord2610
ord969
ord965
ord967
ord963
ord958
ord5666
ord5668
ord6446
ord1729
ord4688
ord5139
ord3732
ord5647
ord4589
ord6780
ord5497
ord6783
ord4159
ord6781
ord4733
ord1276
ord2206
ord6018
ord4165
ord1046
ord5533
ord6721
ord1644
ord4199
ord2087
ord3209
ord5657
ord5659
ord8432
ord4333
ord4981
ord5663
ord5646
ord6001
ord3110
ord2074
ord5585
ord4646
ord1497
ord4331
ord1752
ord1755
ord6391
ord3346
ord1720
ord2283
ord3920
ord300
ord2539
ord311
ord307
ord6791
ord1280
ord1247
ord5750
ord1219
ord820
ord1069
ord3856
ord817
ord1254
ord1258
ord316
ord3621
ord554
ord1252
ord1039
ord5869
ord601
ord798
ord758
ord800
ord4890
ord9252
ord6462
ord1098
ord4197
ord7312
ord6494
ord3218
ord6356
ord5389
ord3671
ord6782
ord4160
ord7118
ord5813
ord2251

msvcr90

memmove_s
_setmode
_open
_close
_unlink
_write
_read
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
frexp
modf
strtok
vfprintf
isalpha
vsprintf
tmpnam
_lseek
abort
strrchr
isupper
tmpfile
strstr
perror
fgetc
isspace
_errno
_getcwd
strchr
putc
isdigit
_stricmp
_mktime64
_gmtime64
getenv
__iob_func
memcmp
atan2
fabs
sqrt
log
exp
bsearch
fprintf
pow
memmove
strcpy
strlen
isprint
_CIlog
ceil
rand
qsort
_CIexp
ldiv
_CIsin
_CIfmod
_CIcos
realloc
strncmp
longjmp
__CxxLongjmpUnwind
_setjmp3
_swab
_CxxThrowException
_CIpow
_strnicmp
calloc
strncpy
_CIsqrt
floor
fopen
__CxxFrameHandler3
fscanf
fgets
fputc
feof
fflush
ftell
fseek
fwrite
fread
fclose
_purecall
memcpy
memset
memcpy_s
_mbsncmp
exit
printf
_mbscmp
_snprintf
_mbstok
sscanf
_mbsnbcpy
_invalid_parameter_noinfo
atoi
sprintf
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
_itoa
strtol
atof
malloc
free
_setmbcp

kernel32

SizeofResource
LoadResource
LockResource
GetCurrentDirectoryA
FindResourceA
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
lstrlenA
ExitProcess
ResumeThread
WaitForSingleObject
CloseHandle
GlobalFree
GlobalAlloc

user32

GetClientRect
SendMessageA
LoadIconA
GetDlgItem
GetSysColor
GetDC
ReleaseDC
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
DrawIcon
GetSystemMetrics
IsIconic
AppendMenuA
GetSystemMenu
InvalidateRect
CopyRect
GetWindowPlacement
EnableWindow

gdi32

SelectObject
DeleteObject
DeleteDC
CreateDIBSection
ExtTextOutA
CreateCompatibleDC
GetDIBits
RealizePalette
RestoreDC
BitBlt
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SaveDC
SetBkColor
CreateCompatibleBitmap
SetWinMetaFileBits
GetDeviceCaps
DeleteEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
PlayEnhMetaFile
SelectPalette
CreatePalette
GetEnhMetaFilePaletteEntries
CreateFontA

comctl32

InitCommonControlsEx

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z

ws2_32

htonl
ntohl
ntohs
htons

Exports

Exports

png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_name
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_fixed
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_error_fn
png_set_expand
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 776KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
X2-ARQC - update/cardtemp.dat
X2-ARQC - update/mac.dat
.zip
src/MacGyver/javacard/Applet.cap
src/MacGyver/javacard/Class.cap
src/MacGyver/javacard/ConstantPool.cap
src/MacGyver/javacard/Descriptor.cap
src/MacGyver/javacard/Directory.cap
src/MacGyver/javacard/Header.cap
src/MacGyver/javacard/Import.cap
src/MacGyver/javacard/Method.cap
src/MacGyver/javacard/RefLocation.cap
src/MacGyver/javacard/StaticField.cap
X2-ARQC - update/mac2.dat
.zip
main/javacard/Applet.cap
main/javacard/Class.cap
main/javacard/ConstantPool.cap
main/javacard/Debug.cap
main/javacard/Descriptor.cap
main/javacard/Directory.cap
main/javacard/Header.cap
main/javacard/Import.cap
main/javacard/Method.cap
main/javacard/RefLocation.cap
main/javacard/StaticField.cap
X2-ARQC - update/sqlite3.dll
.dll windows:4 windows x86 arch:x86

12baaaec299bc9ff52d20c16e4d0e96a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcessId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
GetVersionExW
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InterlockedCompareExchange
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
Sleep
SystemTimeToFileTime
TlsGetValue
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
_errno
_iob
_winmajor
abort
calloc
fflush
free
fwrite
localtime
malloc
memcmp
memmove
memset
qsort
realloc
strcmp
strncmp
vfprintf

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_data_count
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_errstr
sqlite3_exec
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_initialize
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_rollback_hook
sqlite3_rtree_geometry_callback
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_strglob
sqlite3_stricmp
sqlite3_strnicmp
sqlite3_table_column_metadata
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_config
sqlite3_vtab_on_conflict
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_set_directory
sqlite3_win32_sleep
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_write_debug

Sections

.text
Size: 434KB - Virtual size: 434KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/51
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/77
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
X2-ARQC - update/zlib1.dll
.dll windows:4 windows x86 arch:x86

fd348b107c9a12537c4d666dc366ec5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_open
_read
_write
__dllonexit
__mb_cur_max
_amsg_exit
_errno
_initterm
_iob
_lock
_lseeki64
_onexit
_unlock
_vsnprintf
_wopen
abort
atoi
calloc
fputc
free
getenv
localeconv
malloc
memchr
memcpy
memset
setlocale
strchr
strerror
strlen
strncmp
wcslen
wcstombs

Exports

Exports

adler32
adler32_combine
adler32_combine64
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arqc_gen.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\dev\arqc_gen\arqc_gen\arqc_gen\obj\Debug\arqc_gen.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cardpeek-0.8.4-win32-setup.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
jcopenglish.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 544KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 746B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 234B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 182KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.transla
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jcopmgr.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 784KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 392KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 909KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

51f482122a4539ad8067c7a3a24dcede

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

globalplatform

winscard

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 868B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 1024B - Virtual size: 538B

ceff59b9ba519e82e18f92798bbffd55

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

zlib1

kernel32

user32

advapi32

msvcr90

Exports

Exports

Sections

.text Size: 527KB - Virtual size: 526KB

.rdata Size: 185KB - Virtual size: 185KB

.data Size: 19KB - Virtual size: 27KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 33KB - Virtual size: 32KB

d2eee834a4a96b94f8295740ae76cc8a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sqlite3

globalplatform

mfc90

msvcr90

kernel32

user32

gdi32

comctl32

msvcp90

ws2_32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 266KB - Virtual size: 266KB

.data Size: 15KB - Virtual size: 65KB

.rsrc Size: 12.0MB - Virtual size: 12.0MB

.reloc Size: 43KB - Virtual size: 43KB

eff288c73326a0f72de0d33711dd5d7d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sqlite3

globalplatform

mfc90

msvcr90

kernel32

user32

gdi32

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 868B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 1024B - Virtual size: 538B

.text
Size: 527KB - Virtual size: 526KB

.rdata
Size: 185KB - Virtual size: 185KB

.data
Size: 19KB - Virtual size: 27KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 33KB - Virtual size: 32KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 266KB - Virtual size: 266KB

.data
Size: 15KB - Virtual size: 65KB

.rsrc
Size: 12.0MB - Virtual size: 12.0MB

.reloc
Size: 43KB - Virtual size: 43KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 266KB - Virtual size: 266KB

.data
Size: 15KB - Virtual size: 65KB

.rsrc
Size: 776KB - Virtual size: 776KB

.reloc
Size: 43KB - Virtual size: 43KB

.text
Size: 434KB - Virtual size: 434KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 43KB - Virtual size: 43KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 6KB - Virtual size: 6KB

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 10KB - Virtual size: 9KB

/4
Size: 512B - Virtual size: 352B

/19
Size: 1024B - Virtual size: 968B

/35
Size: 2KB - Virtual size: 1KB

/51
Size: 17KB - Virtual size: 16KB

/63
Size: 3KB - Virtual size: 3KB

/77
Size: 3KB - Virtual size: 2KB

/89
Size: 1KB - Virtual size: 1KB

/102
Size: 512B - Virtual size: 269B

/113
Size: 6KB - Virtual size: 6KB

/124
Size: 512B - Virtual size: 432B

.text
Size: 76KB - Virtual size: 76KB

.data
Size: 512B - Virtual size: 128B

.rdata
Size: 19KB - Virtual size: 18KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 900B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 65KB - Virtual size: 64KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 512B - Virtual size: 12B