c6850926b9aef850a2d99e0fc60ce382

Sharing

Copy URL Twitter E-mail

General

Target

c6850926b9aef850a2d99e0fc60ce382
Size

2.1MB
MD5

c6850926b9aef850a2d99e0fc60ce382
SHA1

a12ccfc32c8427378b0702438f1f94725e193b48
SHA256

c6416caa1afa803660fee2b675a9bfbed6f6132b0803e2558bf1cf8a9e3de607
SHA512

fca73baf199016d087a1a8505f50c06990d26f7df6f3fc57d503478e9142e0aa14a8f48afa492dbe5da32dd81e4a10021d7b17b47a95acd4bf9e6cdd6c9b4891
SSDEEP

49152:RWejX1lvW9ps1Bgh5rkCp9gYyY5TQSqn1Bzay2ZaRp8:Ee7LvW9uf+5rVp9g6ezaDy8

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/warez.exe	aspack_v212_v242

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
c6850926b9aef850a2d99e0fc60ce382
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/NNWARZ3_88.exe
unpack001/SP2ConnPatcher.exe
unpack001/Uninstall.exe
unpack001/plug-ins/warezrip/WarezRip.dll
unpack001/plug-ins/warezrip/akrip32.dll
unpack001/plug-ins/warezrip/cdcache.dll
unpack001/plug-ins/warezrip/lame_enc.dll
unpack001/plug-ins/warezrip/vorb_enc.dll
unpack001/plug-ins/warezrip/xtenc.dll
unpack001/warez.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
static1/unpack001/Uninstall.exe	nsis_installer_1

Files

c6850926b9aef850a2d99e0fc60ce382
.exe windows:4 windows x86 arch:x86

1cf4252ebbb4f173d97a6ef4f79a60b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
WaitForSingleObject
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
GlobalFree
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
SetFilePointer
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
lstrcpynA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/100x40.bmp
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

922b855d216a21490e4bcbf6c29b7f7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetModuleHandleA
GetPrivateProfileIntA
GlobalAlloc
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
lstrcmpiA

user32

GetDlgCtrlID
GetClientRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
MapWindowPoints
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
PtInRect
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
CreateWindowExA

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
ShellExecuteA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 930B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Newnet.ini
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
Data/filter.txt
File Complete.wav
NNWARZ3_88.exe
.exe windows:4 windows x86 arch:x86

5b897241f1cd6d2f5472e3d5684a54fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
_lclose
_lwrite
GetModuleFileNameA
FreeLibrary
GetLastError
GetTempPathA
SizeofResource
LockResource
LoadResource
FindResourceA
DeleteFileA
_lcreat
GetTempFileNameA
GetACP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
lstrlenA
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapAlloc
VirtualAlloc
HeapReAlloc

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SP2ConnPatcher.exe
.exe windows:4 windows x86 arch:x86

268e9dde4280eba158162ec3379de380

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\workdir\connectionpatcher\src\sp2connectionpatcher\install\Release\install.pdb

Imports

kernel32

lstrcatW
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
WritePrivateProfileStringW
GlobalAddAtomW
GlobalFlags
GetModuleHandleA
GetVersionExA
LoadLibraryA
GlobalFindAtomW
RtlUnwind
ExitProcess
GetStartupInfoW
HeapAlloc
HeapReAlloc
TerminateProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetModuleFileNameA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
SetStdHandle
CreateFileA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThread
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
GetProcAddress
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SetLastError
GlobalFree
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrcpynW
LocalFree
MultiByteToWideChar
WideCharToMultiByte
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetCommandLineW
GetProcessHeap
HeapFree
ReleaseMutex
OpenMutexW
CreateMutexW
CreateProcessW
WaitForSingleObject
GetModuleFileNameW
GetTickCount
Sleep
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
LockResource
RemoveDirectoryW
CopyFileW
DeleteFileW
CreateDirectoryW
OpenFile
CloseHandle
GetVersionExW
lstrlenW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetLastError
GetEnvironmentVariableW
GetSystemTimeAsFileTime
SetConsoleTitleW

user32

GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
SetWindowLongW
WinHelpW
GetDlgItem
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
GetWindow
GetWindowRect
PtInRect
SetWindowTextW
GetClassNameW
SetMenuItemBitmaps
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
RegisterWindowMessageW
GetWindowTextW
SendMessageW
DestroyMenu
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassW
PostQuitMessage
CharUpperW
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MessageBoxW
EnumWindows
GetWindowThreadProcessId
PostMessageW
wsprintfW
FindWindowW
ShowWindow
GetDlgCtrlID

gdi32

DeleteDC
GetStockObject
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
Escape

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFolderPathW
CommandLineToArgvW
SHFileOperationW

comctl32

ord17

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW

imagehlp

MapFileAndCheckSumW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantInit
VariantChangeType
VariantClear

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

1cf4252ebbb4f173d97a6ef4f79a60b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
WaitForSingleObject
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
GlobalFree
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
SetFilePointer
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
lstrcpynA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
lang/catalan.txt
lang/danish.txt
.vbs
lang/dutch.txt
lang/french.txt
lang/german.txt
lang/italian.txt
lang/japanese.txt
lang/polish.txt
lang/portugues.txt
lang/spanish.txt
lang/swedish.txt
lang/turkish.txt
plug-ins/warezrip/WarezRip.dll
.dll windows:4 windows x86 arch:x86

efe40b2b30b1b9f0b383e1df72c5190f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringW
CompareStringA
RtlUnwind
ReadFile
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetFileType
GetStdHandle
SetHandleCount
RaiseException
SetFilePointer
GetCurrentProcess
TerminateProcess
ExitProcess
FlushFileBuffers
WriteFile
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetModuleHandleA
GetVersion
GetCommandLineA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentDirectoryA
CreateDirectoryA
MulDiv
GlobalMemoryStatus
GetTickCount
EnterCriticalSection
LeaveCriticalSection
ResetEvent
WaitForMultipleObjects
WaitForSingleObject
TerminateThread
CloseHandle
SetEvent
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
SetThreadPriority
lstrcpynA
lstrcmpiA
lstrcatA
HeapFree
HeapAlloc
GetLastError
lstrcmpA
lstrlenA
lstrcpyA
GlobalFree
GlobalAlloc
CreateThread
OutputDebugStringA
GetStartupInfoA
SetEnvironmentVariableA

user32

CheckMenuItem
LoadStringA
GetMenu
EnableMenuItem
MoveWindow
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
MapWindowPoints
DestroyWindow
CallWindowProcA
ScreenToClient
LoadMenuA
GetSubMenu
TrackPopupMenu
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
SetWindowLongA
SendMessageA
GetWindowLongA
DialogBoxParamA
EndDialog
wsprintfA
GetDlgItem
PostMessageA
MessageBoxA
EnableWindow
SetWindowPos
GetParent
GetWindowRect
RegisterClassExA
LoadCursorA
ReleaseDC
GetClientRect
GetDC
UpdateWindow
InvalidateRect
DefWindowProcA
EndPaint
InflateRect
FillRect
BeginPaint
IsDlgButtonChecked
LoadBitmapA
SetCapture
ReleaseCapture
SetFocus
GetWindowDC
CreateWindowExA
DrawTextA
DrawTextExA
DestroyMenu
GetScrollInfo
SetScrollInfo

gdi32

CreatePen
CreateBrushIndirect
SelectObject
GetDeviceCaps
GetPixel
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
DeleteObject
BitBlt
ExtTextOutA
GetTextExtentPoint32A
SetTextColor
SetBkColor
MoveToEx
CreateSolidBrush
Polyline
SetBkMode
GetStockObject
LineTo
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegFlushKey
RegCreateKeyExA

comctl32

ord6
InitCommonControlsEx
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

akrip32

CDDBSetOption
CloseCDHandle
GetCDHandle
ReadTOC
ModifyCDParms
ReadCDAudioLBAEx
GetCDList
CDDBGetDiskInfo
CDDBQuery
ReadCDAudioLBA
GetAspiLibAspiError

cdcache

cddbGetNumTracks
cddbGetEntryVersion
cddbGetTrackTitle
cddbFreeEntry
cddbGetTitle
cddbGetArtist
cddbSetOption
cddbNewEntry
cddbParseEntry

xtenc

xtGetExtension
xtGetOutputFileName
xtOpenOutputFile
xtCheckOutputFileExists
xtSetIntOption
xtGetEncoder
xtClose
xtFlush
xtEncode
xtInit
xtEncoderAvail
xtSetAsciiOption

Exports

Exports

_GetAlbumTitle@0
_GetArtistName@0
_GetCurrentState@0
_GetEncoder@0
_GetFilesListString@0
_GetMP3BitRate@0
_GetMP3EnabledVBR@0
_GetMP3Mode@0
_GetMP3NiceThreads@0
_GetMP3OutputDir@0
_GetMP3Quality@0
_GetMP3VBRQuality@0
_GetMP3WriteVBRHeader@0
_GetMiscMangleScript@0
_GetNormalize@0
_GetNormalizePercent@0
_GetNormalizeScanPercent@0
_GetProxyPass@0
_GetProxyPort@0
_GetProxyServer@0
_GetProxyUser@0
_GetUseProxy@0
_GetVorbBitrate@0
_GetVorbCopyright@0
_GetVorbDate@0
_GetVorbDescription@0
_GetVorbGenre@0
_GetVorbLocation@0
_GetVorbOrganization@0
_GetVorbVersion@0
_GetWriteMP3CRC@0
_GetWriteMP3Copyright@0
_GetWriteMP3ID3@0
_GetWriteMP3Original@0
_GetWriteMP3Private@0
_RefreshXtractor@0
_ResetFilesList@0
_RipXtraxtor@0
_SetAlbumTitle@4
_SetArtistName@4
_SetAskForOverwriting@4
_SetAutoMode@4
_SetEncoder@4
_SetMP3Bitrate@4
_SetMP3EnabledVBR@4
_SetMP3Mode@4
_SetMP3NiceThreads@4
_SetMP3OutputDir@4
_SetMP3Quality@4
_SetMP3VBRQuality@4
_SetMP3WriteVBRHeader@4
_SetMiscMangleScript@4
_SetNormalize@4
_SetNormalizePercent@4
_SetNormalizeScanPercent@4
_SetProxyPass@4
_SetProxyPort@4
_SetProxyServer@4
_SetProxyUser@4
_SetUseProxy@4
_SetVorbBitrate@4
_SetVorbCopyright@4
_SetVorbDate@4
_SetVorbDescription@4
_SetVorbGenre@4
_SetVorbLocation@4
_SetVorbOrganization@4
_SetVorbVersion@4
_SetWiriteMP3Orignal@4
_SetWriteMP3CRC@4
_SetWriteMP3Copyright@4
_SetWriteMP3FilesList@4
_SetWriteMP3ID3@4
_SetWriteMP3Private@4
_ShowXtractor@0
_StartXtraxtor@0
_StopXtractor@0

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plug-ins/warezrip/akrip32.dll
.dll windows:4 windows x86 arch:x86

c3ab99c52b7f666988e8d7122b0a45d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseMutex
UnmapViewOfFile
MapViewOfFile
GetLastError
CreateFileMappingA
InitializeCriticalSection
CloseHandle
WaitForSingleObject
CreateMutexA
DeleteCriticalSection
GetProcAddress
LoadLibraryA
FreeLibrary
ResetEvent
CreateEventA
GlobalFree
lstrcatA
GlobalAlloc
lstrlenA
lstrcpyA
lstrcpynA
lstrcmpA
lstrcmpiA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetDriveTypeA
CreateFileA
GetVersionExA
DeviceIoControl
FlushFileBuffers
SetStdHandle
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
LCMapStringA
LCMapStringW
RtlUnwind
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc

user32

wsprintfA

wsock32

gethostbyname
htons
connect
socket
recv
closesocket
WSACleanup
WSAStartup
send

Exports

Exports

CDDBGetDiskInfo
CDDBGetOptionInt
CDDBGetOptionText
CDDBGetServerList
CDDBQuery
CDDBSetOption
CDDBSubmit
CloseCDHandle
GetAKRipDllVersion
GetAspiLibAspiError
GetAspiLibError
GetCDDBDiskID
GetCDHandle
GetCDId
GetCDList
GetDriveInfo
GetNumAdapters
ModifyCDParms
QueryCDParms
ReadCDAudioLBA
ReadCDAudioLBAEx
ReadTOC
SetAPI

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plug-ins/warezrip/cdcache.dll
.dll windows:4 windows x86 arch:x86

dadc3540e9a930960df02cd37468876a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
lstrlenA
lstrcpynA
DisableThreadLibraryCalls

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
strstr
strncmp
__CxxFrameHandler
sscanf
atoi
free
_initterm
malloc
_adjust_fdiv
strncpy

Exports

Exports

cddbFreeEntry
cddbGetArtist
cddbGetDGenre
cddbGetDYear
cddbGetEntryVersion
cddbGetNumTracks
cddbGetTitle
cddbGetTrackTitle
cddbNewEntry
cddbParseEntry
cddbSetEntry
cddbSetOption

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 330B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plug-ins/warezrip/lame_enc.dll
.dll windows:4 windows x86 arch:x86

fd7ad50522bef1faab86ba56f56f9720

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetPrivateProfileIntA
OutputDebugStringA

msvcrt

_assert
_iob
_vsnprintf
abort
atan
atoi
calloc
exp
fclose
feof
fflush
floor
fopen
fputs
fread
free
fscanf
fseek
ftell
fwrite
log
log10
malloc
memcpy
memmove
memset
pow
sprintf
strcmp
strcpy
strlen
strncmp
strncpy
strtol
tolower
vfprintf

user32

MessageBoxA

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beEncodeChunkFloatS16NI
beFlushNoGap
beInitStream
beVersion
beWriteInfoTag
beWriteVBRHeader
lame_close
lame_encode_buffer_interleaved
lame_encode_flush
lame_get_in_samplerate
lame_get_num_channels
lame_get_num_samples
lame_get_out_samplerate
lame_get_scale
lame_get_scale_left
lame_get_scale_right
lame_init
lame_init_params
lame_mp3_tags_fid
lame_set_in_samplerate
lame_set_num_channels
lame_set_num_samples
lame_set_out_samplerate
lame_set_scale
lame_set_scale_left
lame_set_scale_right

Sections

.text
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 202KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
plug-ins/warezrip/vorb_enc.dll
.dll windows:4 windows x86 arch:x86

a5613682c186bcd143f18960d2d9f496

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
OutputDebugStringA
lstrlenA
MultiByteToWideChar
LCMapStringA
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
GetLastError
CloseHandle
InitializeCriticalSection
SetStdHandle
GetFileType
WriteFile
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RaiseException
GlobalAlloc
WideCharToMultiByte
GetCPInfo
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetFilePointer
ReadFile
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
CreateFileA
GetStringTypeW
RtlUnwind
GetStringTypeA
CompareStringW
SetEnvironmentVariableA
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
CompareStringA

user32

wsprintfA

Exports

Exports

beCloseStream
beDeinitStream
beEncodeChunk
beInitStream
beVersion

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 868KB - Virtual size: 885KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plug-ins/warezrip/xtenc.dll
.dll windows:4 windows x86 arch:x86

b83c58994615c5ea11eea6e7c13404fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
lstrcpyA
FreeLibrary
GetProcAddress
lstrlenA
OutputDebugStringA
CreateDirectoryA
lstrcatA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetLastError
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
CloseHandle
InitializeCriticalSection
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WriteFile
GetModuleHandleA
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
SetFilePointer
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
CreateFileA
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

wsprintfA

Exports

Exports

xtCheckOutputFileExists
xtClose
xtEncode
xtEncoderAvail
xtFlush
xtFormatAvail
xtGetEncoder
xtGetExtension
xtGetFilename
xtGetOutputFileName
xtInit
xtOpenOutputFile
xtSetAsciiOption
xtSetIntOption

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
w16x16.ico
w32x32.ico
warez.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.3MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1cf4252ebbb4f173d97a6ef4f79a60b5

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 108KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 29KB - Virtual size: 32KB

922b855d216a21490e4bcbf6c29b7f7d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 930B

5b897241f1cd6d2f5472e3d5684a54fb

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 168KB - Virtual size: 164KB

268e9dde4280eba158162ec3379de380

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

imagehlp

version

ole32

oleaut32

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 224KB - Virtual size: 222KB

1cf4252ebbb4f173d97a6ef4f79a60b5

Headers

File Characteristics

Imports

comctl32

kernel32

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 108KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 29KB - Virtual size: 32KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 930B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 168KB - Virtual size: 164KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 224KB - Virtual size: 222KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 108KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 29KB - Virtual size: 32KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 160KB - Virtual size: 156KB

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 1008B

.reloc
Size: 8KB - Virtual size: 5KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 974B

.data
Size: 4KB - Virtual size: 196B

.reloc
Size: 4KB - Virtual size: 330B