XV2INS[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

XV2INS.rar
Size

33.9MB
MD5

8389a9c854139475d3e31d134ea11854
SHA1

7285c3bfeb6aa0de40643a96d1a438f7beb99a7c
SHA256

79fcfa31aacc45ec2b9d166ef56c82b4945ddecff2b1031f0070f150a8388de7
SHA512

3ccaba416851549df3953ec287ba9727901f8b64ce66ca2504970b1f0fbbed052e454afc6a7ce93db04454a0c798dff7e8fb4a80e97cd4114462523fed460819
SSDEEP

786432:ibY4xZx2VqMz6TNsLnmqDBynATzAM5ggD523e3wbDRL9JTfN:ibT5hhamq2ATzAM5gIWeyDRhJh

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xv2characreat.exe
unpack001/xv2costcreat.exe
unpack001/xv2ins.exe
unpack001/xv2questcreat.exe
unpack001/xv2skilcreat.exe
unpack001/xv2stacreat.exe

Files

XV2INS.rar
.rar
Internal/CharaSele/CHARASELE_fla/MainTimeline.as
Internal/CharaSele/CHARASELE_fla/_CMN_M_frame_70.as
Internal/CharaSele/CHARASELE_fla/mc_arw_l_65.as
Internal/CharaSele/CHARASELE_fla/mc_arw_r_68.as
Internal/CharaSele/CHARASELE_fla/mc_btnact_chamyset_22.as
Internal/CharaSele/CHARASELE_fla/mc_cha_arrow_63.as
Internal/CharaSele/CHARASELE_fla/mc_cha_cursol_50.as
Internal/CharaSele/CHARASELE_fla/mc_cha_new_55.as
Internal/CharaSele/CHARASELE_fla/mc_cha_parameter_1.as
Internal/CharaSele/CHARASELE_fla/mc_cha_select_43.as
Internal/CharaSele/CHARASELE_fla/mc_cha_skill_58.as
Internal/CharaSele/CHARASELE_fla/mc_chara_btnact_45.as
Internal/CharaSele/CHARASELE_fla/mc_chara_new_56.as
Internal/CharaSele/CHARASELE_fla/mc_chara_set_44.as
Internal/CharaSele/CHARASELE_fla/mc_ready_btnact_enm_12.as
Internal/CharaSele/CHARASELE_fla/mc_ready_btnact_fri_17.as
Internal/CharaSele/CHARASELE_fla/mc_ready_nest_enm_9.as
Internal/CharaSele/CHARASELE_fla/mc_ready_nest_fri_16.as
Internal/CharaSele/CHARASELE_fla/mc_timer_74.as
Internal/CharaSele/CHARASELE_fla/sys_2Ppress_71.as
Internal/CharaSele/IggyFunctions.as
Internal/CharaSele/action_script/Callback.as
.js
Internal/CharaSele/action_script/CharaSele.as
.js
Internal/CharaSele/action_script/CountDownTimer.as
Internal/CharaSele/action_script/Utility.as
Internal/CharaSele/action_script/XV2Patcher.as
.js
Internal/README.txt
changelog.txt
xv2characreat.exe
.exe windows:6 windows x64 arch:x64

9bc27ec450840ce8a84dc39c24dd3646

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

mf

MFGetService

mfplat

MFCreateMediaType
MFFrameRateToAverageTimePerFrame

d3d9

Direct3DCreate9Ex

dxva2

DXVA2CreateDirect3DDeviceManager9

evr

MFCreateVideoSampleFromSurface

ole32

CoCreateGuid
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleSetClipboard
CreateBindCtx
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoGetMalloc
CoInitialize
CoUninitialize
OleFlushClipboard
OleGetClipboard
OleIsCurrentClipboard
PropVariantClear
ReleaseStgMedium
StringFromGUID2
DoDragDrop

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmGetVirtualKey
ImmSetCompositionWindow

winmm

timeBeginPeriod
timeEndPeriod
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutOpen
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
mixerGetLineInfoW
mixerGetID
mixerGetLineControlsW
mixerGetControlDetailsW
mixerSetControlDetails
waveOutSetVolume
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutPause
waveOutRestart
waveOutReset
PlaySoundW

oleaut32

VariantInit
SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
VariantClear

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
CommandLineToArgvW

gdi32

GetDIBits
CreateBitmap
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetTextFaceW
GetObjectW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
CreateFontIndirectW
EnumFontFamiliesExW
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectClipRgn
CreatePen
CreateSolidBrush
DeleteObject
Rectangle
SelectObject
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteDC
GetRegionData

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

ws2_32

ntohl
inet_addr
getsockopt
htonl
gethostbyaddr
gethostbyname
WSAGetLastError
__WSAFDIsSet
bind
closesocket
getpeername
getsockname
htons
listen
select
setsockopt
WSAAccept
WSAConnect
WSAHtonl
WSAIoctl
WSANtohl
WSANtohs
WSARecv
WSARecvFrom
WSASend
WSASendTo
WSASocketW
shutdown
gethostname
WSAStartup
WSACleanup
WSAAsyncSelect
send
recv
WSASetLastError

advapi32

FreeSid
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
CopySid
OpenProcessToken
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegFlushKey
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
RegSetValueExW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
RegQueryInfoKeyW
RegDeleteKeyW

user32

IsZoomed
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
InvalidateRect
GetUpdateRect
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetCursorPos
IsIconic
IsWindowVisible
SetWindowPlacement
GetKeyState
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSysColor
GetSystemMetrics
EnableMenuItem
GetSystemMenu
ReleaseDC
GetDC
GetShellWindow
MsgWaitForMultipleObjects
PostThreadMessageW
PeekMessageW
EndPaint
BeginPaint
GetUserObjectSecurity
MessageBoxA
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
GetProcessWindowStation
GetUserObjectInformationW
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetMenuItemInfoW
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
RegisterClassW
GetWindowPlacement
NotifyWinEvent
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
EnumWindows
GetWindowTextW
RealGetWindowClassW
DrawIconEx
MessageBoxW
SetFocus
SetWindowTextW

crypt32

CertCreateCertificateContext
CertFreeCertificateContext
CertGetCertificateChain
CertFreeCertificateChain
CertCloseStore
CertOpenStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty

kernel32

GetUserGeoID
GetGeoInfoW
GetConsoleCP
ReadConsoleW
CreateMutexW
VirtualAlloc
VirtualFree
EncodePointer
GetTimeZoneInformation
GetStringTypeW
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
AreFileApisANSI
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
ExitThread
LoadLibraryExW
SetStdHandle
FindFirstChangeNotificationW
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindCloseChangeNotification
GetModuleFileNameW
DecodePointer
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetStdHandle
SetConsoleCtrlHandler
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
SetEnvironmentVariableA
SetFileAttributesW
GetConsoleMode
WriteConsoleW
GlobalMemoryStatus
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
LCMapStringW
GetSystemDirectoryW
GetLocalTime
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
DuplicateHandle
OutputDebugStringW
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObjectEx
GetCommandLineW
GetUserDefaultLCID
CompareStringW
SystemTimeToFileTime
GetSystemTime
SetLastError
SetHandleInformation
LoadLibraryW
DeviceIoControl
DeleteCriticalSection
SetConsoleMode
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalUnlock
GlobalLock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
GetUserDefaultLangID
CreateProcessW
ExpandEnvironmentStringsW
IsValidLocale
IsValidLanguageGroup
GetModuleHandleW
GetCurrentThreadId
Sleep
GetProcessHeap
HeapFree
HeapAlloc
lstrcmpW
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
MulDiv
GetExitCodeThread
FileTimeToSystemTime
lstrlenW
FormatMessageW
WaitForMultipleObjects
LocalFree
LocalAlloc
ResetEvent
GetTickCount
WriteFile
SetFilePointerEx
ReadFile
GetFileType
GetFileTime
GetFileSizeEx
MoveFileExW
DeleteFileW
CreateFileW
MultiByteToWideChar
GetLogicalProcessorInformation
ResumeThread
CreateThread
CreateEventW
CreateMutexA
ReleaseMutex
SetEvent
FlushConsoleInputBuffer
ReadConsoleInputA
GetStartupInfoW
FindClose
FindFirstFileExA
FindNextFileA
CloseHandle
GetLastError
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetProcAddress

Sections

.text
Size: 10.9MB - Virtual size: 10.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 427KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 606KB - Virtual size: 606KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xv2costcreat.exe
.exe windows:6 windows x64 arch:x64

a779930e0f3284ddf0e7fa84836d3f51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

gdi32

RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
CombineRgn
CreateBitmap
GetDIBits
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW

ole32

CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoTaskMemAlloc
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
StringFromGUID2
CoCreateInstance
CoUninitialize

user32

GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
GetWindowTextW
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetWindowLongW
ScreenToClient
GetSysColor
SystemParametersInfoW
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
EnumWindows
RealGetWindowClassW
GetUserObjectSecurity
MessageBoxA
ChangeClipboardChain
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey

winmm

PlaySoundW

oleaut32

VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
SysStringLen

shell32

SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW

kernel32

GetCommandLineA
GetSystemTimeAsFileTime
AreFileApisANSI
IsProcessorFeaturePresent
HeapAlloc
HeapFree
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
GetStringTypeW
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
CreateMutexW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetProcessHeap
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
GetModuleFileNameW
HeapReAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
DeviceIoControl
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
Sleep
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
LCMapStringW
GetLocalTime
GetSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
LoadLibraryExW
ExitThread
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStartupInfoW
WaitForSingleObjectEx
OutputDebugStringW
GetCommandLineW
GetUserDefaultLCID
CompareStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
GetUserGeoID
SetEnvironmentVariableA
WriteConsoleW
CreateEventW
CloseHandle
GetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateThread
ResumeThread
FindClose
FindFirstFileExA
FindNextFileA
GetProcAddress
MultiByteToWideChar
CreateFileW
DeleteFileW
MoveFileExW
GetFileSizeEx
GetFileTime
GetFileType
ReadFile
SetFilePointerEx
WriteFile
GetTickCount
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId

ws2_32

WSAAsyncSelect

Sections

.text
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 487KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xv2ins.exe
.exe windows:6 windows x64 arch:x64

e0580823236b597981c82b245cd51418

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
CombineRgn
CreateBitmap
GetDIBits
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW

ole32

CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoCreateInstance
OleIsCurrentClipboard
CoTaskMemAlloc
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
StringFromGUID2
OleFlushClipboard
CoUninitialize

user32

GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
GetWindowTextW
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
SystemParametersInfoW
MessageBoxA
GetUserObjectSecurity
GetDC
DefWindowProcW
GetWindowRect
SetWindowTextW
ReleaseDC
GetSystemMenu
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
PostThreadMessageW
CharNextExA
EnumWindows
RealGetWindowClassW
GetSysColor
GetSystemMetrics
EnumDisplayMonitors
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
EnableMenuItem

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey

winmm

PlaySoundW

oleaut32

VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
SysStringLen

shell32

SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHFileOperationA
SHGetSpecialFolderPathW

advapi32

CopySid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegOpenKeyExA
OpenProcessToken
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW

kernel32

HeapAlloc
AreFileApisANSI
HeapFree
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
CreateMutexW
GetConsoleMode
ReadConsoleW
GetConsoleCP
HeapSize
SetLastError
GetProcessHeap
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetUserGeoID
GetGeoInfoW
GetTimeZoneInformation
WriteFileEx
SleepEx
GetACP
PeekNamedPipe
ReadFileEx
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
GetModuleFileNameW
IsProcessorFeaturePresent
GetProcessId
TerminateProcess
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEndOfFile
FlushFileBuffers
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
DeviceIoControl
SetErrorMode
GetTempPathW
RemoveDirectoryW
GetLogicalDrives
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
SwitchToThread
GetCurrentProcess
Sleep
DuplicateHandle
GetSystemTimeAsFileTime
GetFullPathNameA
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
LoadLibraryExW
ExitThread
SetFileAttributesW
GetStartupInfoW
SetStdHandle
LoadLibraryW
GetSystemDirectoryW
LCMapStringW
GetLocalTime
GetSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
GetCommandLineW
GetUserDefaultLCID
CompareStringW
WaitForSingleObjectEx
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
GetModuleFileNameA
SetEnvironmentVariableA
CancelIo
WriteConsoleW
EnumSystemLocalesW
GetStringTypeW
GetProcAddress
CloseHandle
GetLastError
CreateMutexA
FindClose
FindFirstFileExA
FindNextFileA
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetModuleHandleA
GetTempPathA
GetTempFileNameA
SetEvent
ReleaseMutex
CreateEventW
CreateThread
ResumeThread
GetLogicalProcessorInformation
MultiByteToWideChar
CreateFileW
DeleteFileW
MoveFileExW
GetFileSizeEx
GetFileTime
GetFileType
ReadFile
SetFilePointerEx
WriteFile
GetTickCount
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
GetConsoleWindow
ExitProcess

ws2_32

WSAAsyncSelect

Sections

.text
Size: 9.7MB - Virtual size: 9.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 537KB - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xv2questcreat.exe
.exe windows:6 windows x64 arch:x64

62add0581d35d831f5df04ae40242d66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

gdi32

RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
CombineRgn
CreateBitmap
GetDIBits
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW

ole32

CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoTaskMemAlloc
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
StringFromGUID2
CoCreateInstance
CoUninitialize

user32

GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
GetWindowTextW
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetWindowLongW
ScreenToClient
GetSysColor
SystemParametersInfoW
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
EnumWindows
RealGetWindowClassW
GetUserObjectSecurity
MessageBoxA
ChangeClipboardChain
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey

winmm

PlaySoundW

oleaut32

VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
SysStringLen

shell32

SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW

kernel32

GetCommandLineA
GetSystemTimeAsFileTime
AreFileApisANSI
IsProcessorFeaturePresent
HeapAlloc
HeapFree
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
GetStringTypeW
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
CreateMutexW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetProcessHeap
IsValidCodePage
GetACP
GetOEMCP
GetStdHandle
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
GetModuleFileNameW
HeapReAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
DeviceIoControl
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
Sleep
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
LCMapStringW
GetLocalTime
GetSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
LoadLibraryExW
ExitThread
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStartupInfoW
WaitForSingleObjectEx
OutputDebugStringW
GetCommandLineW
GetUserDefaultLCID
CompareStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
GetUserGeoID
SetEnvironmentVariableA
WriteConsoleW
GetExitCodeProcess
FindClose
FindFirstFileExA
FindNextFileA
CloseHandle
GetLastError
WaitForSingleObject
CreateProcessA
GetProcAddress
SetEvent
ReleaseMutex
CreateMutexA
CreateEventW
CreateThread
ResumeThread
GetLogicalProcessorInformation
MultiByteToWideChar
CreateFileW
DeleteFileW
MoveFileExW
GetFileSizeEx
GetFileTime
GetFileType
ReadFile
SetFilePointerEx
WriteFile
GetTickCount
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId

ws2_32

WSAAsyncSelect

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 499KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xv2skilcreat.exe
.exe windows:6 windows x64 arch:x64

2790a8ef23d89fd38442409353566db7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

gdi32

RemoveFontResourceExW
AddFontMemResourceEx
RemoveFontMemResourceEx
GetTextMetricsW
GetObjectW
GetTextFaceW
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers
GetBitmapBits
GetCharABCWidthsW
GetCharABCWidthsFloatW
GetGlyphOutlineW
GetOutlineTextMetricsW
GetTextExtentPoint32W
GetCharABCWidthsI
SetBkMode
SetGraphicsMode
SetTextColor
SetTextAlign
SetWorldTransform
ExtTextOutW
CreateCompatibleDC
CreateRectRgn
DeleteDC
DeleteObject
GetRegionData
SelectClipRgn
CombineRgn
CreateBitmap
GetDIBits
SelectObject
CreateDIBSection
GdiFlush
BitBlt
OffsetRgn
GetDeviceCaps
CreateCompatibleBitmap
CreateDCW
EnumFontFamiliesExW
CreateFontIndirectW
GetFontData
GetStockObject
AddFontResourceExW

ole32

CoGetMalloc
ReleaseStgMedium
CoTaskMemFree
DoDragDrop
CoTaskMemAlloc
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CoCreateGuid
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleIsCurrentClipboard
StringFromGUID2
CoCreateInstance
CoUninitialize

user32

GetMessageExtraInfo
TrackMouseEvent
GetClipboardFormatNameW
RegisterClassW
GetCursorInfo
GetIconInfo
CreateIconIndirect
CreateCursor
LoadCursorW
GetCursor
SetCursorPos
NotifyWinEvent
SetMenuItemInfoW
TrackPopupMenuEx
GetMenu
MapVirtualKeyW
ToUnicode
ToAscii
GetKeyboardState
GetKeyState
IsZoomed
PeekMessageW
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
GetWindowTextW
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetDC
ReleaseDC
GetSystemMenu
EnableMenuItem
GetSystemMetrics
GetWindowLongW
ScreenToClient
GetSysColor
SystemParametersInfoW
MessageBoxW
DrawIconEx
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
EnumWindows
RealGetWindowClassW
GetUserObjectSecurity
MessageBoxA
ChangeClipboardChain
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
SetWindowTextW
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetVirtualKey

winmm

PlaySoundW

oleaut32

VariantInit
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantChangeType
SysStringLen

shell32

SHGetFileInfoW
ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegQueryInfoKeyW
RegSetValueExW

kernel32

GetCommandLineA
GetSystemTimeAsFileTime
AreFileApisANSI
IsProcessorFeaturePresent
HeapAlloc
HeapFree
RtlUnwindEx
RtlLookupFunctionEntry
RaiseException
RtlPcToFileHeader
GetStringTypeW
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
CreateMutexW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetProcessHeap
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetGeoInfoW
GetTimeZoneInformation
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
GetModuleFileNameW
HeapReAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
DeviceIoControl
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
ResetEvent
WaitForMultipleObjects
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
Sleep
DuplicateHandle
LoadLibraryW
GetSystemDirectoryW
LCMapStringW
GetLocalTime
GetSystemTime
QueryPerformanceFrequency
QueryPerformanceCounter
IsDebuggerPresent
LoadLibraryExW
ExitThread
SetStdHandle
SetFileAttributesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStartupInfoW
WaitForSingleObjectEx
OutputDebugStringW
GetCommandLineW
GetUserDefaultLCID
CompareStringW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
GetUserGeoID
SetEnvironmentVariableA
WriteConsoleW
CreateEventW
CloseHandle
GetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateThread
ResumeThread
FindClose
FindFirstFileExA
FindNextFileA
GetProcAddress
MultiByteToWideChar
CreateFileW
DeleteFileW
MoveFileExW
GetFileSizeEx
GetFileTime
GetFileType
ReadFile
SetFilePointerEx
WriteFile
GetTickCount
GetVolumeInformationW
GetLongPathNameW
GetDriveTypeW
lstrcmpW
GetCurrentThreadId
GetModuleHandleW
LocalFree
FormatMessageW
IsValidLanguageGroup
IsValidLocale
ExpandEnvironmentStringsW
CreateProcessW
GetUserDefaultLangID
CheckRemoteDebuggerPresent
OpenProcess
GlobalAlloc
GlobalLock
GlobalUnlock
GetLocaleInfoW
LoadLibraryA
GlobalSize
GetCurrentProcessId

ws2_32

WSAAsyncSelect

Sections

.text
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xv2stacreat.exe
.exe windows:6 windows x64 arch:x64

afb5b4f4bf94fa6455982f42f30f6911

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

mf

MFGetService

mfplat

MFCreateMediaType
MFFrameRateToAverageTimePerFrame

d3d9

Direct3DCreate9Ex

dxva2

DXVA2CreateDirect3DDeviceManager9

evr

MFCreateVideoSampleFromSurface

ole32

CoCreateGuid
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleSetClipboard
CreateBindCtx
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoGetMalloc
CoInitialize
CoUninitialize
OleFlushClipboard
OleGetClipboard
OleIsCurrentClipboard
PropVariantClear
ReleaseStgMedium
StringFromGUID2
DoDragDrop

imm32

ImmGetDefaultIMEWnd
ImmGetContext
ImmReleaseContext
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContext
ImmSetCandidateWindow
ImmGetVirtualKey
ImmSetCompositionWindow

winmm

timeBeginPeriod
timeEndPeriod
waveOutGetNumDevs
waveOutGetDevCapsW
waveOutOpen
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInReset
mixerGetLineInfoW
mixerGetID
mixerGetLineControlsW
mixerGetControlDetailsW
mixerSetControlDetails
waveOutSetVolume
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutPause
waveOutRestart
waveOutReset
PlaySoundW

oleaut32

VariantInit
SysFreeString
SysStringLen
SysAllocString
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
VariantClear

shell32

SHGetSpecialFolderPathW
SHGetFileInfoW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
CommandLineToArgvW

gdi32

GetDIBits
CreateBitmap
ExtTextOutW
SetWorldTransform
SetTextAlign
SetTextColor
SetGraphicsMode
SetBkMode
GetCharABCWidthsI
GetTextExtentPoint32W
GetOutlineTextMetricsW
GetGlyphOutlineW
GetCharABCWidthsFloatW
GetCharABCWidthsW
GetBitmapBits
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetTextFaceW
GetObjectW
GetTextMetricsW
RemoveFontMemResourceEx
AddFontMemResourceEx
RemoveFontResourceExW
AddFontResourceExW
GetStockObject
GetFontData
CreateFontIndirectW
EnumFontFamiliesExW
CreateDCW
CreateCompatibleBitmap
GetDeviceCaps
OffsetRgn
BitBlt
GdiFlush
CreateDIBSection
SelectClipRgn
CreatePen
CreateSolidBrush
DeleteObject
Rectangle
SelectObject
CombineRgn
CreateCompatibleDC
CreateRectRgn
DeleteDC
GetRegionData

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

ws2_32

ntohl
inet_addr
getsockopt
htonl
gethostbyaddr
gethostbyname
WSAGetLastError
__WSAFDIsSet
bind
closesocket
getpeername
getsockname
htons
listen
select
setsockopt
WSAAccept
WSAConnect
WSAHtonl
WSAIoctl
WSANtohl
WSANtohs
WSARecv
WSARecvFrom
WSASend
WSASendTo
WSASocketW
shutdown
gethostname
WSAStartup
WSACleanup
WSAAsyncSelect
send
recv
WSASetLastError

advapi32

FreeSid
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
CopySid
OpenProcessToken
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegFlushKey
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
RegSetValueExW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
RegQueryInfoKeyW
RegDeleteKeyW

user32

IsZoomed
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
RegisterWindowMessageW
GetKeyboardLayout
GetAsyncKeyState
RegisterClipboardFormatW
ChangeClipboardChain
SetClipboardViewer
LoadIconW
EnumDisplayMonitors
GetMonitorInfoW
LoadImageW
GetSysColorBrush
ChildWindowFromPointEx
GetCursorPos
GetClientRect
GetFocus
RegisterClassExW
GetClassInfoW
UnregisterClassW
GetKeyboardLayoutList
GetAncestor
DestroyIcon
DestroyCursor
GetWindowThreadProcessId
SetParent
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
GetWindowLongW
ScreenToClient
ClientToScreen
SetCursor
AdjustWindowRectEx
GetWindowRect
InvalidateRect
GetUpdateRect
SetForegroundWindow
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SetCursorPos
IsIconic
IsWindowVisible
SetWindowPlacement
GetKeyState
SetWindowPos
MoveWindow
FlashWindowEx
ShowWindow
IsChild
CreateWindowExW
AttachThreadInput
PostMessageW
SendMessageW
GetDesktopWindow
GetCaretBlinkTime
MessageBeep
GetDoubleClickTime
SetWindowRgn
DestroyWindow
DefWindowProcW
SystemParametersInfoW
GetSysColor
GetSystemMetrics
EnableMenuItem
GetSystemMenu
ReleaseDC
GetDC
GetShellWindow
MsgWaitForMultipleObjects
PostThreadMessageW
PeekMessageW
EndPaint
BeginPaint
GetUserObjectSecurity
MessageBoxA
TranslateMessage
DispatchMessageW
GetQueueStatus
MsgWaitForMultipleObjectsEx
SetTimer
KillTimer
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CharNextExA
GetProcessWindowStation
GetUserObjectInformationW
GetKeyboardState
ToAscii
ToUnicode
MapVirtualKeyW
GetMenu
TrackPopupMenuEx
SetMenuItemInfoW
GetCursor
LoadCursorW
CreateCursor
CreateIconIndirect
GetIconInfo
GetCursorInfo
RegisterClassW
GetWindowPlacement
NotifyWinEvent
GetClipboardFormatNameW
TrackMouseEvent
GetMessageExtraInfo
EnumWindows
GetWindowTextW
RealGetWindowClassW
DrawIconEx
MessageBoxW
SetFocus
SetWindowTextW

crypt32

CertCreateCertificateContext
CertFreeCertificateContext
CertGetCertificateChain
CertFreeCertificateChain
CertCloseStore
CertOpenStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty

kernel32

GetUserGeoID
GetGeoInfoW
GetConsoleCP
ReadConsoleW
CreateMutexW
VirtualAlloc
VirtualFree
EncodePointer
GetTimeZoneInformation
GetStringTypeW
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
IsProcessorFeaturePresent
AreFileApisANSI
GetSystemTimeAsFileTime
GetCommandLineA
HeapReAlloc
IsDebuggerPresent
ExitThread
LoadLibraryExW
SetStdHandle
FindFirstChangeNotificationW
GetModuleHandleExW
FreeLibrary
FindNextFileW
FindFirstFileExW
FindNextChangeNotification
FindCloseChangeNotification
GetModuleFileNameW
DecodePointer
SystemTimeToTzSpecificLocalTime
MoveFileW
CopyFileW
GetTempPathW
RemoveDirectoryW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
EnumSystemLocalesW
HeapSize
GetStdHandle
IsValidCodePage
GetACP
GetOEMCP
SetConsoleCtrlHandler
GetEnvironmentStringsW
FreeEnvironmentStringsW
FileTimeToLocalFileTime
PeekNamedPipe
GetModuleFileNameA
SetEnvironmentVariableA
SetFileAttributesW
GetConsoleMode
WriteConsoleW
GlobalMemoryStatus
FindFirstFileW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetErrorMode
SetEndOfFile
GetLogicalDrives
FlushFileBuffers
GetUserDefaultUILanguage
GetCurrencyFormatW
GetTimeFormatW
GetDateFormatW
LCMapStringW
GetSystemDirectoryW
GetLocalTime
GetSystemInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
GetThreadPriority
SetThreadPriority
GetCurrentThread
GetCurrentProcess
DuplicateHandle
OutputDebugStringW
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObjectEx
GetCommandLineW
GetUserDefaultLCID
CompareStringW
SystemTimeToFileTime
GetSystemTime
SetLastError
SetHandleInformation
LoadLibraryW
DeviceIoControl
DeleteCriticalSection
SetConsoleMode
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
GetConsoleWindow
WideCharToMultiByte
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
GlobalSize
LoadLibraryA
GetLocaleInfoW
GlobalUnlock
GlobalLock
GlobalAlloc
OpenProcess
CheckRemoteDebuggerPresent
GetUserDefaultLangID
CreateProcessW
ExpandEnvironmentStringsW
IsValidLocale
IsValidLanguageGroup
GetModuleHandleW
GetCurrentThreadId
Sleep
GetProcessHeap
HeapFree
HeapAlloc
lstrcmpW
GetDriveTypeW
GetLongPathNameW
GetVolumeInformationW
MulDiv
GetExitCodeThread
FileTimeToSystemTime
lstrlenW
FormatMessageW
WaitForMultipleObjects
LocalFree
LocalAlloc
ResetEvent
GetTickCount
WriteFile
SetFilePointerEx
ReadFile
GetFileType
GetFileTime
GetFileSizeEx
MoveFileExW
DeleteFileW
CreateFileW
MultiByteToWideChar
GetProcAddress
CreateProcessA
GetExitCodeProcess
FindNextFileA
FindFirstFileExA
FindClose
FlushConsoleInputBuffer
ReadConsoleInputA
GetStartupInfoW
CloseHandle
GetLastError
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
CreateEventW
CreateThread
ResumeThread
GetLogicalProcessorInformation

Sections

.text
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 427KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 590KB - Virtual size: 590KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bc27ec450840ce8a84dc39c24dd3646

Headers

DLL Characteristics

File Characteristics

Imports

version

mf

mfplat

d3d9

dxva2

evr

ole32

imm32

winmm

oleaut32

shell32

gdi32

iphlpapi

ws2_32

advapi32

user32

crypt32

kernel32

Sections

.text Size: 10.9MB - Virtual size: 10.9MB

.rdata Size: 5.6MB - Virtual size: 5.6MB

.data Size: 427KB - Virtual size: 509KB

.pdata Size: 606KB - Virtual size: 606KB

.qtmetad Size: 4KB - Virtual size: 4KB

_RDATA Size: 1024B - Virtual size: 528B

.rsrc Size: 232KB - Virtual size: 232KB

.reloc Size: 82KB - Virtual size: 81KB

a779930e0f3284ddf0e7fa84836d3f51

Headers

DLL Characteristics

File Characteristics

Imports

version

gdi32

ole32

user32

imm32

winmm

oleaut32

shell32

advapi32

kernel32

ws2_32

Sections

.text Size: 8.8MB - Virtual size: 8.8MB

.rdata Size: 4.9MB - Virtual size: 4.9MB

.data Size: 92KB - Virtual size: 151KB

.pdata Size: 487KB - Virtual size: 486KB

.qtmetad Size: 2KB - Virtual size: 2KB

_RDATA Size: 1024B - Virtual size: 528B

.rsrc Size: 232KB - Virtual size: 232KB

.reloc Size: 54KB - Virtual size: 53KB

e0580823236b597981c82b245cd51418

Headers

DLL Characteristics

File Characteristics

Imports

version

gdi32

ole32

user32

imm32

winmm

oleaut32

shell32

advapi32

kernel32

ws2_32

Sections

.text Size: 9.7MB - Virtual size: 9.7MB

.text
Size: 10.9MB - Virtual size: 10.9MB

.rdata
Size: 5.6MB - Virtual size: 5.6MB

.data
Size: 427KB - Virtual size: 509KB

.pdata
Size: 606KB - Virtual size: 606KB

.qtmetad
Size: 4KB - Virtual size: 4KB

_RDATA
Size: 1024B - Virtual size: 528B

.rsrc
Size: 232KB - Virtual size: 232KB

.reloc
Size: 82KB - Virtual size: 81KB

.text
Size: 8.8MB - Virtual size: 8.8MB

.rdata
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: 92KB - Virtual size: 151KB

.pdata
Size: 487KB - Virtual size: 486KB

.qtmetad
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 1024B - Virtual size: 528B

.rsrc
Size: 232KB - Virtual size: 232KB

.reloc
Size: 54KB - Virtual size: 53KB

.text
Size: 9.7MB - Virtual size: 9.7MB

.rdata
Size: 5.4MB - Virtual size: 5.4MB

.data
Size: 94KB - Virtual size: 157KB

.pdata
Size: 537KB - Virtual size: 537KB

.qtmetad
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 1024B - Virtual size: 528B

.rsrc
Size: 232KB - Virtual size: 232KB

.reloc
Size: 56KB - Virtual size: 56KB

.text
Size: 8.9MB - Virtual size: 8.9MB

.rdata
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: 93KB - Virtual size: 155KB

.pdata
Size: 499KB - Virtual size: 499KB

.qtmetad
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 1024B - Virtual size: 528B

.rsrc
Size: 232KB - Virtual size: 232KB

.reloc
Size: 54KB - Virtual size: 53KB

.text
Size: 9.0MB - Virtual size: 9.0MB

.rdata
Size: 5.0MB - Virtual size: 5.0MB

.data
Size: 93KB - Virtual size: 152KB

.pdata
Size: 501KB - Virtual size: 501KB

.qtmetad
Size: 2KB - Virtual size: 2KB

_RDATA
Size: 1024B - Virtual size: 528B

.rsrc
Size: 232KB - Virtual size: 232KB

.reloc
Size: 55KB - Virtual size: 54KB