e91105013d28a9c5b5368834c6438921_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e91105013d28a9c5b5368834c6438921_JaffaCakes118
Size

5.8MB
MD5

e91105013d28a9c5b5368834c6438921
SHA1

0569727407f781ac0661570c7fb7d21f2ac2edd5
SHA256

55b1b1c9909fbb7b39fa4e50bf740bc1754b1d08332b9788c097ecd961f362dc
SHA512

aa673d8174b6f20265c31f93b99f88526059f978e851dfbaa7f866b742c0b3c7da7ea08467ad420cf6f7e81397dd4a8523e7c0769d07740b13c8321f6bf994dd
SSDEEP

98304:O1eR+ZUXS2L2gFMjUATJvrau695R+h0fNsTS+8ZGLhvg1HW0duplOEZ9Dbq:UeR8UXS2LinaV92G6S3ZGLhN0wrTq

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 13 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/$SYSDIR/authdvd.dll	acprotect
static1/unpack002/MainCore.dll	acprotect
static1/unpack002/Plugins/IDTagger.dll	acprotect
static1/unpack002/Plugins/In/AC3Input.dll	acprotect
static1/unpack002/Plugins/In/MP3 and mp3PRO Decoder.dll	acprotect
static1/unpack002/Plugins/In/Vorbis Decoder.dll	acprotect
static1/unpack002/Plugins/In/WMAInput.dll	acprotect
static1/unpack002/Plugins/In/Waveform Decoder.dll	acprotect
static1/unpack002/Plugins/Out/PCMOut.dll	acprotect
static1/unpack002/Plugins/Out/WMAOut.dll	acprotect
static1/unpack002/cddb.dll	acprotect
static1/unpack002/id3lib.dll	acprotect
static1/unpack002/langres.dll	acprotect

UPX packed file 14 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/$SYSDIR/authdvd.dll	upx
static1/unpack002/MainCore.dll	upx
static1/unpack002/Plugins/IDTagger.dll	upx
static1/unpack002/Plugins/In/AC3Input.dll	upx
static1/unpack002/Plugins/In/MP3 and mp3PRO Decoder.dll	upx
static1/unpack002/Plugins/In/Vorbis Decoder.dll	upx
static1/unpack002/Plugins/In/WMAInput.dll	upx
static1/unpack002/Plugins/In/Waveform Decoder.dll	upx
static1/unpack002/Plugins/Out/PCMOut.dll	upx
static1/unpack002/Plugins/Out/WMAOut.dll	upx
static1/unpack002/cddb.dll	upx
static1/unpack002/freshupdate.exe	upx
static1/unpack002/id3lib.dll	upx
static1/unpack002/langres.dll	upx

Unsigned PE 24 IoCs

Checks for missing Authenticode signature.

resource
unpack001/winwma_install.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/$SYSDIR/authdvd.dll
unpack003/out.upx
unpack002/$SYSDIR/ntaspi32.dll
unpack002/MainCore.dll
unpack002/Plugins/IDTagger.dll
unpack002/Plugins/In/AC3Input.dll
unpack006/out.upx
unpack002/Plugins/In/MP3 and mp3PRO Decoder.dll
unpack002/Plugins/In/Vorbis Decoder.dll
unpack008/out.upx
unpack002/Plugins/In/WMAInput.dll
unpack002/Plugins/In/Waveform Decoder.dll
unpack002/Plugins/Out/PCMOut.dll
unpack002/Plugins/Out/WMAOut.dll
unpack002/akrip.dll
unpack002/cddb.dll
unpack002/cddbdll.dll
unpack002/freshupdate.exe
unpack002/id3lib.dll
unpack002/langres.dll
unpack002/uninstall.exe
unpack002/winwma.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/winwma_install.exe	nsis_installer_1
static1/unpack002/uninstall.exe	nsis_installer_1

Files

e91105013d28a9c5b5368834c6438921_JaffaCakes118
.rar
FILE_ID.DIZ
LICENSE.TXT
winwma_install.exe
.exe windows:4 windows x86 arch:x86

1433f2e02f7db60c6c8547c52a3f8504

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
GlobalFree
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
ReadFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
GetCommandLineA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

1f4c4faa2a5228733f7ee5edf40f6693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
WritePrivateProfileStringA
lstrcpynA
lstrcatA
lstrcpyA
GetPrivateProfileIntA
MultiByteToWideChar
GetModuleHandleA
lstrcmpiA
GlobalFree
GetPrivateProfileStringA
GlobalAlloc

user32

GetWindowLongA
DrawTextA
SetCursor
LoadCursorA
PtInRect
MapWindowPoints
GetDlgCtrlID
GetClientRect
DrawFocusRect
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
CallWindowProcA
PostMessageA
MessageBoxA
SendMessageA
SetWindowTextA
GetWindowTextA
wsprintfA
CharNextA
LoadIconA

gdi32

SetTextColor
DeleteObject

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetPathFromIDListA

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SYSDIR/authdvd.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AuthDVD
AuthDrive
BS_About
BS_CallBack
CheckASPI
GetASF
GetTitleKey

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$SYSDIR/ntaspi32.dll
.dll windows:4 windows x86 arch:x86

359f7c431bd2e36fca441bf86f72924c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfA
MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

GetEnvironmentVariableA
GetModuleFileNameA
CreateMutexA
CloseHandle
WaitForSingleObject
ReleaseMutex
GetLastError
DeviceIoControl
CreateFileA
GetDriveTypeA
GetVersionExA
lstrcpyA
lstrcmpA
SetEvent
Sleep
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersion
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapFree
VirtualFree
VirtualAlloc
DisableThreadLibraryCalls
GetModuleHandleA
FlushFileBuffers
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

EnableASPINTFeature
FreeASPI32Buffer
GetASPI32Buffer
GetASPI32DLLVersion
GetASPI32SupportInfo
LockASPINTVolume
RegisterWOWPost
SendASPI32Command
TranslateASPI32Address
WOWDispatch

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FILE_ID.DIZ
LICENSE.TXT
MainCore.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AbortCommand_DLL
DeInitMainCore_DLL
DoCommand_DLL
DoStringCommand_DLL
GetEncParamString_GUI
GetMainCore_DLL
GetShortDesc_GUI
GuiInitInterface
InitMainCore_DLL
LoadPlugIn_GUI
SendGUINotification_Module
SetEncParamString_GUI
ShowGUIAdvancedSettings
UnloadCurrentPlugIn_GUI
_mc_GetDiscID

Sections

UPX0
Size: - Virtual size: 252KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MediaTwins official web site.url
.url
MediaTwins technical support online.url
.url
Plugins/IDTagger.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

aedtGetTagModule

Sections

UPX0
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/In/AC3Input.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

MTconvInputModAddr
MTconvInputModAddrEx

Sections

UPX0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/In/MP3 and mp3PRO Decoder.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

MTconvInputModAddr

Sections

UPX0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/In/Vorbis Decoder.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

MTconvInputModAddr

Sections

UPX0
Size: - Virtual size: 140KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Plugins/In/WMAInput.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

MTconvInputModAddr

Sections

UPX0
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/In/Waveform Decoder.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

MTconvInputModAddr

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Out/PCMOut.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

RegisterCompressModule

Sections

UPX0
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Plugins/Out/WMAOut.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

RegisterCompressModule

Sections

UPX0
Size: - Virtual size: 252KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
akrip.dll
.dll windows:4 windows x86 arch:x86

45ec67e481ab8a31b9aa41506bba08e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ResetEvent
CreateEventA
ReleaseMutex
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
GetLastError
CreateFileMappingA
InitializeCriticalSection
CreateMutexA
DeleteCriticalSection
GetProcAddress
LoadLibraryA
GetVersionExA
FreeLibrary
GlobalFree
lstrcatA
GlobalAlloc
lstrlenA
lstrcpyA
lstrcpynA
lstrcmpA
lstrcmpiA
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetDriveTypeA
CreateFileA
DeviceIoControl
FlushFileBuffers
SetStdHandle
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
LCMapStringA
LCMapStringW
RtlUnwind
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc

user32

wsprintfA

wsock32

gethostbyname
htons
connect
socket
recv
closesocket
WSACleanup
WSAStartup
send

Exports

Exports

CDDBGetDiskInfo
CDDBGetOptionInt
CDDBGetOptionText
CDDBGetServerList
CDDBQuery
CDDBSetOption
CDDBSubmit
CloseCDHandle
DeInitDLLMain
GetAKRipDllVersion
GetAspiLibAspiError
GetAspiLibError
GetCDDBDiskID
GetCDHandle
GetCDId
GetCDList
GetDriveInfo
GetNumAdapters
InitDLLMain
ModifyCDParms
PlayTrackASPI
QueryCDParms
ReadCDAudioLBA
ReadCDAudioLBAEx
ReadTOC
StopPlayTrackASPI

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cddb.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CDDB@@QAE@XZ
??1CDDB@@UAE@XZ
??_7CDDB@@6B@
?CDDB_ClearFaultList@@YAXXZ
?CDDB_GetTrackDescription@@YAHPADPAUcddb_track_info@@PAUHINSTANCE__@@@Z
?DeInitCDDB@@YAXXZ
?InitCDDB@@YAHPAUHWND__@@@Z
?SetCDDBOptions@@YAXPAUHWND__@@@Z
?dwGetCDDB_CDID@@YAKD@Z

Sections

UPX0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cddbdll.dll
.dll windows:4 windows x86 arch:x86

3269b0b17f7531e4d835464274ad546d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
GetPrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStringA
WritePrivateProfileStructA
GetModuleFileNameA
GetModuleHandleA
InitializeCriticalSection
GetVersionExA
GetDriveTypeA
SetUnhandledExceptionFilter
DeleteCriticalSection
Sleep
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetLastError
GetLocaleInfoA
GetTickCount
CreateProcessA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
GetSystemTime
CreateDirectoryA
CopyFileA
GetPrivateProfileIntA
FindFirstFileA
DisableThreadLibraryCalls
FindClose
FindNextFileA
DeleteFileA
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetWindowsDirectoryA

user32

GetParent
GetDlgItemInt
SetDlgItemInt
LoadStringA
DrawTextA
DefWindowProcA
RegisterHotKey
IsWindow
CreateMenu
SetWindowPos
LoadMenuA
GetSubMenu
GetCursorPos
TrackPopupMenu
DispatchMessageA
TranslateMessage
PeekMessageA
GetClassNameA
GetWindowDC
InsertMenuA
SystemParametersInfoA
SetActiveWindow
GetWindowLongA
SetDlgItemTextA
EndDialog
SendDlgItemMessageA
SetWindowTextA
GetDlgItem
SendMessageA
ReleaseDC
GetDC
SetForegroundWindow
DialogBoxParamA
GetForegroundWindow
MessageBoxA
LoadIconA
DestroyWindow
SetWindowLongA
AppendMenuA
EnableWindow
MoveWindow
GetClientRect
InvalidateRect
RemoveMenu
GetMenuState
ModifyMenuA
PostMessageA
GetWindowRect
GetSystemMetrics
SetFocus
GetMenu
EnableMenuItem
CheckMenuItem
DrawMenuBar
LoadCursorA
SetCursor
DestroyMenu
LoadBitmapA
GetWindowTextLengthA
GetWindowTextA
GetMessageA
CreateDialogParamA
ShowWindow

gdi32

CreateFontIndirectA
SelectObject
GetTextExtentPointA
SetBkMode
SetTextColor
CreateRectRgn
DeleteObject
CreateFontA
GetTextExtentPoint32A

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

PropertySheetA
ord17

wsock32

ioctlsocket
gethostbyname
inet_ntoa
recv
WSAStartup
WSACleanup
getsockname
gethostname
socket
htons
connect
send
closesocket
shutdown

msvcrt

rand
time
strcmp
fgets
fputs
fprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
strcat
sscanf
strncmp
atoi
free
isdigit
strncpy
realloc
strstr
malloc
memset
memcpy
strchr
sprintf
strlen
tmpnam
fopen
strcpy
fclose
_except_handler3
srand
_beginthreadex
__dllonexit
_onexit
_adjust_fdiv
_strlwr
_stricmp
_strnicmp
_itoa
_strdup
_strupr
_initterm

Exports

Exports

CDDBSaveCDInfo
DeInitCDDBDLL
FreeStructureDISCINFO
GetCDDBIDMCI
GetCDFromCDDB
GetCDFromLocal
InitCDDBDLL
ShowCDDBOptionsDialog
ShowDBEditDialog

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
freshupdate.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 640KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 244KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
help/akrip/AKRip CD-DA Audio Extraction Library.url
.url
help/akrip/lgpl.txt
help/akrip/readme-akrip.txt
help/winwma.chm
.chm
id3lib.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0BStringReader@io@dami@@QAE@ABV012@@Z
??0BStringReader@io@dami@@QAE@ABV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@@Z
??0BStringWriter@io@dami@@QAE@AAV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@@Z
??0BStringWriter@io@dami@@QAE@ABV012@@Z
??0CharReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0CharReader@io@dami@@QAE@ABV012@@Z
??0CompressedReader@io@dami@@QAE@AAVID3_Reader@@I@Z
??0CompressedReader@io@dami@@QAE@ABV012@@Z
??0ExitTrigger@io@dami@@QAE@AAVID3_Reader@@@Z
??0ExitTrigger@io@dami@@QAE@AAVID3_Reader@@I@Z
??0ExitTrigger@io@dami@@QAE@ABV012@@Z
??0ID3_FStreamWriter@@QAE@AAVfstream@@@Z
??0ID3_FStreamWriter@@QAE@ABV0@@Z
??0ID3_Field@@IAE@XZ
??0ID3_Field@@QAE@ABV0@@Z
??0ID3_Frame@@QAE@ABV0@@Z
??0ID3_Frame@@QAE@W4ID3_FrameID@@@Z
??0ID3_FrameInfo@@QAE@XZ
??0ID3_IFStreamReader@@QAE@AAVifstream@@@Z
??0ID3_IFStreamReader@@QAE@ABV0@@Z
??0ID3_IOStreamWriter@@QAE@AAViostream@@@Z
??0ID3_IOStreamWriter@@QAE@ABV0@@Z
??0ID3_IStreamReader@@QAE@AAVistream@@@Z
??0ID3_IStreamReader@@QAE@ABV0@@Z
??0ID3_MemoryReader@@QAE@ABV0@@Z
??0ID3_MemoryReader@@QAE@PBDI@Z
??0ID3_MemoryReader@@QAE@PBEI@Z
??0ID3_MemoryReader@@QAE@XZ
??0ID3_MemoryWriter@@QAE@ABV0@@Z
??0ID3_MemoryWriter@@QAE@QAEI@Z
??0ID3_MemoryWriter@@QAE@XZ
??0ID3_OFStreamWriter@@QAE@AAVofstream@@@Z
??0ID3_OFStreamWriter@@QAE@ABV0@@Z
??0ID3_OStreamWriter@@QAE@AAVostream@@@Z
??0ID3_OStreamWriter@@QAE@ABV0@@Z
??0ID3_Reader@@QAE@ABV0@@Z
??0ID3_Reader@@QAE@XZ
??0ID3_Tag@@QAE@ABV0@@Z
??0ID3_Tag@@QAE@PBD@Z
??0ID3_Writer@@QAE@ABV0@@Z
??0ID3_Writer@@QAE@XZ
??0LineFeedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0LineFeedReader@io@dami@@QAE@ABV012@@Z
??0StringReader@io@dami@@QAE@ABV012@@Z
??0StringReader@io@dami@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringWriter@io@dami@@QAE@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StringWriter@io@dami@@QAE@ABV012@@Z
??0UnsyncedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0UnsyncedReader@io@dami@@QAE@ABV012@@Z
??0UnsyncedWriter@io@dami@@QAE@AAVID3_Writer@@@Z
??0UnsyncedWriter@io@dami@@QAE@ABV012@@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@I@Z
??0WindowedReader@io@dami@@QAE@AAVID3_Reader@@II@Z
??0WindowedReader@io@dami@@QAE@ABV012@@Z
??1BStringReader@io@dami@@UAE@XZ
??1BStringWriter@io@dami@@UAE@XZ
??1CharReader@io@dami@@UAE@XZ
??1CompressedReader@io@dami@@UAE@XZ
??1ExitTrigger@io@dami@@UAE@XZ
??1ID3_FStreamWriter@@UAE@XZ
??1ID3_Field@@MAE@XZ
??1ID3_Frame@@UAE@XZ
??1ID3_FrameInfo@@QAE@XZ
??1ID3_IFStreamReader@@UAE@XZ
??1ID3_IOStreamWriter@@UAE@XZ
??1ID3_IStreamReader@@UAE@XZ
??1ID3_MemoryReader@@UAE@XZ
??1ID3_MemoryWriter@@UAE@XZ
??1ID3_OFStreamWriter@@UAE@XZ
??1ID3_OStreamWriter@@UAE@XZ
??1ID3_Tag@@UAE@XZ
??1LineFeedReader@io@dami@@UAE@XZ
??1StringReader@io@dami@@UAE@XZ
??1StringWriter@io@dami@@UAE@XZ
??1UnsyncedReader@io@dami@@UAE@XZ
??4CompressedReader@io@dami@@QAEAAV012@ABV012@@Z
??4ID3_Frame@@QAEAAV0@ABV0@@Z
??4ID3_FrameInfo@@QAEAAV0@ABV0@@Z
??4ID3_MemoryReader@@QAEAAV0@ABV0@@Z
??4ID3_MemoryWriter@@QAEAAV0@ABV0@@Z
??4ID3_Reader@@QAEAAV0@ABV0@@Z
??4ID3_Tag@@QAEAAV0@ABV0@@Z
??4ID3_Writer@@QAEAAV0@ABV0@@Z
??6ID3_Tag@@QAEAAV0@ABVID3_Frame@@@Z
??6ID3_Tag@@QAEAAV0@PBVID3_Frame@@@Z
??_7BStringReader@io@dami@@6B@
??_7BStringWriter@io@dami@@6B@
??_7CharReader@io@dami@@6B@
??_7CompressedReader@io@dami@@6B@
??_7ExitTrigger@io@dami@@6B@
??_7ID3_FStreamWriter@@6B@
??_7ID3_Field@@6B@
??_7ID3_Frame@@6B@
??_7ID3_IFStreamReader@@6B@
??_7ID3_IOStreamWriter@@6B@
??_7ID3_IStreamReader@@6B@
??_7ID3_MemoryReader@@6B@
??_7ID3_MemoryWriter@@6B@
??_7ID3_OFStreamWriter@@6B@
??_7ID3_OStreamWriter@@6B@
??_7ID3_Reader@@6B@
??_7ID3_Tag@@6B@
??_7ID3_Writer@@6B@
??_7LineFeedReader@io@dami@@6B@
??_7StringReader@io@dami@@6B@
??_7StringWriter@io@dami@@6B@
??_7UnsyncedReader@io@dami@@6B@
??_7UnsyncedWriter@io@dami@@6B@
??_7WindowedReader@io@dami@@6B@
??_FID3_Frame@@QAEXXZ
??_FID3_Tag@@QAEXXZ
?AddFrame@ID3_Tag@@QAEXABVID3_Frame@@@Z
?AddFrame@ID3_Tag@@QAEXPBVID3_Frame@@@Z
?AddFrames@ID3_Tag@@QAEXPBVID3_Frame@@I@Z
?AddNewFrame@ID3_Tag@@QAEXPAVID3_Frame@@@Z
?AttachFrame@ID3_Tag@@QAEXPAVID3_Frame@@@Z
?Clear@ID3_Frame@@QAEXXZ
?Clear@ID3_Tag@@QAEXXZ
?Contains@ID3_Frame@@QBE_NW4ID3_FieldID@@@Z
?CreateIterator@ID3_Frame@@QAEPAVIterator@1@XZ
?CreateIterator@ID3_Frame@@QBEPAVConstIterator@1@XZ
?CreateIterator@ID3_Tag@@QAEPAVIterator@1@XZ
?CreateIterator@ID3_Tag@@QBEPAVConstIterator@1@XZ
?Description@ID3_FrameInfo@@QAEPBDW4ID3_FrameID@@@Z
?END_OF_READER@ID3_Reader@@2FB
?END_OF_WRITER@ID3_Writer@@2FB
?Field@ID3_Frame@@QBEAAVID3_Field@@W4ID3_FieldID@@@Z
?FieldFlags@ID3_FrameInfo@@QAEGW4ID3_FrameID@@H@Z
?FieldSize@ID3_FrameInfo@@QAEIW4ID3_FrameID@@H@Z
?FieldType@ID3_FrameInfo@@QAE?AW4ID3_FieldType@@W4ID3_FrameID@@H@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@I@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@PBD@Z
?Find@ID3_Tag@@QBEPAVID3_Frame@@W4ID3_FrameID@@W4ID3_FieldID@@PBG@Z
?GetAppendedBytes@ID3_Tag@@QBEIXZ
?GetCompression@ID3_Frame@@QBE_NXZ
?GetDataSize@ID3_Frame@@QBEIXZ
?GetDescription@ID3_Frame@@QBEPBDXZ
?GetDescription@ID3_Frame@@SAPBDW4ID3_FrameID@@@Z
?GetEncryptionID@ID3_Frame@@QBEEXZ
?GetExperimental@ID3_Tag@@QBE_NXZ
?GetExtendedHeader@ID3_Tag@@QBE_NXZ
?GetField@ID3_Frame@@QBEPAVID3_Field@@W4ID3_FieldID@@@Z
?GetFileName@ID3_Tag@@QBEPBDXZ
?GetFileSize@ID3_Tag@@QBEIXZ
?GetGroupingID@ID3_Frame@@QBEEXZ
?GetID@ID3_Frame@@QBE?AW4ID3_FrameID@@XZ
?GetPrependedBytes@ID3_Tag@@QBEIXZ
?GetSpec@ID3_Frame@@QBE?AW4ID3_V2Spec@@XZ
?GetSpec@ID3_Tag@@QBE?AW4ID3_V2Spec@@XZ
?GetTextID@ID3_Frame@@QBEPBDXZ
?GetUnsync@ID3_Tag@@QBE_NXZ
?HasChanged@ID3_Frame@@QBE_NXZ
?HasChanged@ID3_Tag@@QBE_NXZ
?HasLyrics@ID3_Tag@@QBE_NXZ
?HasTagType@ID3_Tag@@QBE_NG@Z
?HasV1Tag@ID3_Tag@@QBE_NXZ
?HasV2Tag@ID3_Tag@@QBE_NXZ
?ID3_AddAlbum@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddArtist@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD11_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddComment@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddGenre@@YAPAVID3_Frame@@PAVID3_Tag@@I_N@Z
?ID3_AddLyricist@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD11_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD1_N@Z
?ID3_AddLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD3W4ID3_ContentType@@_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD3_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@PBD_N@Z
?ID3_AddSyncLyrics@@YAPAVID3_Frame@@PAVID3_Tag@@PBEIW4ID3_TimeStampFormat@@_N@Z
?ID3_AddTitle@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_AddTrack@@YAPAVID3_Frame@@PAVID3_Tag@@EE_N@Z
?ID3_AddYear@@YAPAVID3_Frame@@PAVID3_Tag@@PBD_N@Z
?ID3_FreeString@@YAXPAD@Z
?ID3_GetAlbum@@YAPADPBVID3_Tag@@@Z
?ID3_GetArtist@@YAPADPBVID3_Tag@@@Z
?ID3_GetComment@@YAPADPBVID3_Tag@@PBD@Z
?ID3_GetGenre@@YAPADPBVID3_Tag@@@Z
?ID3_GetGenreNum@@YAIPBVID3_Tag@@@Z
?ID3_GetLyricist@@YAPADPBVID3_Tag@@@Z
?ID3_GetLyrics@@YAPADPBVID3_Tag@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@@Z
?ID3_GetString@@YAPADPBVID3_Frame@@W4ID3_FieldID@@I@Z
?ID3_GetTitle@@YAPADPBVID3_Tag@@@Z
?ID3_GetTrack@@YAPADPBVID3_Tag@@@Z
?ID3_GetTrackNum@@YAIPBVID3_Tag@@@Z
?ID3_GetYear@@YAPADPBVID3_Tag@@@Z
?ID3_IsTagHeader@@YAHQBE@Z
?ID3_RemoveAlbums@@YAIPAVID3_Tag@@@Z
?ID3_RemoveArtists@@YAIPAVID3_Tag@@@Z
?ID3_RemoveComments@@YAIPAVID3_Tag@@PBD@Z
?ID3_RemoveGenres@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyricist@@YAIPAVID3_Tag@@@Z
?ID3_RemoveLyrics@@YAIPAVID3_Tag@@@Z
?ID3_RemoveTitles@@YAIPAVID3_Tag@@@Z
?ID3_RemoveTracks@@YAIPAVID3_Tag@@@Z
?ID3_RemoveYears@@YAIPAVID3_Tag@@@Z
?IsV2Tag@ID3_Tag@@SAIAAVID3_Reader@@@Z
?IsV2Tag@ID3_Tag@@SAIPBE@Z
?Link@ID3_Tag@@QAEIPBDG@Z
?Link@ID3_Tag@@QAEIPBD_N1@Z
?LongName@ID3_FrameInfo@@QAEPADW4ID3_FrameID@@@Z
?MaxFrameID@ID3_FrameInfo@@QAEHXZ
?NumFields@ID3_Frame@@QBEIXZ
?NumFields@ID3_FrameInfo@@QAEHW4ID3_FrameID@@@Z
?NumFrames@ID3_Tag@@QBEIXZ
?Parse@ID3_Frame@@QAE_NAAVID3_Reader@@@Z
?Parse@ID3_Tag@@QAEIPBEI@Z
?Parse@ID3_Tag@@QAEIQBEPBE@Z
?Parse@ID3_Tag@@QAE_NAAVID3_Reader@@@Z
?RemoveFrame@ID3_Tag@@QAEPAVID3_Frame@@PBV2@@Z
?Render@ID3_Frame@@QBEXAAVID3_Writer@@@Z
?Render@ID3_Tag@@QBEIAAVID3_Writer@@W4ID3_TagType@@@Z
?Render@ID3_Tag@@QBEIPAEW4ID3_TagType@@@Z
?SetCompression@ID3_Frame@@QAE_N_N@Z
?SetCompression@ID3_Tag@@QAEX_N@Z
?SetEncryptionID@ID3_Frame@@QAE_NE@Z
?SetExperimental@ID3_Tag@@QAE_N_N@Z
?SetExtendedHeader@ID3_Tag@@QAE_N_N@Z
?SetGroupingID@ID3_Frame@@QAE_NE@Z
?SetID@ID3_Frame@@QAE_NW4ID3_FrameID@@@Z
?SetPadding@ID3_Tag@@QAE_N_N@Z
?SetSpec@ID3_Frame@@QAE_NW4ID3_V2Spec@@@Z
?SetSpec@ID3_Tag@@QAE_NW4ID3_V2Spec@@@Z
?SetUnsync@ID3_Tag@@QAE_N_N@Z
?ShortName@ID3_FrameInfo@@QAEPADW4ID3_FrameID@@@Z
?Size@ID3_Frame@@QAEIXZ
?Size@ID3_Tag@@QBEIXZ
?Strip@ID3_Tag@@QAEGG@Z
?Update@ID3_Tag@@QAEGG@Z
?atEnd@BStringReader@io@dami@@UAE_NXZ
?atEnd@ID3_Reader@@UAE_NXZ
?atEnd@ID3_Writer@@UAE_NXZ
?atEnd@StringReader@io@dami@@UAE_NXZ
?close@BStringReader@io@dami@@UAEXXZ
?close@BStringWriter@io@dami@@UAEXXZ
?close@CharReader@io@dami@@UAEXXZ
?close@ID3_FStreamWriter@@UAEXXZ
?close@ID3_IFStreamReader@@UAEXXZ
?close@ID3_IOStreamWriter@@UAEXXZ
?close@ID3_IStreamReader@@UAEXXZ
?close@ID3_MemoryReader@@UAEXXZ
?close@ID3_MemoryWriter@@UAEXXZ
?close@ID3_OFStreamWriter@@UAEXXZ
?close@ID3_OStreamWriter@@UAEXXZ
?close@StringReader@io@dami@@UAEXXZ
?close@StringWriter@io@dami@@UAEXXZ
?close@UnsyncedWriter@io@dami@@UAEXXZ
?close@WindowedReader@io@dami@@UAEXXZ
?convert@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V23@W4ID3_TextEnc@@1@Z
?createFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVfstream@@@Z
?flush@BStringWriter@io@dami@@UAEXXZ
?flush@ID3_IOStreamWriter@@UAEXXZ
?flush@ID3_MemoryWriter@@UAEXXZ
?flush@ID3_OStreamWriter@@UAEXXZ
?flush@StringWriter@io@dami@@UAEXXZ
?flush@UnsyncedWriter@io@dami@@UAEXXZ
?getAlbum@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getArtist@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getBeg@BStringReader@io@dami@@UAEIXZ
?getBeg@CharReader@io@dami@@UAEIXZ
?getBeg@ID3_IOStreamWriter@@UAEIXZ
?getBeg@ID3_IStreamReader@@UAEIXZ
?getBeg@ID3_MemoryReader@@UAEIXZ
?getBeg@ID3_MemoryWriter@@UAEIXZ
?getBeg@ID3_OStreamWriter@@UAEIXZ
?getBeg@ID3_Reader@@UAEIXZ
?getBeg@ID3_Writer@@UAEIXZ
?getBeg@StringReader@io@dami@@UAEIXZ
?getBeg@UnsyncedWriter@io@dami@@UAEIXZ
?getBeg@WindowedReader@io@dami@@UAEIXZ
?getComment@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@V45@@Z
?getCur@BStringReader@io@dami@@UAEIXZ
?getCur@BStringWriter@io@dami@@UAEIXZ
?getCur@CharReader@io@dami@@UAEIXZ
?getCur@ID3_IOStreamWriter@@UAEIXZ
?getCur@ID3_IStreamReader@@UAEIXZ
?getCur@ID3_MemoryReader@@UAEIXZ
?getCur@ID3_MemoryWriter@@UAEIXZ
?getCur@ID3_OStreamWriter@@UAEIXZ
?getCur@StringReader@io@dami@@UAEIXZ
?getCur@StringWriter@io@dami@@UAEIXZ
?getCur@UnsyncedWriter@io@dami@@UAEIXZ
?getCur@WindowedReader@io@dami@@UAEIXZ
?getEnd@BStringReader@io@dami@@UAEIXZ
?getEnd@CharReader@io@dami@@UAEIXZ
?getEnd@ID3_IStreamReader@@UAEIXZ
?getEnd@ID3_MemoryReader@@UAEIXZ
?getEnd@ID3_MemoryWriter@@UAEIXZ
?getEnd@ID3_Reader@@UAEIXZ
?getEnd@ID3_Writer@@UAEIXZ
?getEnd@StringReader@io@dami@@UAEIXZ
?getEnd@UnsyncedWriter@io@dami@@UAEIXZ
?getEnd@WindowedReader@io@dami@@UAEIXZ
?getFileSize@dami@@YAIAAVfstream@@@Z
?getFileSize@dami@@YAIAAVifstream@@@Z
?getFileSize@dami@@YAIAAVofstream@@@Z
?getFrameText@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@W4ID3_FrameID@@@Z
?getGenre@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getGenreNum@v2@id3@dami@@YAIABVID3_TagImpl@@@Z
?getLyricist@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getLyrics@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getMaxSize@ID3_Writer@@UAEIXZ
?getNumSyncs@UnsyncedWriter@io@dami@@QBEIXZ
?getReader@ID3_IStreamReader@@IBEAAVistream@@XZ
?getSize@ID3_Writer@@UAEIXZ
?getString@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVID3_Frame@@W4ID3_FieldID@@@Z
?getStringAtIndex@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVID3_Frame@@W4ID3_FieldID@@I@Z
?getSyncLyrics@v2@id3@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@ABVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@1@Z
?getTitle@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getTrack@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getTrackNum@v2@id3@dami@@YAIABVID3_TagImpl@@@Z
?getV1Comment@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?getWriter@ID3_IOStreamWriter@@IBEAAViostream@@XZ
?getWriter@ID3_OStreamWriter@@IBEAAVostream@@XZ
?getYear@v2@id3@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVID3_TagImpl@@@Z
?hasArtist@v2@id3@dami@@YAPAVID3_Frame@@ABVID3_TagImpl@@@Z
?inWindow@WindowedReader@io@dami@@AAE_NI@Z
?inWindow@WindowedReader@io@dami@@QAE_NXZ
?openReadableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVfstream@@@Z
?openReadableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVifstream@@@Z
?openWritableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVfstream@@@Z
?openWritableFile@dami@@YA?AW4ID3_Err@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVofstream@@@Z
?peekChar@BStringReader@io@dami@@UAEFXZ
?peekChar@CharReader@io@dami@@UAEFXZ
?peekChar@ID3_IStreamReader@@UAEFXZ
?peekChar@ID3_MemoryReader@@UAEFXZ
?peekChar@StringReader@io@dami@@UAEFXZ
?peekChar@WindowedReader@io@dami@@UAEFXZ
?readAllBinary@io@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@AAVID3_Reader@@@Z
?readBENumber@io@dami@@YAIAAVID3_Reader@@I@Z
?readBinary@io@dami@@YA?AV?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@AAVID3_Reader@@I@Z
?readChar@ID3_Reader@@UAEFXZ
?readChar@LineFeedReader@io@dami@@UAEFXZ
?readChar@UnsyncedReader@io@dami@@UAEFXZ
?readChar@WindowedReader@io@dami@@UAEFXZ
?readChars@BStringReader@io@dami@@UAEIQADI@Z
?readChars@BStringReader@io@dami@@UAEIQAEI@Z
?readChars@CharReader@io@dami@@UAEIQADI@Z
?readChars@CharReader@io@dami@@UAEIQAEI@Z
?readChars@ID3_IStreamReader@@UAEIQADI@Z
?readChars@ID3_IStreamReader@@UAEIQAEI@Z
?readChars@ID3_MemoryReader@@UAEIQADI@Z
?readChars@ID3_MemoryReader@@UAEIQAEI@Z
?readChars@ID3_Reader@@UAEIQADI@Z
?readChars@StringReader@io@dami@@UAEIQADI@Z
?readChars@StringReader@io@dami@@UAEIQAEI@Z
?readChars@WindowedReader@io@dami@@UAEIQADI@Z
?readChars@WindowedReader@io@dami@@UAEIQAEI@Z
?readLENumber@io@dami@@YAIAAVID3_Reader@@I@Z
?readString@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@@Z
?readText@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?readTrailingSpaces@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?readUInt28@io@dami@@YAIAAVID3_Reader@@@Z
?readUnicodeString@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@@Z
?readUnicodeText@io@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVID3_Reader@@I@Z
?release@ExitTrigger@io@dami@@QAEXXZ
?remainingBytes@ID3_Reader@@UAEIXZ
?removeAlbums@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeAllComments@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeArtists@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeComments@v2@id3@dami@@YAIAAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?removeFrames@v2@id3@dami@@YAIAAVID3_TagImpl@@W4ID3_FrameID@@@Z
?removeGenres@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeLyricists@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeLyrics@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeTitles@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeTracks@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?removeYears@v2@id3@dami@@YAIAAVID3_TagImpl@@@Z
?renderNumber@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@II@Z
?renderNumber@dami@@YAIPAEII@Z
?setAlbum@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setArtist@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setBeg@WindowedReader@io@dami@@QAEII@Z
?setBuffer@ID3_MemoryReader@@IAEXPBEI@Z
?setBuffer@ID3_MemoryWriter@@IAEXPAEI@Z
?setComment@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?setCur@BStringReader@io@dami@@UAEII@Z
?setCur@CharReader@io@dami@@UAEII@Z
?setCur@ID3_IStreamReader@@UAEII@Z
?setCur@ID3_MemoryReader@@UAEII@Z
?setCur@StringReader@io@dami@@UAEII@Z
?setCur@WindowedReader@io@dami@@UAEII@Z
?setEnd@WindowedReader@io@dami@@QAEII@Z
?setExitPos@ExitTrigger@io@dami@@QAEXI@Z
?setFrameText@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@W4ID3_FrameID@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setGenre@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@I@Z
?setLyricist@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setLyrics@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11@Z
?setSyncLyrics@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@EU?$char_traits@E@std@@V?$allocator@E@2@@std@@W4ID3_TimeStampFormat@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@7@3W4ID3_ContentType@@@Z
?setTitle@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setTrack@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@EE@Z
?setWindow@WindowedReader@io@dami@@QAEXII@Z
?setYear@v2@id3@dami@@YAPAVID3_Frame@@AAVID3_TagImpl@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?skipChars@BStringReader@io@dami@@UAEII@Z
?skipChars@ID3_Reader@@UAEII@Z
?skipChars@StringReader@io@dami@@UAEII@Z
?toString@dami@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?toWString@dami@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@QBGI@Z
?ucslen@dami@@YAIPBG@Z
?update@ExitTrigger@io@dami@@QAEXXZ
?writeBENumber@io@dami@@YAIAAVID3_Writer@@II@Z
?writeChar@ID3_IOStreamWriter@@UAEFE@Z
?writeChar@ID3_OStreamWriter@@UAEFE@Z
?writeChar@ID3_Writer@@UAEFE@Z
?writeChar@UnsyncedWriter@io@dami@@UAEFE@Z
?writeChars@BStringWriter@io@dami@@UAEIQBDI@Z
?writeChars@BStringWriter@io@dami@@UAEIQBEI@Z
?writeChars@ID3_IOStreamWriter@@UAEIQBDI@Z
?writeChars@ID3_IOStreamWriter@@UAEIQBEI@Z
?writeChars@ID3_MemoryWriter@@UAEIQBDI@Z
?writeChars@ID3_MemoryWriter@@UAEIQBEI@Z
?writeChars@ID3_OStreamWriter@@UAEIQBDI@Z
?writeChars@ID3_OStreamWriter@@UAEIQBEI@Z
?writeChars@ID3_Writer@@UAEIQBDI@Z
?writeChars@StringWriter@io@dami@@UAEIQBDI@Z
?writeChars@StringWriter@io@dami@@UAEIQBEI@Z
?writeChars@UnsyncedWriter@io@dami@@UAEIQBDI@Z
?writeChars@UnsyncedWriter@io@dami@@UAEIQBEI@Z
?writeString@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeText@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeTrailingSpaces@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?writeUInt28@io@dami@@YAIAAVID3_Writer@@I@Z
?writeUnicodeString@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?writeUnicodeText@io@dami@@YAIAAVID3_Writer@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
ID3Field_AddASCII
ID3Field_AddUNICODE
ID3Field_Clear
ID3Field_FromFile
ID3Field_GetASCII
ID3Field_GetASCIIItem
ID3Field_GetBINARY
ID3Field_GetINT
ID3Field_GetNumTextItems
ID3Field_GetUNICODE
ID3Field_GetUNICODEItem
ID3Field_SetASCII
ID3Field_SetBINARY
ID3Field_SetINT
ID3Field_SetUNICODE
ID3Field_Size
ID3Field_ToFile
ID3Frame_Clear
ID3Frame_Delete
ID3Frame_GetCompression
ID3Frame_GetField
ID3Frame_GetID
ID3Frame_New
ID3Frame_NewID
ID3Frame_SetCompression
ID3Frame_SetID
ID3TagConstIterator_Delete
ID3TagConstIterator_GetNext
ID3TagIterator_Delete
ID3TagIterator_GetNext
ID3Tag_AddFrame
ID3Tag_AddFrames
ID3Tag_AttachFrame
ID3Tag_Clear
ID3Tag_CreateConstIterator
ID3Tag_CreateIterator
ID3Tag_Delete
ID3Tag_FindFrameWithASCII
ID3Tag_FindFrameWithID
ID3Tag_FindFrameWithINT
ID3Tag_FindFrameWithUNICODE
ID3Tag_HasChanged
ID3Tag_HasTagType
ID3Tag_Link
ID3Tag_LinkWithFlags
ID3Tag_New
ID3Tag_NumFrames
ID3Tag_Parse
ID3Tag_RemoveFrame
ID3Tag_SetExtendedHeader
ID3Tag_SetPadding
ID3Tag_SetUnsync
ID3Tag_Strip
ID3Tag_Update
ID3Tag_UpdateByTagType

Sections

UPX0
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
langres.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

UPX0
Size: - Virtual size: 292KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
official page.url
.url
sections.xml
.xml
settings.ini
setup_left.bmp
setup_top.bmp
uninstall.exe
.exe windows:4 windows x86 arch:x86

1433f2e02f7db60c6c8547c52a3f8504

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_AddMasked
ImageList_Destroy
ImageList_Create

kernel32

ExpandEnvironmentStringsA
GetEnvironmentVariableA
lstrcmpiA
CloseHandle
SetFileTime
GetFileAttributesA
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
ExitProcess
lstrcpynA
GlobalFree
GetWindowsDirectoryA
GetTempPathA
GetUserDefaultLangID
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
lstrcpyA
lstrlenA
GetSystemDirectoryA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
ReadFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
GetCommandLineA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
CreateWindowExA
SystemParametersInfoA
RegisterClassA
EndDialog
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
LoadCursorA
SetCursor
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
DispatchMessageA
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA

gdi32

GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SetBkColor
SelectObject

advapi32

RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
SHGetSpecialFolderLocation
SHFileOperationA

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
winwma.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 75KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 120KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspr
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
winwma.exe.manifest
.xml
wmfadist.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:07:11:43:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/05/2002, 00:55

Not After

25/11/2003, 01:05

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2002 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

1433f2e02f7db60c6c8547c52a3f8504

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 152KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 7KB - Virtual size: 8KB

1f4c4faa2a5228733f7ee5edf40f6693

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 894B

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 48KB

UPX1 Size: 25KB - Virtual size: 28KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 25KB

.reloc Size: 4KB - Virtual size: 3KB

359f7c431bd2e36fca441bf86f72924c

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 400KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 252KB

UPX1 Size: 27KB - Virtual size: 28KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 152KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 894B

UPX0
Size: - Virtual size: 48KB

UPX1
Size: 25KB - Virtual size: 28KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 25KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 400KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB

UPX0
Size: - Virtual size: 252KB

UPX1
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 220KB

UPX1
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 1KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 148KB

UPX1
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 62KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 99KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 8KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 260KB

UPX1
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 140KB

UPX1
Size: 108KB - Virtual size: 112KB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 30KB - Virtual size: 36KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 9KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 304KB

UPX1
Size: 129KB - Virtual size: 132KB

UPX2
Size: 1024B - Virtual size: 4KB