FamiStudio420-WinPortableExe[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

FamiStudio420-WinPortableExe.zip
Size

22.0MB
MD5

b8f7f2d04c8dbc5a02a3729417b21d2b
SHA1

f75316d8d239b303f9014dc15f11ceb0d0854d7d
SHA256

c36ef0656fca7589eb5cfc026bc88f557b458063c4e49d5f8165be6208dd85e7
SHA512

4366decb488f8df7a7a4649c531626f3c28debeba8822a2bac296af8fed3677225ce49e4d61da20ce4a699db9a6369999e0acbef27efc1656652425f904b19d0
SSDEEP

393216:33GyfKvBC5A1sGSUkAIs+XZsa2JhOBK58DC9zr8kF/KRtC6fZYbVUw2HkAqRAx:3eZi9AIZJx2jGKuC9/8k9K7CoEAqRC

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FamiStudio.dll
unpack001/FamiStudio.exe
unpack001/GifDec.dll
unpack001/NesSndEmu.dll
unpack001/NotSoFatso.dll
unpack001/PortAudio.dll
unpack001/SharpDX.XAudio2.dll
unpack001/SharpDX.dll
unpack001/ShineMp3.dll
unpack001/Stb.dll
unpack001/Vorbis.dll
unpack001/glfw3.dll

Files

FamiStudio420-WinPortableExe.zip
.zip
Demo Instruments/Instruments EPSM.fms
Demo Songs/Another Winter.fms
Demo Songs/Breaking Through.fms
Demo Songs/Castlevania 2.fms
Demo Songs/Dedrecil.fms
Demo Songs/DuckTales.fms
Demo Songs/Evil Clockwork.fms
Demo Songs/Gimmick.fms
Demo Songs/Gradius 2.fms
Demo Songs/Gyruss.fms
Demo Songs/Journey To Silius.fms
Demo Songs/Lagrange Point.fms
Demo Songs/Layla The Iris Missions.fms
Demo Songs/Lupin The Third.fms
Demo Songs/Mega Man 10.fms
Demo Songs/Mega Man 2.fms
Demo Songs/Megami Tensei II.fms
Demo Songs/Mina the Hollower.fms
Demo Songs/Nice.fms
Demo Songs/Ochame Kinou.fms
Demo Songs/Pressure Burst.fms
Demo Songs/Roar of the Jungle Dragon.fms
Demo Songs/SCAT.fms
Demo Songs/SFX.fms
Demo Songs/Seashell Searching.fms
Demo Songs/Shatterhand.fms
Demo Songs/Shovel Knight.fms
Demo Songs/Silver Surfer.fms
Demo Songs/Sonic 1.fms
Demo Songs/Sonic 3.fms
Demo Songs/Tetris (Tutorial Song).fms
Demo Songs/Tower of Heaven.fms
FamiStudio.deps.json
FamiStudio.dll
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\bleub\Documents\GitHub\FamiStudio\FamiStudio\obj\Release\net7.0\FamiStudio.pdb

Sections

.text
Size: 29.9MB - Virtual size: 29.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FamiStudio.exe
.exe windows:6 windows x64 arch:x64

72bc4dfff8905033c11dea0c671a7919

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb

Imports

kernel32

FindNextFileW
GetCurrentProcess
GetModuleHandleExW
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
GetEnvironmentVariableW
FindClose
MultiByteToWideChar
GetLastError
GetFileAttributesExW
GetFullPathNameW
GetProcAddress
DeleteCriticalSection
WideCharToMultiByte
IsWow64Process
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EnterCriticalSection
FindFirstFileExW
OutputDebugStringW
LoadLibraryA
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
GetStringTypeW

user32

MessageBoxW

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
RegGetValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegCloseKey

api-ms-win-crt-runtime-l1-1-0

_register_onexit_function
_invalid_parameter_noinfo_noreturn
__p___argc
__p___wargv
exit
_initterm_e
_initterm
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_c_exit
terminate
_set_app_type
_seh_filter_exe
_cexit
_register_thread_local_exe_atexit_callback
_errno
_exit
abort
_crt_atexit
_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfwprintf
__stdio_common_vsprintf_s
setvbuf
__stdio_common_vswprintf
_set_fmode
__acrt_iob_func
fputwc
fputws
__stdio_common_vsnwprintf_s
_wfsopen
fflush
__p__commode

api-ms-win-crt-heap-l1-1-0

_set_new_mode
_callnewh
free
malloc
calloc

api-ms-win-crt-string-l1-1-0

wcsnlen
strcpy_s
_wcsdup
strcspn
wcsncmp
toupper

api-ms-win-crt-convert-l1-1-0

wcstoul
_wtoi

api-ms-win-crt-locale-l1-1-0

__pctype_func
_unlock_locales
_lock_locales
___lc_locale_name_func
___lc_codepage_func
___mb_cur_max_func
_configthreadlocale
setlocale
localeconv

api-ms-win-crt-math-l1-1-0

__setusermatherr
frexp

api-ms-win-crt-time-l1-1-0

_gmtime64_s
wcsftime
_time64

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
FamiStudio.pdb
FamiStudio.runtimeconfig.json
GifDec.dll
.dll windows:6 windows x64 arch:x64

bf7aed30163feea219a1282356121477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\bleub\Documents\GitHub\FamiStudio\FamiStudio\GifDec.pdb

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-heap-l1-1-0

calloc
realloc
free
malloc

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

kernel32

GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess

Exports

Exports

GifAdvanceFrame
GifClose
GifGetFrameDelay
GifGetHeight
GifGetWidth
GifOpen
GifRenderFrame
GifRewind

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Localization/FamiStudio.deu.ini
Localization/FamiStudio.eng.ini
Localization/FamiStudio.kor.ini
Localization/FamiStudio.por.ini
Localization/FamiStudio.rus.ini
Localization/FamiStudio.spa.ini
Localization/FamiStudio.zho.ini
NesSndEmu.dll
.dll windows:6 windows x64 arch:x64

b122a0a7254a2080ba763a003dcccde8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\bleub\Documents\GitHub\FamiStudio\FamiStudio\NesSndEmu.pdb

Imports

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
memmove
__current_exception_context
__C_specific_handler
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
realloc

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_crt_atexit
_configure_narrow_argv
_seh_filter_dll
terminate
_wassert
_cexit
_initterm
_initterm_e
_initialize_narrow_environment

kernel32

DisableThreadLibraryCalls
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
SetUnhandledExceptionFilter

api-ms-win-crt-math-l1-1-0

pow
floor
expf
cos
sin

Exports

Exports

NesApuEnableChannel
NesApuEndFrame
NesApuGetAudioExpansions
NesApuGetChannelTrigger
NesApuGetFdsWavePos
NesApuGetN163WavePos
NesApuGetRegisterValues
NesApuInit
NesApuIsSeeking
NesApuReadSamples
NesApuReadStatus
NesApuRemoveSamples
NesApuReset
NesApuResetTriggers
NesApuSamplesAvailable
NesApuSetExpansionVolume
NesApuSetN163Mix
NesApuSkipCycles
NesApuStartSeeking
NesApuStopSeeking
NesApuTrebleEq
NesApuWriteRegister

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NotSoFatso.dll
.dll windows:6 windows x64 arch:x64

4c4b8af7562b59c389b69365939a8148

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
CloseHandle
WriteFile
GetConsoleOutputCP
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetProcessHeap
SetStdHandle
GetStringTypeW
CreateFileW
FlushFileBuffers
HeapSize
HeapReAlloc
SetEndOfFile
WriteConsoleW

Exports

Exports

NsfClose
NsfGetArtist
NsfGetClockSpeed
NsfGetCopyright
NsfGetExpansion
NsfGetState
NsfGetTitle
NsfGetTrackCount
NsfGetTrackDuration
NsfGetTrackName
NsfIsPal
NsfOpen
NsfRunFrame
NsfSetApuWriteCallback
NsfSetTrack

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PortAudio.dll
.dll windows:6 windows x64 arch:x64

b1a32219a3e806472236d29d9bdee25a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeGetTime

ole32

CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitialize
CoUninitialize
CoGetInterfaceAndReleaseStream
PropVariantClear
CoTaskMemFree
CoInitializeEx

kernel32

InitializeCriticalSectionAndSpinCount
WriteConsoleW
HeapSize
GetStringTypeW
SetFilePointerEx
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GlobalAlloc
GlobalFree
CreateFileW
CloseHandle
GetLastError
GetCurrentThreadId
LocalFree
FormatMessageW
SetEvent
ResetEvent
WaitForSingleObject
CreateEventW
SignalObjectAndWait
WaitForMultipleObjects
GetCurrentProcess
GetCurrentThread
GetThreadPriority
GetPriorityClass
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
WideCharToMultiByte
GetEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
InterlockedFlushSList
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar

Exports

Exports

PaUtil_InitializeX86PlainConverters
PaUtil_SetDebugPrintFunction
PaWasapiWinrt_PopulateDeviceList
PaWasapiWinrt_SetDefaultDeviceId
PaWasapi_GetAudioClient
PaWasapi_GetDeviceCurrentFormat
PaWasapi_GetDeviceDefaultFormat
PaWasapi_GetDeviceMixFormat
PaWasapi_GetDeviceRole
PaWasapi_GetFramesPerHostBuffer
PaWasapi_GetIMMDevice
PaWasapi_GetJackCount
PaWasapi_GetJackDescription
PaWasapi_SetStreamStateHandler
PaWasapi_ThreadPriorityBoost
PaWasapi_ThreadPriorityRevert
PaWasapi_UpdateDeviceList
Pa_AbortStream
Pa_CloseStream
Pa_GetDefaultHostApi
Pa_GetDefaultInputDevice
Pa_GetDefaultOutputDevice
Pa_GetDeviceCount
Pa_GetDeviceInfo
Pa_GetErrorText
Pa_GetHostApiCount
Pa_GetHostApiInfo
Pa_GetLastHostErrorInfo
Pa_GetSampleSize
Pa_GetStreamCpuLoad
Pa_GetStreamInfo
Pa_GetStreamReadAvailable
Pa_GetStreamTime
Pa_GetStreamWriteAvailable
Pa_GetVersion
Pa_GetVersionText
Pa_HostApiDeviceIndexToDeviceIndex
Pa_HostApiTypeIdToHostApiIndex
Pa_Initialize
Pa_IsFormatSupported
Pa_IsStreamActive
Pa_IsStreamStopped
Pa_OpenDefaultStream
Pa_OpenStream
Pa_ReadStream
Pa_SetStreamFinishedCallback
Pa_Sleep
Pa_StartStream
Pa_StopStream
Pa_Terminate
Pa_WriteStream

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SharpDX.XAudio2.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SharpDX.XAudio2.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SharpDX.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SharpDX.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ShineMp3.dll
.dll windows:6 windows x64 arch:x64

cca0a4d857bcd49267985d9d03dd166c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\bleub\Documents\GitHub\FamiStudio\FamiStudio\ShineMp3.pdb

Imports

vcruntime140

memcpy
__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-heap-l1-1-0

calloc
realloc
malloc
free

api-ms-win-crt-math-l1-1-0

sin
pow
log
cos
modf
sqrt

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
GetCurrentProcessId

Exports

Exports

ShineMp3Encode

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Stb.dll
.dll windows:6 windows x64 arch:x64

c3d85ee9f41cdcde093840520c758b4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\bleub\Documents\GitHub\FamiStudio\FamiStudio\Stb.pdb

Imports

vcruntime140

memcpy
__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_cexit
_execute_onexit_table
_initialize_onexit_table
_initterm
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_wassert

kernel32

InitializeSListHead
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
IsDebuggerPresent
TerminateProcess

api-ms-win-crt-math-l1-1-0

floor
ceil
sqrt

Exports

Exports

StbFindGlyphIndex
StbFreeFont
StbFreePackRect
StbGetFontBoundingBox
StbGetFontOffsetForIndex
StbGetFontVMetrics
StbGetFontVMetricsOS2
StbGetGlyphBitmapBox
StbGetGlyphHMetrics
StbGetGlyphKernAdvance
StbGetNumberOfFonts
StbInitFont
StbInitPackRect
StbMakeGlyphBitmap
StbMakeGlyphBitmapSubpixel
StbPackRects
StbScaleForMappingEmToPixels
StbScaleForPixelHeight

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vorbis.dll
.dll windows:6 windows x64 arch:x64

90d711860042dccef75361e029abc812

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\bleub\Documents\GitHub\FamiStudio\FamiStudio\Vorbis.pdb

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memmove
memcpy

api-ms-win-crt-heap-l1-1-0

malloc
realloc
calloc
free

api-ms-win-crt-math-l1-1-0

log
sin
ldexp
pow
atan
cos
sqrt
ceil
exp
floor

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initterm
_cexit
_seh_filter_dll
_execute_onexit_table
exit
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment

kernel32

DisableThreadLibraryCalls
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

Exports

Exports

VorbisOggEncode

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsDotNetReadme.txt
glfw3.dll
.dll windows:6 windows x64 arch:x64

8cdd3c8abf376a5b2034e16ce1ad37f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
SetThreadExecutionState
EnterCriticalSection
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LeaveCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
GetModuleHandleExW
GetLastError
VerSetConditionMask
LoadLibraryA
GetProcAddress
IsDebuggerPresent
FreeLibrary

user32

SetWindowPos
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
BringWindowToTop
IsZoomed
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
SetFocus
GetActiveWindow
GetKeyState
SetCapture
ReleaseCapture
MsgWaitForMultipleObjects
GetSystemMetrics
SetForegroundWindow
SetPropW
GetPropW
RemovePropW
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursorPos
SetCursor
GetCursorPos
MoveWindow
ScreenToClient
DefWindowProcW
ClipCursor
SetRect
OffsetRect
PtInRect
GetWindowLongW
SetWindowLongW
GetClassLongPtrW
LoadCursorW
DestroyIcon
LoadImageW
CreateIconIndirect
MonitorFromWindow
GetRawInputData
RegisterRawInputDevices
FlashWindow
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ReleaseDC
GetDC
GetRawInputDeviceList
SetLayeredWindowAttributes
GetLayeredWindowAttributes
RegisterClassExW
ClientToScreen
UnregisterClassW
TranslateMessage
DispatchMessageW
PeekMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
CreateWindowExW
DestroyWindow
ShowWindow
ToUnicode
MapVirtualKeyW
SystemParametersInfoW
GetRawInputDeviceInfoA
WindowFromPoint

gdi32

CreateDCW
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
CreateBitmap
CreateRectRgn
DeleteObject
CreateDIBSection
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers
DeleteDC

shell32

DragQueryPoint
DragQueryFileW
DragFinish
DragAcceptFiles

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
strstr
memset
memcpy
memmove

api-ms-win-crt-string-l1-1-0

strncmp
strcmp
strcspn
strspn
strncpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-heap-l1-1-0

free
realloc
calloc

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

powf

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initterm
_initialize_narrow_environment
_configure_narrow_argv
_initterm_e
_initialize_onexit_table
_seh_filter_dll
_cexit

Exports

Exports

glfwCreateCursor
glfwCreateStandardCursor
glfwCreateWindow
glfwCreateWindowSurface
glfwDefaultWindowHints
glfwDestroyCursor
glfwDestroyWindow
glfwExtensionSupported
glfwFocusWindow
glfwGetClipboardString
glfwGetCurrentContext
glfwGetCursorPos
glfwGetEGLContext
glfwGetEGLDisplay
glfwGetEGLSurface
glfwGetError
glfwGetFramebufferSize
glfwGetGamepadName
glfwGetGamepadState
glfwGetGammaRamp
glfwGetInputMode
glfwGetInstanceProcAddress
glfwGetJoystickAxes
glfwGetJoystickButtons
glfwGetJoystickGUID
glfwGetJoystickHats
glfwGetJoystickName
glfwGetJoystickUserPointer
glfwGetKey
glfwGetKeyName
glfwGetKeyScancode
glfwGetMonitorContentScale
glfwGetMonitorName
glfwGetMonitorPhysicalSize
glfwGetMonitorPos
glfwGetMonitorUserPointer
glfwGetMonitorWorkarea
glfwGetMonitors
glfwGetMouseButton
glfwGetOSMesaColorBuffer
glfwGetOSMesaContext
glfwGetOSMesaDepthBuffer
glfwGetPhysicalDevicePresentationSupport
glfwGetPrimaryMonitor
glfwGetProcAddress
glfwGetRequiredInstanceExtensions
glfwGetTime
glfwGetTimerFrequency
glfwGetTimerValue
glfwGetVersion
glfwGetVersionString
glfwGetVideoMode
glfwGetVideoModes
glfwGetWGLContext
glfwGetWin32Adapter
glfwGetWin32Monitor
glfwGetWin32Window
glfwGetWindowAttrib
glfwGetWindowContentScale
glfwGetWindowFrameSize
glfwGetWindowMonitor
glfwGetWindowOpacity
glfwGetWindowPos
glfwGetWindowSize
glfwGetWindowUserPointer
glfwHideWindow
glfwIconifyWindow
glfwInit
glfwInitHint
glfwJoystickIsGamepad
glfwJoystickPresent
glfwMakeContextCurrent
glfwMaximizeWindow
glfwPollEvents
glfwPostEmptyEvent
glfwRawMouseMotionSupported
glfwRequestWindowAttention
glfwRestoreWindow
glfwSetCharCallback
glfwSetCharModsCallback
glfwSetClipboardString
glfwSetCursor
glfwSetCursorEnterCallback
glfwSetCursorPos
glfwSetCursorPosCallback
glfwSetDropCallback
glfwSetErrorCallback
glfwSetFramebufferSizeCallback
glfwSetGamma
glfwSetGammaRamp
glfwSetInputMode
glfwSetJoystickCallback
glfwSetJoystickUserPointer
glfwSetKeyCallback
glfwSetMonitorCallback
glfwSetMonitorUserPointer
glfwSetMouseButtonCallback
glfwSetScrollCallback
glfwSetTime
glfwSetWindowAspectRatio
glfwSetWindowAttrib
glfwSetWindowCloseCallback
glfwSetWindowContentScaleCallback
glfwSetWindowFocusCallback
glfwSetWindowIcon
glfwSetWindowIconifyCallback
glfwSetWindowMaximizeCallback
glfwSetWindowMonitor
glfwSetWindowOpacity
glfwSetWindowPos
glfwSetWindowPosCallback
glfwSetWindowRefreshCallback
glfwSetWindowShouldClose
glfwSetWindowSize
glfwSetWindowSizeCallback
glfwSetWindowSizeLimits
glfwSetWindowTitle
glfwSetWindowUserPointer
glfwShowWindow
glfwSwapBuffers
glfwSwapInterval
glfwTerminate
glfwUpdateGamepadMappings
glfwVulkanSupported
glfwWaitEvents
glfwWaitEventsTimeout
glfwWindowHint
glfwWindowHintString
glfwWindowShouldClose

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 29.9MB - Virtual size: 29.9MB

.rsrc Size: 90KB - Virtual size: 89KB

72bc4dfff8905033c11dea0c671a7919

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

advapi32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 2KB - Virtual size: 5KB

.pdata Size: 5KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 500B

.reloc Size: 1024B - Virtual size: 840B

.rsrc Size: 90KB - Virtual size: 89KB

bf7aed30163feea219a1282356121477

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 804B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 40B

b122a0a7254a2080ba763a003dcccde8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

kernel32

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 3KB - Virtual size: 285KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 104B

.text
Size: 29.9MB - Virtual size: 29.9MB

.rsrc
Size: 90KB - Virtual size: 89KB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 2KB - Virtual size: 5KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 500B

.reloc
Size: 1024B - Virtual size: 840B

.rsrc
Size: 90KB - Virtual size: 89KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 804B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 40B

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 285KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 104B

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 3KB - Virtual size: 39KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 3KB - Virtual size: 8KB

.pdata
Size: 7KB - Virtual size: 6KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 87KB - Virtual size: 87KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 267KB - Virtual size: 266KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B