0b2a0e7d8f615ba1bc68886736fd221f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b2a0e7d8f615ba1bc68886736fd221f_JaffaCakes118
Size

1.8MB
MD5

0b2a0e7d8f615ba1bc68886736fd221f
SHA1

a859fa8261760adcb35757b42c46d07c26453004
SHA256

c8b2bbef093d5c5228d4293c943bb4089ab81129e5969c66b554373d924e05ee
SHA512

032a59e146be7109d1c01be6b276683ff2593ec8752d6d9a26b3729625196ce06f0edd5c0ed9553feb03c5ac86ef2102e05ee570c18b06561c3cfcd07d610aba
SSDEEP

49152:j1SPKXSKJ2AfhO2EHWu65syJBW9wKPhwUvRxDbx:UCC82Amd653JBW9pJlvRlx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/NBA 2K13 Turbo v1.2/2K13 Turbo.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NBA 2K13 Turbo v1.2/2K13 Turbo.exe
unpack002/out.upx
unpack001/NBA 2K13 Turbo v1.2/NBA2K13Turbo12.exe
unpack001/NBA 2K13 Turbo v1.2/Plugins/Rozj.dll

Files

0b2a0e7d8f615ba1bc68886736fd221f_JaffaCakes118
.rar
NBA 2K13 Turbo v1.2/2K13 Turbo.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 596KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 910KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NBA 2K13 Turbo v1.2/NBA2K13Turbo12.exe
.exe windows:5 windows x86 arch:x86

c5c4de7390f1a2d09593371ac24dc04a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jerry\Projects\CheatMaker\Release\Runner.pdb

Imports

mfc90u

ord4741
ord3992
ord4934
ord4508
ord2275
ord1666
ord4653
ord959
ord2614
ord2637
ord2632
ord3234
ord3492
ord436
ord686
ord2100
ord1688
ord1769
ord2103
ord1601
ord4510
ord2277
ord1668
ord4654
ord3497
ord616
ord4265
ord2595
ord4815
ord1313
ord4543
ord3528
ord654
ord1783
ord1716
ord3651
ord775
ord1678
ord1779
ord1708
ord3627
ord750
ord2286
ord1786
ord1722
ord4663
ord3278
ord3661
ord785
ord4268
ord430
ord683
ord4009
ord1686
ord4547
ord4618
ord5106
ord3070
ord5105
ord4785
ord5228
ord3551
ord4693
ord3251
ord2481
ord5616
ord1440
ord3681
ord2646
ord2645
ord2647
ord2644
ord2643
ord5656
ord5601
ord1753
ord6410
ord3354
ord4378
ord5293
ord5296
ord4800
ord4805
ord4802
ord4820
ord4823
ord4807
ord5209
ord5016
ord4596
ord4589
ord5418
ord4810
ord5214
ord4622
ord5224
ord4865
ord4866
ord4109
ord5349
ord4945
ord4946
ord5356
ord4987
ord5487
ord4861
ord4789
ord4927
ord5279
ord5407
ord4955
ord4904
ord5408
ord4942
ord5384
ord4707
ord4797
ord4798
ord5400
ord5230
ord5142
ord5239
ord5491
ord5401
ord5079
ord5382
ord4933
ord5397
ord4549
ord1376
ord2194
ord4550
ord4521
ord812
ord4492
ord663
ord404
ord1250
ord1254
ord6096
ord611
ord337
ord2593
ord1063
ord1248
ord1088
ord3741
ord3749
ord6187
ord3488
ord3543
ord2106
ord2084
ord333
ord2592
ord4044
ord692
ord595
ord3562
ord3286
ord5664
ord4657
ord1493
ord6411
ord3355
ord1695
ord1602
ord2105
ord6791
ord1488
ord6703
ord2081
ord5867
ord2479
ord2504
ord5979
ord4405
ord1108
ord4442
ord938
ord2537
ord310
ord601
ord818
ord1608
ord305
ord3221
ord814
ord266
ord1599
ord2597
ord1333
ord3399
ord2209
ord2490
ord665
ord406
ord935
ord1315
ord813
ord664
ord405
ord811
ord799
ord899
ord2676
ord6164
ord277
ord4494
ord12404
ord13194
ord9972
ord10457
ord10304
ord13136
ord12165
ord12617
ord7766
ord9965
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord6018
ord3115
ord4905
ord4681
ord9272
ord8452
ord5663
ord285
ord3220
ord1607
ord1113
ord1220
ord1098
ord4211
ord7332
ord7138
ord4043
ord265
ord286
ord296
ord600
ord280
ord5632
ord5324
ord2208
ord1810
ord3489
ord4652
ord1665
ord2274
ord5938
ord4490
ord4518
ord1354
ord3537
ord1581
ord936
ord5939
ord6697
ord6013
ord293
ord290
ord1556
ord5737
ord5559
ord690
ord441
ord1314
ord2326
ord6415
ord2478
ord6687
ord3515
ord1486
ord2725
ord4131
ord6203
ord6579
ord2901
ord2470
ord4398
ord3953
ord4351
ord2360
ord6065
ord4530
ord4527
ord6604
ord6311
ord4159
ord1603
ord4774
ord6577
ord5194
ord744
ord613
ord524
ord1809
ord1675
ord3353
ord6408
ord1754
ord1751
ord4345
ord1492
ord4664
ord5602
ord2074
ord5512
ord6800
ord4603
ord5653
ord3743
ord5154
ord1728
ord6466
ord5685
ord5683
ord960
ord965
ord1183
ord969
ord967
ord778
ord3654
ord4660
ord1719
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6376
ord3226
ord1442
ord5625
ord2139
ord1792
ord1791
ord1727
ord5650
ord2771
ord2983
ord3112
ord4728
ord2966
ord3140
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4910
ord4682
ord4702
ord2069
ord4631
ord1137
ord5008
ord4000
ord639
ord374
ord2283
ord316
ord821
ord4519
ord2082
ord1272
ord3794
ord2969
ord801

msvcr90

_CxxThrowException
memcpy
__RTDynamicCast
memset
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_purecall
_gcvt_s
_wtof
_wtol
_wcsicmp
strcpy_s
_beginthreadex
calloc
_recalloc
vsprintf_s
_itoa_s
atol
strtol
memmove_s
wcstoul
_wtoi
_msize
ftell
realloc
malloc
toupper
free
fread
fseek
swscanf_s
fclose
fwrite
_wfopen_s
memcpy_s
?what@exception@std@@UBEPBDXZ
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
exit
wcscpy_s
__CxxFrameHandler3

kernel32

LoadLibraryW
GetProcAddress
lstrcpyW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
FindFirstFileW
MulDiv
VirtualQueryEx
SetLastError
WriteProcessMemory
WideCharToMultiByte
CreateEventW
GlobalLock
GlobalUnlock
GlobalFree
ResumeThread
GlobalAlloc
LoadResource
SizeofResource
LockResource
WaitForSingleObject
SetEvent
ResetEvent
FreeLibrary
lstrlenA
lstrlenW
CreateDirectoryW
GetLastError
GetSystemDirectoryW
DeleteFileW
CreateThread
ExitThread
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
CloseHandle
CreateFileW
CopyFileW
GetTempFileNameW
GetTempPathW
GetModuleHandleW
GetModuleFileNameW
TerminateThread
FindResourceW
ReadProcessMemory
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
GetFileAttributesW
GetLocalTime
QueryPerformanceCounter
LocalFree
FormatMessageW
GetProcessHandleCount
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcess
MultiByteToWideChar

user32

CopyImage
CloseWindow
BringWindowToTop
LoadIconW
DestroyIcon
PostMessageW
GetClientRect
GetFocus
GetNextDlgTabItem
UnregisterHotKey
GetSystemMetrics
GetWindowRect
SetParent
PtInRect
SetActiveWindow
RegisterHotKey
GetWindowTextW
GetClassNameW
EnumWindows
GetWindowThreadProcessId
GetParent
IsWindowVisible
InvalidateRect
IsWindow
SetRect
GetActiveWindow
CreateIconFromResource
CreateIconFromResourceEx
FillRect
GetSysColor
CopyRect
DrawFocusRect
SendMessageW
ReleaseDC
GetDC
GetKeyState
GetDesktopWindow
MessageBoxW
GetClassInfoW
EnableWindow
SetLayeredWindowAttributes
KillTimer
LoadCursorW
SetCursor
SetTimer
GetWindowLongW
SetWindowLongW
IsRectEmpty

gdi32

CreateFontIndirectW
SelectObject
CreateSolidBrush
BitBlt
DeleteDC
CreateCompatibleBitmap
SetStretchBltMode
StretchBlt
GetObjectW
GetStockObject
DeleteObject
GetTextExtentPoint32W
CreateCompatibleDC
CreateFontW
GetDeviceCaps

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

msvcp90

?at@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?compare@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEHABV12@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
?find_last_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?find_first_not_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIABV12@@Z
?end@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIABV12@I@Z
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW
GetModuleFileNameExW

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NBA 2K13 Turbo v1.2/Plugins/Rozj.dll
.dll windows:5 windows x86 arch:x86

b31d6915486ed991fa537b1c10624c40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapFree
HeapAlloc
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
WriteFile
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount

Exports

Exports

GetInfo
GetName
GetVer
InitPlgFunc
IsDynamic
IsPlugin
ReadValueEnd
WriteValueBegin

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NBA 2K13 Turbo v1.2/Turbo全功能V1.2.txt
NBA 2K13 Turbo v1.2/使用&运行失败请看此.txt
NBA 2K13 Turbo v1.2/单机游戏下载基地.url
.url
NBA 2K13 Turbo v1.2/游戏说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 596KB

UPX1 Size: 910KB - Virtual size: 912KB

.rsrc Size: 36KB - Virtual size: 36KB

Headers

File Characteristics

Sections

.text Size: 616KB - Virtual size: 615KB

.rdata Size: 612KB - Virtual size: 611KB

.data Size: 96KB - Virtual size: 230KB

.rsrc Size: 36KB - Virtual size: 34KB

c5c4de7390f1a2d09593371ac24dc04a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc90u

msvcr90

kernel32

user32

gdi32

advapi32

comctl32

shlwapi

ole32

oleaut32

msvcp90

psapi

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

b31d6915486ed991fa537b1c10624c40

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 596KB

UPX1
Size: 910KB - Virtual size: 912KB

.rsrc
Size: 36KB - Virtual size: 36KB

.text
Size: 616KB - Virtual size: 615KB

.rdata
Size: 612KB - Virtual size: 611KB

.data
Size: 96KB - Virtual size: 230KB

.rsrc
Size: 36KB - Virtual size: 34KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB