2982c4ffee31691a6fa37e484c1fa290_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2982c4ffee31691a6fa37e484c1fa290_JaffaCakes118
Size

3.0MB
MD5

2982c4ffee31691a6fa37e484c1fa290
SHA1

367d544fe044bf4bff9f49869b8a98e3497ef132
SHA256

f6de30a0338275a5dbc4157fc5897f25a489bd54988aa589824f4f7fa703c0e7
SHA512

b488af9cc49f965d11377f21be261b8180b2f823781e151e3f856af466e428ccc3dddfce43cc562792b1df02bd3d4d0850d4e8e48dae1e2de1156c1da7c59d4e
SSDEEP

98304:1emJbgz3Ux2tAKvkBHT6yYb3oBe/jYHJeY5:1PJBx2t7euyI30UjYp55

Score

5^/10

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/л.exe	autoit_exe

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/uplay_r1.dll
unpack001/ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/uplay_r1_loader.dll
unpack001/ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/ʼϷ.exe
unpack001/ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/л.exe

Files

2982c4ffee31691a6fa37e484c1fa290_JaffaCakes118
.zip
ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/ali213.bin
ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/orbit_api.ini
ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/uplay_r1.dll
.dll windows:6 windows x86 arch:x86

f2db5bb4d7d03c2dcc002544966d65d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
GetProcessHeap
HeapDestroy
HeapCreate
RaiseException
QueryPerformanceCounter
ReadFile
FindFirstFileA
FindClose
FindNextFileA
DeleteFileA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
FindResourceA
LoadResource
SetEvent
SizeofResource
CreateEventA
LockResource
WaitForMultipleObjects
CloseHandle
CreateThread
VirtualFree
GetFileAttributesA
CreateDirectoryA
VirtualAlloc
RtlUnwind
GetCommandLineA
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
FileTimeToSystemTime
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
HeapReAlloc
OutputDebugStringW
LoadLibraryW
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CreateFileW
WideCharToMultiByte
SystemTimeToFileTime
MultiByteToWideChar
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileSizeEx
CreateFileA
WritePrivateProfileStringA
GetPrivateProfileStringA

advapi32

CryptDestroyHash
CryptVerifySignatureA
CryptDestroyKey
CryptCreateHash
CryptImportKey
CryptAcquireContextA
CryptReleaseContext
CryptHashData

shell32

SHGetSpecialFolderPathA

winmm

waveOutWrite
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
waveOutClose

Exports

Exports

??0OrbitClient@orbitclient@mg@@QAE@XZ
??0SavegameInfo@orbitclient@mg@@AAE@XZ
??0SavegameReader@orbitclient@mg@@AAE@XZ
??0SavegameWriter@orbitclient@mg@@AAE@XZ
??1OrbitClient@orbitclient@mg@@QAE@XZ
??1SavegameInfo@orbitclient@mg@@AAE@XZ
??1SavegameReader@orbitclient@mg@@AAE@XZ
??1SavegameWriter@orbitclient@mg@@AAE@XZ
?Close@SavegameReader@orbitclient@mg@@QAEXXZ
?Close@SavegameWriter@orbitclient@mg@@QAEX_N@Z
?GetInstallationErrorNum@OrbitClient@orbitclient@mg@@QAEIXZ
?GetInstallationErrorString@OrbitClient@orbitclient@mg@@QAEPAGPBD@Z
?GetLocText@OrbitClient@orbitclient@mg@@QAEPBGPBGPBD@Z
?GetLoginDetails@OrbitClient@orbitclient@mg@@QAEXIPAVIGetLoginDetailsListener@23@@Z
?GetName@SavegameInfo@orbitclient@mg@@QAEPBGXZ
?GetNetworkTraffic@OrbitClient@orbitclient@mg@@QAEXIPAVIGetNetworkTrafficListener@23@@Z
?GetOrbitServer@OrbitClient@orbitclient@mg@@QAEXIPAVIGetOrbitServerListener@23@II@Z
?GetProductId@SavegameInfo@orbitclient@mg@@QAEIXZ
?GetRequestUniqueId@OrbitClient@orbitclient@mg@@QAEIXZ
?GetSavegameId@SavegameInfo@orbitclient@mg@@QAEIXZ
?GetSavegameList@OrbitClient@orbitclient@mg@@QAEXIPAVIGetSavegameListListener@23@I@Z
?GetSavegameReader@OrbitClient@orbitclient@mg@@QAEXIPAVIGetSavegameReaderListener@23@II@Z
?GetSavegameWriter@OrbitClient@orbitclient@mg@@QAEXIPAVIGetSavegameWriterListener@23@II_N@Z
?GetSize@SavegameInfo@orbitclient@mg@@QAEIXZ
?Read@SavegameReader@orbitclient@mg@@QAEXIPAVISavegameReadListener@23@IPAXI@Z
?RemoveSavegame@OrbitClient@orbitclient@mg@@QAEXIPAVIRemoveSavegameListener@23@II@Z
?SetName@SavegameWriter@orbitclient@mg@@QAE_NPAG@Z
?StartLauncher@OrbitClient@orbitclient@mg@@QAE_NIIPBD0@Z
?StartProcess@OrbitClient@orbitclient@mg@@QAEXPBG00@Z
?UPLAY_WIN_ActionTaken@@YAHPAUUPLAY_WIN_Action_t@@PAUUPLAY_Overlapped_t@@@Z
?Update@OrbitClient@orbitclient@mg@@QAEXXZ
?Write@SavegameWriter@orbitclient@mg@@QAEXIPAVISavegameWriteListener@23@PAXI@Z
UPLAY_ACH_EarnAchievement
UPLAY_ACH_GetAchievementImage
UPLAY_ACH_GetAchievements
UPLAY_ACH_Write
UPLAY_AVATAR_Get
UPLAY_AVATAR_GetAvatarIdForCurrentUser
UPLAY_AVATAR_GetBitmap
UPLAY_ClearGameSession
UPLAY_FRIENDS_AddToBlackList
UPLAY_FRIENDS_DisableFriendMenuItem
UPLAY_FRIENDS_EnableFriendMenuItem
UPLAY_FRIENDS_GetFriendList
UPLAY_FRIENDS_Init
UPLAY_FRIENDS_InviteToGame
UPLAY_FRIENDS_IsBlackListed
UPLAY_FRIENDS_IsFriend
UPLAY_FRIENDS_RequestFriendship
UPLAY_FRIENDS_ShowFriendSelectionUI
UPLAY_GetInstallationError
UPLAY_GetLastError
UPLAY_GetNextEvent
UPLAY_GetOverlappedOperationResult
UPLAY_HasOverlappedOperationCompleted
UPLAY_Init
UPLAY_OVERLAY_Show
UPLAY_OVERLAY_ShowFacebookAuthentication
UPLAY_PARTY_DisablePartyMemberMenuItem
UPLAY_PARTY_EnablePartyMemberMenuItem
UPLAY_PARTY_GetFullMemberList
UPLAY_PARTY_GetInGameMemberList
UPLAY_PARTY_Init
UPLAY_PARTY_InvitePartyToGame
UPLAY_PARTY_InviteToParty
UPLAY_PARTY_IsInParty
UPLAY_PARTY_IsPartyLeader
UPLAY_PARTY_PromoteToLeader
UPLAY_PARTY_RespondToGameInvite
UPLAY_PARTY_SetGuest
UPLAY_PARTY_SetUserData
UPLAY_PARTY_ShowGameInviteOverlayUI
UPLAY_PRESENCE_SetRichPresenceLine
UPLAY_PRESENCE_SetRichPresencePropertyInt32
UPLAY_PRESENCE_SetRichPresencePropertyString
UPLAY_Quit
UPLAY_Release
UPLAY_SAVE_Close
UPLAY_SAVE_GetSavegames
UPLAY_SAVE_Open
UPLAY_SAVE_Read
UPLAY_SAVE_Remove
UPLAY_SAVE_SetName
UPLAY_SAVE_Write
UPLAY_SetGameSession
UPLAY_SetLocale
UPLAY_StartPlatform
UPLAY_Startup
UPLAY_USER_ClearGameSession
UPLAY_USER_GetAccountId
UPLAY_USER_GetCdKeys
UPLAY_USER_GetCredentials
UPLAY_USER_GetEmail
UPLAY_USER_GetPassword
UPLAY_USER_GetUsername
UPLAY_USER_IsConnected
UPLAY_USER_SetGameSession
UPLAY_Update
UPLAY_WIN_GetActions
UPLAY_WIN_GetRewards

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RLD0
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RLD1
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/uplay_r1_loader.dll
.dll windows:6 windows x86 arch:x86

bccedeeccee76d1b034d4cddcddf205e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WideCharToMultiByte
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
Sleep
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
LoadLibraryW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW

Exports

Exports

UPLAY_ACH_EarnAchievement
UPLAY_ACH_GetAchievementImage
UPLAY_ACH_GetAchievements
UPLAY_ACH_Write
UPLAY_AVATAR_Get
UPLAY_AVATAR_GetAvatarIdForCurrentUser
UPLAY_AVATAR_GetBitmap
UPLAY_ClearGameSession
UPLAY_FRIENDS_AddToBlackList
UPLAY_FRIENDS_DisableFriendMenuItem
UPLAY_FRIENDS_EnableFriendMenuItem
UPLAY_FRIENDS_GetFriendList
UPLAY_FRIENDS_Init
UPLAY_FRIENDS_InviteToGame
UPLAY_FRIENDS_IsBlackListed
UPLAY_FRIENDS_IsFriend
UPLAY_FRIENDS_RequestFriendship
UPLAY_FRIENDS_ShowFriendSelectionUI
UPLAY_GetInstallationError
UPLAY_GetLastError
UPLAY_GetNextEvent
UPLAY_GetOverlappedOperationResult
UPLAY_HasOverlappedOperationCompleted
UPLAY_Init
UPLAY_OVERLAY_Show
UPLAY_OVERLAY_ShowFacebookAuthentication
UPLAY_PARTY_DisablePartyMemberMenuItem
UPLAY_PARTY_EnablePartyMemberMenuItem
UPLAY_PARTY_GetFullMemberList
UPLAY_PARTY_GetInGameMemberList
UPLAY_PARTY_Init
UPLAY_PARTY_InvitePartyToGame
UPLAY_PARTY_InviteToParty
UPLAY_PARTY_IsInParty
UPLAY_PARTY_IsPartyLeader
UPLAY_PARTY_PromoteToLeader
UPLAY_PARTY_RespondToGameInvite
UPLAY_PARTY_SetGuest
UPLAY_PARTY_SetUserData
UPLAY_PARTY_ShowGameInviteOverlayUI
UPLAY_PRESENCE_SetRichPresenceLine
UPLAY_PRESENCE_SetRichPresencePropertyInt32
UPLAY_PRESENCE_SetRichPresencePropertyString
UPLAY_Quit
UPLAY_Release
UPLAY_SAVE_Close
UPLAY_SAVE_GetSavegames
UPLAY_SAVE_Open
UPLAY_SAVE_Read
UPLAY_SAVE_Remove
UPLAY_SAVE_SetName
UPLAY_SAVE_Write
UPLAY_SetGameSession
UPLAY_SetLocale
UPLAY_StartPlatform
UPLAY_Startup
UPLAY_USER_ClearGameSession
UPLAY_USER_GetAccountId
UPLAY_USER_GetCdKeys
UPLAY_USER_GetCredentials
UPLAY_USER_GetEmail
UPLAY_USER_GetPassword
UPLAY_USER_GetUsername
UPLAY_USER_IsConnected
UPLAY_USER_SetGameSession
UPLAY_Update
UPLAY_WIN_GetActions
UPLAY_WIN_GetRewards

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/ʼϷ.exe
.exe windows:4 windows x86 arch:x86

40cb174fdf45363b72262c6b8ded59d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugBreak
lstrcpyW
FindResourceA
FreeResource
LoadResource
GetCurrentProcess
SizeofResource
GetConsoleWindow
LockResource
CloseHandle
CreateFileA
ReadFile
VirtualFree
FreeLibrary
WaitForSingleObject
CreateRemoteThread
OpenProcess
VirtualFreeEx
ReadProcessMemory
GetProcAddress
VirtualAlloc
VirtualAllocEx
LoadLibraryA
GetSystemInfo
WriteProcessMemory
GetFileSize
SetFilePointer
WriteFile
Sleep
SystemTimeToTzSpecificLocalTime
GetTickCount
GetTimeZoneInformation
GetCurrentThread
InitializeCriticalSection
TerminateThread
LeaveCriticalSection
EnterCriticalSection
OpenThread
GetExitCodeThread
DeleteCriticalSection
GetCurrentThreadId
SuspendThread
ResumeThread
AllocConsole
ReadConsoleA
SetConsoleMode
SetConsoleTitleA
GetStdHandle
AttachConsole
SetConsoleCtrlHandler
SetConsoleWindowInfo
GetCurrentProcessId
HeapAlloc
HeapFree
GetProcessHeap
IsBadReadPtr
VirtualProtect
GetCommandLineA
HeapSetInformation
FatalAppExitA
DecodePointer
EncodePointer
GetModuleHandleW
ExitProcess
GetFullPathNameA
HeapReAlloc
ExitThread
CreateThread
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
DuplicateHandle
MoveFileA
CreateProcessA
DeleteFileA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
HeapCreate
QueryPerformanceCounter
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoW
LoadLibraryW
GetDriveTypeW
CompareStringW
LCMapStringW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
IsProcessorFeaturePresent
CreatePipe
GetExitCodeProcess
HeapSize
WriteConsoleW
GetCurrentDirectoryW
SetEndOfFile
CreateFileW
SetEnvironmentVariableA
lstrlenW
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
GetFileAttributesA
LocalFree
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FormatMessageA
GetModuleFileNameA
GetStartupInfoW
GetModuleHandleA

ole32

OleRegGetUserType
CreateOleAdviseHolder
CoTaskMemAlloc
OleCreate
OleSetContainedObject
StringFromIID
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoRevokeClassObject
MkParseDisplayName
CreateBindCtx
CoCreateInstance
CoTaskMemFree
StringFromCLSID
OleInitialize
OleUninitialize
CoLockObjectExternal

shlwapi

SHDeleteKeyA

user32

IsWindow
IsWindowVisible
GetClientRect
RegisterClassA
CallWindowProcA
MapWindowPoints
EqualRect
GetActiveWindow
ShowWindow
SetWindowPos
DefWindowProcA
IntersectRect
CreateWindowExA
GetWindowLongA
MessageBoxA
GetSystemMenu
SetActiveWindow
ModifyMenuA
GetWindowThreadProcessId
GetMessageA
TranslateMessage
PeekMessageA
DispatchMessageA
SetForegroundWindow
SetWindowRgn
GetWindowRect
wsprintfA
SetFocus
OffsetRect
WinHelpA

gdi32

SetWindowOrgEx
SetWindowExtEx
DeleteObject
CreateRectRgnIndirect
SetViewportOrgEx
SetViewportExtEx
SetMapMode

advapi32

RegCloseKey
RegOpenKeyExA
IsTextUnicode
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCreateKeyExA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA

oleaut32

GetActiveObject
VariantInit
VariantCopyInd
VariantClear
LoadTypeLibEx
SysFreeString
SysStringLen
SysAllocStringLen
LoadRegTypeLi
LHashValOfNameSys
SafeArrayCreateVector
VariantTimeToSystemTime
SafeArrayAccessData
VariantCopy
SafeArrayDestroy
SafeArrayCreate
SystemTimeToVariantTime
SafeArrayGetDim
VariantChangeType
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayPutElement
DispGetIDsOfNames
UnRegisterTypeLi

Sections

.text
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.cgjcfjc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ALI213-Might.And.Magic.X.Legacy.RLD.Crack.Only-ALI213/л.exe
.exe windows:5 windows x86 arch:x86

21634e8b08d82f0c85fdef261dcc3085

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
recv
send
setsockopt
ntohs
recvfrom
select
WSAStartup
htons
accept
listen
bind
closesocket
connect
WSACleanup
ioctlsocket
sendto
WSAGetLastError
inet_addr
gethostbyname
gethostname
socket

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_Destroy
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_Create
InitCommonControlsEx
ImageList_ReplaceIcon

mpr

WNetUseConnectionW
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetConnectW
InternetQueryDataAvailable

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho

userenv

UnloadUserProfile
DestroyEnvironmentBlock
CreateEnvironmentBlock
LoadUserProfileW

uxtheme

IsThemeActive

kernel32

WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
Sleep
GetCurrentThreadId
MultiByteToWideChar
MulDiv
GetVersionExW
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
WideCharToMultiByte
lstrcpyW
lstrlenW
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CloseHandle
MoveFileW
CopyFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
DeviceIoControl
GetLocalTime
CompareStringW
DeleteCriticalSection
CreateThread
LeaveCriticalSection
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
LoadLibraryExW
FindResourceExW
VirtualFree
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
SetFileAttributesW
GetShortPathNameW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetSystemDirectoryW
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcessId
GetProcessIoCounters
CreateProcessW
SetPriorityClass
LoadLibraryW
VirtualAlloc
GetLastError
GetModuleFileNameW
GetFullPathNameW
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentDirectoryW
lstrcmpiW
RaiseException
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
DuplicateHandle
GetCurrentProcess
EnterCriticalSection
GetCurrentThread
ExitProcess
GetModuleHandleExW
ExitThread
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineW
IsProcessorFeaturePresent
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStringTypeW
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
SetFilePointer
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
WriteConsoleW
SetEndOfFile
FindNextFileW
SetEnvironmentVariableA

user32

CopyImage
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
DrawMenuBar
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
CallWindowProcW
ReleaseCapture
SetCapture
MonitorFromRect
LoadImageW
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
AdjustWindowRectEx
DeleteMenu
CheckMenuRadioItem
GetMenuItemID
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
UnregisterHotKey
SystemParametersInfoW
keybd_event
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
GetFocus
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetClassNameW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
GetUserObjectSecurity
SetRect
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
TranslateMessage
GetCursorPos
PeekMessageW
MessageBoxW
DefWindowProcW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
FindWindowW
CharLowerBuffW
GetWindowTextW

gdi32

SetPixel
DeleteObject
GetTextExtentPoint32W
ExtCreatePen
StrokeAndFillPath
StrokePath
GetDeviceCaps
CloseFigure
LineTo
AngleArc
CreateCompatibleBitmap
CreateCompatibleDC
MoveToEx
Ellipse
PolyDraw
BeginPath
SelectObject
StretchBlt
GetDIBits
DeleteDC
GetPixel
CreateDCW
GetStockObject
Rectangle
SetViewportOrgEx
GetObjectW
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
SetTextColor
CreateFontW
GetTextFaceW
EndPath

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetAclInformation
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegConnectRegistryW
InitializeSecurityDescriptor
InitializeAcl
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
GetLengthSid
CopySid
InitiateSystemShutdownExW
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
GetTokenInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
AddAce
GetAce

shell32

DragQueryPoint
ShellExecuteExW
DragQueryFileW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHGetFolderPathW
SHFileOperationW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
GetRunningObjectTable
CoGetInstanceFromFile
CoGetObject
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket

oleaut32

RegisterTypeLi
LoadTypeLibEx
VariantCopyInd
SysReAllocString
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
UnRegisterTypeLi
SafeArrayCreateVector
SysAllocString
SysStringLen
VariantTimeToSystemTime
VarR8FromDec
SafeArrayGetVartype
OleLoadPicture
QueryPathOfRegTypeLi
VariantCopy
VariantClear
CreateDispTypeInfo
CreateStdDispatch
DispCallFunc
VariantChangeType
SafeArrayAllocDescriptorEx
VariantInit

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup.exe
.exe windows:4 windows x86 arch:x86

b1ce86732ca5e0ef531f0a541177d693

Code Sign

19:9d:f8:72
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=Time-Stamping Authority WoSign,O=WoSign eCommerce Services Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

19:9d:f8:8e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0f:cb:93:7f:07:32:59
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign eCommerce Services Limited,C=CN

Not Before

18/03/2013, 08:46

Not After

19/03/2014, 18:02

Subject

CN=南京凡游网络技术有限公司,O=南京凡游网络技术有限公司,L=南京市,ST=江苏省,C=CN,1.2.840.113549.1.9.1=#0c0e70756a63406b756169382e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

3d
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

01/03/2011, 01:00

Not After

01/03/2016, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign eCommerce Services Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17/09/2006, 19:46

Not After

17/09/2036, 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Apps\release\KuaibaDown.pdb

Imports

wininet

InternetOpenW
InternetSetOptionW
InternetOpenA
InternetCloseHandle
InternetSetOptionA
InternetOpenUrlA
InternetReadFile
InternetOpenUrlW
HttpQueryInfoW

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

riched20

ord4

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GetProcAddress
GetModuleFileNameW
LoadLibraryW
GetModuleHandleW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCurrentThreadId
ResumeThread
SetEvent
ResetEvent
CreateEventW
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
WriteFile
FindNextFileW
FindClose
FindFirstFileW
FindResourceW
LoadResource
LockResource
FreeResource
SizeofResource
MulDiv
InterlockedIncrement
InterlockedDecrement
GetConsoleMode
GetConsoleCP
VirtualAlloc
IsValidCodePage
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
HeapReAlloc
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTempPathW
RemoveDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
CreateFileW
CreateDirectoryW
GetLongPathNameW
GetCurrentDirectoryW
GetFileAttributesW
DeleteFileW
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
GetLastError
Sleep
GetTickCount
CreateProcessW
LoadLibraryA
SetStdHandle
WriteConsoleA
GetLocaleInfoA
GetStringTypeA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
GetStringTypeW

user32

ShowCaret
HideCaret
CreateCaret
SetCaretPos
GetSysColor
FillRect
DrawTextW
CharPrevW
DrawIconEx
MoveWindow
RedrawWindow
ClientToScreen
OffsetRect
IntersectRect
CharNextW
IsRectEmpty
DrawFocusRect
SetCursor
CharNextA
DestroyIcon
RegisterClassExW
LoadImageW
GetAsyncKeyState
CreateAcceleratorTableW
InvalidateRgn
GetPropW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
LoadCursorW
SetPropW
LoadBitmapW
GetFocus
IsWindow
GetMessageW
EndPaint
GetUpdateRect
GetDC
CreateWindowExW
DestroyAcceleratorTable
DestroyWindow
ReleaseDC
ReleaseCapture
GetMonitorInfoW
IsChild
SetCapture
MonitorFromWindow
SendMessageW
TranslateAcceleratorW
UpdateLayeredWindow
SetWindowRgn
GetCursorPos
DispatchMessageW
SetFocus
GetKeyState
ScreenToClient
InvalidateRect
BeginPaint
PtInRect
IsIconic
GetClientRect
IsZoomed
MapWindowPoints
GetWindowTextW
GetWindow
GetWindowTextLengthW
SetWindowTextW
SetForegroundWindow
GetWindowRect
ShowWindow
GetParent
LoadStringW
PostMessageW
KillTimer
GetWindowLongW
SetTimer
PostQuitMessage
SetWindowLongW
GetSystemMetrics
SetWindowPos
TranslateMessage
EnableWindow

gdi32

RoundRect
ExtSelectClipRgn
SetBkMode
SetBkColor
GetClipBox
StretchBlt
ExtTextOutW
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateRoundRectRgn
Rectangle
SetTextColor
CreateSolidBrush
SelectClipRgn
GetObjectW
CombineRgn
GetStockObject
CreateRectRgnIndirect
BitBlt
CreateCompatibleDC
GetDeviceCaps
SetStretchBltMode
GetCharABCWidthsW
SetBitmapBits
GetBitmapBits
TextOutW
CreateEllipticRgn
CreateRectRgn
CreateFontIndirectW
GetTextMetricsW
SelectObject
CreateDIBSection
DeleteDC
DeleteObject
CreatePen

advapi32

RegOpenKeyExW
RegCloseKey

ole32

CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleLockRunning
CoCreateInstance

oleaut32

OleLoadPicture
SysFreeString
SysAllocString

Sections

.text
Size: 428KB - Virtual size: 425KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2db5bb4d7d03c2dcc002544966d65d0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

winmm

Exports

Exports

Sections

.text Size: 61KB - Virtual size: 61KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 5KB - Virtual size: 26KB

.rsrc Size: 311KB - Virtual size: 311KB

RLD0 Size: 14KB - Virtual size: 14KB

RLD1 Size: 197KB - Virtual size: 197KB

.reloc Size: 4KB - Virtual size: 4KB

bccedeeccee76d1b034d4cddcddf205e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 744B

.reloc Size: 8KB - Virtual size: 8KB

40cb174fdf45363b72262c6b8ded59d7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

shlwapi

user32

gdi32

advapi32

oleaut32

Sections

.text Size: 478KB - Virtual size: 477KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 9KB - Virtual size: 18KB

.rsrc Size: 3.5MB - Virtual size: 3.5MB

.reloc Size: 25KB - Virtual size: 24KB

.cgjcfjc Size: 3KB - Virtual size: 2KB

21634e8b08d82f0c85fdef261dcc3085

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

version

winmm

comctl32

mpr

wininet

psapi

iphlpapi

userenv

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

.text
Size: 61KB - Virtual size: 61KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 5KB - Virtual size: 26KB

.rsrc
Size: 311KB - Virtual size: 311KB

RLD0
Size: 14KB - Virtual size: 14KB

RLD1
Size: 197KB - Virtual size: 197KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 744B

.reloc
Size: 8KB - Virtual size: 8KB

.text
Size: 478KB - Virtual size: 477KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 9KB - Virtual size: 18KB

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

.reloc
Size: 25KB - Virtual size: 24KB

.cgjcfjc
Size: 3KB - Virtual size: 2KB

.text
Size: 560KB - Virtual size: 559KB

.rdata
Size: 178KB - Virtual size: 177KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 41KB - Virtual size: 41KB

19:9d:f8:72
Certificate

19:9d:f8:8e
Certificate

0f:cb:93:7f:07:32:59
Certificate

3d
Certificate

01
Certificate

.text
Size: 428KB - Virtual size: 425KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 18KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 48KB - Virtual size: 45KB