amazing[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

amazing.zip
Size

5.2MB
MD5

d0df58b99c9bb6b30b87ef4ad07bf8a8
SHA1

28c1a982f4186dd0c320cd85a8f306870c6efefe
SHA256

f205757de47d1bc61e6631a905dc52aca5b7f7fbf672f34cd04831fc45a3cec9
SHA512

33de692bfe02e4e718261b49d309225e92b12276d8b2335d8f45c4d68996f349e188a88a9d9cb7ac4b931198a83b5f73f1675488ef93302332a2c5246ba232ac
SSDEEP

98304:KZyAWytkV1T/44HkWytkViT/4clhte9/4xJ0/4//4xM0/4WwjOv:847sNJmM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/amazing/Huge collection of onion pedolinks .txt.exe
unpack001/amazing/IMGx242.exe
unpack001/amazing/IMGx247.exe
unpack001/amazing/Lovideo.exe
unpack001/amazing/Photo/IMGx242.exe
unpack001/amazing/Photo/IMGx247.exe
unpack001/amazing/Photo/mp4.exe
unpack001/amazing/Portable Tor Browser v9.1/Start Tor Browser 9.1.exe
unpack001/amazing/Portable Tor Browser v9.1/photo_2024-02-18_21-04-26.exe
unpack001/amazing/Start Tor Browser 9.1.exe
unpack001/amazing/photo_2024-02-18_21-04-26.exe
unpack001/amazing/video 2 mp4.exe

Files

amazing.zip
.zip
amazing/Huge collection of onion pedolinks .txt.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/IMGx242.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/IMGx247.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Lovideo.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Photo/IMGx242.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Photo/IMGx247.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Photo/mp4.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Portable Tor Browser v9.1/Start Tor Browser 9.1.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Portable Tor Browser v9.1/photo_2024-02-18_21-04-26.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/Start Tor Browser 9.1.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/photo_2024-02-18_21-04-26.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
amazing/video 2 mp4.exe
.exe windows:6 windows x86 arch:x86

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CallWindowProcA

shell32

ExtractIconExA

kernel32

InitializeSListHead
CreateFileW
HeapSize
GetProcessHeap
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
FreeConsole
CreateThread
GetProcAddress
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
WriteConsoleW
IsDebuggerPresent
GetStartupInfoW
SetStdHandle
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapAlloc
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 7KB

.bss Size: 305KB - Virtual size: 305KB

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 102KB - Virtual size: 101KB

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 7KB

.bss Size: 305KB - Virtual size: 305KB

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 177KB - Virtual size: 177KB

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 7KB

.bss Size: 305KB - Virtual size: 305KB

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 177KB - Virtual size: 176KB

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 7KB

.bss Size: 305KB - Virtual size: 305KB

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 17KB - Virtual size: 16KB

3cfbf9e74e2e5e77b5b441f8ceeb35d8

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

kernel32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 7KB

.bss Size: 305KB - Virtual size: 305KB

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 177KB - Virtual size: 177KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 102KB - Virtual size: 101KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 177KB - Virtual size: 177KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 177KB - Virtual size: 176KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 17KB - Virtual size: 16KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 177KB - Virtual size: 177KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 177KB - Virtual size: 176KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 60KB - Virtual size: 59KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 197KB - Virtual size: 196KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.bss
Size: 305KB - Virtual size: 305KB

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 43KB - Virtual size: 42KB

.text
Size: 108KB - Virtual size: 108KB