Setup[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.exe
Size

31.9MB
MD5

99dd0b46f10d5ad74ca09acbba29d884
SHA1

08faa7e065efba47d50889a2c6282e7bf5c3f5de
SHA256

6c84527b1700ce18aac47a4b2580709cc61c8654a07eb2dc388d92819392c4e7
SHA512

fb40bda677ba22cede78a10e3792c5b24e35b9aeffcba8c40af180c95ad0eddcd7abeefea6189ca50afb0cc3108713cce18a7c3d6f1f97f6be0781ae96cb2a64
SSDEEP

786432:zIFM4WD8XBXuzgROWiXhAQEhCey/2vtUYcNq2kdbVQB+:kFM9QRX4DxAQE7y+vtgq2Cc+

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/Aero.dll	acprotect
static1/unpack003/$PLUGINSDIR/Aero.dll	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/Aero.dll	upx
static1/unpack003/$PLUGINSDIR/Aero.dll	upx

Unsigned PE 28 IoCs

Checks for missing Authenticode signature.

resource
Setup.exe
unpack001/$PLUGINSDIR/Aero.dll
unpack002/out.upx
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/NewAdvSplash.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$_1_/$_1_/Uninstall.exe
unpack003/$PLUGINSDIR/Aero.dll
unpack004/out.upx
unpack003/$PLUGINSDIR/KillProcDLL.dll
unpack003/$PLUGINSDIR/Registry.dll
unpack003/$PLUGINSDIR/System.dll
unpack001/$_1_/BadPiggies_Data/Managed/Assembly-CSharp-firstpass.dll
unpack001/$_1_/BadPiggies_Data/Managed/Assembly-CSharp.dll
unpack001/$_1_/BadPiggies_Data/Managed/Ionic.Zip.dll
unpack001/$_1_/BadPiggies_Data/Managed/Mono.Security.dll
unpack001/$_1_/BadPiggies_Data/Managed/P31RestKit.dll
unpack001/$_1_/BadPiggies_Data/Managed/System.Core.dll
unpack001/$_1_/BadPiggies_Data/Managed/System.Xml.dll
unpack001/$_1_/BadPiggies_Data/Managed/System.dll
unpack001/$_1_/BadPiggies_Data/Managed/UnityEngine.dll
unpack001/$_1_/BadPiggies_Data/Managed/mscorlib.dll
unpack001/$_1_/BadPiggies_Data/Mono/mono.dll
unpack001/$_1_/BadPiggies_Data/Plugins/Common.dll
unpack001/$_1_/BadPiggies_Data/Plugins/Ionic.Zip.dll
unpack001/$_1_/BadPiggies_Data/Plugins/P31RestKit.dll
unpack001/$_1_/Bonus/Original/BadPiggies_Data/Managed/Assembly-CSharp.dll
unpack001/$_1_/bplauncher.exe

Files

Setup.exe
.exe windows:5 windows x86 arch:x86

be41bf7b8cc010b614bd36bbca606973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Aero.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Apply

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:5 windows x86 arch:x86

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiW
GetModuleHandleW
GlobalLock
GlobalUnlock
GetCurrentDirectoryW
SetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrcatW
WritePrivateProfileStringW
lstrcpynW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc

user32

OpenClipboard
DestroyIcon
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
SetWindowLongW
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
CreateWindowExW
MapDialogRect
GetClipboardData
GetWindowRect
CreateDialogParamW
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
wsprintfW
CharNextW
MessageBoxW
CloseClipboard
GetDlgCtrlID
MapWindowPoints
SetWindowPos
PtInRect
GetWindowTextW
SetWindowTextW
SendMessageW
DestroyWindow

gdi32

SelectObject
CreateRectRgn
GetObjectW
CombineRgn
DeleteObject
CreateCompatibleDC
GetDIBits
SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
SHGetDesktopFolder

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Logo.gif
.gif
$PLUGINSDIR/NewAdvSplash.dll
.dll windows:4 windows x86 arch:x86

7efb019e000b6e0291c32d00fe622590

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
CloseHandle
WaitForSingleObject
GetProcAddress
lstrlenW
CreateThread
GetCurrentThreadId
Sleep
lstrcpyW
lstrcmpiW
GlobalAlloc
GlobalFree
lstrcpynW

user32

DefWindowProcW
DestroyWindow
IsWindowVisible
UnregisterClassW
EnumDisplaySettingsW
SendMessageW
wsprintfW
SystemParametersInfoW
EndPaint
SetWindowPos
LoadCursorW
RegisterClassW
CreateWindowExW
IsWindow
GetMessageW
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetWindowLongW
GetClientRect
TranslateMessage
DispatchMessageW
PostMessageW
SetWindowRgn
BeginPaint

gdi32

CombineRgn
GetObjectW
CreateCompatibleDC
SelectObject
GetDIBits
CreateRectRgn
DeleteObject

winmm

timeSetEvent
PlaySoundW
timeKillEvent

oleaut32

OleLoadPicturePath

msvcrt

_lseek
memset
memcmp
_read
memcpy
_wopen
_close
wcstol

Exports

Exports

hwnd
play
show
stop

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$_1_/$_1_/Uninstall.exe
.exe windows:5 windows x86 arch:x86

be41bf7b8cc010b614bd36bbca606973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Aero.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Apply

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/KillProcDLL.dll
.dll windows:4 windows x86 arch:x86

d806a080e21508dd768fa70be247d2ae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
CloseHandle
OpenProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetVersionExW
GlobalFree
lstrcpyW
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetCurrentProcess
HeapReAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
RtlUnwind
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
LoadLibraryA

Exports

Exports

KillProc

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/Registry.dll
.dll windows:4 windows x86 arch:x86

421a02aae559045e04759aae146087eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateProcessA
CreateProcessW
GlobalAlloc
SearchPathA
SearchPathW
GetFileAttributesA
GetFileAttributesW
CreateFileA
CreateFileW
WriteFile
WideCharToMultiByte
GetWindowsDirectoryW
lstrlenA
lstrlenW
MultiByteToWideChar
GlobalFree

user32

FindWindowExA
SetWindowTextA
SetWindowTextW
MessageBoxW
GetDlgItem

advapi32

RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegCreateKeyExW
RegEnumValueA
RegEnumValueW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
RegSetValueExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegSetValueExW

Exports

Exports

_Close
_CopyKey
_CopyValue
_CreateKey
_DeleteKey
_DeleteKeyEmpty
_DeleteValue
_Find
_HexToStrA
_HexToStrW
_KeyExists
_MoveKey
_MoveValue
_Open
_Read
_ReadExtra
_RestoreKey
_SaveKey
_StrToHexA
_StrToHexW
_Unload
_Write
_WriteExtra

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:5 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$_1_/BP.ico
$_1_/BadPiggies.exe
.exe windows:5 windows x86 arch:x86

ef53ca81d150e54b017527e28d7ff1ab

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:a7:4d:b1:67:25:0d
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

26/10/2011, 13:20

Not After

26/10/2014, 13:20

Subject

CN=Rovio Entertainment Ltd.,OU=Technology,O=Rovio Entertainment Ltd.,L=Espoo,ST=Uusimaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d9:23:46:e6:82:e5:9f:27:e4:f4:75:c9:0a:4f:7a:80:17:e6:ff:fd
Signer

Actual PE Digest

d9:23:46:e6:82:e5:9f:27:e4:f4:75:c9:0a:4f:7a:80:17:e6:ff:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\cac08d8a5e25d4cb\build\WindowsStandalonePlayer\UnityPlayer_Symbols.pdb

Imports

kernel32

GetFileAttributesA
GetModuleFileNameA
GetCurrentDirectoryA
ResumeThread
GetThreadContext
SuspendThread
GetCurrentThread
IsBadReadPtr
CreateSemaphoreA
Sleep
WaitForSingleObjectEx
ReleaseSemaphore
GetWindowsDirectoryA
MoveFileExW
GetFullPathNameW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
ReleaseMutex
SetThreadPriority
SleepEx
GetThreadTimes
OpenThread
CreateEventA
CopyFileW
SetEvent
ResetEvent
FileTimeToDosDateTime
FileTimeToLocalFileTime
lstrlenA
GetFileTime
VirtualQuery
GlobalMemoryStatus
GetSystemTimeAsFileTime
CreateProcessW
IsDebuggerPresent
SetErrorMode
WritePrivateProfileStringW
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
EncodePointer
DecodePointer
ExitProcess
SetConsoleCtrlHandler
ExitThread
DuplicateHandle
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
InterlockedIncrement
InterlockedDecrement
HeapSize
GetLocaleInfoW
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
SetFileAttributesW
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsA
InterlockedExchange
SetHandleCount
GetFileType
GetConsoleCP
OutputDebugStringA
FlushFileBuffers
SetStdHandle
GetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CompareStringW
SetEnvironmentVariableA
CreateFileA
WriteConsoleW
GetProcessHeap
InterlockedCompareExchange
HeapValidate
SetThreadAffinityMask
TerminateThread
WaitForMultipleObjects
CreateEventW
GetOverlappedResult
CancelIo
LoadLibraryW
GetProcAddress
GetCommandLineW
FreeLibrary
CreateDirectoryW
GetFileSize
ReadFile
CreateFileW
GetCurrentDirectoryW
GetDriveTypeW
GetTimeZoneInformation
SetConsoleMode
ReadConsoleInputA
FindFirstFileExA
GetDriveTypeA
PeekNamedPipe
GetFileInformationByHandle
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
CreateSemaphoreW
CreateMutexW
SignalObjectAndWait
GetProcessAffinityMask
FlushConsoleInputBuffer
GetVersion
GetSystemDirectoryA
OpenEventA
VirtualAlloc
VirtualFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
lstrcmpiA
GetFullPathNameA
CreateThread
WaitForSingleObject
SetUnhandledExceptionFilter
GetCurrentProcessId
GetModuleHandleW
GetTempPathW
LoadLibraryA
GetComputerNameW
GetUserDefaultLangID
LCMapStringW
SetLastError
lstrcpynW
lstrcpyA
lstrcpynA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
GetModuleHandleA
GetCurrentProcess
GetCurrentThreadId
RaiseException
GetConsoleMode
CreateMutexA
GetModuleFileNameW
FindFirstFileW
FindNextFileW
RemoveDirectoryW
DeleteFileW
FindClose
WriteFile
GetFileAttributesW
SetEndOfFile
SetFilePointer
CloseHandle
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
GetLastError
TlsSetValue
TlsFree
TlsAlloc
TlsGetValue
IsValidCodePage
InterlockedExchangeAdd
HeapWalk

user32

IsDialogMessageW
PeekMessageW
EnableWindow
CreateDialogParamW
CheckDlgButton
IsDlgButtonChecked
DialogBoxParamA
LoadImageA
ValidateRect
DispatchMessageA
GetMessageA
PeekMessageA
GetCaretBlinkTime
EnumDisplayDevicesA
MonitorFromWindow
wvsprintfA
TranslateMessage
DispatchMessageW
ReleaseDC
GetDC
DestroyCursor
DefWindowProcW
DestroyWindow
CreateWindowExW
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
SetCapture
GetProcessWindowStation
GetUserObjectInformationW
ReleaseCapture
RegisterDeviceNotificationW
UnregisterDeviceNotification
SystemParametersInfoW
ClientToScreen
GetAsyncKeyState
ScreenToClient
IsWindowVisible
GetCursorPos
GetKeyState
wsprintfA
RegisterRawInputDevices
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
SendMessageTimeoutA
EnumWindows
SendMessageA
SetForegroundWindow
LoadCursorA
SetCursor
GetSystemMetrics
MsgWaitForMultipleObjects
SetWindowTextW
RegisterClassW
PostQuitMessage
SetWindowLongW
GetWindowLongW
SetCursorPos
ClipCursor
ShowCursor
GetFocus
SetFocus
MessageBoxW
WindowFromPoint
RegisterClassExW
DialogBoxParamW
ShowWindow
IsIconic
EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
CreateIconIndirect
RegisterWindowMessageA
GetUserObjectInformationA
GetThreadDesktop
GetParent
GetWindowRect
GetWindowLongA
SetWindowPos
GetClientRect
CreateDialogParamA
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA

version

VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoW

ole32

CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
StringFromGUID2
CoCreateGuid
CoInitialize
CoUninitialize

shlwapi

PathFileExistsW
PathIsDirectoryW
SHDeleteKeyA

advapi32

CryptGetHashParam
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
GetUserNameA
RegDeleteValueA
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
DeregisterEventSource
ReportEventA
RegisterEventSourceA
CryptDestroyHash

gdi32

GetDeviceCaps
SetPixelFormat
SwapBuffers
CreateDIBSection
GetObjectA
ChoosePixelFormat
DeleteObject
CreateBitmap

shell32

SHGetFolderPathW
ShellExecuteW
CommandLineToArgvW

opengl32

glMaterialf
glMaterialfv
glLoadIdentity
glGenTextures
glBindTexture
glTexImage2D
glIsTexture
glTexSubImage2D
glPixelStorei
glCopyTexSubImage2D
glDrawBuffer
glReadBuffer
glDrawArrays
wglDeleteContext
glTexParameteri
glBegin
glVertex3f
glNormal3f
glColor4f
glEnd
glTexCoord3f
glHint
glReadPixels
glDeleteTextures
glFinish
glFogi
wglCreateContext
wglMakeCurrent
glGetIntegerv
wglGetCurrentContext
wglGetCurrentDC
wglShareLists
wglGetProcAddress
glGetError
glGetString
glDrawElements
glTexCoordPointer
glNormalPointer
glVertexPointer
glColorPointer
glEnableClientState
glDisableClientState
glTexEnvf
glTexEnvi
glAlphaFunc
glEnable
glBlendFunc
glDisable
glColorMask
glPolygonOffset
glCullFace
glDepthMask
glDepthFunc
glStencilMask
glStencilOp
glStencilFunc
glIsEnabled
glClear
glClearStencil
glClearDepth
glClearColor
glFrontFace
glPolygonMode
glLoadMatrixf
glMatrixMode
glMultMatrixf
glGetFloatv
glColorMaterial
glLightModeli
glColor4fv
glViewport
glScissor
glTexEnvfv
glTexGenfv
glTexGeni
glLightfv
glLightf
glLightModelfv
glFogfv
glFogf
glLightModelf

winmm

waveInOpen
waveInGetDevCapsW
waveInStart
waveInClose
waveInReset
waveOutPrepareHeader
timeEndPeriod
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutGetPosition
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutGetDevCapsW
waveOutGetDevCapsA
waveOutGetNumDevs
waveInGetNumDevs
timeBeginPeriod
timeGetTime

ws2_32

htons
WSAGetLastError
getsockname
closesocket
inet_addr
htonl
inet_ntoa
WSACleanup
WSAStartup
socket
gethostname
ioctlsocket
setsockopt
select
WSASetLastError
__WSAFDIsSet
sendto
recvfrom
bind
ntohs
accept
listen
shutdown
gethostbyname
recv
send
WSACancelAsyncRequest
WSAAsyncGetHostByName
getsockopt
getpeername
freeaddrinfo
getaddrinfo
gethostbyaddr
connect

oleaut32

VariantClear
SysStringLen
VariantInit
VariantChangeType
SysAllocString
SysFreeString

imm32

ImmGetContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetConversionStatus
ImmSetOpenStatus
ImmReleaseContext
ImmSetCompositionStringW

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

winhttp

WinHttpGetIEProxyConfigForCurrentUser

hid

HidD_FreePreparsedData
HidD_GetPreparsedData
HidD_GetProductString
HidP_GetCaps
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidP_GetData
HidD_GetHidGuid

msacm32

acmStreamUnprepareHeader
acmFormatSuggest
acmStreamSize
acmStreamConvert
acmStreamOpen
acmStreamPrepareHeader

Exports

Exports

??$DebugStringToFile@V?$stl_allocator@D$0DC@$03@@@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$stl_allocator@D$0DC@$03@@@std@@HPBDHHHH@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@Behaviour@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@Component@Unity@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@GameObject@Unity@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@GlobalGameManager@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@LevelGameManager@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$00@@@NamedObject@@QAEXAAV?$StreamedBinaryRead@$00@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@Behaviour@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@Component@Unity@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@GameObject@Unity@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@GlobalGameManager@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@LevelGameManager@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryRead@$0A@@@@NamedObject@@QAEXAAV?$StreamedBinaryRead@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@Behaviour@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@Component@Unity@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@GameObject@Unity@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@GlobalGameManager@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@LevelGameManager@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@V?$StreamedBinaryWrite@$0A@@@@NamedObject@@QAEXAAV?$StreamedBinaryWrite@$0A@@@@Z
??$Transfer@VProxyTransfer@@@Behaviour@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@Component@Unity@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@GameObject@Unity@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@GlobalGameManager@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@LevelGameManager@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VProxyTransfer@@@NamedObject@@QAEXAAVProxyTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@Behaviour@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@Component@Unity@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@GameObject@Unity@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@GlobalGameManager@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@LevelGameManager@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VRemapPPtrTransfer@@@NamedObject@@QAEXAAVRemapPPtrTransfer@@@Z
??$Transfer@VSafeBinaryRead@@@Behaviour@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@Component@Unity@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@GameObject@Unity@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@GlobalGameManager@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@LevelGameManager@@QAEXAAVSafeBinaryRead@@@Z
??$Transfer@VSafeBinaryRead@@@NamedObject@@QAEXAAVSafeBinaryRead@@@Z
??0?$StreamedBinaryWrite@$00@@QAE@XZ
??0?$StreamedBinaryWrite@$0A@@@QAE@XZ
??0Behaviour@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0CacheReaderBase@@QAE@ABV0@@Z
??0CacheReaderBase@@QAE@XZ
??0CachedReader@@QAE@XZ
??0Component@Unity@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0EditorExtension@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0GameManager@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0GameObject@Unity@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0GlobalGameManager@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0LevelGameManager@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0MemLabelId@@QAE@W4MemLabelIdentifier@@@Z
??0MemLabelId@@QAE@XZ
??0NamedObject@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0NonCopyable@@QAE@XZ
??0Object@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0ProxyTransfer@@QAE@AAVTypeTree@@HPAXH@Z
??0RemapPPtrTransfer@@QAE@ABV0@@Z
??0RemapPPtrTransfer@@QAE@H_N@Z
??0ResourceImageGroup@@QAE@XZ
??0SafeBinaryRead@@QAE@XZ
??0Thread@@QAE@XZ
??0Transform@@QAE@UMemLabelId@@W4ObjectCreationMode@@@Z
??0kMemAnimationStruct@@QAE@XZ
??0kMemAnimationTempStruct@@QAE@XZ
??0kMemAssetDatabaseStruct@@QAE@XZ
??0kMemAssetDatabaseTempStruct@@QAE@XZ
??0kMemAssetServerCacheStruct@@QAE@XZ
??0kMemAssetServerCacheTempStruct@@QAE@XZ
??0kMemAudioDataStruct@@QAE@XZ
??0kMemAudioDataTempStruct@@QAE@XZ
??0kMemAudioProcessingStruct@@QAE@XZ
??0kMemAudioProcessingTempStruct@@QAE@XZ
??0kMemAudioStruct@@QAE@XZ
??0kMemAudioTempStruct@@QAE@XZ
??0kMemBaseObjectStruct@@QAE@XZ
??0kMemBaseObjectTempStruct@@QAE@XZ
??0kMemBatchedGeometryStruct@@QAE@XZ
??0kMemBatchedGeometryTempStruct@@QAE@XZ
??0kMemCurlStruct@@QAE@XZ
??0kMemCurlTempStruct@@QAE@XZ
??0kMemDefaultStruct@@QAE@XZ
??0kMemDefaultTempStruct@@QAE@XZ
??0kMemDynamicArrayStruct@@QAE@XZ
??0kMemDynamicArrayTempStruct@@QAE@XZ
??0kMemDynamicGeometryStruct@@QAE@XZ
??0kMemDynamicGeometryTempStruct@@QAE@XZ
??0kMemEditorGuiStruct@@QAE@XZ
??0kMemEditorGuiTempStruct@@QAE@XZ
??0kMemEditorUtilityStruct@@QAE@XZ
??0kMemEditorUtilityTempStruct@@QAE@XZ
??0kMemFBXImporterStruct@@QAE@XZ
??0kMemFBXImporterTempStruct@@QAE@XZ
??0kMemFMODStruct@@QAE@XZ
??0kMemFMODTempStruct@@QAE@XZ
??0kMemFileStruct@@QAE@XZ
??0kMemFileTempStruct@@QAE@XZ
??0kMemFontStruct@@QAE@XZ
??0kMemFontTempStruct@@QAE@XZ
??0kMemGLibImageStruct@@QAE@XZ
??0kMemGLibImageTempStruct@@QAE@XZ
??0kMemGLibStruct@@QAE@XZ
??0kMemGLibTempStruct@@QAE@XZ
??0kMemGarbageCollectorStruct@@QAE@XZ
??0kMemGarbageCollectorTempStruct@@QAE@XZ
??0kMemGeometryStruct@@QAE@XZ
??0kMemGeometryTempStruct@@QAE@XZ
??0kMemGfxDeviceStruct@@QAE@XZ
??0kMemGfxDeviceTempStruct@@QAE@XZ
??0kMemGfxThreadStruct@@QAE@XZ
??0kMemGfxThreadTempStruct@@QAE@XZ
??0kMemIO2Struct@@QAE@XZ
??0kMemIO2TempStruct@@QAE@XZ
??0kMemIOStruct@@QAE@XZ
??0kMemIOTempStruct@@QAE@XZ
??0kMemImmediateGeometryStruct@@QAE@XZ
??0kMemImmediateGeometryTempStruct@@QAE@XZ
??0kMemMallocFreeStruct@@QAE@XZ
??0kMemMallocFreeTempStruct@@QAE@XZ
??0kMemManagerStruct@@QAE@XZ
??0kMemManagerTempStruct@@QAE@XZ
??0kMemMemoryProfilerStringStruct@@QAE@XZ
??0kMemMemoryProfilerStringTempStruct@@QAE@XZ
??0kMemMemoryProfilerStruct@@QAE@XZ
??0kMemMemoryProfilerTempStruct@@QAE@XZ
??0kMemMonoCodeStruct@@QAE@XZ
??0kMemMonoCodeTempStruct@@QAE@XZ
??0kMemMonoStruct@@QAE@XZ
??0kMemMonoTempStruct@@QAE@XZ
??0kMemNavigationStruct@@QAE@XZ
??0kMemNavigationTempStruct@@QAE@XZ
??0kMemNetworkStruct@@QAE@XZ
??0kMemNetworkTempStruct@@QAE@XZ
??0kMemNewDeleteStruct@@QAE@XZ
??0kMemNewDeleteTempStruct@@QAE@XZ
??0kMemPS3DelayedReleaseStruct@@QAE@XZ
??0kMemPS3DelayedReleaseTempStruct@@QAE@XZ
??0kMemPS3RSXBuffersStruct@@QAE@XZ
??0kMemPS3RSXBuffersTempStruct@@QAE@XZ
??0kMemPS3RingBuffersStruct@@QAE@XZ
??0kMemPS3RingBuffersTempStruct@@QAE@XZ
??0kMemPS3VideoMemoryStruct@@QAE@XZ
??0kMemPS3VideoMemoryTempStruct@@QAE@XZ
??0kMemPVSStruct@@QAE@XZ
??0kMemPVSTempStruct@@QAE@XZ
??0kMemParticlesStruct@@QAE@XZ
??0kMemParticlesTempStruct@@QAE@XZ
??0kMemPermanentStruct@@QAE@XZ
??0kMemPermanentTempStruct@@QAE@XZ
??0kMemPhysicsStruct@@QAE@XZ
??0kMemPhysicsTempStruct@@QAE@XZ
??0kMemPoolAllocStruct@@QAE@XZ
??0kMemPoolAllocTempStruct@@QAE@XZ
??0kMemPreviewImageStruct@@QAE@XZ
??0kMemPreviewImageTempStruct@@QAE@XZ
??0kMemProfilerStruct@@QAE@XZ
??0kMemProfilerTempStruct@@QAE@XZ
??0kMemRendererStruct@@QAE@XZ
??0kMemRendererTempStruct@@QAE@XZ
??0kMemResourceStruct@@QAE@XZ
??0kMemResourceTempStruct@@QAE@XZ
??0kMemSTLStruct@@QAE@XZ
??0kMemSTLTempStruct@@QAE@XZ
??0kMemScriptManagerStruct@@QAE@XZ
??0kMemScriptManagerTempStruct@@QAE@XZ
??0kMemSerializationStruct@@QAE@XZ
??0kMemSerializationTempStruct@@QAE@XZ
??0kMemShaderStruct@@QAE@XZ
??0kMemShaderTempStruct@@QAE@XZ
??0kMemShadowStruct@@QAE@XZ
??0kMemShadowTempStruct@@QAE@XZ
??0kMemSkinningStruct@@QAE@XZ
??0kMemSkinningTempStruct@@QAE@XZ
??0kMemSpritesStruct@@QAE@XZ
??0kMemSpritesTempStruct@@QAE@XZ
??0kMemStaticStringStruct@@QAE@XZ
??0kMemStaticStringTempStruct@@QAE@XZ
??0kMemStringStruct@@QAE@XZ
??0kMemStringTempStruct@@QAE@XZ
??0kMemSubstanceStruct@@QAE@XZ
??0kMemSubstanceTempStruct@@QAE@XZ
??0kMemTempOverflowStruct@@QAE@XZ
??0kMemTempOverflowTempStruct@@QAE@XZ
??0kMemTerrainStruct@@QAE@XZ
??0kMemTerrainTempStruct@@QAE@XZ
??0kMemTextAssetStruct@@QAE@XZ
??0kMemTextAssetTempStruct@@QAE@XZ
??0kMemTextureCacheStruct@@QAE@XZ
??0kMemTextureCacheTempStruct@@QAE@XZ
??0kMemTextureStruct@@QAE@XZ
??0kMemTextureTempStruct@@QAE@XZ
??0kMemThreadStackStruct@@QAE@XZ
??0kMemThreadStackTempStruct@@QAE@XZ
??0kMemThreadStruct@@QAE@XZ
??0kMemThreadTempStruct@@QAE@XZ
??0kMemTransformStruct@@QAE@XZ
??0kMemTransformTempStruct@@QAE@XZ
??0kMemTypeTreeStruct@@QAE@XZ
??0kMemTypeTreeTempStruct@@QAE@XZ
??0kMemUTF16StringStruct@@QAE@XZ
??0kMemUTF16StringTempStruct@@QAE@XZ
??0kMemUndoBufferStruct@@QAE@XZ
??0kMemUndoBufferTempStruct@@QAE@XZ
??0kMemUtilityStruct@@QAE@XZ
??0kMemUtilityTempStruct@@QAE@XZ
??0kMemVersionControlStruct@@QAE@XZ
??0kMemVersionControlTempStruct@@QAE@XZ
??0kMemVertexDataStruct@@QAE@XZ
??0kMemVertexDataTempStruct@@QAE@XZ
??0kMemWebCamStruct@@QAE@XZ
??0kMemWebCamTempStruct@@QAE@XZ
??0kMemWiiDefault1Struct@@QAE@XZ
??0kMemWiiDefault1TempStruct@@QAE@XZ
??0kMemWiiDefault2Struct@@QAE@XZ
??0kMemWiiDefault2TempStruct@@QAE@XZ
??0kMemWiiHBMStruct@@QAE@XZ
??0kMemWiiHBMTempStruct@@QAE@XZ
??0kMemWiiInputStruct@@QAE@XZ
??0kMemWiiInputTempStruct@@QAE@XZ
??0kMemWiiMovieStruct@@QAE@XZ
??0kMemWiiMovieTempStruct@@QAE@XZ
??0kMemWiiNandStruct@@QAE@XZ
??0kMemWiiNandTempStruct@@QAE@XZ
??0kMemWiiPThreadsStruct@@QAE@XZ
??0kMemWiiPThreadsTempStruct@@QAE@XZ
??0kMemWiiRVLAux1Struct@@QAE@XZ
??0kMemWiiRVLAux1TempStruct@@QAE@XZ
??0kMemWiiRVLAux2Struct@@QAE@XZ
??0kMemWiiRVLAux2TempStruct@@QAE@XZ
??0kMemWiiRenderTextureStruct@@QAE@XZ
??0kMemWiiRenderTextureTempStruct@@QAE@XZ
??0kMemWiiSkinningStruct@@QAE@XZ
??0kMemWiiSkinningTempStruct@@QAE@XZ
??0kMemWiiStrapReminderStruct@@QAE@XZ
??0kMemWiiStrapReminderTempStruct@@QAE@XZ
??0kMemWiiVIStruct@@QAE@XZ
??0kMemWiiVITempStruct@@QAE@XZ
??0kMemWinRTTLSStruct@@QAE@XZ
??0kMemWinRTTLSTempStruct@@QAE@XZ
??1Behaviour@@MAE@XZ
??1CacheReaderBase@@UAE@XZ
??1CachedReader@@QAE@XZ
??1Component@Unity@@MAE@XZ
??1EditorExtension@@MAE@XZ
??1GameManager@@MAE@XZ
??1GameObject@Unity@@MAE@XZ
??1GlobalGameManager@@MAE@XZ
??1LevelGameManager@@MAE@XZ
??1NamedObject@@MAE@XZ
??1Object@@MAE@XZ
??1RemapPPtrTransfer@@QAE@XZ
??1SafeBinaryRead@@QAE@XZ
??1Thread@@QAE@XZ
??1Transform@@MAE@XZ
??2@YAPAXIUMemLabelId@@_NPBDH@Z
??3@YAXPAXUMemLabelId@@_NPBDH@Z
??4?$StreamedBinaryWrite@$00@@QAEAAV0@ABV0@@Z
??4?$StreamedBinaryWrite@$0A@@@QAEAAV0@ABV0@@Z
??4CacheReaderBase@@QAEAAV0@ABV0@@Z
??4MemLabelId@@QAEAAU0@ABU0@@Z
??4RemapPPtrTransfer@@QAEAAV0@ABV0@@Z
??4ResourceImageGroup@@QAEAAU0@ABU0@@Z
??4kMemAnimationStruct@@QAEAAU0@ABU0@@Z
??4kMemAnimationTempStruct@@QAEAAU0@ABU0@@Z
??4kMemAssetDatabaseStruct@@QAEAAU0@ABU0@@Z
??4kMemAssetDatabaseTempStruct@@QAEAAU0@ABU0@@Z
??4kMemAssetServerCacheStruct@@QAEAAU0@ABU0@@Z
??4kMemAssetServerCacheTempStruct@@QAEAAU0@ABU0@@Z
??4kMemAudioDataStruct@@QAEAAU0@ABU0@@Z
??4kMemAudioDataTempStruct@@QAEAAU0@ABU0@@Z
??4kMemAudioProcessingStruct@@QAEAAU0@ABU0@@Z
??4kMemAudioProcessingTempStruct@@QAEAAU0@ABU0@@Z
??4kMemAudioStruct@@QAEAAU0@ABU0@@Z
??4kMemAudioTempStruct@@QAEAAU0@ABU0@@Z
??4kMemBaseObjectStruct@@QAEAAU0@ABU0@@Z
??4kMemBaseObjectTempStruct@@QAEAAU0@ABU0@@Z
??4kMemBatchedGeometryStruct@@QAEAAU0@ABU0@@Z
??4kMemBatchedGeometryTempStruct@@QAEAAU0@ABU0@@Z
??4kMemCurlStruct@@QAEAAU0@ABU0@@Z
??4kMemCurlTempStruct@@QAEAAU0@ABU0@@Z
??4kMemDefaultStruct@@QAEAAU0@ABU0@@Z
??4kMemDefaultTempStruct@@QAEAAU0@ABU0@@Z
??4kMemDynamicArrayStruct@@QAEAAU0@ABU0@@Z
??4kMemDynamicArrayTempStruct@@QAEAAU0@ABU0@@Z
??4kMemDynamicGeometryStruct@@QAEAAU0@ABU0@@Z
??4kMemDynamicGeometryTempStruct@@QAEAAU0@ABU0@@Z
??4kMemEditorGuiStruct@@QAEAAU0@ABU0@@Z
??4kMemEditorGuiTempStruct@@QAEAAU0@ABU0@@Z
??4kMemEditorUtilityStruct@@QAEAAU0@ABU0@@Z
??4kMemEditorUtilityTempStruct@@QAEAAU0@ABU0@@Z
??4kMemFBXImporterStruct@@QAEAAU0@ABU0@@Z
??4kMemFBXImporterTempStruct@@QAEAAU0@ABU0@@Z
??4kMemFMODStruct@@QAEAAU0@ABU0@@Z
??4kMemFMODTempStruct@@QAEAAU0@ABU0@@Z
??4kMemFileStruct@@QAEAAU0@ABU0@@Z
??4kMemFileTempStruct@@QAEAAU0@ABU0@@Z
??4kMemFontStruct@@QAEAAU0@ABU0@@Z
??4kMemFontTempStruct@@QAEAAU0@ABU0@@Z
??4kMemGLibImageStruct@@QAEAAU0@ABU0@@Z
??4kMemGLibImageTempStruct@@QAEAAU0@ABU0@@Z
??4kMemGLibStruct@@QAEAAU0@ABU0@@Z
??4kMemGLibTempStruct@@QAEAAU0@ABU0@@Z
??4kMemGarbageCollectorStruct@@QAEAAU0@ABU0@@Z
??4kMemGarbageCollectorTempStruct@@QAEAAU0@ABU0@@Z
??4kMemGeometryStruct@@QAEAAU0@ABU0@@Z
??4kMemGeometryTempStruct@@QAEAAU0@ABU0@@Z
??4kMemGfxDeviceStruct@@QAEAAU0@ABU0@@Z
??4kMemGfxDeviceTempStruct@@QAEAAU0@ABU0@@Z
??4kMemGfxThreadStruct@@QAEAAU0@ABU0@@Z
??4kMemGfxThreadTempStruct@@QAEAAU0@ABU0@@Z
??4kMemIO2Struct@@QAEAAU0@ABU0@@Z
??4kMemIO2TempStruct@@QAEAAU0@ABU0@@Z
??4kMemIOStruct@@QAEAAU0@ABU0@@Z
??4kMemIOTempStruct@@QAEAAU0@ABU0@@Z
??4kMemImmediateGeometryStruct@@QAEAAU0@ABU0@@Z
??4kMemImmediateGeometryTempStruct@@QAEAAU0@ABU0@@Z
??4kMemMallocFreeStruct@@QAEAAU0@ABU0@@Z
??4kMemMallocFreeTempStruct@@QAEAAU0@ABU0@@Z
??4kMemManagerStruct@@QAEAAU0@ABU0@@Z
??4kMemManagerTempStruct@@QAEAAU0@ABU0@@Z
??4kMemMemoryProfilerStringStruct@@QAEAAU0@ABU0@@Z
??4kMemMemoryProfilerStringTempStruct@@QAEAAU0@ABU0@@Z
??4kMemMemoryProfilerStruct@@QAEAAU0@ABU0@@Z
??4kMemMemoryProfilerTempStruct@@QAEAAU0@ABU0@@Z
??4kMemMonoCodeStruct@@QAEAAU0@ABU0@@Z
??4kMemMonoCodeTempStruct@@QAEAAU0@ABU0@@Z
??4kMemMonoStruct@@QAEAAU0@ABU0@@Z
??4kMemMonoTempStruct@@QAEAAU0@ABU0@@Z
??4kMemNavigationStruct@@QAEAAU0@ABU0@@Z
??4kMemNavigationTempStruct@@QAEAAU0@ABU0@@Z
??4kMemNetworkStruct@@QAEAAU0@ABU0@@Z
??4kMemNetworkTempStruct@@QAEAAU0@ABU0@@Z
??4kMemNewDeleteStruct@@QAEAAU0@ABU0@@Z
??4kMemNewDeleteTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3DelayedReleaseStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3DelayedReleaseTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3RSXBuffersStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3RSXBuffersTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3RingBuffersStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3RingBuffersTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3VideoMemoryStruct@@QAEAAU0@ABU0@@Z
??4kMemPS3VideoMemoryTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPVSStruct@@QAEAAU0@ABU0@@Z
??4kMemPVSTempStruct@@QAEAAU0@ABU0@@Z
??4kMemParticlesStruct@@QAEAAU0@ABU0@@Z
??4kMemParticlesTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPermanentStruct@@QAEAAU0@ABU0@@Z
??4kMemPermanentTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPhysicsStruct@@QAEAAU0@ABU0@@Z
??4kMemPhysicsTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPoolAllocStruct@@QAEAAU0@ABU0@@Z
??4kMemPoolAllocTempStruct@@QAEAAU0@ABU0@@Z
??4kMemPreviewImageStruct@@QAEAAU0@ABU0@@Z
??4kMemPreviewImageTempStruct@@QAEAAU0@ABU0@@Z
??4kMemProfilerStruct@@QAEAAU0@ABU0@@Z
??4kMemProfilerTempStruct@@QAEAAU0@ABU0@@Z
??4kMemRendererStruct@@QAEAAU0@ABU0@@Z
??4kMemRendererTempStruct@@QAEAAU0@ABU0@@Z
??4kMemResourceStruct@@QAEAAU0@ABU0@@Z
??4kMemResourceTempStruct@@QAEAAU0@ABU0@@Z
??4kMemSTLStruct@@QAEAAU0@ABU0@@Z
??4kMemSTLTempStruct@@QAEAAU0@ABU0@@Z
??4kMemScriptManagerStruct@@QAEAAU0@ABU0@@Z
??4kMemScriptManagerTempStruct@@QAEAAU0@ABU0@@Z
??4kMemSerializationStruct@@QAEAAU0@ABU0@@Z
??4kMemSerializationTempStruct@@QAEAAU0@ABU0@@Z
??4kMemShaderStruct@@QAEAAU0@ABU0@@Z
??4kMemShaderTempStruct@@QAEAAU0@ABU0@@Z
??4kMemShadowStruct@@QAEAAU0@ABU0@@Z
??4kMemShadowTempStruct@@QAEAAU0@ABU0@@Z
??4kMemSkinningStruct@@QAEAAU0@ABU0@@Z
??4kMemSkinningTempStruct@@QAEAAU0@ABU0@@Z
??4kMemSpritesStruct@@QAEAAU0@ABU0@@Z
??4kMemSpritesTempStruct@@QAEAAU0@ABU0@@Z
??4kMemStaticStringStruct@@QAEAAU0@ABU0@@Z
??4kMemStaticStringTempStruct@@QAEAAU0@ABU0@@Z
??4kMemStringStruct@@QAEAAU0@ABU0@@Z
??4kMemStringTempStruct@@QAEAAU0@ABU0@@Z
??4kMemSubstanceStruct@@QAEAAU0@ABU0@@Z
??4kMemSubstanceTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTempOverflowStruct@@QAEAAU0@ABU0@@Z
??4kMemTempOverflowTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTerrainStruct@@QAEAAU0@ABU0@@Z
??4kMemTerrainTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTextAssetStruct@@QAEAAU0@ABU0@@Z
??4kMemTextAssetTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTextureCacheStruct@@QAEAAU0@ABU0@@Z
??4kMemTextureCacheTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTextureStruct@@QAEAAU0@ABU0@@Z
??4kMemTextureTempStruct@@QAEAAU0@ABU0@@Z
??4kMemThreadStackStruct@@QAEAAU0@ABU0@@Z
??4kMemThreadStackTempStruct@@QAEAAU0@ABU0@@Z
??4kMemThreadStruct@@QAEAAU0@ABU0@@Z
??4kMemThreadTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTransformStruct@@QAEAAU0@ABU0@@Z
??4kMemTransformTempStruct@@QAEAAU0@ABU0@@Z
??4kMemTypeTreeStruct@@QAEAAU0@ABU0@@Z
??4kMemTypeTreeTempStruct@@QAEAAU0@ABU0@@Z
??4kMemUTF16StringStruct@@QAEAAU0@ABU0@@Z
??4kMemUTF16StringTempStruct@@QAEAAU0@ABU0@@Z
??4kMemUndoBufferStruct@@QAEAAU0@ABU0@@Z
??4kMemUndoBufferTempStruct@@QAEAAU0@ABU0@@Z
??4kMemUtilityStruct@@QAEAAU0@ABU0@@Z
??4kMemUtilityTempStruct@@QAEAAU0@ABU0@@Z
??4kMemVersionControlStruct@@QAEAAU0@ABU0@@Z
??4kMemVersionControlTempStruct@@QAEAAU0@ABU0@@Z
??4kMemVertexDataStruct@@QAEAAU0@ABU0@@Z
??4kMemVertexDataTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWebCamStruct@@QAEAAU0@ABU0@@Z
??4kMemWebCamTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiDefault1Struct@@QAEAAU0@ABU0@@Z
??4kMemWiiDefault1TempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiDefault2Struct@@QAEAAU0@ABU0@@Z
??4kMemWiiDefault2TempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiHBMStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiHBMTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiInputStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiInputTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiMovieStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiMovieTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiNandStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiNandTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiPThreadsStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiPThreadsTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiRVLAux1Struct@@QAEAAU0@ABU0@@Z
??4kMemWiiRVLAux1TempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiRVLAux2Struct@@QAEAAU0@ABU0@@Z
??4kMemWiiRVLAux2TempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiRenderTextureStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiRenderTextureTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiSkinningStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiSkinningTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiStrapReminderStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiStrapReminderTempStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiVIStruct@@QAEAAU0@ABU0@@Z
??4kMemWiiVITempStruct@@QAEAAU0@ABU0@@Z
??4kMemWinRTTLSStruct@@QAEAAU0@ABU0@@Z
??4kMemWinRTTLSTempStruct@@QAEAAU0@ABU0@@Z
??8MemLabelId@@QAE_NABU0@@Z
??_7Behaviour@@6B@
??_7CacheReaderBase@@6B@
??_7Component@Unity@@6B@
??_7EditorExtension@@6B@
??_7GameManager@@6B@
??_7GameObject@Unity@@6B@
??_7GlobalGameManager@@6B@
??_7LevelGameManager@@6B@
??_7NamedObject@@6B@
??_7Object@@6B@
??_7Transform@@6B@
?Activate@GameObject@Unity@@QAEXXZ
?ActivateAwakeRecursively@GameObject@Unity@@QAEXW4DeactivateOperation@2@@Z
?ActivateAwakeRecursivelyInternal@GameObject@Unity@@AAEXW4DeactivateOperation@2@AAVAwakeFromLoadQueue@@@Z
?AddComponentInternal@GameObject@Unity@@QAEXPAVComponent@2@@Z
?AddComponentInternal@GameObject@Unity@@SAXAAV12@AAVComponent@2@@Z
?AddEvent@Object@@QAEXP6AXPAX0H@Z0@Z
?AddMetaFlag@?$StreamedBinaryWrite@$0A@@@QAEXW4TransferMetaFlags@@@Z
?AddMetaFlag@ProxyTransfer@@QAEXW4TransferMetaFlags@@@Z
?AddMetaFlag@RemapPPtrTransfer@@QAEXW4TransferMetaFlags@@@Z
?AddMetaFlag@SafeBinaryRead@@QAEXW4TransferMetaFlags@@@Z
?Align4Read@CachedReader@@QAEXXZ
?Align@?$StreamedBinaryRead@$00@@QAEXXZ
?Align@?$StreamedBinaryRead@$0A@@@QAEXXZ
?Align@?$StreamedBinaryWrite@$00@@QAEXXZ
?Align@?$StreamedBinaryWrite@$0A@@@QAEXXZ
?Align@ProxyTransfer@@QAEXXZ
?Align@RemapPPtrTransfer@@QAEXXZ
?Align@SafeBinaryRead@@QAEXXZ
?AllocateAndAssignInstanceID@Object@@SAPAV1@PAV1@@Z
?AllocateAndAssignInstanceIDNoLock@Object@@SAPAV1@PAV1@@Z
?AllowTransferOptimization@Behaviour@@SA_NXZ
?AllowTransferOptimization@Component@Unity@@SA_NXZ
?AllowTransferOptimization@GameObject@Unity@@SA_NXZ
?AllowTransferOptimization@GlobalGameManager@@SA_NXZ
?AllowTransferOptimization@LevelGameManager@@SA_NXZ
?AllowTransferOptimization@NamedObject@@SA_NXZ
?AllowTransferOptimization@Transform@@SA_NXZ
?AsUTF8@ICallString@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$stl_allocator@D$0DC@$03@@@std@@XZ
?AssertContainsNoPPtr@ProxyTransfer@@AAEXPBVTypeTree@@@Z
?AssertOptimizeTransfer@ProxyTransfer@@AAEXH@Z
?AssertOptimizeTransferImpl@ProxyTransfer@@AAEXABVTypeTree@@HPAH@Z
?AssetMetaDataOnly@ProxyTransfer@@QAE_NXZ
?AssetMetaDataOnly@RemapPPtrTransfer@@QAE_NXZ
?AssetMetaDataOnly@SafeBinaryRead@@QAE_NXZ
?AwakeFromLoad@Behaviour@@UAEXW4AwakeFromLoadMode@@@Z
?AwakeFromLoad@Component@Unity@@UAEXW4AwakeFromLoadMode@@@Z
?AwakeFromLoad@GameObject@Unity@@UAEXW4AwakeFromLoadMode@@@Z
?AwakeFromLoad@Object@@UAEXW4AwakeFromLoadMode@@@Z
?AwakeFromLoad@Transform@@UAEXW4AwakeFromLoadMode@@@Z
?AwakeFromLoadThreaded@Object@@UAEXXZ
?BeginArrayTransfer@ProxyTransfer@@AAEXPBD0AAJW4TransferMetaFlags@@@Z
?BeginArrayTransfer@SafeBinaryRead@@AAE_NPBD0AAJ@Z
?BeginMetaGroup@ProxyTransfer@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$stl_allocator@D$0DC@$03@@@std@@@Z
?BeginMetaGroup@RemapPPtrTransfer@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$stl_allocator@D$0DC@$03@@@std@@@Z
?BeginMetaGroup@SafeBinaryRead@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$stl_allocator@D$0DC@$03@@@std@@@Z
?BeginResourceImage@CachedReader@@QAEXW4ActiveResourceImage@@@Z
?BeginTransfer@ProxyTransfer@@QAEXPBD0PADW4TransferMetaFlags@@@Z
?BeginTransfer@SafeBinaryRead@@AAEHPBD0PAP6A_NPAXAAV1@@Z@Z
?BroadcastMessageAny@Transform@@QAEXABVMessageIdentifier@@AAUMessageData@@@Z
?CalculateCachedClassID@Object@@CAXPAV1@@Z
?CalculateLocalAABB@@YA_NAAVGameObject@Unity@@PAVAABB@@@Z
?CalculateLocalTransformMatrix@Transform@@ABE?AW4TransformType@@AAVMatrix4x4f@@@Z

Sections

.text
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 687KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies.gdf
.dll windows:4 windows x86 arch:x86

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:a7:4d:b1:67:25:0d
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

26/10/2011, 13:20

Not After

26/10/2014, 13:20

Subject

CN=Rovio Entertainment Ltd.,OU=Technology,O=Rovio Entertainment Ltd.,L=Espoo,ST=Uusimaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9e:15:19:a7:ca:53:18:5a:63:7a:7f:be:33:5b:64:8d:35:af:93:68
Signer

Actual PE Digest

9e:15:19:a7:ca:53:18:5a:63:7a:7f:be:33:5b:64:8d:35:af:93:68

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/Assembly-CSharp-firstpass.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/Assembly-CSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/Ionic.Zip.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\DotNetZip\Zip\obj\Release\Ionic.Zip.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 449KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/Mono.Security.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/P31RestKit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/System.Core.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/System.Xml.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/System.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/UnityEngine.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 493KB - Virtual size: 493KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Managed/mscorlib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Mono/etc/mono/1.0/DefaultWsdlHelpGenerator.aspx
.js
$_1_/BadPiggies_Data/Mono/etc/mono/1.0/machine.config
.xml
$_1_/BadPiggies_Data/Mono/etc/mono/2.0/Browsers/Compat.browser
$_1_/BadPiggies_Data/Mono/etc/mono/2.0/DefaultWsdlHelpGenerator.aspx
.js
$_1_/BadPiggies_Data/Mono/etc/mono/2.0/machine.config
.xml
$_1_/BadPiggies_Data/Mono/etc/mono/2.0/settings.map
.xml
$_1_/BadPiggies_Data/Mono/etc/mono/2.0/web.config
.xml
$_1_/BadPiggies_Data/Mono/etc/mono/browscap.ini
$_1_/BadPiggies_Data/Mono/etc/mono/config
$_1_/BadPiggies_Data/Mono/etc/mono/mconfig/config.xml
.xml
$_1_/BadPiggies_Data/Mono/mono.dll
.dll windows:5 windows x86 arch:x86

bd260ac5dab6e5f9cfbc7f3f15645e5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\de0bdf8cacffc05\builds\embedruntimes\win32\mono.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ws2_32

__WSAFDIsSet
WSAGetLastError
select
WSASetLastError
getprotobyname
getservbyname
inet_ntoa
socket
WSACleanup
WSAStartup
gethostname
gethostbyaddr
inet_addr
gethostbyname
shutdown
setsockopt
getsockopt
sendto
WSASend
send
recvfrom
WSARecv
recv
WSAIoctl
connect
bind
htonl
htons
getpeername
getsockname
ntohs
ntohl
listen
accept
ioctlsocket
closesocket
WSASocketW
getservbyport

psapi

GetModuleFileNameExW
GetModuleBaseNameW
EnumProcesses
GetModuleInformation
EnumProcessModules

winmm

timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeSetEvent

mswsock

TransmitFile

kernel32

GetFullPathNameA
WideCharToMultiByte
RtlUnwind
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoW
SetHandleCount
IsProcessorFeaturePresent
HeapDestroy
HeapCreate
EncodePointer
IsDebuggerPresent
UnhandledExceptionFilter
FindFirstFileExW
HeapReAlloc
GetCommandLineA
DecodePointer
ExitProcess
CreateDirectoryA
MoveFileA
LocalFileTimeToFileTime
FindFirstFileExA
GetDriveTypeA
InitializeCriticalSectionAndSpinCount
SetStdHandle
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapFree
HeapAlloc
CreateFileA
VirtualAlloc
VirtualFree
VirtualQuery
Sleep
InterlockedCompareExchange
InterlockedExchange
GetSystemInfo
LocalFree
FormatMessageW
GetLastError
GetCurrentProcess
GetProcAddress
GetModuleHandleW
SetLastError
LoadLibraryW
SetErrorMode
FreeLibrary
CloseHandle
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
VirtualProtect
WaitForSingleObjectEx
ReleaseSemaphore
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
LeaveCriticalSection
EnterCriticalSection
SetFileAttributesW
CopyFileW
DeleteFileW
WriteFile
CreateFileW
ResumeThread
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
GetFileType
GetModuleFileNameW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
LCMapStringW
FindClose
FindFirstFileW
GetFileAttributesW
GetFileAttributesExW
CreateDirectoryW
RemoveDirectoryW
FindNextFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileW
ReplaceFileW
ReadFile
SetFilePointer
FlushFileBuffers
GetFileSize
SetEndOfFile
SetFileTime
GetStdHandle
CreatePipe
DuplicateHandle
GetTempPathW
LockFile
UnlockFile
ResetEvent
SetEvent
CreateSemaphoreW
CreateEventW
SystemTimeToFileTime
GetTimeZoneInformation
GetComputerNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetEnvironmentVariableW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
GetDriveTypeW
OutputDebugStringW
GlobalAlloc
GlobalReAlloc
GlobalFree
DeleteFileA
OpenProcess
GetCurrentProcessId
VerLanguageNameW
CreateProcessW
GetProcessTimes
GetExitCodeProcess
GetProcessWorkingSetSize
SetProcessWorkingSetSize
TerminateProcess
GetPriorityClass
SetPriorityClass
GetCurrentThread
GetVolumeInformationW
WaitForSingleObject
SleepEx
CreateMutexW
ReleaseMutex
OpenMutexW
OpenSemaphoreW
OpenEventW
OpenThread
GetExitCodeThread
ExitThread
WaitForMultipleObjectsEx
SignalObjectAndWait
QueueUserAPC
LoadLibraryA
GetSystemDirectoryA
FreeConsole
GetThreadContext
RemoveVectoredExceptionHandler
SetUnhandledExceptionFilter
AddVectoredExceptionHandler
MultiByteToWideChar
DebugBreak
SuspendThread
CreateThread
GetVersion
GetEnvironmentVariableW
GetACP
RaiseException
GetFileAttributesA
GetConsoleCP
GetConsoleMode
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
GetModuleFileNameA
GetProcessHeap
GetFullPathNameW
CompareStringW
SetEnvironmentVariableA
CreateProcessA
WriteConsoleW
HeapSize
GetVersionExW
GetCurrentThreadId

user32

SendMessageTimeoutW
WaitForInputIdle
MessageBoxA

advapi32

BuildTrusteeWithSidW
GetLengthSid
CopySid
AllocateAndInitializeSid
RevertToSelf
ImpersonateLoggedOnUser
DuplicateToken
GetTokenInformation
OpenThreadToken
OpenProcessToken
LookupAccountSidW
CryptReleaseContext
CryptAcquireContextW
CryptGenRandom
CreateProcessWithLogonW
FreeSid
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetEntriesInAclW
GetEffectiveRightsFromAclW

shell32

SHGetFolderPathW
ShellExecuteExW

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoInitializeEx
CoTaskMemRealloc

oleaut32

SysStringLen
SysFreeString
SysAllocStringLen
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim

Exports

Exports

g_free
mono_add_internal_call
mono_alloc_special_static_data
mono_array_addr_with_size
mono_array_class_get
mono_array_clone
mono_array_element_size
mono_array_new
mono_array_new_full
mono_array_new_specific
mono_assemblies_cleanup
mono_assemblies_init
mono_assembly_close
mono_assembly_fill_assembly_name
mono_assembly_foreach
mono_assembly_get_assemblyref
mono_assembly_get_image
mono_assembly_get_main
mono_assembly_get_object
mono_assembly_getrootdir
mono_assembly_invoke_load_hook
mono_assembly_invoke_search_hook
mono_assembly_load
mono_assembly_load_from
mono_assembly_load_from_full
mono_assembly_load_full
mono_assembly_load_module
mono_assembly_load_reference
mono_assembly_load_references
mono_assembly_load_with_partial_name
mono_assembly_loaded
mono_assembly_loaded_full
mono_assembly_name_parse
mono_assembly_names_equal
mono_assembly_open
mono_assembly_open_full
mono_assembly_set_main
mono_assembly_setrootdir
mono_bitset_alloc_size
mono_bitset_clear
mono_bitset_clear_all
mono_bitset_clone
mono_bitset_copyto
mono_bitset_count
mono_bitset_equal
mono_bitset_find_first
mono_bitset_find_first_unset
mono_bitset_find_last
mono_bitset_find_start
mono_bitset_foreach
mono_bitset_free
mono_bitset_intersection
mono_bitset_intersection_2
mono_bitset_invert
mono_bitset_mem_new
mono_bitset_new
mono_bitset_set
mono_bitset_set_all
mono_bitset_size
mono_bitset_sub
mono_bitset_test
mono_bitset_test_bulk
mono_bitset_union
mono_bounded_array_class_get
mono_check_corlib_version
mono_class_array_element_size
mono_class_data_size
mono_class_describe_statics
mono_class_enum_basetype
mono_class_from_generic_parameter
mono_class_from_mono_type
mono_class_from_name
mono_class_from_name_case
mono_class_from_typeref
mono_class_get
mono_class_get_byref_type
mono_class_get_element_class
mono_class_get_event_token
mono_class_get_events
mono_class_get_field
mono_class_get_field_from_name
mono_class_get_field_token
mono_class_get_fields
mono_class_get_flags
mono_class_get_full
mono_class_get_image
mono_class_get_interfaces
mono_class_get_method_from_name
mono_class_get_method_from_name_flags
mono_class_get_methods
mono_class_get_name
mono_class_get_namespace
mono_class_get_nested_types
mono_class_get_nesting_type
mono_class_get_parent
mono_class_get_properties
mono_class_get_property_from_name
mono_class_get_property_token
mono_class_get_rank
mono_class_get_type
mono_class_get_type_token
mono_class_inflate_generic_method
mono_class_inflate_generic_method_full
mono_class_inflate_generic_type
mono_class_init
mono_class_instance_size
mono_class_is_assignable_from
mono_class_is_enum
mono_class_is_generic
mono_class_is_inflated
mono_class_is_subclass_of
mono_class_is_valuetype
mono_class_min_align
mono_class_name_from_token
mono_class_num_events
mono_class_num_fields
mono_class_num_methods
mono_class_num_properties
mono_class_value_size
mono_class_vtable
mono_cli_rva_image_map
mono_code_manager_commit
mono_code_manager_destroy
mono_code_manager_foreach
mono_code_manager_invalidate
mono_code_manager_new
mono_code_manager_new_dynamic
mono_code_manager_reserve
mono_compile_method
mono_config_for_assembly
mono_config_parse
mono_config_parse_memory
mono_config_string_for_assembly_file
mono_context_get
mono_context_init
mono_context_set
mono_counters_dump
mono_counters_enable
mono_counters_register
mono_custom_attrs_construct
mono_custom_attrs_free
mono_custom_attrs_from_assembly
mono_custom_attrs_from_class
mono_custom_attrs_from_event
mono_custom_attrs_from_field
mono_custom_attrs_from_index
mono_custom_attrs_from_method
mono_custom_attrs_from_param
mono_custom_attrs_from_property
mono_custom_attrs_get_attr
mono_custom_attrs_has_attr
mono_debug_add_method
mono_debug_cleanup
mono_debug_close_mono_symbol_file
mono_debug_find_method
mono_debug_free_source_location
mono_debug_init
mono_debug_lookup_method
mono_debug_lookup_source_location
mono_debug_open_image_from_memory
mono_debug_open_mono_symbols
mono_debug_print_stack_frame
mono_debug_print_vars
mono_debug_symfile_lookup_location
mono_debug_symfile_lookup_method
mono_debug_using_mono_debugger
mono_debugger_breakpoint_callback
mono_debugger_check_runtime_version
mono_debugger_cleanup
mono_debugger_event
mono_debugger_handle_exception
mono_debugger_initialize
mono_debugger_insert_breakpoint
mono_debugger_insert_breakpoint_full
mono_debugger_lock
mono_debugger_method_has_breakpoint
mono_debugger_remove_breakpoint
mono_debugger_run_finally
mono_debugger_unlock
mono_declsec_flags_from_assembly
mono_declsec_flags_from_class
mono_declsec_flags_from_method
mono_declsec_get_assembly_action
mono_declsec_get_class_action
mono_declsec_get_demands
mono_declsec_get_inheritdemands_class
mono_declsec_get_inheritdemands_method
mono_declsec_get_linkdemands
mono_declsec_get_method_action
mono_digest_get_public_token
mono_disasm_code
mono_disasm_code_one
mono_dl_fallback_register
mono_dl_fallback_unregister
mono_dllmap_insert
mono_domain_add_class_static_data
mono_domain_assembly_open
mono_domain_create
mono_domain_create_appdomain
mono_domain_finalize
mono_domain_foreach
mono_domain_free
mono_domain_get
mono_domain_get_by_id
mono_domain_get_id
mono_domain_has_type_resolve
mono_domain_is_unloading
mono_domain_owns_vtable_slot
mono_domain_set
mono_domain_set_internal
mono_domain_try_type_resolve
mono_domain_unload
mono_environment_exitcode_get
mono_environment_exitcode_set
mono_escape_uri_string
mono_event_get_add_method
mono_event_get_flags
mono_event_get_name
mono_event_get_object
mono_event_get_parent
mono_event_get_raise_method
mono_event_get_remove_method
mono_exception_from_name
mono_exception_from_name_domain
mono_exception_from_name_msg
mono_exception_from_name_two_strings
mono_exception_from_token
mono_field_from_token
mono_field_get_data
mono_field_get_flags
mono_field_get_name
mono_field_get_object
mono_field_get_offset
mono_field_get_parent
mono_field_get_type
mono_field_get_value
mono_field_get_value_object
mono_field_set_value
mono_field_static_get_value
mono_field_static_set_value
mono_file_map
mono_file_unmap
mono_free_method
mono_free_verify_list
mono_g_hash_table_destroy
mono_g_hash_table_foreach
mono_g_hash_table_foreach_remove
mono_g_hash_table_insert
mono_g_hash_table_lookup
mono_g_hash_table_lookup_extended
mono_g_hash_table_new
mono_g_hash_table_new_full
mono_g_hash_table_new_type
mono_g_hash_table_remove
mono_g_hash_table_replace
mono_g_hash_table_size
mono_gc_collect
mono_gc_collection_count
mono_gc_enable_events
mono_gc_get_generation
mono_gc_get_heap_size
mono_gc_get_used_size
mono_gc_is_finalizer_thread
mono_gc_max_generation
mono_gc_out_of_memory
mono_gc_wbarrier_arrayref_copy
mono_gc_wbarrier_generic_store
mono_gc_wbarrier_set_arrayref
mono_gc_wbarrier_set_field
mono_gc_wbarrier_value_copy
mono_gchandle_free
mono_gchandle_get_target
mono_gchandle_is_in_domain
mono_gchandle_new
mono_gchandle_new_weakref
mono_get_array_class
mono_get_boolean_class
mono_get_byte_class
mono_get_char_class
mono_get_config_dir
mono_get_corlib
mono_get_dbnull_object
mono_get_delegate_invoke
mono_get_double_class
mono_get_enum_class
mono_get_exception_appdomain_unloaded
mono_get_exception_argument
mono_get_exception_argument_null
mono_get_exception_argument_out_of_range
mono_get_exception_arithmetic
mono_get_exception_array_type_mismatch
mono_get_exception_bad_image_format
mono_get_exception_bad_image_format2
mono_get_exception_cannot_unload_appdomain
mono_get_exception_class
mono_get_exception_divide_by_zero
mono_get_exception_execution_engine
mono_get_exception_file_not_found
mono_get_exception_file_not_found2
mono_get_exception_index_out_of_range
mono_get_exception_invalid_cast
mono_get_exception_invalid_operation
mono_get_exception_io
mono_get_exception_missing_field
mono_get_exception_missing_method
mono_get_exception_not_implemented
mono_get_exception_not_supported
mono_get_exception_null_reference
mono_get_exception_overflow
mono_get_exception_reflection_type_load
mono_get_exception_security
mono_get_exception_serialization
mono_get_exception_stack_overflow
mono_get_exception_synchronization_lock
mono_get_exception_thread_abort
mono_get_exception_thread_interrupted
mono_get_exception_thread_state
mono_get_exception_type_initialization
mono_get_exception_type_load
mono_get_inflated_method
mono_get_int16_class
mono_get_int32_class
mono_get_int64_class
mono_get_intptr_class
mono_get_machine_config
mono_get_method
mono_get_method_constrained
mono_get_method_full
mono_get_object_class
mono_get_root_domain
mono_get_sbyte_class
mono_get_single_class
mono_get_special_static_data
mono_get_string_class
mono_get_thread_class
mono_get_uint16_class
mono_get_uint32_class
mono_get_uint64_class
mono_get_uintptr_class
mono_get_void_class
mono_guid_to_string
mono_image_add_to_name_cache
mono_image_addref
mono_image_close
mono_image_ensure_section
mono_image_ensure_section_idx
mono_image_get_assembly
mono_image_get_entry_point
mono_image_get_filename
mono_image_get_guid
mono_image_get_name
mono_image_get_public_key
mono_image_get_resource
mono_image_get_strong_name
mono_image_get_table_info
mono_image_get_table_rows
mono_image_has_authenticode_entry
mono_image_init
mono_image_init_name_cache
mono_image_is_dynamic
mono_image_load_file_for_image
mono_image_loaded
mono_image_loaded_by_guid
mono_image_loaded_by_guid_full
mono_image_loaded_full
mono_image_lookup_resource
mono_image_open
mono_image_open_from_data
mono_image_open_from_data_full
mono_image_open_from_data_with_name
mono_image_open_full
mono_image_rva_map
mono_image_strerror
mono_image_strong_name_position
mono_image_verify_tables
mono_images_cleanup
mono_images_init
mono_init
mono_init_from_assembly
mono_init_version
mono_inst_name
mono_install_assembly_load_hook
mono_install_assembly_postload_refonly_search_hook
mono_install_assembly_postload_search_hook
mono_install_assembly_preload_hook
mono_install_assembly_refonly_preload_hook
mono_install_assembly_refonly_search_hook
mono_install_assembly_search_hook
mono_install_runtime_cleanup
mono_jit_cleanup
mono_jit_exec
mono_jit_info_get_code_size
mono_jit_info_get_code_start
mono_jit_info_get_method
mono_jit_info_table_find
mono_jit_init
mono_jit_init_version
mono_jit_parse_options
mono_jit_set_trace_options
mono_jit_thread_attach
mono_ldstr
mono_ldtoken
mono_load_remote_field
mono_load_remote_field_new
mono_loader_error_prepare_exception
mono_loader_get_last_error
mono_locks_dump
mono_lookup_internal_call
mono_lookup_pinvoke_call
mono_main
mono_marshal_string_to_utf16
mono_mb_free
mono_md5_final
mono_md5_get_digest
mono_md5_get_digest_from_file
mono_md5_init
mono_md5_update
mono_mempool_alloc
mono_mempool_alloc0
mono_mempool_contains_addr
mono_mempool_destroy
mono_mempool_empty
mono_mempool_get_allocated
mono_mempool_invalidate
mono_mempool_new
mono_mempool_stats
mono_mempool_strdup
mono_metadata_blob_heap
mono_metadata_cleanup
mono_metadata_compute_size
mono_metadata_custom_attrs_from_index
mono_metadata_declsec_from_index
mono_metadata_decode_blob_size
mono_metadata_decode_row
mono_metadata_decode_row_col
mono_metadata_decode_signed_value
mono_metadata_decode_table_row
mono_metadata_decode_table_row_col
mono_metadata_decode_value
mono_metadata_encode_value
mono_metadata_events_from_typedef
mono_metadata_field_info
mono_metadata_free_array
mono_metadata_free_marshal_spec
mono_metadata_free_method_signature
mono_metadata_free_mh
mono_metadata_free_type
mono_metadata_generic_class_is_valuetype
mono_metadata_get_constant_index
mono_metadata_get_generic_param_row
mono_metadata_get_marshal_info
mono_metadata_get_param_attrs
mono_metadata_guid_heap
mono_metadata_implmap_from_method
mono_metadata_init
mono_metadata_interfaces_from_typedef
mono_metadata_load_generic_param_constraints
mono_metadata_load_generic_params
mono_metadata_locate
mono_metadata_locate_token
mono_metadata_methods_from_event
mono_metadata_methods_from_property
mono_metadata_nested_in_typedef
mono_metadata_nesting_typedef
mono_metadata_packing_from_typedef
mono_metadata_parse_array
mono_metadata_parse_custom_mod
mono_metadata_parse_field_type
mono_metadata_parse_marshal_spec
mono_metadata_parse_method_signature
mono_metadata_parse_method_signature_full
mono_metadata_parse_mh
mono_metadata_parse_mh_full
mono_metadata_parse_param
mono_metadata_parse_signature
mono_metadata_parse_type
mono_metadata_parse_type_full
mono_metadata_parse_typedef_or_ref
mono_metadata_properties_from_typedef
mono_metadata_signature_alloc
mono_metadata_signature_dup
mono_metadata_signature_equal
mono_metadata_string_heap
mono_metadata_token_from_dor
mono_metadata_translate_token_index
mono_metadata_type_equal
mono_metadata_type_hash
mono_metadata_typedef_from_field
mono_metadata_typedef_from_method
mono_metadata_user_string
mono_method_body_get_object
mono_method_desc_free
mono_method_desc_from_method
mono_method_desc_full_match
mono_method_desc_match
mono_method_desc_new
mono_method_desc_search_in_class
mono_method_desc_search_in_image
mono_method_full_name
mono_method_get_class

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 772KB - Virtual size: 771KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Plugins/Common.dll
.dll windows:5 windows x86 arch:x86

0eb0b58c2953d94b4a53b26bbc0572f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\rovio\WhenPigsFly\branches\1.2\proto_unity_project\Assets\Plugins\Windows\project\Common\Release\Common.pdb

Imports

user32

FindWindowW
ShowWindow
MessageBoxW

kernel32

GetModuleFileNameA
IsProcessorFeaturePresent
HeapSize
GetStringTypeW
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
GetLastError
InterlockedDecrement
GetProcAddress
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
HeapReAlloc
LoadLibraryW
WriteFile
GetModuleFileNameW
RtlUnwind
LCMapStringW
MultiByteToWideChar

Exports

Exports

ShowErrorMessage

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Plugins/Ionic.Zip.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\DotNetZip\Zip\obj\Release\Ionic.Zip.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 449KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Plugins/P31RestKit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/BadPiggies_Data/Resources/unity default resources
$_1_/BadPiggies_Data/Resources/unity_builtin_extra
$_1_/BadPiggies_Data/ScreenSelector.bmp
$_1_/BadPiggies_Data/level0
$_1_/BadPiggies_Data/level1
$_1_/BadPiggies_Data/level10
$_1_/BadPiggies_Data/level11
$_1_/BadPiggies_Data/level12
$_1_/BadPiggies_Data/level13
$_1_/BadPiggies_Data/level14
$_1_/BadPiggies_Data/level15
$_1_/BadPiggies_Data/level16
$_1_/BadPiggies_Data/level17
$_1_/BadPiggies_Data/level18
$_1_/BadPiggies_Data/level19
$_1_/BadPiggies_Data/level2
$_1_/BadPiggies_Data/level20
$_1_/BadPiggies_Data/level21
$_1_/BadPiggies_Data/level22
$_1_/BadPiggies_Data/level23
$_1_/BadPiggies_Data/level24
$_1_/BadPiggies_Data/level25
$_1_/BadPiggies_Data/level3
$_1_/BadPiggies_Data/level4
$_1_/BadPiggies_Data/level5
$_1_/BadPiggies_Data/level6
$_1_/BadPiggies_Data/level7
$_1_/BadPiggies_Data/level8
$_1_/BadPiggies_Data/level9
$_1_/BadPiggies_Data/mainData
$_1_/BadPiggies_Data/resources.assets
$_1_/BadPiggies_Data/sharedassets0.assets
$_1_/BadPiggies_Data/sharedassets1.assets
$_1_/BadPiggies_Data/sharedassets10.assets
$_1_/BadPiggies_Data/sharedassets11.assets
$_1_/BadPiggies_Data/sharedassets12.assets
$_1_/BadPiggies_Data/sharedassets13.assets
$_1_/BadPiggies_Data/sharedassets14.assets
$_1_/BadPiggies_Data/sharedassets15.assets
$_1_/BadPiggies_Data/sharedassets16.assets
$_1_/BadPiggies_Data/sharedassets17.assets
$_1_/BadPiggies_Data/sharedassets18.assets
$_1_/BadPiggies_Data/sharedassets19.assets
$_1_/BadPiggies_Data/sharedassets2.assets
$_1_/BadPiggies_Data/sharedassets20.assets
$_1_/BadPiggies_Data/sharedassets21.assets
$_1_/BadPiggies_Data/sharedassets22.assets
$_1_/BadPiggies_Data/sharedassets23.assets
$_1_/BadPiggies_Data/sharedassets24.assets
$_1_/BadPiggies_Data/sharedassets25.assets
$_1_/BadPiggies_Data/sharedassets26.assets
$_1_/BadPiggies_Data/sharedassets3.assets
$_1_/BadPiggies_Data/sharedassets4.assets
$_1_/BadPiggies_Data/sharedassets5.assets
$_1_/BadPiggies_Data/sharedassets6.assets
$_1_/BadPiggies_Data/sharedassets7.assets
$_1_/BadPiggies_Data/sharedassets8.assets
$_1_/BadPiggies_Data/sharedassets9.assets
$_1_/Bonus/Cheats/Bad Piggies - Saves By Yikem/Info.txt
$_1_/Bonus/Cheats/Bad Piggies - Saves By Yikem/Rovio/Bad Piggies/Progress.dat
$_1_/Bonus/Help/Command line arguments.txt
$_1_/Bonus/Icons/BP_R&S.ico
$_1_/Bonus/Original/BadPiggies_Data/Managed/Assembly-CSharp.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 671KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/Bonus/Original/updater.exe
.exe windows:5 windows x86 arch:x86

f2f57350b9c2600f5fbed3e3dd4488a1

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:a7:4d:b1:67:25:0d
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

26/10/2011, 13:20

Not After

26/10/2014, 13:20

Subject

CN=Rovio Entertainment Ltd.,OU=Technology,O=Rovio Entertainment Ltd.,L=Espoo,ST=Uusimaa,C=FI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cd:09:54:19:f5:02:78:17:1e:bc:6d:c5:99:30:64:b8:53:0a:a1:9f
Signer

Actual PE Digest

cd:09:54:19:f5:02:78:17:1e:bc:6d:c5:99:30:64:b8:53:0a:a1:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\BranchAI\win\Release\stubs\x86u\Updater.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetCrackUrlW
InternetCloseHandle
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetQueryOptionW
InternetErrorDlg
FtpFindFirstFileW
FtpOpenFileW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetSetOptionW

msi

ord173

kernel32

GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
RtlUnwind
LocalFree
LocalAlloc
LoadLibraryW
GetProcAddress
GetLastError
RaiseException
FreeLibrary
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcmpiW
CompareStringW
GetTickCount
Sleep
WaitForSingleObject
GetExitCodeThread
TerminateThread
CloseHandle
SetLastError
CreateThread
CreateEventW
SetEvent
CreateFileW
SetFilePointer
GetFileSize
DeleteFileW
MoveFileW
WriteFile
FlushFileBuffers
ResetEvent
MulDiv
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
lstrcpynW
CreateProcessW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
CompareFileTime
CopyFileW
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemDefaultLangID
GetACP
SetFileAttributesW
GetTempPathW
RemoveDirectoryW
GetSystemTime
FileTimeToLocalFileTime
GetDateFormatW
GetLocaleInfoA
GetFileTime
FindFirstFileW
GetLocaleInfoW
GetExitCodeProcess
ReadFile
FindClose
FormatMessageW
GetCurrentProcess
FlushInstructionCache
GetTempFileNameW
CreateDirectoryW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
CreateMutexW
OpenFileMappingW
OpenEventW
GetEnvironmentVariableW
GetModuleHandleW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
OpenProcess
GetProcessHeap
HeapAlloc
HeapFree
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
FreeEnvironmentStringsW
GetStartupInfoW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
HeapSize
HeapReAlloc
HeapDestroy
LoadLibraryA
InterlockedExchange
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
IsValidCodePage
GetTimeFormatW
GetModuleHandleA

user32

RemovePropW
GetMessagePos
GetWindowDC
DrawEdge
LoadIconW
GetActiveWindow
DialogBoxParamW
GetSystemMenu
DrawMenuBar
DestroyIcon
SetTimer
LoadImageW
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
PostQuitMessage
RegisterWindowMessageW
SetMenuDefaultItem
GetMenuItemID
MonitorFromPoint
GetPropW
SetPropW
MessageBoxW
ShowWindow
EndDialog
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
MapWindowPoints
GetDlgItem
IsWindowVisible
GetDesktopWindow
DrawFocusRect
GetFocus
GetSysColor
EnableWindow
GetSubMenu
PostMessageW
LoadMenuW
GetClassInfoExW
RegisterClassExW
ModifyMenuW
TrackPopupMenu
IsWindowEnabled
FillRect
GetDlgCtrlID
OffsetRect
DrawTextW
GetClientRect
ReleaseDC
EnableMenuItem
DestroyMenu
LockWindowUpdate
GetSystemMetrics
GetDC
CharNextW
ScreenToClient
GetCursorPos
ReleaseCapture
GetCapture
SetCapture
SetFocus
UpdateWindow
SetCursor
PtInRect
InvalidateRect
EndPaint
BeginPaint
DestroyWindow
IsWindow
GetWindowTextLengthW
CreateWindowExW
SystemParametersInfoW
LoadCursorW
SetWindowPos
GetClassNameW
SetRectEmpty
RedrawWindow
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetWindowLongW
LoadStringW
GetParent
SetWindowTextW
SendMessageW
UnregisterClassA
GetWindowTextW

gdi32

SetTextColor
PatBlt
CreateBitmap
SetBkMode
GetDeviceCaps
CreateFontW
SelectObject
GetObjectW
GetStockObject
CreatePatternBrush
CreateFontIndirectW
DeleteObject

shell32

SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteW
SHBrowseForFolderW

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoUninitialize
CoInitializeEx

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
PropertySheetW
DestroyPropertySheetPage
_TrackMouseEvent
CreatePropertySheetPageW

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_1_/Bonus/Original/updater.ini
$_1_/Info.txt
$_1_/bplauncher.exe
.exe windows:5 windows x86 arch:x86

8d13788f23b715d5d64ff8f3f44ba6e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExW

user32

LoadStringW

msimg32

AlphaBlend

gdi32

UnrealizeObject

version

VerQueryValueW

ole32

OleUninitialize

comctl32

InitializeFlatSB

shell32

ShellExecuteW

winspool.drv

OpenPrinterW

Sections

.text
Size: 322KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 353KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be41bf7b8cc010b614bd36bbca606973

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 772KB

.rsrc Size: 154KB - Virtual size: 153KB

.reloc Size: 4KB - Virtual size: 3KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 24KB

UPX1 Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 276B

.rsrc Size: 1024B - Virtual size: 840B

.reloc Size: 1024B - Virtual size: 828B

cd90e33ffbc335413a25300c682c83df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

7efb019e000b6e0291c32d00fe622590

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 318B

.reloc Size: 1024B - Virtual size: 596B

039bcbc605477e8e87ec550c2e60e748

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 772KB

.rsrc
Size: 154KB - Virtual size: 153KB

.reloc
Size: 4KB - Virtual size: 3KB

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 276B

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 1024B - Virtual size: 828B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 318B

.reloc
Size: 1024B - Virtual size: 596B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 772KB

.rsrc
Size: 154KB - Virtual size: 153KB

.reloc
Size: 4KB - Virtual size: 3KB

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 276B

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 1024B - Virtual size: 828B

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 2KB