blackmoon | 34954dbb5822ce123c121371b83d96df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34954dbb5822ce123c121371b83d96df_JaffaCakes118
Size

2.5MB
MD5

34954dbb5822ce123c121371b83d96df
SHA1

ce52ffc54945ebfc15549b71c718894717fbb0d3
SHA256

9c6f10bf783a1f65ccddf990c4b8e3746fba2f573493ea69ed3c3819a1cf1205
SHA512

e8a912037211d09565e30d7b3079151b21ade0f067303e4453a7423cd0335b20187b6e77231becd075ee1b6d2882016bfa7560ac66df36878f2e1d96d3bdc1c3
SSDEEP

49152:eH78Y983nt40BvdipZX3+mtcsPY+yJY8YgfwcylLfmdDOut7+e+ffPyKT83EQk:eHcXt4wWIUFPtSYIwcWLCftae+Xq88U/

Score

10^/10

blackmoon

Malware Config

Signatures

Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
static1/unpack001/软件印章大师2012 绿色破解版/印章制作.exe	family_blackmoon

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack001/软件印章大师2012 绿色破解版/Comdata.dll
unpack001/软件印章大师2012 绿色破解版/Comlfyfun.dll
unpack001/软件印章大师2012 绿色破解版/MFC42D.DLL
unpack001/软件印章大师2012 绿色破解版/MSVCRTD.DLL
unpack001/软件印章大师2012 绿色破解版/MyDll.dll
unpack001/软件印章大师2012 绿色破解版/msvrtd.dll
unpack001/软件印章大师2012 绿色破解版/印章制作.exe
unpack001/软件印章大师2012 绿色破解版/印章制作大师 8.0另类注册器.exe

Files

34954dbb5822ce123c121371b83d96df_JaffaCakes118
.rar
软件印章大师2012 绿色破解版/Comdata.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ShowAboutBox
ShowPrintSetupBox
ShowRegBox
ShowSealSaveToImage
Show_frmHelp

Sections

CODE
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 868KB - Virtual size: 868KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/Comlfyfun.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CopyAFile
JugeWindowsTypeIsNT
LoadSplashImage
SearchAFile
SetBkGnd

Sections

CODE
Size: 450KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/ESUninst.rtf
.rtf
软件印章大师2012 绿色破解版/MFC42D.DLL
.dll windows:4 windows x86 arch:x86

758f4745f1597b57f518e37f66808aa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrtd

_initterm
?terminate@@YAXXZ
_onexit
_adjust_fdiv
__dllonexit
??1type_info@@UAE@XZ
_splitpath
_fullpath
atol
_CxxThrowException
__p___argc
__p___argv
_beginthreadex
_endthreadex
_mbsdec
_strdup
_expand
sprintf
strtod
strtol
strtoul
abs
calloc
_msize
_purecall
strftime
_mbctype
ctime
localtime
gmtime
time
mktime
_ismbcspace
_mbclen
_mbsnbcmp
atoi
_ismbcdigit
vsprintf
_mbsrchr
_mbscspn
_mbsspn
_mbsstr
_mbsrev
_mbslwr
_mbsupr
_mbspbrk
_mbschr
free
realloc
malloc
fclose
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
_mbsinc
_mbsicoll
_mbscoll
_mbsicmp
_mbscmp
abort
_CrtDoForAllClientObjects
_CrtMemDumpAllObjectsSince
_CrtMemCheckpoint
_CrtMemDumpStatistics
_CrtMemDifference
memset
_CrtIsMemoryBlock
_CrtCheckMemory
_CrtSetBreakAlloc
_CrtSetAllocHook
_malloc_dbg
_free_dbg
_vsnprintf
_CrtDumpMemoryLeaks
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportHook
_CrtSetReportMode
_except_handler3
memcmp
memmove
memcpy
_gcvt
_CrtDbgReport
wcslen
__CxxFrameHandler

kernel32

GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
FileTimeToSystemTime
SizeofResource
GetProfileIntA
VirtualProtect
InterlockedExchange
SetErrorMode
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetSystemDirectoryA
MulDiv
FreeLibrary
FindResourceA
LoadResource
LockResource
FreeResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
CreateMutexA
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
PulseEvent
SetEvent
WaitForSingleObject
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetOEMCP
SearchPathA
WideCharToMultiByte
FormatMessageA
LocalFree
SetFileAttributesA
InterlockedDecrement
InterlockedIncrement
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GetFileAttributesA
GetFileTime
GetFileSize
GlobalReAlloc
GlobalFree
GlobalUnlock
GlobalSize
GlobalAlloc
GlobalLock
lstrcmpiA
GetModuleFileNameA
GetShortPathNameA
GetFullPathNameA
GetThreadLocale
GetStringTypeExA
FindClose
GetVolumeInformationA
FindFirstFileA
LoadLibraryA
lstrcpyA
MultiByteToWideChar
MoveFileA
GetProcAddress
DeleteFileA
LockFile
SetEndOfFile
UnlockFile
SetFilePointer
CloseHandle
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SuspendThread
GetCurrentProcess
DuplicateHandle
SetThreadPriority
ResumeThread
GetThreadPriority
lstrlenA
GetPrivateProfileIntA
lstrcmpA
IsBadStringPtrA
IsBadReadPtr
IsBadWritePtr
GetLastError
IsBadStringPtrW
lstrcpynA
LocalLock
SetLastError
GetTempPathA
FileTimeToLocalFileTime
GetCPInfo
GetCurrentThread
RaiseException

gdi32

GetOutlineTextMetricsA
TextOutA
PlayMetaFile
EnumMetaFile
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
DeleteMetaFile
IntersectClipRect
SetWindowOrgEx
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
DeleteObject
StretchDIBits
DeleteDC
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
PlayEnhMetaFile
GdiComment
WidenPath
StrokePath
StrokeAndFillPath
SetMiterLimit
GetPath
GetMiterLimit
FlattenPath
FillPath
EndPath
CloseFigure
BeginPath
AbortPath
GetCharWidthFloatA
GetCharABCWidthsFloatA
ExtEscape
DrawEscape
PolyBezier
GetCurrentObject
GetColorAdjustment
PolyPolyline
GetArcDirection
AngleArc
SetPixelV
PlgBlt
MaskBlt
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
GetGlyphOutlineA
GetKerningPairsA
GetFontData
GetCharABCWidthsA
ResetDCA
GetBoundsRect
SetBoundsRect
Escape
GetAspectRatioFilterEx
GetCharWidthA
GetTextCharacterExtra
GetTextMetricsA
GetTextFaceA
GetTextAlign
SetPixel
GetPixel
FloodFill
BitBlt
PatBlt
StretchBlt
Rectangle
PolyPolygon
RoundRect
Pie
Ellipse
Polygon
Polyline
Arc
Chord
RectVisible
PtVisible
GetCurrentPositionEx
InvertRgn
FrameRgn
PaintRgn
LPtoDP
DPtoLP
FillRgn
GetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
GetMapMode
GetTextColor
GetViewportOrgEx
GetROP2
GetPolyFillMode
GetStretchBltMode
GetBkColor
UpdateColors
GetBkMode
GetNearestColor
SelectObject
RealizePalette
SetBrushOrgEx
GetBrushOrgEx
EnumObjects
CreateCompatibleDC
CreateICA
GetDeviceCaps
RectInRegion
PtInRegion
CreateDCA
OffsetRgn
EqualRgn
GetRgnBox
SetRectRgn
GetRegionData
CombineRgn
PathToRegion
CreateRoundRectRgn
ExtCreateRegion
CreatePolygonRgn
CreateEllipticRgnIndirect
ExtFloodFill
GetTextExtentPoint32A
CreatePolyPolygonRgn
CreateEllipticRgn
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetNearestPaletteIndex
AnimatePalette
SetPaletteEntries
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
CreateCompatibleBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
SetBitmapBits
CreateBitmapIndirect
CreateBitmap
CreateFontA
CreateFontIndirectA
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
CreatePenIndirect
CreatePen
GetObjectType
UnrealizeObject
GetStockObject
GetObjectA
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA

user32

SetClipboardViewer
SendMessageA
IsWindow
PostMessageA
TabbedTextOutA
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
UnionRect
SubtractRect
GetSysColorBrush
LoadBitmapA
WindowFromDC
ExcludeUpdateRgn
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
DrawEdge
DrawFrameControl
DrawFocusRect
DrawTextA
GetTabbedTextExtentA
GrayStringA
ScrollDC
CreateMenu
CreatePopupMenu
IsMenu
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMenuItemInfoA
GetSubMenu
InsertMenuA
ModifyMenuA
RemoveMenu
SetMenuItemBitmaps
LoadMenuA
LoadMenuIndirectA
SetMenuContextHelpId
GetMenuContextHelpId
CheckMenuRadioItem
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
HiliteMenuItem
IsIconic
IsZoomed
ArrangeIconicWindows
SetWindowRgn
GetWindowRgn
BringWindowToTop
GetWindowRect
GetClientRect
MapWindowPoints
ClientToScreen
ScreenToClient
BeginPaint
EndPaint
GetDC
GetWindowDC
ReleaseDC
UpdateWindow
GetUpdateRect
GetUpdateRgn
InvalidateRect
InvalidateRgn
ValidateRect
ValidateRgn
IsWindowVisible
ShowOwnedPopups
GetDCEx
LockWindowUpdate
RedrawWindow
EnableScrollBar
SetTimer
KillTimer
GetActiveWindow
SetActiveWindow
GetCapture
SetCapture
GetFocus
GetDesktopWindow
DlgDirListA
DlgDirListComboBoxA
DlgDirSelectExA
DlgDirSelectComboBoxExA
GetNextDlgGroupItem
GetNextDlgTabItem
ShowScrollBar
ChildWindowFromPoint
ChildWindowFromPointEx
FindWindowA
GetWindow
GetTopWindow
GetLastActivePopup
IsChild
GetParent
SetParent
WindowFromPoint
FlashWindow
ChangeClipboardChain
PeekMessageA
OpenClipboard
GetOpenClipboardWindow
GetClipboardOwner
GetClipboardViewer
CreateCaret
GetCaretPos
SetCaretPos
HideCaret
ShowCaret
SetForegroundWindow
GetForegroundWindow
SendNotifyMessageA
SetWindowContextHelpId
GetWindowContextHelpId
EnableWindow
MapDialogRect
GetWindowLongA
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
PostThreadMessageA
LoadCursorA
LoadIconA
CloseWindow
OpenIcon
CharUpperA
GetSystemMetrics
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindowPlacement
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetDlgCtrlID
GetClassNameA
DefWindowProcA
DestroyWindow
GetKeyState
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
RegisterClassA
GetClassInfoA
WinHelpA
MessageBoxA
SetScrollInfo
GetScrollInfo
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
AdjustWindowRectEx
SetFocus
DispatchMessageA
GetSysColor
SendDlgItemMessageA
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
IsWindowEnabled
ShowWindow
DestroyMenu
ReuseDDElParam
UnpackDDElParam
WaitMessage
GetCursorPos
TranslateMessage
GetMessageA
GetWindowThreadProcessId
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
CreateDialogIndirectParamA
EndDialog
wvsprintfA
GetAsyncKeyState
GetDialogBaseUnits
GetClipboardFormatNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
IsClipboardFormatAvailable
MessageBeep
UnregisterClassA
LoadStringA
PostQuitMessage
wsprintfA

Sections

.text
Size: 680KB - Virtual size: 677KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/MSVCRTD.DLL
.dll windows:4 windows x86 arch:x86

aafabb794a4fc88d1217ad6b5bf28840

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
ResumeThread
GetLastError
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
HeapValidate
GetProcAddress
LoadLibraryA
DebugBreak
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapCompact
HeapWalk
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime
GetModuleHandleA

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportMode
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__crtAssertBusy
__p__crtBreakAlloc
__p__crtDbgFlag
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_calloc_dbg
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_crtAssertBusy
_crtBreakAlloc
_crtDbgFlag
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_expand_dbg
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_free_dbg
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_malloc_dbg
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_msize_dbg
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_realloc_dbg
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone

Sections

.text
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/MyDll.dll
.dll windows:4 windows x86 arch:x86

47c45712129c77f81e4a75b45916146f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42d

ord1880
ord1860
ord4415
ord3231
ord1033
ord4130
ord1789
ord2661
ord4227
ord4229
ord2104
ord3366
ord3826
ord4239
ord4215
ord4408
ord3244
ord2340
ord2481
ord2584
ord3691
ord2473
ord2585
ord2341
ord2432
ord2339
ord3143
ord3144
ord3142
ord2431
ord3367
ord3784
ord3657
ord2021
ord1285
ord4492
ord2986
ord528
ord728
ord706
ord550
ord1862
ord284
ord574
ord4195
ord3629
ord3702
ord4017
ord3831
ord4753
ord3362
ord1364
ord3651
ord4176
ord1781
ord4118
ord5076
ord3618
ord4208
ord2078
ord1310
ord3069
ord3944
ord3670
ord2076
ord1566
ord5078
ord3002
ord4064
ord1344
ord4191
ord1830
ord1631
ord4205
ord3786
ord3658
ord1952
ord1228
ord2875
ord317
ord1857
ord3524
ord1110
ord1189
ord1191
ord1087
ord1114
ord1041
ord719
ord333
ord1157
ord1101
ord1179
ord5077
ord3948
ord3552
ord285
ord726
ord551
ord1192
ord1166
ord1164
ord1186
ord1129
ord1050

msvcrtd

??1type_info@@UAE@XZ
??3@YAXPAX@Z
_adjust_fdiv
_malloc_dbg
_initterm
_free_dbg
_onexit
__dllonexit
__CxxFrameHandler
_chkesp

kernel32

LocalFree
LocalAlloc

Exports

Exports

About

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/Spx_wuyuan.png
.png
软件印章大师2012 绿色破解版/XP系统之家.url
.url
软件印章大师2012 绿色破解版/msvrtd.dll
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 287KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Silvana
Size: 526B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
软件印章大师2012 绿色破解版/使用说明.txt
软件印章大师2012 绿色破解版/印章/样品印章.yzw
软件印章大师2012 绿色破解版/印章制作.exe
.exe windows:4 windows x86 arch:x86

d269fc5ffda5468986bcd9b52bbf0027

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

atl

ord42

kernel32

HeapReAlloc
HeapFree
IsBadReadPtr
CloseHandle
WaitForSingleObject
CreateProcessA
GetStartupInfoA
Sleep
FindNextFileA
FindFirstFileA
FindClose
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
WriteFile
CreateFileA
GetTickCount
SetFileAttributesA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
ExitProcess
GetModuleHandleA
GetProcessHeap
RtlMoveMemory
SetWaitableTimer
CreateWaitableTimerA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateThread
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
LCMapStringW
VirtualAlloc

shlwapi

PathFileExistsA

user32

TranslateMessage
wsprintfA
GetMessageA
GetMenuInfo
SetMenuInfo
TrackMouseEvent
MsgWaitForMultipleObjects
MessageBoxA
PeekMessageA
DispatchMessageA

shell32

DragAcceptFiles
Shell_NotifyIconA
DragFinish
DragQueryFileA

advapi32

RegDeleteKeyA
RegOpenKeyA
RegDeleteValueA
RegEnumKeyA
RegSetValueExA
RegFlushKey
RegQueryValueExA
RegEnumValueA
RegCloseKey
RegCreateKeyA

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60.1MB - Virtual size: 60.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/印章制作大师 8.0另类注册器.exe
.exe windows:4 windows x86 arch:x86

83494aee459d6893b74827f3cd2d89e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord516
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenBstrB
_adj_fdiv_m32
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
ord616
_CIatan
__vbaStrMove
ord650
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
软件印章大师2012 绿色破解版/徽标图案库/CB.bmp
软件印章大师2012 绿色破解版/徽标图案库/CB1.bmp
软件印章大师2012 绿色破解版/徽标图案库/CBB.bmp
软件印章大师2012 绿色破解版/徽标图案库/DHM2.bmp
软件印章大师2012 绿色破解版/徽标图案库/储蓄A.bmp
软件印章大师2012 绿色破解版/徽标图案库/储蓄B.bmp
软件印章大师2012 绿色破解版/徽标图案库/党徽A.bmp
软件印章大师2012 绿色破解版/徽标图案库/党徽B.bmp
软件印章大师2012 绿色破解版/徽标图案库/八一军徽A.bmp
软件印章大师2012 绿色破解版/徽标图案库/八一军徽B.bmp
软件印章大师2012 绿色破解版/徽标图案库/国徽.bmp
软件印章大师2012 绿色破解版/徽标图案库/工商银行.bmp

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 532KB - Virtual size: 531KB

DATA Size: 8KB - Virtual size: 8KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 177B

.reloc Size: 34KB - Virtual size: 33KB

.rsrc Size: 868KB - Virtual size: 868KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 450KB - Virtual size: 450KB

DATA Size: 7KB - Virtual size: 6KB

BSS Size: - Virtual size: 2KB

.idata Size: 9KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 171B

.reloc Size: 26KB - Virtual size: 25KB

.rsrc Size: 109KB - Virtual size: 109KB

758f4745f1597b57f518e37f66808aa1

Headers

File Characteristics

Imports

msvcrtd

kernel32

gdi32

user32

Sections

.text Size: 680KB - Virtual size: 677KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 32KB - Virtual size: 29KB

.reloc Size: 52KB - Virtual size: 49KB

aafabb794a4fc88d1217ad6b5bf28840

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 304KB - Virtual size: 301KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 16KB - Virtual size: 13KB

47c45712129c77f81e4a75b45916146f

Headers

File Characteristics

Imports

mfc42d

msvcrtd

kernel32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 6KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 4KB - Virtual size: 1KB

Headers

File Characteristics

Sections

CODE Size: 1.2MB - Virtual size: 1.2MB

DATA Size: 16KB - Virtual size: 15KB

BSS Size: - Virtual size: 3KB

.idata Size: 11KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

CODE
Size: 532KB - Virtual size: 531KB

DATA
Size: 8KB - Virtual size: 8KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 177B

.reloc
Size: 34KB - Virtual size: 33KB

.rsrc
Size: 868KB - Virtual size: 868KB

CODE
Size: 450KB - Virtual size: 450KB

DATA
Size: 7KB - Virtual size: 6KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 9KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 171B

.reloc
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 109KB - Virtual size: 109KB

.text
Size: 680KB - Virtual size: 677KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 32KB - Virtual size: 29KB

.reloc
Size: 52KB - Virtual size: 49KB

.text
Size: 304KB - Virtual size: 301KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 16KB - Virtual size: 13KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 4KB - Virtual size: 1KB

CODE
Size: 1.2MB - Virtual size: 1.2MB

DATA
Size: 16KB - Virtual size: 15KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 11KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 82KB - Virtual size: 81KB

.rsrc
Size: 287KB - Virtual size: 288KB

.Silvana
Size: 526B - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 60.1MB - Virtual size: 60.2MB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB