webmonitor | 4c48175a44d89ef8d6c92b8473eba6a6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c48175a44d89ef8d6c92b8473eba6a6_JaffaCakes118
Size

5.2MB
MD5

4c48175a44d89ef8d6c92b8473eba6a6
SHA1

de0541f008f9e606f799069d90d9f3ebd9d1a70d
SHA256

d482d7e39076ad62091622475baa816ca68e88f144253e42a9cdf42fe6473fa5
SHA512

ecf4d3cc409654e17c9d1d4c142ce14ee52630a7715663049899e37a6528c65294e5df41bd3d567d8e4887375a700ca3916469a38ffe85dfada03cffac878d7e
SSDEEP

98304:RK6MK+15ZA/wFkzThIeqpxRpJHXOAd2QNXZTIpKskI5XzCh6XcY2R9tR:RK6yZhkhI7pJH+MRhIgsJGh6XWRTR

Score

10^/10

upx webmonitor

Malware Config

Extracted

Family

webmonitor

kamilw1337.wm01.to:443

Attributes

config_key
a72oDI537AbYRjeItTOo34O25nOyaPFK
private_key
MqUzv9esY
url_path
/recv5.php

Signatures

WebMonitor payload 1 IoCs

Processes:

resource	yara_rule
static1/unpack002/out.upx	family_webmonitor

Webmonitor family
webmonitor

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/Extreme Injector v3.7.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Extreme Injector v3.7.exe
unpack002/out.upx
unpack003/Extreme Injector v3.exe
unpack001/xyoungsokin.dll

Files

4c48175a44d89ef8d6c92b8473eba6a6_JaffaCakes118
.rar
Extreme Injector v3.7.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 363KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 933KB - Virtual size: 932KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Extreme Injector v3.rar
.rar
Extreme Injector v3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Instrukcja.txt
settings.xml
xariesgang3.lua
xyoungsokin.dll
.dll windows:6 windows x64 arch:x64

94c8d17143f183155ef6aa5c56cbf0e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
GetLastError
FormatMessageW
WideCharToMultiByte
FreeLibrary
GetModuleFileNameA
GetProcAddress
LoadLibraryExA
FormatMessageA
GetDriveTypeA
GetLogicalDrives
CloseHandle
GetCurrentProcessId
CreateThread
GetCurrentThreadId
GetWindowsDirectoryA
DisableThreadLibraryCalls
RtlCaptureContext
InitializeCriticalSectionAndSpinCount
GetModuleHandleW
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
OutputDebugStringW
GetTimeZoneInformation
GetExitCodeProcess
WaitForSingleObject
FlushFileBuffers
HeapReAlloc
SetEndOfFile
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
GetModuleFileNameW
GetStdHandle
GetModuleHandleExW
ExitProcess
CreateProcessW
GetConsoleCP
WriteFile
ReadConsoleW
GetConsoleMode
ReadFile
CreatePipe
DuplicateHandle
GetFileType
SetStdHandle
LoadLibraryExW
InterlockedFlushSList
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
WaitForSingleObjectEx
ResetEvent
SetEvent
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
MoveFileExW
SetLastError
AreFileApisANSI
GetTempPathW
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindClose
DeleteFileW
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
RaiseException
DecodePointer
EncodePointer
RtlPcToFileHeader
MultiByteToWideChar
RtlUnwind
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
InitializeCriticalSectionAndSpinCount
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetWindowLongPtrW
FindWindowA
CallWindowProcW
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

shell32

ShellExecuteA

rage-graphics-five

?OnPostFrontendRender@@3V?$fwEvent@$$V@@A
?getInstance@grcTextureFactory@rage@@SAPEAV12@XZ

imgui

?CalcTextSizeA@ImFont@@QEBA?AUImVec2@@MMMPEBD0PEAPEBD@Z
?AddText@ImDrawList@@QEAAXAEBUImVec2@@IPEBD1@Z
?MemFree@ImGui@@YAXPEAX@Z
?GetTime@ImGui@@YANXZ
?SetClipboardText@ImGui@@YAXPEBD@Z
?GetClipboardText@ImGui@@YAPEBDXZ
?GetMousePos@ImGui@@YA?AUImVec2@@XZ
?IsMousePosValid@ImGui@@YA_NPEBUImVec2@@@Z
?IsMouseHoveringRect@ImGui@@YA_NAEBUImVec2@@0_N@Z
?IsMouseDragging@ImGui@@YA_NHM@Z
?IsMouseDoubleClicked@ImGui@@YA_NH@Z
?IsMouseClicked@ImGui@@YA_NH_N@Z
?IsMouseDown@ImGui@@YA_NH@Z
?GetIO@ImGui@@YAAEAUImGuiIO@@XZ
?GetStyle@ImGui@@YAAEAUImGuiStyle@@XZ
?StyleColorsDark@ImGui@@YAXPEAUImGuiStyle@@@Z
?Begin@ImGui@@YA_NPEBDPEA_NH@Z
?End@ImGui@@YAXXZ
?BeginChild@ImGui@@YA_NPEBDAEBUImVec2@@_NH@Z
?EndChild@ImGui@@YAXXZ
?IsWindowFocused@ImGui@@YA_NH@Z
?GetWindowSize@ImGui@@YA?AUImVec2@@XZ
?SetNextWindowSize@ImGui@@YAXAEBUImVec2@@H@Z
?PushFont@ImGui@@YAXPEAUImFont@@@Z
?PopFont@ImGui@@YAXXZ
?PushStyleColor@ImGui@@YAXHAEBUImVec4@@@Z
?PopStyleColor@ImGui@@YAXH@Z
?PushStyleVar@ImGui@@YAXHAEBUImVec2@@@Z
?PopStyleVar@ImGui@@YAXH@Z
?GetFont@ImGui@@YAPEAUImFont@@XZ
?GetFontSize@ImGui@@YAMXZ
?PushItemWidth@ImGui@@YAXM@Z
?PopItemWidth@ImGui@@YAXXZ
?GetKeyIndex@ImGui@@YAHH@Z
?ColorConvertU32ToFloat4@ImGui@@YA?AUImVec4@@I@Z
?EndTooltip@ImGui@@YAXXZ
?BeginTooltip@ImGui@@YAXXZ
?TextUnformatted@ImGui@@YAXPEBD0@Z
?GetCursorScreenPos@ImGui@@YA?AUImVec2@@XZ
?Separator@ImGui@@YAXXZ
?PopAllowKeyboardFocus@ImGui@@YAXXZ
?PushAllowKeyboardFocus@ImGui@@YAX_N@Z
?SetScrollY@ImGui@@YAXM@Z
?SetScrollX@ImGui@@YAXM@Z
?GetScrollY@ImGui@@YAMXZ
?GetScrollX@ImGui@@YAMXZ
?GetWindowContentRegionMax@ImGui@@YA?AUImVec2@@XZ
?SetWindowFocus@ImGui@@YAXXZ
?GetWindowHeight@ImGui@@YAMXZ
?GetWindowWidth@ImGui@@YAMXZ
?GetWindowDrawList@ImGui@@YAPEAUImDrawList@@XZ
?IsWindowHovered@ImGui@@YA_NH@Z
?GetTexDataAsRGBA32@ImFontAtlas@@QEAAXPEAPEAEPEAH11@Z
?Build@ImFontAtlas@@QEAA_NXZ
?AddFontFromFileTTF@ImFontAtlas@@QEAAPEAUImFont@@PEBDMPEBUImFontConfig@@PEBG@Z
?AddText@ImDrawList@@QEAAXPEBUImFont@@MAEBUImVec2@@IPEBD2MPEBUImVec4@@@Z
?AddCircleFilled@ImDrawList@@QEAAXAEBUImVec2@@MIH@Z
?AddCircle@ImDrawList@@QEAAXAEBUImVec2@@MIHM@Z
?AddRectFilled@ImDrawList@@QEAAXAEBUImVec2@@0IMH@Z
?AddRect@ImDrawList@@QEAAXAEBUImVec2@@0IMHM@Z
?AddLine@ImDrawList@@QEAAXAEBUImVec2@@0IM@Z
?Begin@ImGuiListClipper@@QEAAXHM@Z
?Step@ImGuiListClipper@@QEAA_NXZ
?Begin@ImGui@@YA_NPEBDPEA_NAEBUImVec2@@MH@Z
?AddInputCharacter@ImGuiIO@@QEAAXI@Z
?SetMouseCursor@ImGui@@YAXH@Z
?IsKeyPressed@ImGui@@YA_NH_N@Z
?ColorConvertHSVtoRGB@ImGui@@YAXMMMAEAM00@Z
?ColorConvertFloat4ToU32@ImGui@@YAIAEBUImVec4@@@Z
?EndChildFrame@ImGui@@YAXXZ
?BeginChildFrame@ImGui@@YA_NIAEBUImVec2@@H@Z
?CalcTextSize@ImGui@@YA?AUImVec2@@PEBD0_NM@Z
?GetForegroundDrawList@ImGui@@YAPEAUImDrawList@@XZ
?GetBackgroundDrawList@ImGui@@YAPEAUImDrawList@@XZ
?IsItemClicked@ImGui@@YA_NH@Z
?IsItemActive@ImGui@@YA_NXZ
?IsItemHovered@ImGui@@YA_NH@Z
?CloseCurrentPopup@ImGui@@YAXXZ
?EndPopup@ImGui@@YAXXZ
?BeginPopupModal@ImGui@@YA_NPEBDPEA_NH@Z
?BeginPopup@ImGui@@YA_NPEBDH@Z
?OpenPopup@ImGui@@YAXPEBD@Z
?Selectable@ImGui@@YA_NPEBD_NHAEBUImVec2@@@Z
?TreePop@ImGui@@YAXXZ
?TreeNode@ImGui@@YA_NPEBD@Z
?InputTextWithHint@ImGui@@YA_NPEBD0PEAD_KHP6AHPEAUImGuiInputTextCallbackData@@@ZPEAX@Z
?InputText@ImGui@@YA_NPEBDPEAD_KHP6AHPEAUImGuiInputTextCallbackData@@@ZPEAX@Z
?Combo@ImGui@@YA_NPEBDPEAHQEBQEBDHH@Z
?EndCombo@ImGui@@YAXXZ
?BeginCombo@ImGui@@YA_NPEBD0H@Z
?InvisibleButton@ImGui@@YA_NPEBDAEBUImVec2@@@Z
?SmallButton@ImGui@@YA_NPEBD@Z
?Button@ImGui@@YA_NPEBDAEBUImVec2@@@Z
?Text@ImGui@@YAXPEBDZZ
?GetID@ImGui@@YAIPEBX@Z
?PopID@ImGui@@YAXXZ
?PushID@ImGui@@YAXH@Z
?PushID@ImGui@@YAXPEBX@Z
?GetFrameHeightWithSpacing@ImGui@@YAMXZ
?GetTextLineHeightWithSpacing@ImGui@@YAMXZ
?Unindent@ImGui@@YAXM@Z
?Indent@ImGui@@YAXM@Z
?Dummy@ImGui@@YAXAEBUImVec2@@@Z
?SameLine@ImGui@@YAXMM@Z
?MemAlloc@ImGui@@YAPEAX_K@Z

conhost-v2

?OnDrawGui@ConHost@@3V?$fwEvent@$$V@@A
?OnShouldDrawGui@ConHost@@3V?$fwEvent@PEA_N@@A
?Print@ConHost@@YAXAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z

rage-allocator-five

??2sysUseAllocator@rage@@SAPEAX_K@Z
??3sysUseAllocator@rage@@SAXPEAX@Z

rage-device-five

??1fiCustomDevice@rage@@UEAA@XZ
?GetCollectionId@fiCustomDevice@rage@@UEAAHXZ
?m_ax@fiCustomDevice@rage@@UEAA_NXZ
?GetCollection@fiCustomDevice@rage@@UEAAPEAVfiDevice@2@XZ
?m_addedIn1290@fiCustomDevice@rage@@UEAA_NXZ
?m_zx@fiCustomDevice@rage@@UEAAHPEAX@Z
?m_yz@fiCustomDevice@rage@@UEAAHPEAX@Z
?m_yy@fiCustomDevice@rage@@UEAAHXZ
?WriteFull@fiCustomDevice@rage@@UEAA_N_KPEAXI@Z
?ReadFull@fiCustomDevice@rage@@UEAA_N_KPEAXI@Z
?SetFileAttributesW@fiCustomDevice@rage@@UEAA_NPEBDI@Z
?m_xz@fiCustomDevice@rage@@UEAA_NXZ
?Truncate@fiCustomDevice@rage@@UEAA_N_K@Z
?MountGlobal@fiDevice@rage@@SA_NPEBDPEAV12@_N@Z
?OpenBulkWrap@fiCustomDevice@rage@@UEAA_KPEBDPEA_KPEAX@Z
?CreateLocal@fiCustomDevice@rage@@UEAA_KPEBD@Z
?m_xy@fiCustomDevice@rage@@UEAAPEAXPEAXH0@Z
?GetUnkDevice@fiCustomDevice@rage@@UEAAPEAVfiDevice@2@XZ
?m_xx@fiCustomDevice@rage@@UEAAXXZ
?m_40@fiCustomDevice@rage@@UEAAHH@Z
?WriteBulk@fiCustomDevice@rage@@UEAAI_KHHHH@Z
??0fiCustomDevice@rage@@QEAA@XZ

rage-scripting-five

?GetThreadCollection@scrEngine@rage@@SAPEAV?$pgPtrCollection@VGtaThread@@@2@XZ
?GetNativeHandler@scrEngine@rage@@SAP6AXPEAVscrNativeCallContext@2@@Z_K@Z
?RegisterNativeHandler@scrEngine@rage@@SAX_KP6AXPEAVscrNativeCallContext@2@@Z@Z
?OnScriptInit@scrEngine@rage@@2V?$fwEvent@$$V@@A

nui-core

?DestroyFrame@nui@@YAXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

wtsapi32

WTSSendMessageW

Sections

GB2g<$vJ
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

$qC_(Gwm
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Yn,lYfM3
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ad'-ISo+
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

4po`3'e$
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

u+7I\5Jo
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

+';Hs6,x
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

1yg`Va4s
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 612KB

UPX1 Size: 363KB - Virtual size: 364KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 933KB - Virtual size: 932KB

.data Size: 10KB - Virtual size: 17KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 656B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 12B

94c8d17143f183155ef6aa5c56cbf0e9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

rage-graphics-five

imgui

conhost-v2

rage-allocator-five

rage-device-five

rage-scripting-five

nui-core

wtsapi32

Sections

GB2g<$vJ Size: 705KB - Virtual size: 704KB

$qC_(Gwm Size: 238KB - Virtual size: 238KB

Yn,lYfM3 Size: 11KB - Virtual size: 21KB

ad'-ISo+ Size: 36KB - Virtual size: 36KB

4po`3'e$ Size: 2.8MB - Virtual size: 2.8MB

u+7I\5Jo Size: 2.0MB - Virtual size: 2.0MB

+';Hs6,x Size: 7KB - Virtual size: 7KB

1yg`Va4s Size: 512B - Virtual size: 469B

UPX0
Size: - Virtual size: 612KB

UPX1
Size: 363KB - Virtual size: 364KB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 933KB - Virtual size: 932KB

.data
Size: 10KB - Virtual size: 17KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 656B

.text
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 12B

GB2g<$vJ
Size: 705KB - Virtual size: 704KB

$qC_(Gwm
Size: 238KB - Virtual size: 238KB

Yn,lYfM3
Size: 11KB - Virtual size: 21KB

ad'-ISo+
Size: 36KB - Virtual size: 36KB

4po`3'e$
Size: 2.8MB - Virtual size: 2.8MB

u+7I\5Jo
Size: 2.0MB - Virtual size: 2.0MB

+';Hs6,x
Size: 7KB - Virtual size: 7KB

1yg`Va4s
Size: 512B - Virtual size: 469B