Angry Audio Chameleon C6s v1[.]0[.]2[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

Angry Audio Chameleon C6s v1.0.2.rar
Size

8.7MB
MD5

592df5ff3fd203af9c4e0ef4b4826135
SHA1

4b1a400ed0c5f882c64bb0e106f0e0e8a2aa0ee2
SHA256

8625b8ee61b7f24b948e3d40da439fc4b41a8a899ac3b97ba92b7efae572c66d
SHA512

780244735fe8cdcd28c1f9207e1284d4c571a9051f77f8974ac8a8462914b0b3897fbb2a58b36482bbf79dece9378d1ad950bdbd0bdd57fc855c8f1d2214ff24
SSDEEP

196608:G39Ie/k5WCeSTWsBGjPKFBPMTWVWNai+EXiLHnIT44Gy6yCH:+7rZSTd96J+THIT4U6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ChameleonC6s.dll
unpack001/ChameleonC6s.exe
unpack001/ChameleonC6s.vst3
unpack001/ChameleonC6s_x86.dll

Files

Angry Audio Chameleon C6s v1.0.2.rar
.rar

Password: 123
ChameleonC6s.dll
.dll windows:6 windows x64 arch:x64

Password: 123

a9b605edbe39d34d7b6dcb8f62c9862c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
GetLogicalProcessorInformation
GetDiskFreeSpaceExW
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
SetCurrentDirectoryW
GetProcAddress
LocalFree
ReplaceFileW
DeleteCriticalSection
ExitProcess
GlobalMemoryStatusEx
CreateProcessW
GetModuleHandleW
FreeLibrary
CopyFileW
CreateSymbolicLinkW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
GetCommandLineW
AttachConsole
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
GetComputerNameA
GetVolumeInformationA
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileAttributesExW
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
GetTimeZoneInformation
RtlUnwind
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
MultiByteToWideChar
DecodePointer
EncodePointer
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InitOnceBeginInitialize
InitOnceComplete
QueueUserWorkItem
IsProcessorFeaturePresent
RaiseException
RtlPcToFileHeader
SwitchToThread
WaitForSingleObjectEx
WideCharToMultiByte
OutputDebugStringW
GetLastError
FormatMessageW
GetFileInformationByHandle
Sleep
CreateEventW
GetLogicalDriveStringsW
SetFileAttributesW
RtlCaptureStackBackTrace
DisconnectNamedPipe
GetModuleHandleA
UnmapViewOfFile
ResumeThread
GetComputerNameExW
GetSystemDirectoryW
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
PeekNamedPipe
SetEndOfFile
GetEnvironmentVariableW
SetFilePointer
InitializeCriticalSection
CreatePipe
LeaveCriticalSection
SetThreadPriority
GetCurrentThread
WaitForMultipleObjects
CreateNamedPipeW
GetModuleFileNameW
SetFileTime
RemoveDirectoryW
TerminateProcess
DeviceIoControl
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
SetLocalTime
SetPriorityClass
SetHandleInformation
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
GetSystemFirmwareTable
SetThreadAffinityMask
CreateDirectoryW
GetThreadPriority
FlsFree

user32

GetWindowTextW
GetDC
ReleaseDC
GetWindowThreadProcessId
AttachThreadInput
GetWindowRect
SetWindowPos
GetSystemMetrics
GetClassNameA
EnumWindows
PeekMessageW
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
UnregisterClassW
CreateWindowExW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetAncestor
SendInput
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
TranslateMessage
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetWindowsHookExW
SetCapture
DestroyCaret
LoadCursorW
LoadIconW
GetClipboardData
BringWindowToTop
SetLayeredWindowAttributes
GetMessageTime
UnhookWindowsHookEx
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
CreateCaret
IsChild
EmptyClipboard
SetFocus
InvalidateRect
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
GetAsyncKeyState
SendNotifyMessageW
GetMessageW
IsWindow
CallWindowProcW
MoveWindow
ShowWindow
GetActiveWindow
GetWindowLongW
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
IsWindowVisible
MessageBoxW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
CallNextHookEx
EndDialog
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
GetKeyboardState
SetCaretPos

gdi32

CreateFontIndirectW
SetMapMode
SaveDC
CreateDIBSection
StretchDIBits
CreateRectRgnIndirect
CreateRectRgn
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
CreateBitmap
CombineRgn
AddFontMemResourceEx
SelectObject
GetKerningPairsW
CreateCompatibleDC
EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
GetOutlineTextMetricsW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

OpenProcessToken
GetUserNameW
MapGenericMask
RegCloseKey
AccessCheck
RegDeleteKeyW
RegCreateKeyExW
GetNamedSecurityInfoW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
DuplicateToken
RegQueryValueExW

shell32

SHGetPathFromIDListW
ShellExecuteW
SHFileOperationW
Shell_NotifyIconW
SHParseDisplayName
SHGetKnownFolderPath
SHBrowseForFolderW
ExtractAssociatedIconW
SHGetMalloc
SHCreateShellItem
DragQueryFileW
SHGetSpecialFolderPathW

ole32

OleCreate
OleSetContainedObject
RevokeDragDrop
CoInitialize
RegisterDragDrop
DoDragDrop
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayPutElement
SysAllocString
SafeArrayDestroy
SafeArrayAccessData

wininet

InternetOpenW
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile
FtpOpenFileW
InternetCrackUrlW
HttpOpenRequestW
InternetSetFilePointer
HttpSendRequestExW
InternetCloseHandle
InternetConnectW
InternetSetOptionW
InternetReadFile

ws2_32

socket
ntohs
connect
inet_ntoa
recvfrom
recv
getsockopt
htonl
htons
freeaddrinfo
sendto
ioctlsocket
setsockopt
WSAGetLastError
inet_addr
getpeername
WSAStartup
getaddrinfo
listen
select
closesocket
bind
accept
__WSAFDIsSet
send
getsockname

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathStripToRootW

winmm

timeSetEvent
timeBeginPeriod
timeGetTime
timeKillEvent
timeGetDevCaps

dbghelp

SymInitialize
SymFromAddr
SymGetModuleInfo64

imm32

ImmAssociateContextEx
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

dxgi

CreateDXGIFactory

Exports

Exports

VSTPluginMain

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ChameleonC6s.exe
.exe windows:6 windows x64 arch:x64

Password: 123

67151c5edc3380cd734e112049c2a55c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DisconnectNamedPipe
RtlCaptureStackBackTrace
SetFileAttributesW
GetLogicalDriveStringsW
CreateEventW
Sleep
GetFileInformationByHandle
GetFileAttributesExW
OutputDebugStringW
SetEvent
GetLogicalProcessorInformation
GetDiskFreeSpaceExW
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
GetThreadPriority
DeleteFileW
CloseHandle
GetNativeSystemInfo
GetCurrentDirectoryW
GetOverlappedResult
SetCurrentDirectoryW
LocalFree
ReplaceFileW
DeleteCriticalSection
ExitProcess
GlobalMemoryStatusEx
CreateProcessW
GetModuleHandleW
CopyFileW
CreateSymbolicLinkW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
GetCommandLineW
AttachConsole
ResetEvent
GetPriorityClass
GetComputerNameA
GetVolumeInformationA
WriteConsoleW
HeapSize
GetProcessHeap
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
GetACP
IsValidCodePage
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ResumeThread
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
ExitThread
GetTimeZoneInformation
RtlUnwind
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
CreateThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
InitializeSListHead
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
MultiByteToWideChar
DecodePointer
EncodePointer
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
SwitchToThread
WaitForSingleObjectEx
WideCharToMultiByte
InitOnceBeginInitialize
InitOnceComplete
QueueUserWorkItem
IsProcessorFeaturePresent
RaiseException
RtlPcToFileHeader
UnmapViewOfFile
GetComputerNameExW
GetSystemDirectoryW
ReleaseMutex
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
PeekNamedPipe
SetEndOfFile
GetEnvironmentVariableW
SetFilePointer
InitializeCriticalSection
CreatePipe
LeaveCriticalSection
SetThreadPriority
WaitForMultipleObjects
CreateNamedPipeW
SetFileTime
RemoveDirectoryW
TerminateProcess
DeviceIoControl
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
SetLocalTime
SetPriorityClass
SetHandleInformation
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
GetSystemFirmwareTable
SetThreadAffinityMask
CreateDirectoryW
GetModuleFileNameW
GlobalUnlock
FreeLibrary
GetCurrentProcessId
GlobalLock
GetProcAddress
LoadLibraryW
GlobalFree
GlobalAlloc
LoadLibraryA
GlobalSize
GetLastError
FormatMessageW
GetModuleHandleA
GetCurrentThreadId
CompareStringOrdinal
FlsFree

user32

SystemParametersInfoW
GetParent
ReleaseCapture
InvalidateRect
GetAncestor
SetCursorPos
ReleaseDC
GetCursorPos
BeginPaint
OpenClipboard
GetAsyncKeyState
IsWindow
ShowWindow
GetActiveWindow
SetCaretPos
GetKeyboardState
DestroyCursor
GetWindowPlacement
WindowFromPoint
RegisterClassExW
GetWindowLongPtrW
MessageBeep
SetWindowTextW
UnregisterClassW
EndDialog
CallNextHookEx
SendMessageW
DrawIconEx
EnableMenuItem
GetClientRect
EndPaint
SetCursor
ToUnicode
SetClipboardData
SetWindowsHookExW
SetCapture
DestroyCaret
LoadCursorW
LoadIconW
GetClipboardData
TranslateMessage
BringWindowToTop
SetFocus
SetLayeredWindowAttributes
GetMessageTime
EnumWindows
UnhookWindowsHookEx
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
CreateCaret
IsChild
PeekMessageW
EmptyClipboard
GetIconInfo
CreateWindowExW
EnumDisplayMonitors
SetWindowLongPtrW
ShowCaret
UpdateLayeredWindow
GetCapture
EnumChildWindows
MonitorFromWindow
MessageBoxW
SetWindowPos
IsWindowVisible
GetDC
DestroyWindow
GetFocus
GetWindowRect
MapVirtualKeyW
PostMessageW
GetMessagePos
GetUpdateRgn
GetMessageExtraInfo
GetSystemMenu
DefWindowProcW
GetWindowThreadProcessId
GetWindowLongW
AttachThreadInput
GetWindowTextW
SendNotifyMessageW
DispatchMessageW
SendMessageTimeoutW
GetMessageW
SendInput
GetDesktopWindow
SetWindowLongW
CallWindowProcW
MoveWindow
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow

gdi32

CreateBitmap
SetMapMode
DeleteObject
AddFontMemResourceEx
GetKerningPairsW
EnumFontFamiliesExW
GetTextMetricsW
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
RemoveFontMemResourceEx
CreateFontIndirectW
GetOutlineTextMetricsW
SaveDC
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchDIBits
CreateRectRgnIndirect
GetDeviceCaps
CreateRectRgn
DeleteDC
GetRegionData
GetObjectW
ExcludeClipRect
RestoreDC
CombineRgn

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

GetUserNameW
RegQueryValueExW
MapGenericMask
RegDeleteValueW
RegCloseKey
AccessCheck
RegDeleteKeyW
RegCreateKeyExW
GetNamedSecurityInfoW
RegEnumKeyExW
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
DuplicateToken

shell32

SHGetMalloc
DragQueryFileW
SHCreateShellItem
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
SHGetPathFromIDListW
SHParseDisplayName
SHGetKnownFolderPath
SHBrowseForFolderW
Shell_NotifyIconW
ExtractAssociatedIconW

ole32

OleSetContainedObject
PropVariantClear
CoInitialize
OleCreate
OleUninitialize
CoInitializeEx
RegisterDragDrop
OleInitialize
DoDragDrop
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoTaskMemAlloc
RevokeDragDrop

oleaut32

SafeArrayUnaccessData
SafeArrayPutElement
SysAllocString
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector

wininet

InternetSetFilePointer
InternetCrackUrlW
HttpEndRequestW
HttpSendRequestExW
InternetCloseHandle
HttpQueryInfoW
InternetSetOptionW
InternetReadFile
InternetOpenW
FtpOpenFileW
InternetWriteFile
InternetConnectW
HttpOpenRequestW

ws2_32

WSAGetLastError
setsockopt
ioctlsocket
sendto
freeaddrinfo
htons
__WSAFDIsSet
accept
bind
closesocket
select
listen
getaddrinfo
WSAStartup
getpeername
inet_addr
getsockname
send
socket
ntohs
connect
inet_ntoa
recvfrom
recv
getsockopt
htonl

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathStripToRootW

winmm

timeGetTime
midiInUnprepareHeader
midiInOpen
midiOutGetDevCapsW
midiOutPrepareHeader
midiInMessage
timeBeginPeriod
midiOutOpen
midiInReset
midiInPrepareHeader
midiOutUnprepareHeader
midiInGetDevCapsW
midiInStart
midiInClose
midiInAddBuffer
midiOutMessage
midiInGetNumDevs
midiOutShortMsg
midiOutGetNumDevs
midiOutLongMsg
midiOutClose
midiInStop
timeGetDevCaps
timeSetEvent
timeKillEvent

imm32

ImmAssociateContextEx
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

dxgi

CreateDXGIFactory

dbghelp

SymFromAddr
SymGetModuleInfo64
SymInitialize

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 163KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ChameleonC6s.vst3
.dll windows:6 windows x64 arch:x64

Password: 123

d793fdcfaec04decf72d7367d2fd142c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageW
GetLastError
GetFileAttributesExW
OutputDebugStringW
SetEvent
GetLogicalProcessorInformation
GetDiskFreeSpaceExW
GetCurrentThread
TerminateThread
QueryPerformanceFrequency
GetThreadPriority
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
SetCurrentDirectoryW
GetProcAddress
LocalFree
ReplaceFileW
ExitProcess
GlobalMemoryStatusEx
CreateProcessW
GetModuleHandleW
FreeLibrary
CopyFileW
CreateSymbolicLinkW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
GetCommandLineW
AttachConsole
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
GetComputerNameA
GetVolumeInformationA
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
GetOEMCP
GetACP
IsValidCodePage
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
Sleep
ResumeThread
GetConsoleOutputCP
HeapReAlloc
HeapFree
HeapAlloc
GetFileType
GetStdHandle
ReadConsoleW
GetConsoleMode
SetFilePointerEx
ExitThread
GetTimeZoneInformation
RtlUnwind
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
GetCPInfo
LCMapStringW
CompareStringW
GetStringTypeW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
DecodePointer
EncodePointer
InitOnceBeginInitialize
InitOnceComplete
QueueUserWorkItem
IsProcessorFeaturePresent
RaiseException
RtlPcToFileHeader
SwitchToThread
WaitForSingleObjectEx
GetFileInformationByHandle
CreateEventW
GetLogicalDriveStringsW
SetFileAttributesW
RtlCaptureStackBackTrace
DisconnectNamedPipe
GetModuleHandleA
FlsAlloc
GetComputerNameExW
GetSystemDirectoryW
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
PeekNamedPipe
SetEndOfFile
GetEnvironmentVariableW
SetFilePointer
CreatePipe
SetThreadPriority
WaitForMultipleObjects
CreateNamedPipeW
GetModuleFileNameW
SetFileTime
RemoveDirectoryW
TerminateProcess
DeviceIoControl
TryEnterCriticalSection
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
SetLocalTime
SetPriorityClass
SetHandleInformation
FindFirstFileW
UnmapViewOfFile
CancelIo
GetVolumeInformationW
ReadFile
GetSystemFirmwareTable
SetThreadAffinityMask
CreateDirectoryW
IsDebuggerPresent
WideCharToMultiByte
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSizeEx

user32

SendNotifyMessageW
SetFocus
EnumWindows
PeekMessageW
TranslateMessage
GetWindowTextW
GetDC
ReleaseDC
GetWindowThreadProcessId
AttachThreadInput
DispatchMessageW
RegisterClassExW
GetWindowLongPtrW
UnregisterClassW
CallWindowProcW
SetWindowLongPtrW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetMessageW
SendInput
EndPaint
BeginPaint
GetCursorPos
SetCursorPos
GetAncestor
InvalidateRect
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
UpdateLayeredWindow
GetClientRect
SetWindowLongW
SetCursor
ToUnicode
SetClipboardData
SetWindowsHookExW
SetCapture
DestroyCaret
LoadCursorW
LoadIconW
GetClipboardData
BringWindowToTop
SetLayeredWindowAttributes
GetMessageTime
UnhookWindowsHookEx
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateWindowExW
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
GetAsyncKeyState
IsWindow
MoveWindow
GetKeyboardState
GetWindowLongW
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
ShowWindow
GetActiveWindow
GetMessagePos
MapVirtualKeyW
GetWindowRect
IsWindowVisible
SetWindowPos
MessageBoxW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
CallNextHookEx
EndDialog
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
SetCaretPos

gdi32

SaveDC
CreateDIBSection
StretchDIBits
CreateRectRgnIndirect
CreateRectRgn
ExcludeClipRect
RestoreDC
CreateBitmap
CombineRgn
AddFontMemResourceEx
GetKerningPairsW
CreateCompatibleDC
EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW
SelectObject
GetObjectW
GetRegionData

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

AccessCheck
RegDeleteKeyW
RegCreateKeyExW
GetNamedSecurityInfoW
RegEnumKeyExW
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
DuplicateToken
RegDeleteValueW
MapGenericMask
GetUserNameW
RegQueryValueExW
RegCloseKey

shell32

SHGetKnownFolderPath
ExtractAssociatedIconW
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetMalloc
SHCreateShellItem
SHBrowseForFolderW
DragQueryFileW
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
SHParseDisplayName

ole32

OleCreate
OleSetContainedObject
RevokeDragDrop
CoInitializeEx
CoCreateGuid
DoDragDrop
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
RegisterDragDrop

oleaut32

SysAllocString
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayPutElement

wininet

InternetOpenW
HttpQueryInfoW
HttpEndRequestW
InternetWriteFile
FtpOpenFileW
HttpOpenRequestW
InternetCrackUrlW
InternetSetFilePointer
HttpSendRequestExW
InternetCloseHandle
InternetConnectW
InternetSetOptionW
InternetReadFile

ws2_32

socket
ntohs
connect
inet_ntoa
recvfrom
recv
getsockopt
htonl
htons
freeaddrinfo
sendto
ioctlsocket
setsockopt
WSAGetLastError
inet_addr
getpeername
WSAStartup
getaddrinfo
listen
select
closesocket
bind
accept
__WSAFDIsSet
getsockname
send

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathStripToRootW

winmm

timeSetEvent
timeBeginPeriod
timeGetTime
timeKillEvent
timeGetDevCaps

dbghelp

SymInitialize
SymFromAddr
SymGetModuleInfo64

imm32

ImmAssociateContextEx
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

dxgi

CreateDXGIFactory

Exports

Exports

ExitDll
GetPluginFactory
InitDll

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ChameleonC6s_x86.dll
.dll windows:6 windows x86 arch:x86

Password: 123

687b6cc45a0d66fb99ddad7519bcbf3f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
GetLogicalProcessorInformation
GetDiskFreeSpaceExW
TerminateThread
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetNativeSystemInfo
LoadLibraryW
GetCurrentDirectoryW
GetOverlappedResult
SetCurrentDirectoryW
GetProcAddress
LocalFree
ReplaceFileW
DeleteCriticalSection
ExitProcess
GlobalMemoryStatusEx
CreateProcessW
GetModuleHandleW
FreeLibrary
CopyFileW
CreateSymbolicLinkW
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
MoveFileW
GetDriveTypeW
IsDebuggerPresent
ConnectNamedPipe
SetUnhandledExceptionFilter
FlushFileBuffers
GetExitCodeProcess
GetCommandLineW
AttachConsole
CompareStringOrdinal
GlobalSize
LoadLibraryA
GlobalAlloc
GlobalFree
GlobalLock
GetCurrentProcessId
GlobalUnlock
GetComputerNameA
GetVolumeInformationA
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
GetOEMCP
GetACP
IsValidCodePage
GetFileType
GetStdHandle
GetFileAttributesExW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
GetTimeZoneInformation
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
ResetEvent
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
MultiByteToWideChar
DecodePointer
EncodePointer
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InitOnceBeginInitialize
InitOnceComplete
QueueUserWorkItem
IsProcessorFeaturePresent
RaiseException
SwitchToThread
WaitForSingleObjectEx
WideCharToMultiByte
OutputDebugStringW
GetLastError
FormatMessageW
GetFileInformationByHandle
Sleep
CreateEventW
GetLogicalDriveStringsW
RtlCaptureStackBackTrace
DisconnectNamedPipe
GetModuleHandleA
UnmapViewOfFile
ResumeThread
GetComputerNameExW
GetSystemDirectoryW
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateFileW
WaitForSingleObject
GetLocaleInfoW
FindClose
CreateMutexW
GetTempPathW
PeekNamedPipe
SetEndOfFile
GetEnvironmentVariableW
SetFilePointer
InitializeCriticalSection
CreatePipe
LeaveCriticalSection
SetThreadPriority
WaitForMultipleObjects
CreateNamedPipeW
GetModuleFileNameW
SetFileTime
GetCurrentThread
RemoveDirectoryW
TerminateProcess
DeviceIoControl
GetModuleHandleExW
WriteFile
GetCurrentProcess
FindNextFileW
EnterCriticalSection
SetFileAttributesW
SetLocalTime
SetPriorityClass
SetHandleInformation
FindFirstFileW
CancelIo
GetVolumeInformationW
TryEnterCriticalSection
ReadFile
GetSystemFirmwareTable
SetThreadAffinityMask
CreateDirectoryW
GetThreadPriority
EnumSystemLocalesW

user32

ReleaseDC
GetDC
GetWindowTextW
SetWindowLongW
TranslateMessage
SendNotifyMessageW
GetWindowThreadProcessId
AttachThreadInput
GetWindowRect
SetWindowPos
GetSystemMetrics
GetClassNameA
GetAncestor
MoveWindow
DestroyCaret
LoadCursorW
LoadIconW
CallWindowProcW
BringWindowToTop
SetLayeredWindowAttributes
GetMessageTime
UnhookWindowsHookEx
GetForegroundWindow
TrackMouseEvent
MapWindowPoints
CreateCaret
IsChild
EmptyClipboard
CloseClipboard
CreateIconIndirect
GetMonitorInfoW
GetWindowInfo
SetFocus
EnumWindows
PeekMessageW
DispatchMessageW
RegisterClassExW
UnregisterClassW
CreateWindowExW
DestroyWindow
GetFocus
SendMessageTimeoutW
PostMessageW
DefWindowProcW
GetMessageW
GetWindowLongW
SendInput
EndPaint
SetCapture
GetCursorPos
SetCursorPos
InvalidateRect
ReleaseCapture
GetParent
SystemParametersInfoW
EnableMenuItem
GetDesktopWindow
ShowCaret
DrawIconEx
DestroyIcon
RedrawWindow
GetCapture
OpenClipboard
GetClipboardData
BeginPaint
GetAsyncKeyState
IsWindow
ShowWindow
GetActiveWindow
UpdateLayeredWindow
GetClientRect
SetCursor
SetCaretPos
ToUnicode
GetSystemMenu
GetMessageExtraInfo
GetUpdateRgn
GetMessagePos
MapVirtualKeyW
IsWindowVisible
MessageBoxW
SetClipboardData
SetWindowsHookExW
MonitorFromWindow
EnumChildWindows
EnumDisplayMonitors
GetIconInfo
SendMessageW
CallNextHookEx
EndDialog
SetWindowTextW
MessageBeep
WindowFromPoint
GetWindowPlacement
DestroyCursor
GetKeyboardState

gdi32

StretchDIBits
CreateRectRgnIndirect
CreateRectRgn
GetObjectW
ExcludeClipRect
CreateBitmap
CombineRgn
AddFontMemResourceEx
SelectObject
GetKerningPairsW
EnumFontFamiliesExW
GetDeviceCaps
GetTextMetricsW
DeleteDC
SetMapperFlags
GetGlyphIndicesW
GetGlyphOutlineW
DeleteObject
RemoveFontMemResourceEx
SetMapMode
CreateFontIndirectW
GetOutlineTextMetricsW
CreateDIBSection
CreateCompatibleDC
SaveDC
RestoreDC
GetRegionData

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetNamedSecurityInfoW
RegEnumKeyExW
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
DuplicateToken
RegDeleteValueW
MapGenericMask
GetUserNameW
RegQueryValueExW
RegCloseKey
AccessCheck
RegDeleteKeyW
RegCreateKeyExW

shell32

SHGetMalloc
DragQueryFileW
SHBrowseForFolderW
SHGetKnownFolderPath
SHParseDisplayName
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHFileOperationW
ShellExecuteW
SHCreateShellItem
ExtractAssociatedIconW

ole32

OleCreate
OleSetContainedObject
RevokeDragDrop
CoInitializeEx
RegisterDragDrop
CoInitialize
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoCreateInstance
DoDragDrop

oleaut32

SysAllocString
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayPutElement

wininet

InternetWriteFile
HttpOpenRequestW
InternetOpenW
FtpOpenFileW
HttpQueryInfoW
InternetReadFile
InternetSetOptionW
InternetConnectW
InternetCloseHandle
HttpSendRequestExW
HttpEndRequestW
InternetCrackUrlW
InternetSetFilePointer

ws2_32

setsockopt
sendto
freeaddrinfo
WSAGetLastError
recv
htons
__WSAFDIsSet
accept
bind
closesocket
select
listen
getaddrinfo
WSAStartup
getpeername
inet_addr
getsockname
send
socket
ntohs
connect
inet_ntoa
recvfrom
htonl
getsockopt
ioctlsocket

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathStripToRootW

winmm

timeGetTime
timeSetEvent
timeBeginPeriod
timeGetDevCaps
timeKillEvent

dbghelp

SymInitialize
SymGetModuleInfo64
SymFromAddr

imm32

ImmAssociateContextEx
ImmSetCandidateWindow
ImmAssociateContext
ImmGetCompositionStringW
ImmReleaseContext
ImmGetContext
ImmNotifyIME

dxgi

CreateDXGIFactory

Exports

Exports

VSTPluginMain
main

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 123

Password: 123

a9b605edbe39d34d7b6dcb8f62c9862c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

ws2_32

version

shlwapi

winmm

dbghelp

imm32

dxgi

Exports

Exports

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 153KB - Virtual size: 170KB

.pdata Size: 195KB - Virtual size: 194KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 50KB - Virtual size: 49KB

Password: 123

67151c5edc3380cd734e112049c2a55c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

ws2_32

version

shlwapi

winmm

imm32

dxgi

dbghelp

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 163KB - Virtual size: 181KB

.pdata Size: 206KB - Virtual size: 205KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 54KB - Virtual size: 54KB

.reloc Size: 54KB - Virtual size: 53KB

Password: 123

d793fdcfaec04decf72d7367d2fd142c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 153KB - Virtual size: 170KB

.pdata
Size: 195KB - Virtual size: 194KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 50KB - Virtual size: 49KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 163KB - Virtual size: 181KB

.pdata
Size: 206KB - Virtual size: 205KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 54KB - Virtual size: 53KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 162KB - Virtual size: 185KB

.pdata
Size: 206KB - Virtual size: 205KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 53KB - Virtual size: 52KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 126KB - Virtual size: 136KB

.rsrc
Size: 54KB - Virtual size: 54KB

.reloc
Size: 203KB - Virtual size: 202KB