7d5aa6ec17fc0bc0cb886ebf001d9ff5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7d5aa6ec17fc0bc0cb886ebf001d9ff5_JaffaCakes118
Size

2.8MB
MD5

7d5aa6ec17fc0bc0cb886ebf001d9ff5
SHA1

6053439f3307fd7e76b4430b2a7a4bf990eb81a2
SHA256

093290ebca13dfaa2e15fee47c7a4ecda5b6462d28c928d3bc306e14f60137cc
SHA512

3104c980c837a19b620a94ec62fe03ebdeb75d35d83baf934ca24938195e48d45ffffcdb7eec8906473e3344f2026b953afc61809a826617ebdfdca2bfaba5a8
SSDEEP

49152:l0Win+rB4sV+DYkV3o/+J7l/jHjfeu9VXct1xM2AOuKFsp8QSnm9RB270sIv+0gK:lrHBVM4GTjHLeuWSbOuKFsp8NQ7NsIvx

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
7d5aa6ec17fc0bc0cb886ebf001d9ff5_JaffaCakes118
unpack001/$1/Mp3tagStuff.exe
unpack001/$3/Mp3tagApp.exe
unpack001/$APPDATA/Mp3tagApp/uninstaller.exe
unpack002/$PLUGINSDIR/nsProcess.dll
unpack001/$PLUGINSDIR/nsProcess.dll
unpack001/$R1/tak_deco_lib.dll

Files

7d5aa6ec17fc0bc0cb886ebf001d9ff5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2a592076b17ef8bfb48b7e03965a3fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
GetFileAttributesW
GetFullPathNameW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
MoveFileW
SetFileAttributesW
GetCurrentProcess
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
WaitForSingleObject
CopyFileW
CompareFileTime
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
lstrcpyW
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GlobalFree
GlobalAlloc
GetShortPathNameW
SearchPathW
lstrcmpiW
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
lstrcmpW
GlobalUnlock
lstrcpynW
GetDiskFreeSpaceW
GetExitCodeProcess
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW

user32

GetSystemMenu
SetClassLongW
IsWindowEnabled
EnableMenuItem
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
wsprintfW
ScreenToClient
GetWindowRect
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
LoadImageW
SetTimer
SetWindowTextW
PostQuitMessage
ShowWindow
GetDlgItem
IsWindow
SetWindowLongW
FindWindowExW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegDeleteKeyW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$1/Mp3tagStuff.exe
.exe windows:6 windows x86 arch:x86

a385013c6994a1f6269ad2733aa7d75b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetProcAddress
CloseHandle
GetFileSize
CreateFileW
ReadFile
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
GetLastError
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetCommandLineA
GetCommandLineW
GetStdHandle
WriteFile
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetStringTypeW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetFileType
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
DecodePointer

advapi32

RegCreateKeyExW

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$3/Mp3tagApp.exe
.exe windows:5 windows x86 arch:x86

32002fa3a57d8ff762864f46bd7d93c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
GetLastError
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetACP
HeapFree
HeapAlloc
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetFileType
CloseHandle
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
DecodePointer
CreateFileW

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$APPDATA/Mp3tagApp/uninstaller.exe
.exe windows:4 windows x86 arch:x86

e2a592076b17ef8bfb48b7e03965a3fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
GetFileAttributesW
GetFullPathNameW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
MoveFileW
SetFileAttributesW
GetCurrentProcess
ExitProcess
SetEnvironmentVariableW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
WaitForSingleObject
CopyFileW
CompareFileTime
GlobalLock
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
lstrcpyW
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GlobalFree
GlobalAlloc
GetShortPathNameW
SearchPathW
lstrcmpiW
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
lstrcmpW
GlobalUnlock
lstrcpynW
GetDiskFreeSpaceW
GetExitCodeProcess
FindFirstFileW
FindNextFileW
DeleteFileW
SetFilePointer
ReadFile
FindClose
MulDiv
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetPrivateProfileStringW
WritePrivateProfileStringW
FreeLibrary
LoadLibraryExW
GetModuleHandleW

user32

GetSystemMenu
SetClassLongW
IsWindowEnabled
EnableMenuItem
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
LoadBitmapW
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
wsprintfW
ScreenToClient
GetWindowRect
GetSystemMetrics
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
LoadImageW
SetTimer
SetWindowTextW
PostQuitMessage
ShowWindow
GetDlgItem
IsWindow
SetWindowLongW
FindWindowExW
TrackPopupMenu
AppendMenuW
CreatePopupMenu
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetBkMode
CreateFontIndirectW
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW

advapi32

RegDeleteKeyW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_AddMasked
ord17
ImageList_Destroy
ImageList_Create

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:5 windows x86 arch:x86

439074d1c01f7b16781bdf060930814a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc

user32

GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW

Exports

Exports

_CloseProcess
_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 927B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:5 windows x86 arch:x86

439074d1c01f7b16781bdf060930814a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
MultiByteToWideChar
lstrlenA
lstrlenW
LoadLibraryA
lstrcmpiW
lstrcpynW
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExW
GlobalFree
GlobalAlloc

user32

GetWindowThreadProcessId
EnumWindows
wsprintfW
PostMessageW

Exports

Exports

_CloseProcess
_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 927B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R1/Mp3tag.exe
.exe windows:5 windows x86 arch:x86

d8a78eacce837bb2a92c9921b7d87c31

Code Sign

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05/05/2015, 00:00

Not After

31/12/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

db:71:b0:77:0c:a8:e1:06:35:c9:f9:65:87:8a:a7:df
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/09/2015, 00:00

Not After

22/09/2018, 23:59

Subject

CN=Florian Heidenreich,O=Florian Heidenreich,POSTALCODE=01097,STREET=Erlenstrasse 18,L=Dresden,ST=Saxony,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30/05/2000, 10:48

Not After

30/05/2020, 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:c9:df:9f:de:f9:36:90:05:75:35:66:38:d9:10:8d:e3:4e:54:28
Signer

Actual PE Digest

f6:c9:df:9f:de:f9:36:90:05:75:35:66:38:d9:10:8d:e3:4e:54:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Y:\build\mp3tag\release\Mp3tag.pdb

Imports

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathAddBackslashW
PathQuoteSpacesW
PathIsUNCW
PathSearchAndQualifyW
PathRelativePathToW
PathCompactPathW
PathIsDirectoryW
StrCmpLogicalW
PathCanonicalizeW
PathIsRelativeW

kernel32

GetACP
OutputDebugStringA
GetModuleHandleA
EncodePointer
FreeResource
LoadLibraryExW
lstrcmpW
LoadLibraryA
GlobalFindAtomW
lstrcmpA
CompareStringA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
SuspendThread
ResumeThread
FileTimeToSystemTime
GetFullPathNameW
DuplicateHandle
GetStringTypeExW
GetThreadLocale
GetProfileIntW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
GetFileAttributesExW
GetFileSizeEx
LocalFileTimeToFileTime
ReleaseSemaphore
CreateSemaphoreW
GetAtomNameW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
CompareStringW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
SetErrorMode
HeapQueryInformation
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
SetStdHandle
Beep
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFileInformationByHandle
PeekNamedPipe
GetStdHandle
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
TerminateProcess
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
FatalAppExitA
GetTimeZoneInformation
IsValidLocale
LCMapStringW
SetConsoleCtrlHandler
WriteConsoleW
OutputDebugStringW
SetEnvironmentVariableA
SetFileTime
SystemTimeToFileTime
GetTickCount
GetFileType
GetNativeSystemInfo
GetWindowsDirectoryW
GetSystemDirectoryW
VerifyVersionInfoW
VerSetConditionMask
LocalUnlock
LocalLock
GetVersionExW
GetVolumeInformationW
SizeofResource
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
SearchPathW
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
SetThreadPriority
GetCurrentThread
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
GetFileTime
lstrcatW
GetCommandLineW
SetCurrentDirectoryW
GetCurrentDirectoryW
RemoveDirectoryW
CreateDirectoryW
OpenFileMappingW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
ReleaseMutex
CreateMutexW
GetLongPathNameW
GetShortPathNameW
LockResource
LoadResource
FindResourceW
MoveFileW
DeleteFileW
SetFileAttributesW
CopyFileW
GetTimeFormatW
GetDateFormatW
GetLocalTime
CreateProcessW
QueryPerformanceFrequency
QueryPerformanceCounter
LCMapStringA
GetStringTypeExA
FormatMessageA
TryEnterCriticalSection
CreateTimerQueue
RtlCaptureStackBackTrace
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
VirtualFree
SetProcessAffinityMask
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
GetTempPathA
GetVersionExA
GetSystemTimeAsFileTime
GetSystemTime
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFileEx
LockFile
GetFullPathNameA
GetFileSize
GetFileAttributesA
FlushFileBuffers
DeleteFileA
CreateFileA
DecodePointer
HeapSize
RaiseException
HeapDestroy
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetTempFileNameW
GlobalGetAtomNameW
GetVersion
FindClose
FindNextFileW
FindFirstFileW
GetEnvironmentVariableW
WaitForMultipleObjects
LocalAlloc
GetFileAttributesW
MulDiv
Sleep
CreateThread
TerminateThread
lstrcpyW
GlobalAlloc
GlobalFree
GlobalSize
GlobalUnlock
GlobalLock
WaitForSingleObject
FreeLibrary
GetDriveTypeW
LocalFree
FormatMessageW
WideCharToMultiByte
lstrcmpiW
InitializeCriticalSectionAndSpinCount
lstrlenW
EnumSystemLocalesW
MoveFileExW
FindFirstFileExW
SystemTimeToTzSpecificLocalTime
WaitForMultipleObjectsEx
GetLocaleInfoW
ResetEvent
SetEvent
GlobalDeleteAtom
GlobalAddAtomW
GetModuleHandleW
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateEventW
SetLastError
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
GetTempPathW
GetProcAddress
LoadLibraryW
GetModuleFileNameW
SetUnhandledExceptionFilter
lstrcpynW
GetLastError
ExitThread

user32

LockWindowUpdate
RealChildWindowFromPoint
CopyImage
MonitorFromPoint
SetParent
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
DestroyMenu
ShowOwnedPopups
GetWindowThreadProcessId
GetNextDlgTabItem
TabbedTextOutW
GrayStringW
DrawTextExW
MapVirtualKeyW
GetKeyNameTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ScrollWindowEx
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
GetDlgItemInt
SetDlgItemInt
ShowWindow
SetScrollInfo
CallNextHookEx
SetWindowsHookExW
GetTopWindow
EqualRect
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
SetMenu
GetMenu
GetCapture
SetWindowPlacement
GetWindowPlacement
IsChild
GetClassInfoExW
GetClassInfoW
GetMessageTime
UnhookWindowsHookEx
RemoveMenu
GetMenuStringW
UnregisterClassA
SendDlgItemMessageA
SetMenuDefaultItem
LoadMenuW
ModifyMenuW
DeleteMenu
GetMenuState
GetMenuItemInfoW
CreateMenu
DrawIconEx
CreateIconIndirect
GetIconInfo
SetWindowRgn
CallWindowProcW
IsZoomed
GetScrollInfo
GetWindowRgn
DeferWindowPos
MapWindowPoints
IsMenu
AdjustWindowRectEx
CopyIcon
DrawEdge
DestroyCursor
IntersectRect
LoadBitmapW
SetRectEmpty
UnionRect
PostThreadMessageW
CreateWindowExW
RegisterClassW
DefWindowProcW
PostQuitMessage
WaitMessage
IsDialogMessageW
CreateDialogIndirectParamW
GetWindowTextW
WinHelpW
MoveWindow
SetWindowPos
CheckDlgButton
GetSystemMenu
DrawTextW
LoadStringW
GetDialogBaseUnits
EndPaint
DrawIcon
BeginPaint
GetActiveWindow
SetRect
CharToOemBuffA
MsgWaitForMultipleObjects
CharUpperBuffW
SendMessageTimeoutW
GetLastActivePopup
MonitorFromRect
MsgWaitForMultipleObjectsEx
PeekMessageW
IsWindowUnicode
GetMessageW
GetMessageA
DispatchMessageA
CharUpperW
CharLowerW
UnregisterClassW
GetDCEx
ReleaseCapture
RedrawWindow
SetCapture
GetClassLongW
FillRect
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
GetSysColorBrush
CharLowerBuffW
GetKeyState
OffsetRect
InflateRect
CopyRect
GetWindowDC
GetDesktopWindow
IsClipboardFormatAvailable
TrackPopupMenu
GetCursorPos
SetForegroundWindow
IsIconic
IsWindowVisible
GetClassNameW
EnableMenuItem
RegisterWindowMessageW
CheckMenuItem
CheckMenuRadioItem
LoadImageW
GetSysColor
DestroyIcon
IsWindow
GetDlgCtrlID
LoadCursorW
SetCursor
WindowFromPoint
ClientToScreen
GetMenuItemID
GetMenuItemCount
ScreenToClient
GetMonitorInfoW
MonitorFromWindow
GetSubMenu
GetSystemMetrics
ReleaseDC
GetDC
PostMessageW
GetClipboardData
GetPriorityClipboardFormat
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DragDetect
RegisterClipboardFormatW
GetMessagePos
MessageBeep
LoadIconW
GetWindow
InsertMenuW
AppendMenuW
CreatePopupMenu
GetWindowRect
SystemParametersInfoW
DialogBoxParamW
EndDialog
GetWindowLongW
SetFocus
SetDlgItemTextW
SetWindowTextW
SetWindowLongW
GetDlgItemTextW
SendDlgItemMessageW
GetDlgItem
SetTimer
KillTimer
MessageBoxW
GetParent
DispatchMessageW
TranslateMessage
GetAsyncKeyState
PtInRect
UpdateWindow
InvalidateRect
GetClientRect
GetFocus
SendMessageW
EnableWindow
DestroyWindow
LoadStringA

gdi32

StretchDIBits
GetCharWidthW
CreateFontW
GetTextMetricsW
GetBkColor
LPtoDP
CreateEllipticRgn
DPtoLP
GetMapMode
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetWorldTransform
SetViewportOrgEx
SetViewportExtEx
PolylineTo
PolyBezierTo
EnumMetaFile
PlayMetaFileRecord
SetTextJustification
SetTextAlign
SetTextCharacterExtra
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
SetMapperFlags
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
ExtTextOutW
TextOutW
MoveToEx
SetArcDirection
SelectClipPath
PolyDraw
ArcTo
StartDocW
SetColorAdjustment
OffsetRgn
SetRectRgn
CombineRgn
FillRgn
GetWindowOrgEx
CreateBitmap
PtVisible
PlayMetaFile
OffsetClipRgn
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetCurrentPositionEx
GetClipRgn
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreateHatchBrush
CreateDIBPatternBrushPt
CopyMetaFileW
SetPixelV
SetDIBits
GetDIBits
Ellipse
SetPixel
CreateDIBitmap
CreatePolygonRgn
GetPixel
GetTextExtentPoint32W
DeleteObject
DeleteDC
SelectObject
SetDIBColorTable
CreateCompatibleDC
GetObjectW
CreateDIBSection
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetCurrentObject
CreateFontIndirectW
GetTextColor
PatBlt
CreateSolidBrush
CreateDCW
SetBkColor
SetTextColor
GetStockObject
CreatePen
ExtCreatePen
CreateRectRgnIndirect
StretchBlt
SetStretchBltMode
CreateRectRgn
ModifyWorldTransform

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW
RegEnumKeyExW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegQueryValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegSetValueW
RegEnumKeyW
RegQueryValueW
SetFileSecurityW
GetFileSecurityW
RegDeleteValueW
GetUserNameW

shell32

SHBrowseForFolderW
DragQueryFileW
ShellExecuteW
SHGetFileInfoW
FindExecutableW
SHFileOperationW
SHGetMalloc
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAddToRecentDocs
ExtractIconW
DragFinish
Shell_NotifyIconW
SHParseDisplayName
SHCreateShellItem
SHGetPathFromIDListW
SHGetSpecialFolderPathW

comctl32

ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Remove
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_DragEnter
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_GetIcon
ImageList_Draw
ImageList_SetBkColor

ole32

OleInitialize
OleUninitialize
CLSIDFromString
CoInitialize
CoUninitialize
ReleaseStgMedium
StringFromGUID2
CoDisconnectObject
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromProgID
OleRun
CoFreeUnusedLibraries
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
PropVariantCopy
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
CoInitializeEx
CoCreateGuid
SetConvertStg
OleRegGetUserType
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
WriteClassStg
ReadClassStg
CreateBindCtx
CoTreatAsClass
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CreateStreamOnHGlobal
RegisterDragDrop
CoCreateInstance

oleaut32

SysReAllocStringLen
RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarDecFromStr
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarCyFromStr
VarDateFromStr
VariantCopy
SafeArrayPtrOfIndex
SafeArrayCopy
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayUnlock
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayCreate
SafeArrayAllocData
SafeArrayAllocDescriptor
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SysAllocString
SafeArrayPutElement
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime

oledlg

OleUIBusyW

ws2_32

getaddrinfo
freeaddrinfo
accept
bind
getpeername
getsockname
htonl
inet_ntoa
ntohs
recvfrom
sendto
WSAGetLastError
__WSAFDIsSet
ioctlsocket
closesocket
recv
send
connect
WSASetLastError
gethostbyname
inet_addr
htons
socket
gethostname
shutdown
WSAStartup
select
WSACleanup
WSAAsyncSelect

gdiplus

GdipCreateBitmapFromFileICM
GdiplusStartup
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipCloneImage
GdipAlloc
GdipFree
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdiplusShutdown
GdipGetImagePalette
GdipGetImageHeight

winmm

mciSendCommandW
mciGetErrorStringW

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

tak_deco_lib

tak_SSD_GetStreamInfo
tak_SSD_Valid
tak_SSD_Create_FromStream
tak_SSD_GetEncoderInfo
tak_SSD_Destroy

uxtheme

DrawThemeText
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
SetWindowTheme

Exports

Exports

opus_decode
opus_decode_float
opus_decoder_create
opus_decoder_ctl
opus_decoder_destroy
opus_decoder_get_nb_samples
opus_decoder_get_size
opus_decoder_init
opus_encode
opus_encode_float
opus_encoder_create
opus_encoder_ctl
opus_encoder_destroy
opus_encoder_get_size
opus_encoder_init
opus_get_version_string
opus_multistream_decode
opus_multistream_decode_float
opus_multistream_decoder_create
opus_multistream_decoder_ctl
opus_multistream_decoder_destroy
opus_multistream_decoder_get_size
opus_multistream_decoder_init
opus_multistream_encode
opus_multistream_encode_float
opus_multistream_encoder_create
opus_multistream_encoder_ctl
opus_multistream_encoder_destroy
opus_multistream_encoder_get_size
opus_multistream_encoder_init
opus_packet_get_bandwidth
opus_packet_get_nb_channels
opus_packet_get_nb_frames
opus_packet_get_nb_samples
opus_packet_get_samples_per_frame
opus_packet_parse
opus_repacketizer_cat
opus_repacketizer_create
opus_repacketizer_destroy
opus_repacketizer_get_nb_frames
opus_repacketizer_get_size
opus_repacketizer_init
opus_repacketizer_out
opus_repacketizer_out_range
opus_strerror

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1019KB - Virtual size: 1018KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$R1/Mp3tagQuickPick.lng
$R1/Mp3tagSetup.ini
$R1/data/actions/CD-R.mta
$R1/data/actions/Case conversion.mta
$R1/data/actions/Standard.mta
$R1/data/empty.mte
$R1/data/freedb.src
$R1/data/genres.ini
$R1/data/sources/discogs.src
$R1/export/RTF.mte
$R1/export/csv.mte
$R1/export/html_mp3tag.mte
$R1/export/html_standard.mte
$R1/export/sfv.mte
$R1/export/txt_taglist.mte
$R1/lang/English.lng
$R1/mp3tag.lng
$R1/tak_deco_lib.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

tak_APE_GetDesc
tak_APE_GetErrorString
tak_APE_GetIndexOfKey
tak_APE_GetItemDesc
tak_APE_GetItemKey
tak_APE_GetItemNum
tak_APE_GetItemValue
tak_APE_GetTextItemValueAsAnsi
tak_APE_ReadOnly
tak_APE_State
tak_APE_Valid
tak_GetCodecName
tak_GetLibraryVersion
tak_GetWaveExtensibleSpeakerMask
tak_SSD_Create_FromFile
tak_SSD_Create_FromStream
tak_SSD_Destroy
tak_SSD_GetAPEv2Tag
tak_SSD_GetCurFrameBitRate
tak_SSD_GetEncoderInfo
tak_SSD_GetErrorString
tak_SSD_GetFrameSize
tak_SSD_GetMD5
tak_SSD_GetReadPos
tak_SSD_GetSimpleWaveDataDesc
tak_SSD_GetStateInfo
tak_SSD_GetStreamInfo
tak_SSD_GetStreamInfo_V22
tak_SSD_ReadAudio
tak_SSD_ReadSimpleWaveData
tak_SSD_Seek
tak_SSD_State
tak_SSD_Valid

Sections

CODE
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2a592076b17ef8bfb48b7e03965a3fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 171KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 3KB - Virtual size: 3KB

a385013c6994a1f6269ad2733aa7d75b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 284B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

32002fa3a57d8ff762864f46bd7d93c4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 191KB - Virtual size: 190KB

.data Size: 2KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 300B

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 6KB - Virtual size: 5KB

e2a592076b17ef8bfb48b7e03965a3fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 171KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 3KB - Virtual size: 3KB

439074d1c01f7b16781bdf060930814a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 927B

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 171KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 284B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 191KB - Virtual size: 190KB

.data
Size: 2KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 300B

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 171KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 927B

.data
Size: - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 254B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 927B

.data
Size: - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 254B

9f:ea:c8:11:b0:f1:62:47:a5:fc:20:d8:05:23:ac:e6
Certificate

db:71:b0:77:0c:a8:e1:06:35:c9:f9:65:87:8a:a7:df
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

f6:c9:df:9f:de:f9:36:90:05:75:35:66:38:d9:10:8d:e3:4e:54:28
Signer

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 1019KB - Virtual size: 1018KB

.data
Size: 83KB - Virtual size: 117KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

CODE
Size: 89KB - Virtual size: 89KB

DATA
Size: 7KB - Virtual size: 7KB

BSS
Size: - Virtual size: 2KB