35965597706b91cdaff7e29548847c80_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

35965597706b91cdaff7e29548847c80_NeikiAnalytics.exe
Size

4.4MB
MD5

35965597706b91cdaff7e29548847c80
SHA1

7163aa86f4d7145697348362893498a91529b75d
SHA256

03a520c2e02cb576e0d0675b6d9826afece2ffbb93d2805f6daee044f5ab4820
SHA512

70875cbfaa9c52ac12df86727cfb0a1020acb80b483edcb6c735550f16e99fdcc073f9a5baa4f7c6946db7773ca8587cee4970463b2b8c3eab0c8b62d9ef66fe
SSDEEP

98304:fwIpll6x5nlaUnMfU4EwDFFAgW3YST7xJfaOGYRl3lLlbg9j2pi1B:z1SXOIw4PPiJwRlEj2M

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 2 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsRandom.dll	acprotect
static1/unpack001/fmod.dll	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/$PLUGINSDIR/nsRandom.dll	upx
static1/unpack001/fmod.dll	upx

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
35965597706b91cdaff7e29548847c80_NeikiAnalytics.exe
unpack001/$PLUGINSDIR/ButtonEvent.dll
unpack001/$PLUGINSDIR/MyNsisExtend.dll
unpack001/$PLUGINSDIR/NSISdl.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/locate.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/$PLUGINSDIR/nsRandom.dll
unpack002/out.upx
unpack001/$PLUGINSDIR/xml.dll
unpack001/$TEMP/$_89_/MyNsisSkin.dll
unpack001/WinSS.exe
unpack001/fmod.dll
unpack001/¿ªÊ¼ÓÎÏ·.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

35965597706b91cdaff7e29548847c80_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ButtonEvent.dll
.dll windows:4 windows x86 arch:x86

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
GlobalAlloc
lstrcpyA
lstrcpynA
GlobalFree

user32

PostMessageA
CallWindowProcA
GetDlgItem
FindWindowExA
SetWindowLongA
wsprintfA

Exports

Exports

AddEventHandler
Unload
UnsetEventHandler
WhichButtonId

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/MyNsisExtend.dll
.dll windows:4 windows x86 arch:x86

9cb11d0d4bed69c64ae8d0549b4ce4ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\SVN\v2.2\install\build\MSVC.2005\Tool\GMNsisExtend\release_staticA2\MyNsisExtend.pdb

Imports

shlwapi

PathSkipRootA
PathCombineA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetSetOptionA
InternetSetFilePointer
InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetOpenA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

InitializeCriticalSection
GlobalFree
lstrcpyA
SetEvent
Sleep
ResetEvent
CreateEventA
lstrcpynA
GlobalAlloc
lstrcmpiA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrlenA
GetLogicalDriveStringsA
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
GetLastError
CreateProcessA
DisableThreadLibraryCalls
CloseHandle
GetFileSize
CreateFileA
GetFileAttributesA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetPrivateProfileStringA
lstrcmpA
CreateFileW
ReadFile
WriteFile
SetFilePointer
GetVersionExA
SetFileTime
GetFileTime
SetEndOfFile
ResumeThread
GetCurrentThreadId
GetTickCount
GetVersion
ExpandEnvironmentStringsA
GetSystemInfo
SetFileAttributesA
WritePrivateProfileStringA
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentDirectoryA
DeleteFileA
SearchPathA
CreateDirectoryA
GetFullPathNameA
GetFileSizeEx
InterlockedExchange
DeviceIoControl
GetTempFileNameA
GetSystemDirectoryA
MoveFileExA
GetLongPathNameA
GetFileInformationByHandle
RemoveDirectoryA
GetTempPathA
MoveFileA
GetWindowsDirectoryA
CopyFileA
GetProcAddress
FreeLibrary
GetModuleFileNameA
LoadLibraryA
GetModuleHandleA
LoadLibraryExA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
FindClose
FindFirstFileA
FindNextFileA
GetLocaleInfoW
GetLocaleInfoA
SetConsoleCtrlHandler
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
TlsFree
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
HeapSize
HeapReAlloc
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
CompareStringA
InterlockedIncrement
SetLastError
SetCurrentDirectoryA
CompareStringW
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
CreateThread
ExitThread
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
GetProcessHeap
GetCommandLineA
IsDebuggerPresent
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedDecrement

user32

GetDlgItem
wsprintfA
SetTimer
KillTimer
SetForegroundWindow
GetWindow
GetWindowRect
AttachThreadInput
GetWindowLongA
SystemParametersInfoA
IsWindowVisible
IsIconic
GetForegroundWindow
SetWindowTextA
GetWindowTextA
MapWindowPoints
IsZoomed
GetClientRect
GetWindowTextLengthA
GetWindowThreadProcessId
GetActiveWindow
SendMessageTimeoutA
GetParent
LoadStringW
SetWindowPos
GetSystemMetrics
ShowWindow
EnumThreadWindows
GetClassNameA
SendMessageA

advapi32

RegDeleteValueA
RegQueryInfoKeyA
RegLoadKeyA
RegRestoreKeyA
RegEnumValueA
RegEnumKeyExA
RegSaveKeyA
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysFreeString
SysAllocString

Exports

Exports

ChangeInstDirtoMax
CheckInstallLimit
ConvertSoftInstallTime
CreateShortcut
CreateTimer
DecodeFile
DestroyTimer
Exec
ExecWait
Get7zOriginalSize
GetAdvertFileName
GetAdvertID
GetAdvertIcon
GetAdvertLocalFile
GetAdvertName
GetAdvertUrl
GetBaiduHomePageURL
GetChromeHomePageURL
GetExeFileNameFromUrl
GetForceAdvertFileName
GetForceAdvertID
GetForceAdvertLocalFile
GetForceAdvertName
GetForceAdvertUrl
GetHomePageName
GetHomePageName2
GetIEHomePageURL
GetSingleFileSize
GetSougouHomePageURL
GetSpecialBuild
GetSubChannel
HomePageChecksOut
InitPopUpInfo
LoadEncrypedXML
LoadEncrypedXMLFromUrl
LoadXMLFromUrl
LoadXml
OpenUrl
PinToTaskbar
PopUp
PopupAD
SendResearchResult
SetHomePage
SetUnGameList
UnPinFromTaskBar

Sections

.text
Size: 440KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISdl.dll
.dll windows:4 windows x86 arch:x86

9cce555dd3ff1b6c7dc92d64c794c51a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
lstrcpynA
lstrlenA
lstrcatA
GlobalAlloc
GlobalFree
CloseHandle
GetTickCount
DeleteFileA
Sleep
WriteFile
CreateFileA
lstrcmpiA
lstrcpyA
MulDiv
CreateThread

user32

CharPrevA
SetWindowLongA
RegisterWindowMessageA
CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
ShowWindow
IsWindowVisible
GetFocus
GetDlgItem
FindWindowExA
SetWindowTextA
SendMessageA
wsprintfA
SetDlgItemTextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ws2_32

gethostbyname
inet_addr
ioctlsocket
htons
socket
closesocket
shutdown
connect
__WSAFDIsSet
select
recv
WSAGetLastError
send
WSACleanup
WSAStartup

Exports

Exports

download
download_quiet

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/locate.dll
.dll windows:4 windows x86 arch:x86

7f8181c74f882a780c7cd485241e8b51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
MultiByteToWideChar
lstrlenW
lstrlenA
GetWindowsDirectoryW
WideCharToMultiByte
CompareFileTime
FindNextFileA
FindNextFileW
FileTimeToSystemTime
RemoveDirectoryA
RemoveDirectoryW
FindFirstFileA
FindFirstFileW
FindClose
SystemTimeToFileTime
FileTimeToLocalFileTime

user32

SetWindowTextA
SetWindowTextW
GetDlgItem
FindWindowExA
MessageBoxW

Exports

Exports

_Close
_Find
_GetSize
_Open
_RMDirEmpty
_Unload

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

1e2884056e655f2b7bc5a904e352fc80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsRandom.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetRandom

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/xml.dll
.dll windows:4 windows x86 arch:x86

b5ed5b3a951d4443ce56e5453702d536

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
lstrcpynA
lstrcmpA
lstrcmpiA
lstrcpyA
RtlUnwind
GetModuleFileNameA
RaiseException
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
HeapReAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapSize
GetLastError
LoadLibraryA
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CreateFileA
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
GetLocaleInfoA
InterlockedExchange
SetEndOfFile

Exports

Exports

_CloneNode
_Coordinate
_CreateNode
_CreateText
_CurrentAttribute
_DeclarationEncoding
_DeclarationStandalone
_DeclarationVersion
_ElementPath
_FindCloseElement
_FindNextElement
_FirstAttribute
_FirstChild
_FirstChildElement
_FreeNode
_GetAttribute
_GetNodeValue
_GetText
_GotoHandle
_GotoPath
_InsertAfterNode
_InsertBeforeNode
_InsertEndChild
_IsCDATA
_LastAttribute
_LastChild
_LoadFile
_NextAttribute
_NextSibling
_NextSiblingElement
_NoChildren
_NodeHandle
_NodeType
_Parent
_PreviousAttribute
_PreviousSibling
_RemoveAllChild
_RemoveAttribute
_RemoveNode
_ReplaceNode
_RootElement
_SaveFile
_SetAttribute
_SetAttributeName
_SetAttributeValue
_SetCDATA
_SetCondenseWhiteSpace
_SetEncoding
_SetNodeValue
_SetText
_Unload
_XPathAttribute
_XPathNode
_XPathString

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_89_/GMSkin_Image_2012_v1.zip
.zip
skin.xml
skin/??.png
.png
skin/????.png
.png
skin/Thumbs.db
skin/icon1.png
.png
$TEMP/$_89_/MyNsisSkin.dll
.dll windows:4 windows x86 arch:x86

8b2c18b411d31cbef33f61e5be07509a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\SVN\v2.2\install\build\MSVC.2005\Tool\GMSkin\release_static2\MyNsisSkin.pdb

Imports

msimg32

TransparentBlt
AlphaBlend

kernel32

DosDateTimeToFileTime
CreateDirectoryW
GetCurrentDirectoryW
SetFileTime
WriteFile
SetEndOfFile
GetLastError
GetFileTime
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
SystemTimeToFileTime
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
WideCharToMultiByte
lstrcpyW
GetCurrentThreadId
MulDiv
lstrcatW
CreateFileW
GetFileSize
CreateFileA
ReadFile
CloseHandle
MultiByteToWideChar
lstrcmpiW
DisableThreadLibraryCalls
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
HeapCreate
HeapDestroy
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess

user32

ScreenToClient
ClientToScreen
UpdateWindow
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
SetWindowTextW
CharNextW
InvalidateRect
EnumChildWindows
SetCapture
ReleaseCapture
ShowWindow
SetWindowRgn
OffsetRect
wsprintfW
GetSystemMetrics
SetWindowPos
GetSystemMenu
GetMenuItemInfoW
PostMessageW
PtInRect
SetTimer
GetClassNameW
GetParent
MapWindowPoints
SetPropW
CallWindowProcW
GetPropW
DefWindowProcW
GetClientRect
GetWindowRect
IsWindow
GetWindowLongW
LoadCursorW
SetCursor
TrackMouseEvent
BeginPaint
EndPaint
IsWindowEnabled
GetWindowTextW
SendMessageW
DrawTextW
SetWindowLongW
GetCursorPos
KillTimer

gdi32

CreatePen
SetStretchBltMode
StretchBlt
CreateFontIndirectW
CreateDIBSection
SetBkColor
CreateSolidBrush
CreateRoundRectRgn
RoundRect
GetStockObject
GetObjectW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
SetBkMode
SetTextColor
BitBlt
DeleteObject

oleaut32

SysFreeString

Exports

Exports

AddShowImage
AddShowImageFromFile
AddShowText
ClearAllShow
DelShowImage
DelShowText
InitSkin
SetBkImage
SetBtnImage
SetCloseBtnImage
SetEditBkColor
SetProgressBKImage
SetProgressImage
SetProgressTextWindow
SetTextClr
SetWindowID
SlideOff
SlideOn

Sections

.text
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_89_/config.dat
$TEMP/$_89_/game.jpg
.jpg
ExeConfig.ini
Install_props.xml
WinSS.exe
.exe windows:4 windows x86 arch:x86

88c950265761a20d33c0d6a71c8bc4b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetProcAddress
LoadLibraryA
FreeLibrary
IsBadWritePtr
GetLastError
VirtualQuery
GetVersionExA
CloseHandle
GetFileTime
CreateFileA
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
IsBadReadPtr
InterlockedDecrement
InterlockedIncrement
TerminateProcess
ResumeThread
CreateThread
TlsSetValue
ExitThread
HeapFree
HeapReAlloc
SetUnhandledExceptionFilter
RaiseException
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
TlsAlloc
SetLastError
TlsGetValue
HeapSize
WideCharToMultiByte
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
SetStdHandle
FlushFileBuffers
SetEndOfFile
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
MultiByteToWideChar
OutputDebugStringA
GetCurrentThread
SetThreadPriority
GetWindowsDirectoryA
Sleep
GetModuleFileNameA
GetCurrentThreadId
CreateDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
HeapAlloc
GetTickCount

user32

GetClipboardData
ReleaseDC
GetDC
DrawTextExA
PostQuitMessage
GetMessageA
SendMessageA
GetSysColor
GetClientRect
OffsetRect
PeekMessageA
DispatchMessageA
TranslateMessage
SetForegroundWindow
OpenClipboard
CloseClipboard
SetTimer
ClientToScreen
GetCursorPos
WindowFromPoint
SetCapture
ReleaseCapture
GetWindowLongA
EndPaint
DefWindowProcA
MessageBoxA
GetWindowPlacement
CloseWindow
ShowWindow
AdjustWindowRect
SetClipboardData
ShowCursor
SetCursor
LoadCursorA
LoadIconA
CreateWindowExA
RegisterClassA
DestroyWindow
SetWindowLongA
BeginPaint

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

SetTextColor
TextOutA
GetObjectA
CreateFontIndirectA
IntersectClipRect
SetBkMode
CreateSolidBrush
GetDeviceCaps
CreateFontA
SelectObject
DeleteObject
GetTextMetricsA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

winmm

mixerSetControlDetails
mixerGetDevCapsA
timeBeginPeriod
timeEndPeriod
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
mixerOpen
mixerGetControlDetailsA
timeGetTime

ddraw

DirectDrawCreate

wsock32

shutdown

dsound

ord1

fmod

_FSOUND_Sample_GetMode@4
_FSOUND_Sample_GetDefaults@20
_FSOUND_Sample_SetLoopPoints@12
_FSOUND_Sample_Free@4
_FSOUND_Sample_Alloc@28
_FMUSIC_LoadSong@4
_FSOUND_Sample_GetLength@4
_FSOUND_SetLoopMode@8
_FSOUND_PlaySound@8
_FMUSIC_SetOrder@8
_FMUSIC_PlaySong@4
_FMUSIC_SetLooping@8
_FMUSIC_SetMasterVolume@8
_FSOUND_SetPaused@8
_FMUSIC_SetPaused@8
_FSOUND_StopSound@4
_FMUSIC_StopSong@4
_FSOUND_IsPlaying@4
_FMUSIC_IsPlaying@4
_FSOUND_Init@12
_FSOUND_SetHWND@4
_FSOUND_Close@0
_FSOUND_Sample_Lock@28
_FSOUND_Sample_Unlock@20
_FSOUND_SetVolume@8
_FSOUND_Sample_Load@16

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 584KB - Virtual size: 581KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
data/ItalianOldStyleMT11Bold.txt
data/ItalianOldStyleMT22Bold.txt
data/anims.txt
data/font1.txt
data/font2.txt
data/mediumfont.txt
data/scorefont.txt
data/tutfont.txt
data/yesno.txt
fmod.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_FMUSIC_FreeSong@4
_FMUSIC_GetBPM@4
_FMUSIC_GetGlobalVolume@4
_FMUSIC_GetMasterVolume@4
_FMUSIC_GetName@4
_FMUSIC_GetNumChannels@4
_FMUSIC_GetNumInstruments@4
_FMUSIC_GetNumOrders@4
_FMUSIC_GetNumPatterns@4
_FMUSIC_GetNumSamples@4
_FMUSIC_GetOrder@4
_FMUSIC_GetPattern@4
_FMUSIC_GetPatternLength@8
_FMUSIC_GetPaused@4
_FMUSIC_GetRealChannel@8
_FMUSIC_GetRow@4
_FMUSIC_GetSample@8
_FMUSIC_GetSpeed@4
_FMUSIC_GetTime@4
_FMUSIC_GetType@4
_FMUSIC_GetUserData@4
_FMUSIC_IsFinished@4
_FMUSIC_IsPlaying@4
_FMUSIC_LoadSong@4
_FMUSIC_LoadSongMemory@8
_FMUSIC_OptimizeChannels@12
_FMUSIC_PlaySong@4
_FMUSIC_SetInstCallback@12
_FMUSIC_SetLooping@8
_FMUSIC_SetMasterSpeed@8
_FMUSIC_SetMasterVolume@8
_FMUSIC_SetOrder@8
_FMUSIC_SetOrderCallback@12
_FMUSIC_SetPanSeperation@8
_FMUSIC_SetPaused@8
_FMUSIC_SetReverb@4
_FMUSIC_SetRowCallback@12
_FMUSIC_SetSample@12
_FMUSIC_SetUserData@8
_FMUSIC_SetZxxCallback@8
_FMUSIC_StopAllSongs@0
_FMUSIC_StopSong@4
_FSOUND_3D_GetAttributes@12
_FSOUND_3D_Listener_GetAttributes@32
_FSOUND_3D_Listener_SetAttributes@32
_FSOUND_3D_Listener_SetCurrent@8
_FSOUND_3D_Listener_SetDistanceFactor@4
_FSOUND_3D_Listener_SetDopplerFactor@4
_FSOUND_3D_Listener_SetRolloffFactor@4
_FSOUND_3D_SetAttributes@12
_FSOUND_3D_SetDistanceFactor@4
_FSOUND_3D_SetDopplerFactor@4
_FSOUND_3D_SetRolloffFactor@4
_FSOUND_3D_Update@0
_FSOUND_CD_Eject@4
_FSOUND_CD_GetNumTracks@4
_FSOUND_CD_GetPaused@4
_FSOUND_CD_GetTrack@4
_FSOUND_CD_GetTrackLength@8
_FSOUND_CD_GetTrackTime@4
_FSOUND_CD_GetVolume@4
_FSOUND_CD_Play@8
_FSOUND_CD_SetPaused@8
_FSOUND_CD_SetPlayMode@8
_FSOUND_CD_SetVolume@8
_FSOUND_CD_Stop@4
_FSOUND_Close@0
_FSOUND_DSP_ClearMixBuffer@0
_FSOUND_DSP_Create@12
_FSOUND_DSP_Free@4
_FSOUND_DSP_GetActive@4
_FSOUND_DSP_GetBufferLength@0
_FSOUND_DSP_GetBufferLengthTotal@0
_FSOUND_DSP_GetClearUnit@0
_FSOUND_DSP_GetClipAndCopyUnit@0
_FSOUND_DSP_GetFFTUnit@0
_FSOUND_DSP_GetMusicUnit@0
_FSOUND_DSP_GetPriority@4
_FSOUND_DSP_GetSFXUnit@0
_FSOUND_DSP_GetSpectrum@0
_FSOUND_DSP_MixBuffers@28
_FSOUND_DSP_SetActive@8
_FSOUND_DSP_SetPriority@8
_FSOUND_FX_Disable@4
_FSOUND_FX_Enable@8
_FSOUND_FX_SetChorus@32
_FSOUND_FX_SetCompressor@28
_FSOUND_FX_SetDistortion@24
_FSOUND_FX_SetEcho@24
_FSOUND_FX_SetFlanger@32
_FSOUND_FX_SetGargle@12
_FSOUND_FX_SetI3DL2Reverb@52
_FSOUND_FX_SetParamEQ@16
_FSOUND_FX_SetWavesReverb@20
_FSOUND_File_SetCallbacks@20
_FSOUND_Geometry_AddList@4
_FSOUND_Geometry_AddPolygon@28
_FSOUND_Geometry_List_Begin@4
_FSOUND_Geometry_List_Create@4
_FSOUND_Geometry_List_End@4
_FSOUND_Geometry_List_Free@4
_FSOUND_Geometry_Material_Create@0
_FSOUND_Geometry_Material_Free@4
_FSOUND_Geometry_Material_GetAttributes@20
_FSOUND_Geometry_Material_Set@4
_FSOUND_Geometry_Material_SetAttributes@20
_FSOUND_GetCPUUsage@0
_FSOUND_GetChannelsPlaying@0
_FSOUND_GetCurrentLevels@12
_FSOUND_GetCurrentPosition@4
_FSOUND_GetCurrentSample@4
_FSOUND_GetCurrentVU@4
_FSOUND_GetDriver@0
_FSOUND_GetDriverCaps@8
_FSOUND_GetDriverName@4
_FSOUND_GetError@0
_FSOUND_GetFrequency@4
_FSOUND_GetLoopMode@4
_FSOUND_GetMaxChannels@0
_FSOUND_GetMaxSamples@0
_FSOUND_GetMemoryStats@8
_FSOUND_GetMixer@0
_FSOUND_GetMute@4
_FSOUND_GetNumDrivers@0
_FSOUND_GetNumHardwareChannels@0
_FSOUND_GetOutput@0
_FSOUND_GetOutputHandle@0
_FSOUND_GetOutputRate@0
_FSOUND_GetPan@4
_FSOUND_GetPaused@4
_FSOUND_GetPriority@4
_FSOUND_GetReserved@4
_FSOUND_GetSFXMasterVolume@0
_FSOUND_GetSurround@4
_FSOUND_GetVersion@0
_FSOUND_GetVolume@4
_FSOUND_Init@12
_FSOUND_IsPlaying@4
_FSOUND_Mpeg_Alloc@0
_FSOUND_Mpeg_Close@4
_FSOUND_Mpeg_DecodeFrame@16
_FSOUND_Mpeg_DecodeHeader@20
_FSOUND_Mpeg_ResetFrame@4
_FSOUND_PlaySound@8
_FSOUND_PlaySoundEx@16
_FSOUND_Record_GetDriver@0
_FSOUND_Record_GetDriverName@4
_FSOUND_Record_GetNumDrivers@0
_FSOUND_Record_GetPosition@0
_FSOUND_Record_SetDriver@4
_FSOUND_Record_StartSample@8
_FSOUND_Record_Stop@0
_FSOUND_Reverb_GetChannelProperties@8
_FSOUND_Reverb_GetProperties@4
_FSOUND_Reverb_SetChannelProperties@8
_FSOUND_Reverb_SetProperties@4
_FSOUND_Sample_Alloc@28
_FSOUND_Sample_Free@4
_FSOUND_Sample_Get@4
_FSOUND_Sample_GetDefaults@20
_FSOUND_Sample_GetLength@4
_FSOUND_Sample_GetLoopPoints@12
_FSOUND_Sample_GetMode@4
_FSOUND_Sample_GetName@4
_FSOUND_Sample_Load@16
_FSOUND_Sample_Lock@28
_FSOUND_Sample_SetDefaults@20
_FSOUND_Sample_SetLoopMode@8
_FSOUND_Sample_SetLoopPoints@12
_FSOUND_Sample_SetMaxPlaybacks@8
_FSOUND_Sample_SetMinMaxDistance@12
_FSOUND_Sample_SetMode@8
_FSOUND_Sample_Unlock@20
_FSOUND_Sample_Upload@12
_FSOUND_SetBufferSize@4
_FSOUND_SetCurrentPosition@8
_FSOUND_SetDriver@4
_FSOUND_SetFrequency@8
_FSOUND_SetFrequencyEx@8
_FSOUND_SetHWND@4
_FSOUND_SetLoopMode@8
_FSOUND_SetMaxHardwareChannels@4
_FSOUND_SetMemorySystem@20
_FSOUND_SetMinHardwareChannels@4
_FSOUND_SetMixer@4
_FSOUND_SetMute@8
_FSOUND_SetOutput@4
_FSOUND_SetPan@8
_FSOUND_SetPanSeperation@4
_FSOUND_SetPaused@8
_FSOUND_SetPriority@8
_FSOUND_SetReserved@8
_FSOUND_SetSFXMasterVolume@4
_FSOUND_SetSpeakerMode@4
_FSOUND_SetSurround@8
_FSOUND_SetVolume@8
_FSOUND_SetVolumeAbsolute@8
_FSOUND_StopSound@4
_FSOUND_Stream_AddSynchPoint@12
_FSOUND_Stream_Close@4
_FSOUND_Stream_Create@20
_FSOUND_Stream_CreateDSP@16
_FSOUND_Stream_DeleteSynchPoint@8
_FSOUND_Stream_GetLength@4
_FSOUND_Stream_GetLengthMs@4
_FSOUND_Stream_GetNumSubStreams@4
_FSOUND_Stream_GetNumSynchPoints@4
_FSOUND_Stream_GetOpenState@4
_FSOUND_Stream_GetPosition@4
_FSOUND_Stream_GetSample@4
_FSOUND_Stream_GetTime@4
_FSOUND_Stream_GetTimeAccurate@4
_FSOUND_Stream_OpenFile@12
_FSOUND_Stream_Play@8
_FSOUND_Stream_PlayEx@16
_FSOUND_Stream_SetBufferSize@4
_FSOUND_Stream_SetEndCallback@12
_FSOUND_Stream_SetLoopPoints@12
_FSOUND_Stream_SetPosition@8
_FSOUND_Stream_SetSubStream@8
_FSOUND_Stream_SetSynchCallback@12
_FSOUND_Stream_SetTime@8
_FSOUND_Stream_Stop@4
_FSOUND_Update@0

Sections

UPX0
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
game.ico
hiscores.dat
images/ItalianOldStyleMT22Bold.gif
.gif
images/_ItalianOldStyleMT11Bold.gif
.gif
images/_ItalianOldStyleMT22Bold.gif
.gif
images/_anchor.gif
.gif
images/_backdrop.jpg
.jpg
images/_bluepirate.gif
.gif
images/_bonusback.jpg
.jpg
images/_bonusship.gif
.gif
images/_cannon.gif
.gif
images/_cursor1.gif
.gif
images/_cursorshovel.gif
.gif
images/_ghost.gif
.gif
images/_goldbar.gif
.gif
images/_goodship.gif
.gif
images/_goodshipwhirl.png
.png
images/_grave.gif
.gif
images/_grid.gif
.gif
images/_islands.gif
.gif
images/_litbuttontext.gif
.gif
images/_mapbuttonlit.jpg
.jpg
images/_mapbuttonunlit.jpg
.jpg
images/_mapdot.jpg
.jpg
images/_mapx.jpg
.jpg
images/_monster.gif
.gif
images/_overhand.gif
.gif
images/_pirate.gif
.gif
images/_piratehead.gif
.gif
images/_pointer2.gif
.gif
images/_popcaplogo.gif
.gif
images/_popcapurl.gif
.gif
images/_pupil.gif
.gif
images/_quittowindowslit.gif
.gif
images/_quittowindowsunlit.gif
.gif
images/_redpirate.gif
.gif
images/_rubble.gif
.gif
images/_scorefont.gif
.gif
images/_skullbottomlayer.gif
.gif
images/_skulltoplayer.gif
.gif
images/_smsparkle.gif
.gif
images/_titlefont.gif
.gif
images/_unlitbuttontext.gif
.gif
images/anchor.gif
.gif
images/arrowdiag.png
.png
images/arrowvert.png
.png
images/backdrop.jpg
.jpg
images/bigwave.gif
.gif
images/blotch.gif
.gif
images/bluepirate.gif
.gif
images/bonusback.jpg
.jpg
images/bonuschest.gif
.gif
images/bonusship.gif
.gif
images/bonusx.png
.png
images/buttonpushed.gif
.gif
images/cannon.gif
.gif
images/cannonblast.gif
.gif
images/cannonshadow.gif
.gif
images/checked.gif
.gif
images/crosshair.png
.png
images/cursor1.gif
.gif
images/cursorshovel.gif
.gif
images/dbuttonblack.png
.png
images/dbuttonclear.gif
.gif
images/dbuttonwood.gif
.gif
images/dialog.png
.png
images/dialogskull.png
.png
images/dialogwood.gif
.gif
images/difflevel.jpg
.jpg
images/editbox.png
.png
images/enemyarrows.gif
.gif
images/explode.gif
.gif
images/extralife.gif
.gif
images/font1.png
.png
images/font2.png
.png
images/gameover.gif
.gif
images/ghost.gif
.gif
images/goldbar.gif
.gif
images/goodship.gif
.gif
images/goodshipwhirl.png
.png
images/grave.gif
.gif
images/grid.jpg
.jpg
images/highscorepanel.gif
.gif
images/internethighscore.gif
.gif
images/introbuttons.jpg
.jpg
images/introscreen.jpg
.jpg
images/introwheels.jpg
.jpg
images/islands.gif
.gif
images/light.gif
.gif
images/litbuttontext.gif
.gif
images/mapbuttonlit.jpg
.jpg
images/mapbuttonunlit.jpg
.jpg
images/mapdot.jpg
.jpg
images/mapx.jpg
.jpg
images/mediumfont.png
.png
images/mermaids.png
.png
images/monster.gif
.gif
images/next.png
.png
images/optionback.gif
.gif
images/optionsbutton.jpg
.jpg
images/overhand.gif
.gif
images/pirate.gif
.gif
images/pirateeye.gif
.gif
images/piratehead.gif
.gif
images/piratemap.gif
.gif
images/piratemouth2.gif
.gif
images/piratemouth3.gif
.gif
images/piratemouth4.gif
.gif
images/piratemouth5.gif
.gif
images/pixeldark.gif
.gif
images/pixellight.gif
.gif
images/pointer2.gif
.gif
images/popcaplogo.gif
.gif
images/popcapurl.gif
.gif
images/pupil.gif
.gif
images/quittowindowslit.gif
.gif
images/quittowindowsunlit.gif
.gif
images/redpirate.gif
.gif
images/rubble.gif
.gif
images/scorefont.gif
.gif
images/skullbottomlayer.gif
.gif
images/skulltoplayer.gif
.gif
images/sliderthumb.png
.png
images/slidertrack.gif
.gif
images/smsparkle.gif
.gif
images/sparkle.gif
.gif
images/splash.gif
.gif
images/title.jpg
.jpg
images/tutfont.png
.png
images/typer.gif
.gif
images/unchecked.gif
.gif
images/unlitbuttontext.gif
.gif
images/wake.gif
.gif
images/wakebright.gif
.gif
images/wakedim.gif
.gif
images/water.jpg
.jpg
images/whirl.gif
.gif
images/whirlappear.gif
.gif
images/whirldisappear.gif
.gif
images/yesno.jpg
.jpg
index.dat
license.txt
music/game.it
readme.txt
scoreul.tpl
.html .js polyglot
sounds/bonusdig.ogg
sounds/bonusgraves.ogg
sounds/bonuslose.ogg
sounds/bonusship.ogg
sounds/boom.ogg
sounds/cached_bonusdig.wav
sounds/cached_bonusgraves.wav
sounds/cached_bonuslose.wav
¿ªÊ¼ÓÎÏ·.exe
.exe windows:4 windows x86 arch:x86

db14222dff4ad9d88d8e8a3d01d8328c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Apps\release\GameLoginTool.pdb

Imports

gdiplus

GdipLoadImageFromStream
GdipCreateFont
GdipDeletePen
GdipCreatePen1
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipFree
GdipDeleteGraphics
GdipCloneBrush
GdipCreateFromHDC
GdipAlloc
GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreatePath
GdipDeletePath
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipGetFontStyle
GdipCloneImage
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipImageSelectActiveFrame
GdipSetTextRenderingHint
GdipAddPathArcI
GdipClosePathFigure
GdipSetPageUnit
GdipSetPenMode
GdipDrawPath
GdipFillPath
GdipReleaseDC
GdipDrawLineI
GdipDrawString
GdipCreateSolidFill
GdipDrawImageRectRectI
GdipDrawImageI
GdipGetImageWidth
GdipFillRectangleI
GdipGetImageHeight
GdipGetPathWorldBounds
GdipDisposeImage
GdipResetPath
GdipDeleteFont

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

InternetOpenUrlW
InternetSetFilePointer
HttpQueryInfoW
InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetQueryDataAvailable
InternetCrackUrlW
InternetWriteFile
InternetSetStatusCallbackW
InternetGetLastResponseInfoW

kernel32

CopyFileW
GetDriveTypeW
CreateDirectoryW
GetFileAttributesW
GetTickCount
FindFirstFileW
FindNextFileW
FindClose
GetCurrentThreadId
ResumeThread
GetVersion
ExpandEnvironmentStringsW
SetEnvironmentVariableW
GetSystemInfo
LocalFree
LocalAlloc
SetEndOfFile
GetFileTime
ReadFile
SetFileTime
WriteFile
SetFilePointer
GetFileInformationByHandle
GetFileSizeEx
DeviceIoControl
GetFullPathNameW
GetLongPathNameW
MoveFileW
MoveFileExW
SetCurrentDirectoryW
GetWindowsDirectoryW
CreateEventW
SetEvent
ResetEvent
TerminateProcess
GetExitCodeProcess
SuspendThread
GetCurrentProcess
SetErrorMode
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVolumeInformationW
GetDiskFreeSpaceW
InterlockedExchange
InterlockedIncrement
RemoveDirectoryW
CreateThread
TerminateThread
GetExitCodeThread
ReleaseSemaphore
CreateSemaphoreW
TlsFree
GetProcessHeap
HeapAlloc
CreateEventA
HeapFree
GetOverlappedResult
LoadLibraryA
WriteFileGather
SetFilePointerEx
ReadFileScatter
CreateFileA
GetQueuedCompletionStatus
CreateWaitableTimerW
InterlockedCompareExchange
TlsSetValue
InterlockedExchangeAdd
PostQueuedCompletionStatus
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetSystemTimeAsFileTime
QueueUserAPC
SleepEx
TlsGetValue
SetWaitableTimer
TlsAlloc
CreateIoCompletionPort
SetLastError
GetModuleHandleA
CancelIo
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualFree
VirtualAlloc
GlobalMemoryStatusEx
VirtualUnlock
VirtualLock
GetVersionExA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
MulDiv
GetThreadLocale
SystemTimeToFileTime
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GlobalReAlloc
GlobalHandle
LocalReAlloc
FileTimeToLocalFileTime
GlobalFlags
FlushFileBuffers
LockFile
UnlockFile
DuplicateHandle
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
HeapSize
SetStdHandle
GetFileType
VirtualProtect
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetCurrentDirectoryA
GetDriveTypeA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetFileAttributesW
GetModuleHandleW
WaitForMultipleObjects
GetCurrentDirectoryW
GetVersionExW
ExitThread
CreateMutexW
FormatMessageW
GetLastError
GetACP
CompareStringW
lstrlenW
lstrlenA
FileTimeToSystemTime
lstrcpyW
GlobalFree
OpenProcess
Sleep
DeleteFileW
WaitForSingleObject
CloseHandle
WritePrivateProfileStringW
GetLocalTime
GetFileSize
CreateFileW
LockResource
MultiByteToWideChar
GetModuleFileNameW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetCommandLineW
CreateProcessW
GetTempFileNameW
GetTempPathW
GlobalLock
GlobalAlloc
LoadResource
SizeofResource
FindResourceW
WideCharToMultiByte
FreeResource
GlobalUnlock
LoadLibraryW
GetProcAddress
FreeLibrary
OpenEventA
CreateWaitableTimerA
FormatMessageA
InterlockedDecrement

user32

IsDialogMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CharNextW
MapDialogRect
SetWindowContextHelpId
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
SetCapture
ReleaseCapture
PostQuitMessage
ValidateRect
GetMessageW
SetCursor
GetNextDlgGroupItem
MessageBeep
DestroyMenu
GetSysColorBrush
LoadCursorW
UnregisterClassW
RegisterClipboardFormatW
CharUpperW
PostThreadMessageW
GetClassLongW
EndPaint
IntersectRect
SystemParametersInfoA
GetWindowPlacement
IsWindowVisible
GetWindowThreadProcessId
GetWindow
GetWindowTextW
SetWindowTextW
SetWindowPos
GetForegroundWindow
GetActiveWindow
GetDlgItem
ShowWindow
SendMessageTimeoutW
GetDC
LoadIconW
DrawIcon
GetSystemMetrics
GetSystemMenu
TranslateMessage
DispatchMessageW
IsIconic
ReleaseDC
LoadImageW
PeekMessageW
SetWindowRgn
MoveWindow
CreatePopupMenu
SetWindowLongW
GetWindowLongW
AppendMenuW
SetForegroundWindow
GetCursorPos
GetParent
RegisterWindowMessageW
PostMessageW
IsWindow
SendMessageW
SystemParametersInfoW
GetClientRect
InvalidateRect
PtInRect
SetTimer
EnableWindow
KillTimer
GetWindowRect
GetDesktopWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
TrackPopupMenu
GetKeyState
UpdateWindow
GetMenu
GetSubMenu
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
MapWindowPoints
CallNextHookEx
GetMenuItemID
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
GetDlgCtrlID
DefWindowProcW
UnregisterClassA
CallWindowProcW
OffsetRect

gdi32

SelectObject
GetRgnBox
GetTextColor
GetBkColor
GetDeviceCaps
GetStockObject
GetMapMode
CreateBitmap
ExtSelectClipRgn
CreateCompatibleBitmap
CreateCompatibleDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
DeleteObject
DeleteDC
CreateDIBSection
CreateRoundRectRgn
CreateRectRgnIndirect
CombineRgn
GetClipBox
SetTextColor
SetBkColor
GetObjectW
SaveDC
RestoreDC
SetMapMode
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
BitBlt

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegOpenKeyW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
RegCreateKeyExW
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW
SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetFileInfoW
CommandLineToArgvW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathStripToRootW
UrlUnescapeW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoInitializeEx
CoUninitialize
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
VariantClear

ws2_32

getsockname
bind
htonl
WSASocketW
__WSAFDIsSet
getservbyname
ntohs
WSASetLastError
getsockopt
accept
WSAIoctl
getpeername
WSAStringToAddressA
WSARecvFrom
WSASendTo
ntohl
listen
ioctlsocket
WSAAddressToStringA
WSARecv
WSASend
connect
inet_ntoa
WSAStartup
inet_addr
select
WSAGetLastError
htons
setsockopt
WSACleanup
recv
socket
closesocket
gethostbyname
send

mswsock

GetAcceptExSockaddrs
AcceptEx

Exports

Exports

DecodeFile

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 808KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 176KB

.rsrc Size: 6KB - Virtual size: 6KB

0ece15e7d9bb35972aec701f46192460

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 503B

.data Size: 512B - Virtual size: 128B

.reloc Size: 512B - Virtual size: 220B

9cb11d0d4bed69c64ae8d0549b4ce4ce

Headers

File Characteristics

PDB Paths

Imports

shlwapi

wininet

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 440KB - Virtual size: 436KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 17KB

9cce555dd3ff1b6c7dc92d64c794c51a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 25KB

.reloc Size: 1024B - Virtual size: 836B

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 176KB

.rsrc
Size: 6KB - Virtual size: 6KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 503B

.data
Size: 512B - Virtual size: 128B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 440KB - Virtual size: 436KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 17KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 25KB

.reloc
Size: 1024B - Virtual size: 836B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 848B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 572B

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 19KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 28KB - Virtual size: 28KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 73B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.text
Size: 89KB - Virtual size: 89KB

.rdata
Size: 16KB - Virtual size: 15KB