Roblox Executor[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Roblox Executor.zip
Size

10.0MB
MD5

aceda8c00690b1882a918e07a84d3b59
SHA1

31f0a6f3d6fb42e9fda896a6b4e114c4e78b8fc7
SHA256

6aa71fde0cf246e09ba9a42a92f4969ffdb940f1175602e7446ea94efc901041
SHA512

1c78e079e51fe6be86dbe9108958b1819a80c7f48c8c1a9c047bae713fb63093edd0d6f2a43cb67f02848225e6caca6094c3981da67ef88b92af3addc0ab773a
SSDEEP

196608:f8cj2ez0G3e9JgO4pyAAQCXGFxSJOQGexy6g8x6uDajEwl6wW552ULHaGsDf:fN9z7u9JgO4wsCXexSg4xy6j6u+jV6wp

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DirectX2D.dll
unpack001/IA2Marshal.dll
unpack001/Serilog.dll
unpack001/archivelog.dll
unpack001/d2patch.dll

Files

Roblox Executor.zip
.zip
DirectX2D.dll
.dll windows:4 windows x86 arch:x86

01b62986414563f843fca13d7f8ffe1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindFirstFileA
Sleep
TlsGetValue
GetModuleFileNameA
GetStartupInfoA
GetLocaleInfoW
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
GetLastError
CloseHandle
ReadFile
SetFilePointer
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
OutputDebugStringA
SetHandleCount
GetStdHandle
GetFileType
GetLocaleInfoA
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LCMapStringW
InterlockedIncrement
SetStdHandle
FlushFileBuffers
CreateFileA
LCMapStringA
GetStringTypeA
GetStringTypeW
LoadLibraryA
SetEndOfFile

user32

ShowCursor
DestroyWindow
LoadImageA
SetFocus
UpdateWindow
ShowWindow
DefWindowProcA
RegisterClassA
GetSystemMetrics
CreateWindowExA

gdi32

DeleteObject
GetObjectA

ddraw

DirectDrawCreate
DirectDrawEnumerateA

Exports

Exports

?_reDisplaySetFillMode@@YIKW4reFILLMODE@@@Z
@_reBitmapBlitToBitmap@36
@_reBitmapBlitToLFB@36
@_reBitmapClear@24
@_reBitmapCreate@20
@_reBitmapDestroy@4
@_reBitmapGetColourKey@12
@_reBitmapGetReadPtr@12
@_reBitmapGetWritePtr@12
@_reBitmapLoad@16
@_reBitmapLoadRaw@24
@_reBitmapLoadToLFB@8
@_reBitmapReleaseReadPtr@8
@_reBitmapReleaseWritePtr@8
@_reBitmapRemap@8
@_reBitmapSetColourKey@12
@_reDisplayAddState@8
@_reDisplayClearBuffer@20
@_reDisplayCloseVideo@0
@_reDisplayCopyLFBtoLFB@12
@_reDisplayCreate@4
@_reDisplayDestroy@4
@_reDisplayDrawIndexedTri@8
@_reDisplayDrawNativeTri@4
@_reDisplayDrawTri@4
@_reDisplayEndFrame@0
@_reDisplayFlipToGDI@0
@_reDisplayGetDeviceName@12
@_reDisplayGetLFBDC@8
@_reDisplayGetLFBReadPtr@12
@_reDisplayGetLFBWritePtr@12
@_reDisplayGetNaughtyData@8
@_reDisplayGetNumDevices@4
@_reDisplayGetPalette@8
@_reDisplayHWAcc3D@0
@_reDisplayHWAccBlit@0
@_reDisplayInitFrame@4
@_reDisplayOpenVideo@20
@_reDisplayQueryVideoMode@12
@_reDisplayReleaseLFBDC@8
@_reDisplayReleaseLFBReadPtr@8
@_reDisplayReleaseLFBWritePtr@8
@_reDisplayRemoveState@8
@_reDisplayRenderFrame@4
@_reDisplaySetDevice@4
@_reDisplaySetPalette@8
@_reDisplaySetViewport@24
@_reDisplayStartFrame@0
@_reDisplaySwapBuffers@0
@_reDisplayWaitTOF@0
@_rePaletteCreate332Pal@4
@_rePaletteCreate@8
@_rePaletteDestroy@4
@_rePaletteGetPalEntries@16
@_rePaletteLoadPalFile@8
@_rePaletteLoadPalRes@8
@_rePaletteSetPalEntries@16
@_reStateActivate@4
@_reStateAddIndexedTri@24
@_reStateAddTri@12
@_reStateCreate@4
@_reStateDestroy@4
@_reStateInit@4
@_reStateSetAlpha@8
@_reStateSetCalcScreenCoords@8
@_reStateSetClipRect@20
@_reStateSetColour@16
@_reStateSetCullMode@8
@_reStateSetDepthBufferMode@8
@_reStateSetFOV@12
@_reStateSetGlobalPointList@8
@_reStateSetRenderMode@8
@_reStateSetSoftwareClip@8
@_reStateSetTexture@12
ghOwnerInstance
ghOwnerWindow
pgLastError

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Environment.ini
IA2Marshal.dll
.dll regsvr32 windows:6 windows x64 arch:x64

89556f266a5e711ccfbd9bae475375d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/var/tmp/build/firefox-bed2324647cb/obj-mingw/accessible/interfaces/ia2/IA2Marshal.pdb

Imports

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrOleAllocate
NdrOleFree
NdrStubCall2
NdrStubForwardingFunction

ole32

HWND_UserFree
HWND_UserMarshal
HWND_UserSize
HWND_UserUnmarshal

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort

api-ms-win-crt-private-l1-1-0

memcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

mozglue

calloc
free

api-ms-win-crt-string-l1-1-0

strlen
strncmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Serilog.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/src/Serilog/obj/Release/netstandard2.1/Serilog.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ServicesSettings.ini
Settings.ini
archivelog.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Projects\LZMA-SDK\src\SevenZip-NetStandard\obj\Release\netstandard2.0\SevenZip.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
d2patch.dll
.dll windows:4 windows x86 arch:x86

760e19b379614e8d7247a171d264ee1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

d2cmp

ord10079

d2common

ord10385
ord10596
ord10085
ord10295
ord10424
ord10313
ord10315
ord10316
ord10314
ord10296
ord10057
ord10034
ord10045
ord10336
ord10037
ord11205
ord10513
ord10426
ord10666
ord10298
ord10519
ord10077
ord10062
ord10066
ord10342
ord10521
ord10425
ord10099
ord10035
ord10329
ord10326
ord10487
ord10920
ord10039
ord11073
ord10074
ord10075
ord10931
ord10924
ord10076
ord10071
ord10081
ord10073
ord10056
ord10078
ord10582
ord10626
ord10600
ord10068
ord10067
ord10079
ord10080
ord10229
ord10137
ord11229
ord11230
ord10038
ord10001
ord10391
ord10189
ord10187
ord10178
ord10177
ord11029
ord10963
ord10968
ord10947
ord10948
ord10397
ord10368
ord10304
ord10755
ord10305
ord10277
ord10754
ord10810
ord10881
ord10708
ord10709
ord10442
ord10331
ord10328
ord10720
ord10853
ord10719
ord10175
ord10176
ord10707
ord10826
ord11114
ord10564
ord10427
ord10311
ord10312
ord10280
ord10710
ord10711
ord10281
ord10690
ord10357
ord11012
ord11011
ord10518
ord10949
ord10731
ord10618
ord10701
ord10751
ord10954
ord10514
ord10523
ord10535
ord10462
ord10524
ord10258
ord10871
ord10695
ord11107
ord10283
ord10261
ord10386
ord10352
ord10348
ord10262
ord10517
ord10439
ord10750
ord10781
ord10782
ord10257
ord10756
ord10839
ord10736
ord10520
ord10759
ord10765
ord10840
ord10242
ord10270
ord10770
ord10768
ord10299
ord10785
ord10767
ord10265
ord10376
ord10872
ord10855
ord10820
ord10616
ord10811
ord10795
ord10833
ord10263
ord10264
ord10783
ord10246
ord10409
ord10250
ord10243
ord10854
ord10284
ord10384
ord10351
ord10350
ord10332
ord10249
ord10282
ord10307
ord10964
ord10566
ord10565
ord10289
ord10689
ord10369
ord10290
ord10322
ord10957
ord10321
ord10253
ord10455
ord10444
ord10443
ord10447
ord10448
ord10254
ord10835
ord10255
ord10267
ord10271
ord10638
ord10367
ord10276
ord10446
ord10445
ord10449
ord10450
ord10722
ord10601
ord11108
ord11109
ord10771
ord10266
ord10749
ord10525
ord10822
ord10619
ord10816
ord10821
ord10746
ord10567
ord10735
ord10516
ord10918
ord10693
ord10717
ord10828
ord10260
ord10697
ord10699
ord10655
ord10300
ord10240
ord10475
ord10470
ord10526
ord10138
ord10042
ord10599
ord10602
ord10732
ord10623
ord10604
ord10866
ord10870
ord11231
ord10608
ord10875
ord10607
ord10868
ord10873
ord10913
ord10694
ord10733
ord10874
ord10914
ord10691
ord10793
ord10772
ord10792
ord10773
ord10791
ord10696
ord10812
ord10706
ord10704
ord10702
ord10700
ord10698
ord10715
ord10713
ord10863
ord10865
ord10817
ord10815
ord10864
ord10869
ord10753
ord10728
ord10789
ord10862
ord10799
ord10797
ord10882
ord10726
ord10724
ord10718
ord10876
ord10631
ord10802
ord10082
ord10527
ord10241
ord10725
ord10723
ord10883
ord10659
ord11115
ord11116
ord11126
ord10992
ord11034
ord11128
ord10415
ord11119
ord11218
ord11217
ord10398
ord10148
ord10150
ord11129
ord10142
ord10184
ord10182
ord10170
ord10179
ord10146
ord11136
ord11123
ord11121
ord10466
ord10480
ord10589
ord11127
ord11120
ord11124
ord10562
ord11095
ord10118
ord11098
ord11096
ord11094
ord11117
ord11135
ord10990
ord10437
ord10997
ord10996
ord10991
ord11140
ord11141
ord10402
ord10403
ord10401
ord11143
ord11005
ord11004
ord10594
ord11220
ord10465
ord10998
ord10127
ord10147
ord10234
ord10128
ord11142
ord11125
ord10994
ord10995
ord10201
ord10486
ord10528
ord10463
ord10477
ord10478
ord10476
ord10102
ord11036
ord10188
ord10185
ord11122
ord11003
ord11002
ord10473
ord11006
ord10976
ord10407
ord10119
ord10198
ord11137
ord10124
ord11130
ord11062
ord10945
ord11075
ord10960
ord10893
ord10344
ord11056
ord11068
ord10583
ord11082
ord11086
ord11084
ord10629
ord10902
ord10909
ord10901
ord10468
ord10481
ord10471
ord10472
ord10559
ord10917
ord10912
ord11050
ord10324
ord10134
ord10106
ord10161
ord10143
ord10557
ord10493
ord11060
ord10469
ord10363
ord10378
ord10373
ord11057
ord10154
ord10323
ord10984
ord10985
ord10190
ord10186
ord10180
ord10217
ord10222
ord10895
ord10530
ord10490
ord11067
ord10206
ord10191
ord10158
ord10163
ord10162
ord10095
ord10046
ord10025
ord10113
ord10096
ord10592
ord11063
ord11074
ord10059
ord10097
ord10090
ord11072
ord11025
ord11064
ord10122
ord10210
ord10030
ord10974
ord10515
ord10590
ord11017
ord10121
ord10560
ord10136
ord10668
ord10396
ord10624
ord10458
ord10394
ord10120
ord10625
ord10919
ord10047
ord11182
ord11181
ord11183
ord11186
ord11185
ord11189
ord10627
ord10087
ord10060
ord10459
ord10933
ord10428
ord10393
ord10395
ord10337
ord10285
ord11088
ord11065
ord10563
ord10291
ord10434
ord10581
ord10966
ord11023
ord10432
ord10431
ord10892
ord10400
ord10399
ord11147
ord11152
ord11177
ord11151
ord10086
ord11146
ord10429
ord10485
ord10474
ord10660
ord10420

d2net

ord10011
ord10019
ord10021
ord10020
ord10016
ord10006
ord10014
ord10012
ord10010
ord10015
ord10024

fog

ord10046
ord10023
ord10050
ord10029
ord10030
ord10045
ord10137
ord10086
ord10025
ord10024
ord10055
ord10142
ord10143
ord10147
ord10042
ord10127
ord10128
ord10126
gdwBitMasks
ord10118
ord10119
ord10120
ord10115
ord10018

storm

ord501
ord403
ord405
ord502
ord506
ord491
ord423
ord509
ord401

kernel32

RtlUnwind
InterlockedIncrement
GetProcAddress
GetStringTypeW
GetModuleHandleA
LoadLibraryA
GetStringTypeA
GetACP
CreateFileA
GetTickCount
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
IsBadCodePtr
EnterCriticalSection
Sleep
QueryPerformanceCounter
OutputDebugStringA
QueryPerformanceFrequency
GetLocalTime
SetEndOfFile
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
HeapDestroy
GetOEMCP
InterlockedDecrement
VirtualFree
CloseHandle
WriteFile
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapCreate
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
VirtualAlloc
GetCPInfo
MultiByteToWideChar
SetStdHandle
LCMapStringW
LCMapStringA
FlushFileBuffers

user32

PtInRect
wsprintfA
CopyRect

winmm

timeGetTime

Sections

.text
Size: 804KB - Virtual size: 801KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
desktop.ini
jsscriptforpatch.pdb
update-settings.ini
updater.ini

Sharing

General

Malware Config

Signatures

Files

01b62986414563f843fca13d7f8ffe1c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ddraw

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 14KB - Virtual size: 96KB

.reloc Size: 4KB - Virtual size: 4KB

89556f266a5e711ccfbd9bae475375d1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

rpcrt4

ole32

oleaut32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

mozglue

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 28KB - Virtual size: 28KB

.buildid Size: 512B - Virtual size: 139B

.data Size: 4KB - Virtual size: 4KB

.pdata Size: 512B - Virtual size: 312B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 2KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 122KB - Virtual size: 122KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 47KB - Virtual size: 46KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

760e19b379614e8d7247a171d264ee1e

Headers

File Characteristics

Imports

d2cmp

d2common

d2net

fog

storm

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 14KB - Virtual size: 96KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 28KB - Virtual size: 28KB

.buildid
Size: 512B - Virtual size: 139B

.data
Size: 4KB - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 312B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 122KB - Virtual size: 122KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 47KB - Virtual size: 46KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 804KB - Virtual size: 801KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 112KB - Virtual size: 157KB

.reloc
Size: 32KB - Virtual size: 28KB