07242bb97b9ea36596a0d1a3408dca93_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07242bb97b9ea36596a0d1a3408dca93_JaffaCakes118
Size

5.7MB
MD5

07242bb97b9ea36596a0d1a3408dca93
SHA1

20a2765eae47d6a2e5996e7f8e9a190b57f1fa46
SHA256

8e9da9d0951d1b5c2072ec336769277c8f8ef183ea367c6de7b9f00fbd6d484c
SHA512

9bd8ce2d15fa46275d6f4fad2676979e7e40c5084a750807a6a469edabbab9a24122ef627c003d45699d64477fd09b5990af03d36e5c9e58eb1f818db86aebf7
SSDEEP

98304:1jS3zel2FoiH9MJUJKaYooXd+zh2klFe8UNxmtL4ptVn8vZK0uAqiv81XRhylEiR:83ScOm9MaJK5rXnxmB4ptBoZkAqCwSlz

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
07242bb97b9ea36596a0d1a3408dca93_JaffaCakes118
unpack001/$PLUGINSDIR/NSISdl.dll
unpack001/$TEMP/liquid-story-binder-xe-4.71.exe
unpack001/$TEMP/windll.dll

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_2

Files

07242bb97b9ea36596a0d1a3408dca93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28a099a911237a28521d8b7ea250f089

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 150KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/NSISdl.dll
.dll windows:4 windows x86 arch:x86

826f63babc644cdb846b4d888d102fa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateFileA
CreateSemaphoreA
CreateThread
DeleteFileA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
InterlockedDecrement
InterlockedIncrement
MulDiv
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

_write
__dllonexit
_errno
_iob
abort
fflush
fputc
fputs
free
fwrite
malloc
memcpy
realloc
strcmp
strcpy
strlen

user32

CallWindowProcA
CharPrevA
CreateWindowExA
DestroyWindow
EnableWindow
FindWindowExA
GetClientRect
GetDlgItem
GetFocus
GetWindowLongA
GetWindowRect
IsWindowVisible
RegisterWindowMessageA
SendMessageA
SetDlgItemTextA
SetWindowLongA
SetWindowTextA
ShowWindow
wsprintfA

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
closesocket
connect
gethostbyname
getsockname
htons
inet_addr
ioctlsocket
recv
select
send
shutdown
socket

Exports

Exports

download
download_quiet

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/liquid-story-binder-xe-4.71.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/windll.dll
.dll regsvr32 windows:4 windows x86 arch:x86

3bee49d943b9113d7dfd8da544387270

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleW
FindAtomW
FreeLibraryAndExitThread
GetDiskFreeSpaceW
GetProfileStringW
FileTimeToDosDateTime
GetFileSizeEx
SetProcessShutdownParameters
GetDriveTypeA
GetAtomNameW
GetCurrentProcess
UnlockFileEx
OpenEventA
IsValidCodePage
GetTapeParameters
GetSystemDirectoryA
OpenMutexA
CancelWaitableTimer
LocalReAlloc
ReadConsoleInputA
SetVolumeMountPointW
SystemTimeToFileTime
WaitForMultipleObjectsEx
lstrcmpW
LocalAlloc
GetThreadPriority
CreateIoCompletionPort
FlushViewOfFile
ResetEvent
lstrcmpiA
DosDateTimeToFileTime
SetConsoleCtrlHandler
SearchPathW
SuspendThread
WaitNamedPipeA
CreateMutexW
GlobalHandle
SetVolumeLabelA
AddAtomW
SetLocalTime
DuplicateHandle
ReadConsoleInputW
GetTimeFormatW
GetEnvironmentVariableW
GetVolumeInformationA
GetUserDefaultLCID
VerSetConditionMask
GetDefaultCommConfigW
lstrcmpiW
lstrcmpA
EnumUILanguagesW
WriteProfileStringA
ExitThread
ReadConsoleA
FindFirstVolumeW
HeapUnlock
IsBadHugeReadPtr
EnumResourceLanguagesA
SetConsoleTextAttribute
GetSystemDirectoryW
CreateRemoteThread
GetDiskFreeSpaceExW
GetVolumePathNameW
SetFilePointer
GetSystemTimeAdjustment
RtlMoveMemory
HeapReAlloc
CreateSemaphoreA
ReadDirectoryChangesW
GetCurrentDirectoryW
GetThreadContext
SetHandleCount
SetErrorMode
ConnectNamedPipe
FindResourceW
SetConsoleMode
SearchPathA
SetFileApisToOEM
GetDiskFreeSpaceA
QueryPerformanceFrequency
CopyFileExW
OpenSemaphoreW
lstrlenW
VerLanguageNameW
SetComputerNameA
CreateProcessA
FindFirstVolumeMountPointW
GetDateFormatA
GetSystemDefaultLangID
GetCurrentDirectoryA
RegisterWaitForSingleObjectEx
CreateNamedPipeW
GetStartupInfoA
MultiByteToWideChar
GlobalReAlloc
GetModuleHandleW
WriteProfileStringW
GetFullPathNameA
OpenProcess
FlushConsoleInputBuffer
GetCurrentThread
GetEnvironmentStrings
CompareFileTime
GetFileInformationByHandle
LockFile
GetTimeZoneInformation
GetDriveTypeW
IsProcessorFeaturePresent
GetModuleHandleExW
LocalHandle
GetComputerNameExW
FindAtomA
ReleaseSemaphore
lstrcatW
GlobalFree
CreateFileMappingA
GetProcessHeap
InterlockedIncrement
Sleep
UnmapViewOfFile
CreateMutexA
GetModuleHandleA
GetLastError
EnterCriticalSection
CloseHandle
ExpandEnvironmentStringsA
LoadLibraryA
InterlockedDecrement
WaitForSingleObject
GetModuleFileNameA
GetTickCount
CreateFileA
CopyFileA
InterlockedExchange
GetComputerNameA
VirtualQuery
MoveFileA
HeapFree
DeleteFileA
GetSystemTimeAsFileTime
MapViewOfFile
GetProcAddress
HeapAlloc
FindFirstFileExW

ole32

StringFromGUID2
CoGetMalloc
OleUninitialize
CoQueryProxyBlanket
StgOpenStorageEx
StgIsStorageFile
CoFileTimeNow
CreateGenericComposite
CoDisconnectObject
GetHGlobalFromILockBytes
CoTaskMemRealloc
CoMarshalInterThreadInterfaceInStream
PropVariantClear
CoCreateFreeThreadedMarshaler
OleTranslateAccelerator
CoInitializeEx
CoUnmarshalInterface
OleSave
OleCreateFromFile
StringFromIID
FreePropVariantArray
SetConvertStg
OleCreateLinkFromData
CoMarshalInterface
CoDisableCallCancellation
OleCreateLinkToFile
CoFreeUnusedLibraries
OleCreate
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
OleSetContainedObject

user32

GetWindowContextHelpId
MessageBoxExA
VkKeyScanW
MapVirtualKeyExW
EnumThreadWindows
PeekMessageW
CharUpperW
CallWindowProcW
SetMenuItemBitmaps
ChildWindowFromPoint
DefWindowProcW
CheckRadioButton
EnumWindows
LoadAcceleratorsW
ChangeDisplaySettingsExW
SetScrollPos
DialogBoxIndirectParamA
SetSysColors
OffsetRect
EndDeferWindowPos
GetTabbedTextExtentA
SetScrollInfo
SetWindowPos
AdjustWindowRectEx
MapVirtualKeyA
CreateIconFromResourceEx
ExitWindowsEx
LoadMenuA
RegisterWindowMessageW
SetPropA
InternalGetWindowText
ModifyMenuW
GetDlgItemTextA
TabbedTextOutW
GetInputState
KillTimer
GetClassLongA
CharLowerBuffW
DrawTextA
PostThreadMessageA
DefDlgProcA
GetMenu
SetCaretPos
GetMenuDefaultItem
InvalidateRect
GetUserObjectInformationA
GetScrollRange
PtInRect
BeginDeferWindowPos
GetClassInfoExW
SetDlgItemTextA
WaitForInputIdle
EqualRect
DefDlgProcW
SetWindowLongW
SetCapture
AttachThreadInput
EnumChildWindows
EndPaint
DestroyWindow
ReleaseCapture
GetUpdateRgn
SetActiveWindow
ReuseDDElParam
UnregisterClassA
NotifyWinEvent
ScrollDC
PostMessageW
CharPrevA
LoadStringW
GetAsyncKeyState
SetWindowTextA
EnumDesktopsW
GetMenuItemCount
CreateIcon
DrawFrameControl
SystemParametersInfoA
TranslateAcceleratorA
OpenWindowStationW
CreateCursor
EnumDisplaySettingsA
InvertRect
InsertMenuA
ChangeDisplaySettingsA
ValidateRect
CharToOemW
PostQuitMessage
CreateAcceleratorTableW
GetAncestor
TabbedTextOutA
DefMDIChildProcW
MessageBoxW
DeferWindowPos
GrayStringW
UnionRect
ChangeDisplaySettingsW
CharNextW
GetCursorPos
WinHelpA
GetDialogBaseUnits
GetNextDlgTabItem
DrawTextExW
GetClientRect
DispatchMessageA
CreateWindowExA
RegisterClassExA
GetClassNameA
GetWindowThreadProcessId
UnhookWindowsHookEx
SetWindowsHookExA
GetMessageA
SetWindowLongA
SendMessageA
CallNextHookEx
GetDesktopWindow

advapi32

GetSecurityDescriptorSacl
ConvertSidToStringSidA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryValueW
DuplicateToken
CreateProcessAsUserA
RegisterServiceCtrlHandlerA
CreateServiceW
RegisterServiceCtrlHandlerW
RegUnLoadKeyW
RegOpenKeyExW
EnumServicesStatusExW
RegEnumKeyW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExA
RegDeleteKeyW
RegSetValueW
StartServiceW
RegSaveKeyA
EnumDependentServicesW
UnlockServiceDatabase
ChangeServiceConfig2W
StartServiceA
OpenProcessToken
GetTokenInformation
GetServiceDisplayNameW
RegQueryValueExW
RegSaveKeyW
QueryServiceStatusEx
CloseEventLog
OpenServiceW
StartServiceCtrlDispatcherA
RegSetValueA
GetAclInformation
RegisterEventSourceA
CreateProcessWithLogonW
RegOpenCurrentUser
ImpersonateSelf
ReadEventLogA
RegRestoreKeyA
SetEntriesInAclA
CreateProcessAsUserW
QueryServiceConfigW
GetNumberOfEventLogRecords
RegFlushKey
RegisterEventSourceW

gdi32

CreateMetaFileA
SetDCBrushColor
GetTextCharsetInfo
CreateFontIndirectA
CreateBitmap
GetTextMetricsA
GetBkColor
EnumFontFamiliesExA
CreateFontW
UnrealizeObject
StartDocA
SetRectRgn
SetBkColor
CopyMetaFileA
GetBrushOrgEx
CreateScalableFontResourceA
PolyBezierTo
GetTextColor
CreateCompatibleBitmap
PathToRegion
PlayMetaFileRecord
GetPath
CombineRgn
SetColorAdjustment
SetViewportExtEx
ExtCreateRegion
FillPath
ExtCreatePen
CreateDIBSection
EnumEnhMetaFile
GetTextExtentExPointA
ResetDCA
EqualRgn
ModifyWorldTransform
SetViewportOrgEx
CloseFigure
CreateBrushIndirect
SetBkMode
CreateDiscardableBitmap
SetTextColor
SetWindowOrgEx
PlayEnhMetaFileRecord
Escape
SetSystemPaletteUse
CreateCompatibleDC
SetPixel
PolyBezier
CreateICA
CreateICW
ScaleWindowExtEx
InvertRgn
CreateRectRgnIndirect
Ellipse
TextOutW
GetTextCharset
GetTextMetricsW
EnumMetaFile
StartPage
GetLayout
TextOutA
PolyDraw
ScaleViewportExtEx
AbortPath
CreateRectRgn
SetMagicColors
GetCurrentPositionEx
CreateBitmapIndirect
GetCurrentObject
CreatePolygonRgn

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28a099a911237a28521d8b7ea250f089

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

version

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 144B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 150KB

.idata Size: 5KB - Virtual size: 4KB

.ndata Size: 1024B - Virtual size: 32KB

.rsrc Size: 2KB - Virtual size: 2KB

826f63babc644cdb846b4d888d102fa0

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

ws2_32

Exports

Exports

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 24KB

.edata Size: 512B - Virtual size: 95B

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 36KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

3bee49d943b9113d7dfd8da544387270

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 144B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 150KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 1024B - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 2KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 24KB

.edata
Size: 512B - Virtual size: 95B

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

CODE
Size: 36KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB