植物大战僵尸杂交版v2[.]1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

植物大战僵尸杂交版v2.1.zip
Size

78.4MB
MD5

ca90a33ebc0e2b6e2e2009221bd308f9
SHA1

3b4c66ea21af6c7eaf94079b51801dba7a69558b
SHA256

e3c3d646d9c207b913af856478144828d60b073ff529fff931ee38a075c1f29f
SHA512

af87bdb3f6c97d93059d4a279da676164093308b1deaa390e93762d1231e84a0e03ec4dbd291f21ba183fe528e28ee02afb7b80eb9d9967334aea4e1b90d3243
SSDEEP

1572864:OpOyzpYgvYv3w29lzIPA2seOtzlcBVjYKPqGHK0bBfNonLZ8:Op1pAPw2iA2semzyBVjJC4K0bteq

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��1/��Ϸͨ�ò��.exe
unpack001/ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/ddraw.dll
unpack001/ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/libwine.dll
unpack001/ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/wined3d.dll
unpack001/ֲ��ս��ʬ�ӽ��v2.1/ֲ��ս��ʬ�ӽ��v2.1��װ��.exe

Files

植物大战僵尸杂交版v2.1.zip
.zip
ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��1/��Ϸͨ�ò��.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\The18\Documents\Visual Studio 2017\Projects\PopcapPatches\PopcapPatches\obj\Release\PopcapPatches.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��1/ʹ��˵��.txt
ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/ddraw.dll
.dll regsvr32 windows:4 windows x86 arch:x86

7f1709c3ba88aade9949dfcc591e9724

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

gdi32

BitBlt
CombineRgn
CreateRectRgn
CreateRectRgnIndirect
DeleteObject
ExtCreateRegion
GetDCOrgEx
GetRandomRgn
GetRegionData
GetStockObject
OffsetRgn

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
EnumResourceNamesW
FindResourceW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
GetVersion
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
LoadResource
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
GetDC
GetDesktopWindow
GetMonitorInfoW
GetSystemMetrics
MessageBoxW
MonitorFromWindow
RegisterClassA
ReleaseDC
SetWindowPos
ShowWindow
UnregisterClassA

wined3d

wined3d_buffer_create
wined3d_buffer_decref
wined3d_buffer_get_resource
wined3d_calculate_format_pitch
wined3d_check_device_format
wined3d_create
wined3d_decref
wined3d_device_acquire_focus_window
wined3d_device_begin_scene
wined3d_device_begin_stateblock
wined3d_device_clear
wined3d_device_clear_rendertarget_view
wined3d_device_copy_sub_resource_region
wined3d_device_create
wined3d_device_decref
wined3d_device_draw_indexed_primitive
wined3d_device_draw_primitive
wined3d_device_end_scene
wined3d_device_end_stateblock
wined3d_device_evict_managed_resources
wined3d_device_get_available_texture_mem
wined3d_device_get_clip_plane
wined3d_device_get_depth_stencil_view
wined3d_device_get_device_caps
wined3d_device_get_gamma_ramp
wined3d_device_get_light
wined3d_device_get_light_enable
wined3d_device_get_material
wined3d_device_get_render_state
wined3d_device_get_rendertarget_view
wined3d_device_get_sampler_state
wined3d_device_get_stream_source
wined3d_device_get_swapchain
wined3d_device_get_texture
wined3d_device_get_texture_stage_state
wined3d_device_get_transform
wined3d_device_get_viewports
wined3d_device_incref
wined3d_device_init_3d
wined3d_device_init_gdi
wined3d_device_multiply_transform
wined3d_device_process_vertices
wined3d_device_release_focus_window
wined3d_device_reset
wined3d_device_restore_fullscreen_window
wined3d_device_set_base_vertex_index
wined3d_device_set_clip_plane
wined3d_device_set_depth_stencil_view
wined3d_device_set_gamma_ramp
wined3d_device_set_index_buffer
wined3d_device_set_light
wined3d_device_set_light_enable
wined3d_device_set_material
wined3d_device_set_multithreaded
wined3d_device_set_primitive_type
wined3d_device_set_render_state
wined3d_device_set_rendertarget_view
wined3d_device_set_sampler_state
wined3d_device_set_stream_source
wined3d_device_set_texture
wined3d_device_set_texture_stage_state
wined3d_device_set_transform
wined3d_device_set_vertex_declaration
wined3d_device_set_viewports
wined3d_device_setup_fullscreen_window
wined3d_device_uninit_3d
wined3d_device_uninit_gdi
wined3d_device_validate_device
wined3d_enum_adapter_modes
wined3d_get_adapter_display_mode
wined3d_get_adapter_identifier
wined3d_get_adapter_raster_status
wined3d_get_device_caps
wined3d_get_output_desc
wined3d_mutex_lock
wined3d_mutex_unlock
wined3d_palette_apply_to_dc
wined3d_palette_create
wined3d_palette_decref
wined3d_palette_get_entries
wined3d_palette_set_entries
wined3d_rendertarget_view_create_from_sub_resource
wined3d_rendertarget_view_decref
wined3d_rendertarget_view_get_sub_resource_parent
wined3d_rendertarget_view_incref
wined3d_rendertarget_view_set_parent
wined3d_resource_get_desc
wined3d_resource_get_priority
wined3d_resource_map
wined3d_resource_preload
wined3d_resource_set_parent
wined3d_resource_set_priority
wined3d_resource_unmap
wined3d_set_adapter_display_mode
wined3d_stateblock_apply
wined3d_stateblock_capture
wined3d_stateblock_create
wined3d_stateblock_decref
wined3d_swapchain_create
wined3d_swapchain_decref
wined3d_swapchain_get_back_buffer
wined3d_swapchain_get_desc
wined3d_swapchain_get_display_mode
wined3d_swapchain_incref
wined3d_swapchain_present
wined3d_swapchain_resize_buffers
wined3d_swapchain_set_palette
wined3d_swapchain_set_window
wined3d_texture_blt
wined3d_texture_create
wined3d_texture_decref
wined3d_texture_get_dc
wined3d_texture_get_lod
wined3d_texture_get_overlay_position
wined3d_texture_get_parent
wined3d_texture_get_pitch
wined3d_texture_get_resource
wined3d_texture_get_sub_resource_desc
wined3d_texture_get_sub_resource_parent
wined3d_texture_incref
wined3d_texture_release_dc
wined3d_texture_set_color_key
wined3d_texture_set_lod
wined3d_texture_set_overlay_position
wined3d_texture_set_sub_resource_parent
wined3d_texture_update_desc
wined3d_texture_update_overlay
wined3d_vertex_declaration_create_from_fvf
wined3d_vertex_declaration_decref
wined3d_vertex_declaration_incref

libwine

__wine_dbg_get_channel_flags
wine_dbg_log
wine_dbg_sprintf

msvcrt

__dllonexit
__setusermatherr
_amsg_exit
_errno
_exit
_initterm
_iob
_lock
_onexit
_setjmp3
_snwprintf
calloc
fprintf
free
fwprintf
fwrite
malloc
memcmp
memcpy
memmove
memset
raise
strlen
strncmp
_unlock
abort
vfprintf
wcscpy
longjmp

Exports

Exports

DirectDrawCreate
DirectDrawCreateClipper
DirectDrawCreateEx
DirectDrawEnumerateA
DirectDrawEnumerateExA
DirectDrawEnumerateExW
DirectDrawEnumerateW
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetSurfaceFromDC

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 411B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/libwine.dll
.dll windows:4 windows x86 arch:x86

6437ff18af0ffde8d83b001ba7176cb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_amsg_exit
_environ
_errno
_execv
_exit
_fstati64
_initterm
_iob
_lock
_onexit
_snwprintf
_stati64
_vsnprintf
calloc
exit
free
fwprintf
fwrite
getenv
malloc
memcmp
memcpy
memmove
perror
raise
realloc
sprintf
strcat
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strrchr
_unlock
abort
vfprintf
wcscpy
bsearch
_write
_strdup
_read
_open
_getcwd
_close

user32

MessageBoxW

Exports

Exports

__wine_dbg_get_channel_flags
__wine_dbg_set_channel_flags
__wine_dbg_set_functions
__wine_dll_register
__wine_main_argc
__wine_main_argv
__wine_main_environ
__wine_main_wargv
atoiW
atolW
get_char_typeW
isalnumW
isalphaW
iscntrlW
isdigitW
isgraphW
islowerW
isprintW
ispunctW
isspaceW
isupperW
isxdigitW
memchrW
memicmpW
memrchrW
snprintfW
sprintfW
strcatW
strchrW
strcmpW
strcmpiW
strcpyW
strcspnW
strlenW
strlwrW
strncmpW
strncmpiW
strpbrkW
strrchrW
strspnW
strstrW
strtolW
strtoulW
struprW
tolowerW
toupperW
vsnprintfW
vsprintfW
wine_call_on_stack
wine_casemap_lower
wine_casemap_upper
wine_compare_string
wine_cp_enum_table
wine_cp_get_table
wine_cp_mbstowcs
wine_cp_wcstombs
wine_cpsymbol_mbstowcs
wine_cpsymbol_wcstombs
wine_dbg_log
wine_dbg_printf
wine_dbg_sprintf
wine_dbgstr_an
wine_dbgstr_wn
wine_dlclose
wine_dll_enum_load_path
wine_dll_get_owner
wine_dll_load
wine_dll_load_main_exe
wine_dll_set_callback
wine_dll_unload
wine_dlopen
wine_dlsym
wine_exec_wine_binary
wine_fold_string
wine_get_build_dir
wine_get_build_id
wine_get_config_dir
wine_get_data_dir
wine_get_server_dir
wine_get_sortkey
wine_get_user_name
wine_get_version
wine_init
wine_init_argv0_path
wine_is_dbcs_leadbyte
wine_pthread_get_functions
wine_pthread_set_functions
wine_switch_to_stack
wine_utf8_mbstowcs
wine_utf8_wcstombs
wine_wctype_table

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/wined3d.dll
.dll windows:4 windows x86 arch:x86

9b0fab6fa3f7d26b430ae57599459bc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AllocateLocallyUniqueId
RegCloseKey
RegOpenKeyA
RegQueryValueExA

gdi32

BitBlt
ChoosePixelFormat
CreateBitmap
CreateCompatibleDC
D3DKMTCreateDCFromMemory
D3DKMTDestroyDCFromMemory
DeleteDC
DeleteObject
DescribePixelFormat
GetDeviceGammaRamp
GetObjectA
SelectObject
SetDIBColorTable
SetDeviceGammaRamp
SetPixelFormat

kernel32

CloseHandle
CreateEventW
CreateThread
DebugBreak
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
FreeLibrary
FreeLibraryAndExitThread
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetProcAddress
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

ntdll

RtlIsCriticalSectionLockedByThread

opengl32

glDisable
glEnable
wglCreateContext
wglDeleteContext
wglGetCurrentContext
wglGetCurrentDC
wglGetProcAddress
wglMakeCurrent
wglShareLists

user32

AdjustWindowRectEx
CallWindowProcA
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CreateIconIndirect
CreateWindowExA
DefWindowProcA
DefWindowProcW
DestroyCursor
DestroyWindow
EnumDisplayDevicesW
EnumDisplaySettingsExW
EnumDisplaySettingsW
GetClientRect
GetCursorPos
GetDC
GetDCEx
GetWindowLongA
GetWindowLongW
GetWindowRect
IntersectRect
IsWindow
IsWindowUnicode
IsWindowVisible
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxW
MonitorFromPoint
MoveWindow
RegisterClassA
ReleaseDC
ScreenToClient
SetCursor
SetCursorPos
SetWindowLongA
SetWindowLongW
SetWindowPos
ShowWindow
UnregisterClassA
WindowFromDC

libwine

__wine_dbg_get_channel_flags
wine_dbg_log
wine_dbg_sprintf
wine_dbgstr_an
wine_dbgstr_wn

msvcrt

__dllonexit
__setusermatherr
_amsg_exit
_errno
_exit
_initterm
_iob
_lock
_onexit
_snwprintf
_vsnprintf
calloc
fprintf
free
fwprintf
fwrite
isprint
isspace
malloc
memcmp
memcpy
memmove
memset
raise
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strlen
strncmp
strrchr
strstr
_unlock
abort
atoi
vfprintf
wcscpy

Exports

Exports

wined3d_blend_state_create
wined3d_blend_state_decref
wined3d_blend_state_get_parent
wined3d_blend_state_incref
wined3d_buffer_create
wined3d_buffer_decref
wined3d_buffer_get_parent
wined3d_buffer_get_resource
wined3d_buffer_incref
wined3d_calculate_format_pitch
wined3d_check_depth_stencil_match
wined3d_check_device_format
wined3d_check_device_format_conversion
wined3d_check_device_multisample_type
wined3d_check_device_type
wined3d_create
wined3d_decref
wined3d_device_acquire_focus_window
wined3d_device_begin_scene
wined3d_device_begin_stateblock
wined3d_device_clear
wined3d_device_clear_rendertarget_view
wined3d_device_clear_unordered_access_view_uint
wined3d_device_copy_resource
wined3d_device_copy_sub_resource_region
wined3d_device_copy_uav_counter
wined3d_device_create
wined3d_device_decref
wined3d_device_dispatch_compute
wined3d_device_dispatch_compute_indirect
wined3d_device_draw_indexed_primitive
wined3d_device_draw_indexed_primitive_instanced
wined3d_device_draw_indexed_primitive_instanced_indirect
wined3d_device_draw_primitive
wined3d_device_draw_primitive_instanced
wined3d_device_draw_primitive_instanced_indirect
wined3d_device_end_scene
wined3d_device_end_stateblock
wined3d_device_evict_managed_resources
wined3d_device_get_available_texture_mem
wined3d_device_get_base_vertex_index
wined3d_device_get_blend_state
wined3d_device_get_clip_plane
wined3d_device_get_clip_status
wined3d_device_get_compute_shader
wined3d_device_get_constant_buffer
wined3d_device_get_creation_parameters
wined3d_device_get_cs_resource_view
wined3d_device_get_cs_sampler
wined3d_device_get_cs_uav
wined3d_device_get_depth_stencil_view
wined3d_device_get_device_caps
wined3d_device_get_display_mode
wined3d_device_get_domain_shader
wined3d_device_get_ds_resource_view
wined3d_device_get_ds_sampler
wined3d_device_get_gamma_ramp
wined3d_device_get_geometry_shader
wined3d_device_get_gs_resource_view
wined3d_device_get_gs_sampler
wined3d_device_get_hs_resource_view
wined3d_device_get_hs_sampler
wined3d_device_get_hull_shader
wined3d_device_get_index_buffer
wined3d_device_get_light
wined3d_device_get_light_enable
wined3d_device_get_material
wined3d_device_get_max_frame_latency
wined3d_device_get_npatch_mode
wined3d_device_get_pixel_shader
wined3d_device_get_predication
wined3d_device_get_primitive_type
wined3d_device_get_ps_consts_b
wined3d_device_get_ps_consts_f
wined3d_device_get_ps_consts_i
wined3d_device_get_ps_resource_view
wined3d_device_get_ps_sampler
wined3d_device_get_raster_status
wined3d_device_get_rasterizer_state
wined3d_device_get_render_state
wined3d_device_get_rendertarget_view
wined3d_device_get_sampler_state
wined3d_device_get_scissor_rects
wined3d_device_get_software_vertex_processing
wined3d_device_get_stream_output
wined3d_device_get_stream_source
wined3d_device_get_stream_source_freq
wined3d_device_get_swapchain
wined3d_device_get_swapchain_count
wined3d_device_get_texture
wined3d_device_get_texture_stage_state
wined3d_device_get_transform
wined3d_device_get_unordered_access_view
wined3d_device_get_vertex_declaration
wined3d_device_get_vertex_shader
wined3d_device_get_viewports
wined3d_device_get_vs_consts_b
wined3d_device_get_vs_consts_f
wined3d_device_get_vs_consts_i
wined3d_device_get_vs_resource_view
wined3d_device_get_vs_sampler
wined3d_device_get_wined3d
wined3d_device_incref
wined3d_device_init_3d
wined3d_device_init_gdi
wined3d_device_multiply_transform
wined3d_device_process_vertices
wined3d_device_release_focus_window
wined3d_device_reset
wined3d_device_resolve_sub_resource
wined3d_device_restore_fullscreen_window
wined3d_device_set_base_vertex_index
wined3d_device_set_blend_state
wined3d_device_set_clip_plane
wined3d_device_set_clip_status
wined3d_device_set_compute_shader
wined3d_device_set_constant_buffer
wined3d_device_set_cs_resource_view
wined3d_device_set_cs_sampler
wined3d_device_set_cs_uav
wined3d_device_set_cursor_position
wined3d_device_set_cursor_properties
wined3d_device_set_depth_stencil_view
wined3d_device_set_dialog_box_mode
wined3d_device_set_domain_shader
wined3d_device_set_ds_resource_view
wined3d_device_set_ds_sampler
wined3d_device_set_gamma_ramp
wined3d_device_set_geometry_shader
wined3d_device_set_gs_resource_view
wined3d_device_set_gs_sampler
wined3d_device_set_hs_resource_view
wined3d_device_set_hs_sampler
wined3d_device_set_hull_shader
wined3d_device_set_index_buffer
wined3d_device_set_light
wined3d_device_set_light_enable
wined3d_device_set_material
wined3d_device_set_max_frame_latency
wined3d_device_set_multithreaded
wined3d_device_set_npatch_mode
wined3d_device_set_pixel_shader
wined3d_device_set_predication
wined3d_device_set_primitive_type
wined3d_device_set_ps_consts_b
wined3d_device_set_ps_consts_f
wined3d_device_set_ps_consts_i
wined3d_device_set_ps_resource_view
wined3d_device_set_ps_sampler
wined3d_device_set_rasterizer_state
wined3d_device_set_render_state
wined3d_device_set_rendertarget_view
wined3d_device_set_sampler_state
wined3d_device_set_scissor_rects
wined3d_device_set_software_vertex_processing
wined3d_device_set_stream_output
wined3d_device_set_stream_source
wined3d_device_set_stream_source_freq
wined3d_device_set_texture
wined3d_device_set_texture_stage_state
wined3d_device_set_transform
wined3d_device_set_unordered_access_view
wined3d_device_set_vertex_declaration
wined3d_device_set_vertex_shader
wined3d_device_set_viewports
wined3d_device_set_vs_consts_b
wined3d_device_set_vs_consts_f
wined3d_device_set_vs_consts_i
wined3d_device_set_vs_resource_view
wined3d_device_set_vs_sampler
wined3d_device_setup_fullscreen_window
wined3d_device_show_cursor
wined3d_device_uninit_3d
wined3d_device_uninit_gdi
wined3d_device_update_sub_resource
wined3d_device_update_texture
wined3d_device_validate_device
wined3d_enum_adapter_modes
wined3d_find_closest_matching_adapter_mode
wined3d_get_adapter_count
wined3d_get_adapter_display_mode
wined3d_get_adapter_identifier
wined3d_get_adapter_mode_count
wined3d_get_adapter_raster_status
wined3d_get_device_caps
wined3d_get_output_desc
wined3d_incref
wined3d_mutex_lock
wined3d_mutex_unlock
wined3d_palette_apply_to_dc
wined3d_palette_create
wined3d_palette_decref
wined3d_palette_get_entries
wined3d_palette_incref
wined3d_palette_set_entries
wined3d_query_create
wined3d_query_decref
wined3d_query_get_data
wined3d_query_get_data_size
wined3d_query_get_parent
wined3d_query_get_type
wined3d_query_incref
wined3d_query_issue
wined3d_rasterizer_state_create
wined3d_rasterizer_state_decref
wined3d_rasterizer_state_get_parent
wined3d_rasterizer_state_incref
wined3d_register_software_device
wined3d_rendertarget_view_create
wined3d_rendertarget_view_create_from_sub_resource
wined3d_rendertarget_view_decref
wined3d_rendertarget_view_get_parent
wined3d_rendertarget_view_get_resource
wined3d_rendertarget_view_get_sub_resource_parent
wined3d_rendertarget_view_incref
wined3d_rendertarget_view_set_parent
wined3d_resource_get_desc
wined3d_resource_get_parent
wined3d_resource_get_priority
wined3d_resource_map
wined3d_resource_preload
wined3d_resource_set_parent
wined3d_resource_set_priority
wined3d_resource_unmap
wined3d_sampler_create
wined3d_sampler_decref
wined3d_sampler_get_parent
wined3d_sampler_incref
wined3d_set_adapter_display_mode
wined3d_shader_create_cs
wined3d_shader_create_ds
wined3d_shader_create_gs
wined3d_shader_create_hs
wined3d_shader_create_ps
wined3d_shader_create_vs
wined3d_shader_decref
wined3d_shader_get_byte_code
wined3d_shader_get_parent
wined3d_shader_incref
wined3d_shader_resource_view_create
wined3d_shader_resource_view_decref
wined3d_shader_resource_view_generate_mipmaps
wined3d_shader_resource_view_get_parent
wined3d_shader_resource_view_incref
wined3d_shader_set_local_constants_float
wined3d_stateblock_apply
wined3d_stateblock_capture
wined3d_stateblock_create
wined3d_stateblock_decref
wined3d_stateblock_incref
wined3d_swapchain_create
wined3d_swapchain_decref
wined3d_swapchain_get_back_buffer
wined3d_swapchain_get_desc
wined3d_swapchain_get_device
wined3d_swapchain_get_display_mode
wined3d_swapchain_get_front_buffer_data
wined3d_swapchain_get_gamma_ramp
wined3d_swapchain_get_parent
wined3d_swapchain_get_raster_status
wined3d_swapchain_incref
wined3d_swapchain_present
wined3d_swapchain_resize_buffers
wined3d_swapchain_resize_target
wined3d_swapchain_set_fullscreen
wined3d_swapchain_set_gamma_ramp
wined3d_swapchain_set_palette
wined3d_swapchain_set_window
wined3d_texture_add_dirty_region
wined3d_texture_blt
wined3d_texture_create
wined3d_texture_decref
wined3d_texture_from_resource
wined3d_texture_get_dc
wined3d_texture_get_level_count
wined3d_texture_get_lod
wined3d_texture_get_overlay_position
wined3d_texture_get_parent
wined3d_texture_get_pitch
wined3d_texture_get_resource
wined3d_texture_get_sub_resource_desc
wined3d_texture_get_sub_resource_parent
wined3d_texture_incref
wined3d_texture_release_dc
wined3d_texture_set_color_key
wined3d_texture_set_lod
wined3d_texture_set_overlay_position
wined3d_texture_set_sub_resource_parent
wined3d_texture_update_desc
wined3d_texture_update_overlay
wined3d_unordered_access_view_create
wined3d_unordered_access_view_decref
wined3d_unordered_access_view_get_parent
wined3d_unordered_access_view_incref
wined3d_vertex_declaration_create
wined3d_vertex_declaration_create_from_fvf
wined3d_vertex_declaration_decref
wined3d_vertex_declaration_get_parent
wined3d_vertex_declaration_incref

Sections

.text
Size: 792KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ֲ��ս��ʬ�ӽ��v2.1/��ѡһ��3d��ٲ��2/ʹ��˵��.txt
ֲ��ս��ʬ�ӽ��v2.1/��Ҫ��ԱȨ�ޡ��ִ�б��-�ر�DEP.bat
ֲ��ս��ʬ�ӽ��v2.1/��к��Ϸ��ڰ��.reg
ֲ��ս��ʬ�ӽ��v2.1/�ӽ��v2.1ָ��.pdf
.pdf
ֲ��ս��ʬ�ӽ��v2.1/ֲ��ս��ʬ�ӽ��v2.1��װ��.exe
.exe windows:5 windows x86 arch:x86

be41bf7b8cc010b614bd36bbca606973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
CloseHandle
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
MulDiv
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrlenW

user32

GetAsyncKeyState
IsDlgButtonChecked
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
FindWindowExW

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 724KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 12B

7f1709c3ba88aade9949dfcc591e9724

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

wined3d

libwine

msvcrt

Exports

Exports

Sections

.text Size: 212KB - Virtual size: 211KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 92KB - Virtual size: 92KB

.bss Size: - Virtual size: 1KB

.edata Size: 512B - Virtual size: 411B

.idata Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 15KB

/4 Size: 1024B - Virtual size: 544B

/19 Size: 32KB - Virtual size: 31KB

/31 Size: 6KB - Virtual size: 5KB

/45 Size: 5KB - Virtual size: 4KB

/57 Size: 2KB - Virtual size: 2KB

/70 Size: 512B - Virtual size: 281B

/81 Size: 4KB - Virtual size: 4KB

/92 Size: 1024B - Virtual size: 624B

6437ff18af0ffde8d83b001ba7176cb0

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 156B

.rdata Size: 1.6MB - Virtual size: 1.6MB

/4 Size: 512B - Virtual size: 68B

.bss Size: - Virtual size: 6KB

.edata Size: 2KB - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 3KB - Virtual size: 3KB

/14 Size: 1024B - Virtual size: 544B

/29 Size: 31KB - Virtual size: 30KB

/41 Size: 6KB - Virtual size: 5KB

/55 Size: 5KB - Virtual size: 4KB

/67 Size: 2KB - Virtual size: 1KB

/80 Size: 512B - Virtual size: 281B

/91 Size: 4KB - Virtual size: 3KB

/102 Size: 1024B - Virtual size: 600B

9b0fab6fa3f7d26b430ae57599459bc1

Headers

File Characteristics

Imports

.text
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 212KB - Virtual size: 211KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 92KB - Virtual size: 92KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 411B

.idata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 15KB

/4
Size: 1024B - Virtual size: 544B

/19
Size: 32KB - Virtual size: 31KB

/31
Size: 6KB - Virtual size: 5KB

/45
Size: 5KB - Virtual size: 4KB

/57
Size: 2KB - Virtual size: 2KB

/70
Size: 512B - Virtual size: 281B

/81
Size: 4KB - Virtual size: 4KB

/92
Size: 1024B - Virtual size: 624B

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 156B

.rdata
Size: 1.6MB - Virtual size: 1.6MB

/4
Size: 512B - Virtual size: 68B

.bss
Size: - Virtual size: 6KB

.edata
Size: 2KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 3KB - Virtual size: 3KB

/14
Size: 1024B - Virtual size: 544B

/29
Size: 31KB - Virtual size: 30KB

/41
Size: 6KB - Virtual size: 5KB

/55
Size: 5KB - Virtual size: 4KB

/67
Size: 2KB - Virtual size: 1KB

/80
Size: 512B - Virtual size: 281B

/91
Size: 4KB - Virtual size: 3KB

/102
Size: 1024B - Virtual size: 600B

.text
Size: 792KB - Virtual size: 792KB

.data
Size: 1024B - Virtual size: 988B

.rdata
Size: 300KB - Virtual size: 299KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 12KB - Virtual size: 12KB

.idata
Size: 5KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 52KB - Virtual size: 52KB

/4
Size: 1024B - Virtual size: 864B

/19
Size: 39KB - Virtual size: 39KB

/31
Size: 8KB - Virtual size: 7KB

/45
Size: 7KB - Virtual size: 6KB

/57
Size: 2KB - Virtual size: 2KB

/70
Size: 512B - Virtual size: 281B

/81
Size: 8KB - Virtual size: 7KB

/92
Size: 1024B - Virtual size: 776B

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 458KB

.ndata
Size: - Virtual size: 724KB

.rsrc
Size: 267KB - Virtual size: 266KB

.reloc
Size: 4KB - Virtual size: 3KB