archive[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

archive.zip
Size

2.0MB
MD5

9558cb66f45082cf7938c01956b757f5
SHA1

91924ffdeabecaad6c05176d90a7c616314109a1
SHA256

a8adaac51d61441630839f4b7cbf867fb34e8f767b29bc569db2559895f2871a
SHA512

54081a9e7557315719b3e4aedccb6defb93780b01ca8a101c55c6f4a11ab1a47c91e01cf1e19362324518e992e0a592137db7e553647f9a4e7fe23257650c216
SSDEEP

49152:io5SJ38Jw/vSKNpn+VvQG4Yx+PGjtAMlrN3sbZhuba7f:io4I4YYfYx+qtAMDcbZhumb

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/15c0f4e0bb74893b20326f871aa29ac9bf7f79ca437416e2d45f679722517d8d
unpack001/4f1ff9bdef6d0b2ece7775e3adae50ac75daeff126faefe81810830d485f934c

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack001/4f1ff9bdef6d0b2ece7775e3adae50ac75daeff126faefe81810830d485f934c	nsis_installer_2

Files

archive.zip
.zip
15c0f4e0bb74893b20326f871aa29ac9bf7f79ca437416e2d45f679722517d8d
.exe windows:4 windows x86 arch:x86

2276e081eebeb1248a24b089db23c75a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\xxah\kllsejvo\krdsqsiba.pdb

Imports

gdi32

GetClipBox
MoveToEx
PtVisible
GetTextColor
PatBlt
RoundRect
GetSystemPaletteEntries
ExtFloodFill
LPtoDP
DeleteDC
SelectClipRgn
SetWindowOrgEx
CreateRectRgnIndirect
Ellipse
SetWindowExtEx
GetRegionData
SetPolyFillMode
SetViewportOrgEx
GetDCOrgEx
GetDeviceCaps
UnrealizeObject
CreateFontIndirectA
GetPixel
GetCurrentPositionEx
TextOutA
CreateRectRgn
SetPaletteEntries
GetPaletteEntries
SetTextAlign
SetBkColor
EnumFontFamiliesExA

mpr

WNetEnumResourceA
WNetCloseEnum
WNetOpenEnumA

advapi32

RegCloseKey
RegEnumKeyA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
OpenProcessToken
RegEnumValueA

shell32

SHGetDesktopFolder
SHGetMalloc
ShellExecuteA
SHGetPathFromIDListA

kernel32

IsBadReadPtr
GlobalUnlock
LCMapStringA
GetEnvironmentStringsW
GetOEMCP
GetCurrentThreadId
GetWindowsDirectoryW
Sleep
GetFileSize
MoveFileW
SetEndOfFile
VirtualFree
TerminateProcess
GetSystemInfo
SetHandleCount
HeapReAlloc
ResumeThread
GetProcAddress
WideCharToMultiByte
OpenProcess
FreeEnvironmentStringsW
GetVersionExA
GetDriveTypeA
MultiByteToWideChar
InitializeCriticalSection
lstrlenW
lstrcpyW
LoadLibraryA
CompareStringA
FreeEnvironmentStringsA
GetCurrentDirectoryA
SetFileAttributesW
SizeofResource
GetModuleFileNameW
TlsSetValue
GlobalHandle
FreeLibrary
TlsFree
GetCurrentProcess
WaitForSingleObject
SetCurrentDirectoryA
GetModuleFileNameA
CreateDirectoryA
TerminateThread
GetModuleHandleW
CreateFileW
LockFile
VirtualAlloc
GlobalFree
HeapFree
GlobalDeleteAtom
UnhandledExceptionFilter
FindFirstFileW
SetStdHandle
GetCPInfo
GetStringTypeA
WriteFile
CreateMutexW
SetThreadPriority
GetThreadLocale
IsBadWritePtr
CreateThread
ExitProcess
GlobalAlloc
GetFullPathNameW
RtlUnwind
RemoveDirectoryW
FileTimeToLocalFileTime
UnmapViewOfFile
LeaveCriticalSection
FindFirstFileA
HeapSize
GetUserDefaultLCID
GetLocaleInfoA
MulDiv
GetUserDefaultLangID
FileTimeToSystemTime
GetCurrentProcessId
SetFilePointer
CreateDirectoryW
GetCommandLineA
IsBadCodePtr
GetTempPathA
GetStartupInfoA
GetProcessHeap
GetTimeZoneInformation
CreateFileA
QueryPerformanceCounter
FormatMessageW
LocalReAlloc
HeapAlloc
GetCommandLineW
lstrcmpW
GetSystemTimeAsFileTime
LCMapStringW
GetTempPathW
FindNextFileW
LoadLibraryW
ExpandEnvironmentStringsW
GetStdHandle
WaitForMultipleObjects
GlobalSize
InterlockedExchange
ExpandEnvironmentStringsA
InterlockedDecrement
FlushFileBuffers
UnlockFile
ReadFile
GetLastError
SetEnvironmentVariableA
GetStartupInfoW
lstrlenA
GetModuleHandleA
DeleteCriticalSection
LoadResource
GetEnvironmentStrings
GetDateFormatA
EnterCriticalSection
DuplicateHandle
FindNextFileA
CompareStringW
GetStringTypeW
GlobalLock
HeapCreate
GetCurrentThread
RaiseException
VirtualProtect
FindClose
CloseHandle
CreateFileMappingW
LocalAlloc
GetFileType
SetLastError
TlsGetValue
CreateProcessW
GetTickCount
HeapDestroy
GetLocalTime
SetEnvironmentVariableW
GlobalReAlloc
ReleaseMutex
CopyFileA
CreateToolhelp32Snapshot
GetVersion
GetACP
InterlockedIncrement
VirtualQuery
DeleteFileA
lstrcpyA
GetTimeFormatA
TlsAlloc
LocalFree
SetEvent
GetFileAttributesW
SetUnhandledExceptionFilter

comctl32

ImageList_GetImageCount
ImageList_GetIcon
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Destroy
ord17
InitCommonControlsEx
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_GetImageInfo
PropertySheetW
ImageList_Draw
ImageList_Create
ImageList_AddMasked

ole32

OleRegEnumVerbs
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleRegGetMiscStatus
IsAccelerator
OleTranslateAccelerator

user32

MoveWindow
TranslateMessage
DestroyAcceleratorTable
SendDlgItemMessageW
TranslateMDISysAccel
GetMenuItemID
LoadMenuW
TranslateAcceleratorW
EnableWindow
RegisterClassW
PostQuitMessage
SetWindowsHookExW
DispatchMessageW
LockWindowUpdate
DestroyMenu
SetWindowLongW
DestroyCursor
SetCapture
EndDeferWindowPos
UnpackDDElParam
SystemParametersInfoW
PeekMessageW
DestroyCaret
GetKeyState
GetCapture
InvalidateRect
GetMenuItemInfoW
GetDC
GetWindowThreadProcessId
InflateRect
GetMenuDefaultItem
ReuseDDElParam
GetMenuState
WindowFromPoint
GetDesktopWindow
SetWindowPlacement
DrawMenuBar
GetClientRect
GetWindowPlacement
IsWindowEnabled
SetMenuItemBitmaps
GetWindowRgn
CharUpperW
AppendMenuW
SendDlgItemMessageA
GetClassNameW
SetRect
GetMenuCheckMarkDimensions
UnionRect
IsChild
DefWindowProcW
ClientToScreen
GetDlgItem
GetSystemMetrics
GetMenu
SetMenu
LoadBitmapW
InvalidateRgn
ShowWindow
DeferWindowPos
GetMessageTime
GetKeyboardLayout
GetDCEx
CreatePopupMenu
FindWindowW
GetMessageW
CreateMenu
LoadImageW
IsZoomed
GetScrollPos
SetWindowTextW
BeginDeferWindowPos
IntersectRect
SetTimer
GetMessagePos
DrawFocusRect
GetWindowTextW
SetParent
IsWindow
GetMenuStringW
BringWindowToTop
SendMessageW
BeginPaint
RedrawWindow
GetWindowTextLengthW
DrawEdge
SetActiveWindow
GetDlgCtrlID
EmptyClipboard
DeleteMenu
DrawStateW
RegisterClipboardFormatW
ReleaseCapture
GetCursorPos
ShowOwnedPopups
CreateDialogIndirectParamW
GetNextDlgGroupItem
AttachThreadInput
EnumChildWindows
GetFocus
SetMenuDefaultItem
ReleaseDC
GetUpdateRect
RegisterClassExW
CheckMenuItem
InsertMenuItemW
EqualRect
CopyIcon
IsDialogMessageW
CallNextHookEx
DrawFrameControl
GetWindow
GetClassInfoExW
TrackPopupMenuEx
UpdateWindow
DrawIcon
RegisterWindowMessageW
AdjustWindowRectEx
OpenClipboard
GetForegroundWindow
GetTopWindow
DestroyWindow
MessageBeep
FrameRect
TrackPopupMenu
SetCursorPos
MessageBoxW
MapWindowPoints
GetSystemMenu
GetWindowDC
CreateWindowExW
WaitMessage
IsClipboardFormatAvailable
SetDlgItemInt
GetSysColorBrush
GetAsyncKeyState
GetWindowRect
SetRectEmpty
EndDialog
GetLastActivePopup
SetCursor
DestroyIcon
IsDlgButtonChecked
LoadIconW
DrawIconEx
ScreenToClient
SystemParametersInfoA
KillTimer
FillRect
UnhookWindowsHookEx
IsRectEmpty
LoadCursorW
wsprintfA
GetActiveWindow
MapDialogRect
IsWindowVisible
GetWindowLongW
ScrollWindow
SetClipboardData
SetScrollPos
InsertMenuW
EnableMenuItem
OffsetRect
GetSysColor
GetScrollInfo
IsIconic
LoadAcceleratorsW
CheckDlgButton
SetScrollInfo
SetWindowRgn
PtInRect
DrawTextW
GetMenuItemCount
SetForegroundWindow
SetWindowPos
CloseClipboard
CopyRect
GetSubMenu
SetDlgItemTextW
GetParent
IsMenu
SetFocus
CopyImage
UnregisterClassW
EndPaint
SetMenuItemInfoW

oleaut32

LoadTypeLi

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 480KB - Virtual size: 478KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
19f5cc020fc877fc342ad76e3714601ad7d6978f30daf28a27556c983ae5b01d
.dll regsvr32 windows:4 windows x86 arch:x86

39abe6ad872048214d1a0eb56889b94e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:73:0e:b0:e6:d9:2a:47:6e:16:62:8a:0d:be:fb:36
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

31/05/2010, 00:00

Not After

06/05/2012, 23:59

Subject

CN=Mindspark Interactive Network,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Mindspark Interactive Network,L=White Plains,ST=NewYork,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegFlushKey
RegQueryValueExA

kernel32

DeleteCriticalSection
lstrcmpiA
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
WideCharToMultiByte
lstrlenW
GetCurrentProcessId
VirtualProtect
VirtualQuery
FlushInstructionCache
GetCurrentProcess
lstrlenA
InitializeCriticalSection
DisableThreadLibraryCalls
HeapAlloc
GetSystemInfo
GetVersionExA
HeapCreate
InterlockedIncrement
InterlockedDecrement
MultiByteToWideChar
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
GetLastError
LoadLibraryExA
lstrcpynA
IsDBCSLeadByte
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
GetSystemDirectoryA
lstrcmpA
DebugBreak
HeapReAlloc
HeapFree
GetCurrentThreadId
FindResourceA

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

VariantChangeTypeEx
VariantInit
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
VariantClear

user32

GetFocus
GetWindowTextW
SendMessageA
UnhookWindowsHookEx
SetWindowsHookExA
EnumWindows
DefWindowProcW
CallWindowProcW
CallWindowProcA
SetWindowLongA
SetWindowLongW
IsWindowUnicode
GetWindowLongA
GetWindowLongW
CharNextA
UnregisterClassA
FindWindowExA
MapWindowPoints
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
DefWindowProcA
GetWindowThreadProcessId
CallNextHookEx
GetKeyState
SetWindowTextA
SetFocus
SetWindowTextW
GetPropA
SetPropA
RemovePropA
PostMessageA
IsWindow
RegisterWindowMessageA
GetWindow
GetClassNameA
CreateWindowExA
PeekMessageA
DestroyWindow
GetParent

ws2_32

WSACleanup
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAStartup

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
32f01153ffc9f0fafcf6fb39f6b30e1e67ac99478e7eace314358a97ed0de032
4f1ff9bdef6d0b2ece7775e3adae50ac75daeff126faefe81810830d485f934c
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2276e081eebeb1248a24b089db23c75a

Headers

File Characteristics

PDB Paths

Imports

gdi32

mpr

advapi32

shell32

kernel32

comctl32

ole32

user32

oleaut32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 480KB - Virtual size: 478KB

.data Size: 104KB - Virtual size: 109KB

.rsrc Size: 48KB - Virtual size: 45KB

39abe6ad872048214d1a0eb56889b94e

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

41:73:0e:b0:e6:d9:2a:47:6e:16:62:8a:0d:be:fb:36Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

user32

ws2_32

version

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 2KB

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 480KB - Virtual size: 478KB

.data
Size: 104KB - Virtual size: 109KB

.rsrc
Size: 48KB - Virtual size: 45KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

41:73:0e:b0:e6:d9:2a:47:6e:16:62:8a:0d:be:fb:36
Certificate

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 5KB - Virtual size: 4KB