258d55bd03fb6fe239e31e10d6c7d03e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

258d55bd03fb6fe239e31e10d6c7d03e_JaffaCakes118
Size

4.3MB
MD5

258d55bd03fb6fe239e31e10d6c7d03e
SHA1

b99abdce6fc200bfcf2ec8ebf0edef14f376bce6
SHA256

68ed526db26eac67f71a00acd2d5b01dfe2a160926d2ed748a66740d99b4b027
SHA512

c79ae94d769e1bd4b15f6ff772d23a318db42874a80045773e96599df7ec16f58d52ef37aad010e2f76851d1169c640a8844de98b693ff2a7fa248dfdd0c4aad
SSDEEP

98304:WHcoWcgNIHq6a9oHlkWieW4UGfYw7sAT5mLeSEneoyNpTSYym1ITA6g1:PxBIHpWoHlkWi2UnwYZL5cHyNpTSC1IQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6215331953/Debug/yuntai.exe
unpack001/6215331953/WinIo.dll
unpack001/6215331953/WinIo.sys
unpack001/6215331953/yuntai.exe

Files

258d55bd03fb6fe239e31e10d6c7d03e_JaffaCakes118
.rar
6215331953/CodeDlg.cpp
6215331953/CodeDlg.h
6215331953/ConfigDlg.cpp
6215331953/Debug/CodeDlg.obj
6215331953/Debug/CodeDlg.sbr
6215331953/Debug/ConfigDlg.obj
6215331953/Debug/ConfigDlg.sbr
6215331953/Debug/MirrorButton.obj
6215331953/Debug/MirrorButton.sbr
6215331953/Debug/MyBitmapButton.obj
6215331953/Debug/MyBitmapButton.sbr
6215331953/Debug/MyButton.obj
6215331953/Debug/MyButton.sbr
6215331953/Debug/SerialPort.obj
6215331953/Debug/SerialPort.sbr
6215331953/Debug/StdAfx.obj
6215331953/Debug/StdAfx.sbr
6215331953/Debug/vc60.idb
6215331953/Debug/vc60.pdb
6215331953/Debug/yuntai.exe
.exe windows:4 windows x86 arch:x86

a60230f04970e848ed4116a23520b69d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateFileA
CloseHandle
SetCommState
LeaveCriticalSection
PurgeComm
GetProfileStringA
BuildCommDCBA
GetCommState
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
EnumSystemLocalesA
GetVersionExA
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoA
IsValidCodePage
GetStringTypeA
IsBadCodePtr
Sleep
CompareStringW
HeapReAlloc
HeapAlloc
SetUnhandledExceptionFilter
CompareStringA
LCMapStringW
FatalAppExitA
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetStdHandle
DebugBreak
TerminateProcess
ExitThread
CreateThread
HeapValidate
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
lstrcpyW
CopyFileA
GlobalSize
GetTickCount
lstrlenW
GetDiskFreeSpaceA
GetTempFileNameA
SetErrorMode
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
OutputDebugStringA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetProfileIntA
VirtualProtect
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
DeleteCriticalSection
GetOEMCP
GetCPInfo
GetProcessVersion
SizeofResource
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
GetPrivateProfileIntA
GlobalFlags
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GetModuleFileNameA
WaitForSingleObject
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
LoadLibraryA
FreeLibrary
GetVersion
lstrlenA
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetCommTimeouts
SetEvent
FreeResource
SetCommMask
CreateEventA
EnterCriticalSection
InitializeCriticalSection
WaitForMultipleObjects
ResetEvent
GetCommMask
WaitCommEvent
ClearCommError
GetLastError
GetOverlappedResult
LocalFree
FormatMessageA
WriteFile
ReadFile
LCMapStringA
GetStringTypeW

user32

SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
RemoveMenu
GetMenuContextHelpId
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawFocusRect
DrawFrameControl
DrawStateA
InvertRect
FrameRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SubtractRect
UnionRect
InflateRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
wvsprintfA
OemToCharA
CharToOemA
TabbedTextOutA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
MapDialogRect
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
TranslateMessage
SetCursor
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
GetCursorPos
CheckMenuRadioItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
PostMessageA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
GetClassNameA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
DefDlgProcA
IsWindowUnicode
IsClipboardFormatAvailable
InSendMessage
RegisterClipboardFormatA
DestroyIcon
MessageBeep
CopyAcceleratorTableA
CharNextA
GetWindowThreadProcessId
WaitMessage
ReuseDDElParam
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
TranslateAcceleratorA
LoadAcceleratorsA
GetSystemMetrics
MessageBoxA
SendMessageA
GetSysColor
DrawEdge
FillRect
DrawTextA
GetMessageA
PostQuitMessage
IsZoomed
HiliteMenuItem
ReleaseCapture
DestroyCursor
SetCursorPos
UnpackDDElParam
GetAsyncKeyState
DestroyMenu
LoadStringA
GetClipboardFormatNameA
GetDialogBaseUnits
EndPaint
CharUpperA
BeginPaint
GetNextDlgGroupItem
GetNextDlgTabItem
DrawIcon
UnregisterClassA

gdi32

SetTextColor
GetObjectA
SetBkColor
DeleteObject
GetClipBox
CreatePenIndirect
DeleteMetaFile
CopyMetaFileA
CreateHatchBrush
CreateBrushIndirect
CreateSolidBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreatePatternBrush
CreateBitmapIndirect
SetBitmapBits
CreateFontA
SetBitmapDimensionEx
GetBitmapDimensionEx
GetBitmapBits
CreateDiscardableBitmap
CreatePalette
CreateCompatibleBitmap
CreateBitmap
CreateMetaFileA
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
GetStockObject
UnrealizeObject
PlayMetaFileRecord
ExtSelectClipRgn
EnumMetaFile
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCA
CreateICA
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
CreatePen
GetObjectType
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteDC
SaveDC
ExtCreatePen
CreateHalftonePalette
SetBkMode
SetPolyFillMode
SelectPalette
SetStretchBltMode
SetMapMode
SetROP2
GetDCOrgEx
SelectClipPath
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
OffsetClipRgn
ExcludeClipRect
LineTo
SetTextAlign
MoveToEx
SetTextCharacterExtra
CreateDIBitmap
GetTextExtentPointA
SetTextJustification
GetClipRgn
StretchDIBits
PlayMetaFile
RestoreDC
SetColorAdjustment
SetMapperFlags
SetArcDirection
PolyBezierTo
PolyDraw
PolylineTo
ArcTo

winio

SetPortVal
ShutdownWinIo
InitializeWinIo

comctl32

ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_EndDrag
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_GetDragImage
ImageList_Remove
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_DragLeave
CreatePropertySheetPageA
ord13
ImageList_Add
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Write
ord6
ord17
ord8
PropertySheetA
DestroyPropertySheetPage
ImageList_Read
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge

oledlg

ord3
ord8
ord6
ord5
ord9
ord4
ord7

olepro32

ord253

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
PageSetupDlgA
PrintDlgA
CommDlgExtendedError

advapi32

RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA

ole32

OleFlushClipboard
CreateItemMoniker
CreateGenericComposite
CreateFileMoniker
GetClassFile
OleSetClipboard
CreateStreamOnHGlobal
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
CoRevokeClassObject
OleIsCurrentClipboard
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleUninitialize
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoFreeUnusedLibraries
OleDuplicateData
OleQueryLinkFromData
OleQueryCreateFromData
OleRegEnumVerbs

oleaut32

SafeArrayDestroy
VariantClear
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SysFreeString
SafeArrayDestroyData
SafeArrayDestroyDescriptor
DosDateTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringLen
VariantCopy
VariantChangeType
VariantTimeToSystemTime
SysAllocString
SafeArrayUnaccessData
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SysStringByteLen
VarCyFromStr
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayCreate
SysAllocStringByteLen
SafeArrayAllocData
SafeArrayAllocDescriptor
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6215331953/Debug/yuntai.ilk
6215331953/Debug/yuntai.obj
6215331953/Debug/yuntai.pch
6215331953/Debug/yuntai.pdb
6215331953/Debug/yuntai.res
6215331953/Debug/yuntai.sbr
6215331953/Debug/yuntaiDlg.obj
6215331953/Debug/yuntaiDlg.sbr
6215331953/MirrorButton.cpp
6215331953/MirrorButton.h
6215331953/MyBitmapButton.cpp
6215331953/MyBitmapButton.h
6215331953/MyButton.cpp
6215331953/MyButton.h
6215331953/SerialPort.cpp
6215331953/SerialPort.h
6215331953/StdAfx.cpp
6215331953/StdAfx.h
6215331953/WINIO.VXD
6215331953/WinIo.dll
.dll windows:4 windows x86 arch:x86

b9b2bee901bb36181f387e1e336faa1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetModuleFileNameA
GetModuleHandleA
GetVersionExA
DeviceIoControl
GetEnvironmentVariableA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

advapi32

ControlService
CloseServiceHandle
OpenSCManagerA
CreateServiceA
StartServiceA
OpenServiceA
DeleteService

Exports

Exports

GetPhysLong
GetPortVal
InitializeWinIo
InstallWinIoDriver
MapPhysToLin
RemoveWinIoDriver
SetPhysLong
SetPortVal
ShutdownWinIo
UnmapPhysicalMemory

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6215331953/WinIo.h
6215331953/WinIo.lib
6215331953/WinIo.sys
.sys windows:4 windows x86 arch:x86

172b54da983eaa27abf08d8ed525b840

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

RtlInitUnicodeString
IoCreateDevice
MmAllocateNonCachedMemory
MmFreeNonCachedMemory
Ke386SetIoAccessMap
IoCreateSymbolicLink
IofCompleteRequest
Ke386IoSetAccessProcess
IoDeleteSymbolicLink
ZwClose
ZwMapViewOfSection
ObReferenceObjectByHandle
ZwOpenSection
ZwUnmapViewOfSection
IoDeleteDevice
IoGetCurrentProcess

hal

HalTranslateBusAddress

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 544B - Virtual size: 536B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 128B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6215331953/configdlg.h
6215331953/res/Arrow_up.ico
6215331953/res/Thumbs.db
6215331953/res/bitmap1.bmp
6215331953/res/bmp00001.bmp
6215331953/res/bmp00002.bmp
6215331953/res/bmp00003.bmp
6215331953/res/bmp00004.bmp
6215331953/res/bmp00005.bmp
6215331953/res/bmp00006.bmp
6215331953/res/bmp00007.bmp
6215331953/res/bmp00008.bmp
6215331953/res/bmp00009.bmp
6215331953/res/bmp00010.bmp
6215331953/res/bmp00011.bmp
6215331953/res/bmp00012.bmp
6215331953/res/bmp00013.bmp
6215331953/res/down_up.bmp
6215331953/res/icon1.ico
6215331953/res/up.bmp
6215331953/res/upleft_u.bmp
6215331953/res/yuntai.ico
6215331953/res/yuntai.rc2
6215331953/resource.h
6215331953/yuntai.clw
6215331953/yuntai.cpp
6215331953/yuntai.dsp
6215331953/yuntai.dsw
6215331953/yuntai.exe
.exe windows:4 windows x86 arch:x86

a60230f04970e848ed4116a23520b69d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CreateFileA
CloseHandle
SetCommState
LeaveCriticalSection
PurgeComm
GetProfileStringA
BuildCommDCBA
GetCommState
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
EnumSystemLocalesA
GetVersionExA
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoA
IsValidCodePage
GetStringTypeA
IsBadCodePtr
Sleep
CompareStringW
HeapReAlloc
HeapAlloc
SetUnhandledExceptionFilter
CompareStringA
LCMapStringW
FatalAppExitA
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetACP
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetStdHandle
DebugBreak
TerminateProcess
ExitThread
CreateThread
HeapValidate
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
lstrcpyW
CopyFileA
GlobalSize
GetTickCount
lstrlenW
GetDiskFreeSpaceA
GetTempFileNameA
SetErrorMode
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
OutputDebugStringA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetProfileIntA
VirtualProtect
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
DeleteCriticalSection
GetOEMCP
GetCPInfo
GetProcessVersion
SizeofResource
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
IsBadStringPtrW
GetPrivateProfileIntA
GlobalFlags
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GetModuleFileNameA
WaitForSingleObject
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
LoadLibraryA
FreeLibrary
GetVersion
lstrlenA
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetCommTimeouts
SetEvent
FreeResource
SetCommMask
CreateEventA
EnterCriticalSection
InitializeCriticalSection
WaitForMultipleObjects
ResetEvent
GetCommMask
WaitCommEvent
ClearCommError
GetLastError
GetOverlappedResult
LocalFree
FormatMessageA
WriteFile
ReadFile
LCMapStringA
GetStringTypeW

user32

SetMenuContextHelpId
LoadMenuIndirectA
LoadMenuA
RemoveMenu
GetMenuContextHelpId
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawFocusRect
DrawFrameControl
DrawStateA
InvertRect
FrameRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SubtractRect
UnionRect
InflateRect
SetRectEmpty
SetRect
PtInRect
IsRectEmpty
wvsprintfA
OemToCharA
CharToOemA
TabbedTextOutA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
OpenIcon
CloseWindow
LoadCursorA
PostThreadMessageA
MapDialogRect
GetWindowContextHelpId
SetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
GetLastActivePopup
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
TranslateMessage
SetCursor
ClientToScreen
BringWindowToTop
GetWindowRgn
SetWindowRgn
ArrangeIconicWindows
GetCursorPos
CheckMenuRadioItem
GetSystemMenu
DrawMenuBar
SetMenu
GetMenu
PostMessageA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
SendDlgItemMessageA
GetClientRect
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
GetClassNameA
GetDlgCtrlID
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
EnableWindow
DefDlgProcA
IsWindowUnicode
IsClipboardFormatAvailable
InSendMessage
RegisterClipboardFormatA
DestroyIcon
MessageBeep
CopyAcceleratorTableA
CharNextA
GetWindowThreadProcessId
WaitMessage
ReuseDDElParam
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
TranslateAcceleratorA
LoadAcceleratorsA
GetSystemMetrics
MessageBoxA
SendMessageA
GetSysColor
DrawEdge
FillRect
DrawTextA
GetMessageA
PostQuitMessage
IsZoomed
HiliteMenuItem
ReleaseCapture
DestroyCursor
SetCursorPos
UnpackDDElParam
GetAsyncKeyState
DestroyMenu
LoadStringA
GetClipboardFormatNameA
GetDialogBaseUnits
EndPaint
CharUpperA
BeginPaint
GetNextDlgGroupItem
GetNextDlgTabItem
DrawIcon
UnregisterClassA

gdi32

SetTextColor
GetObjectA
SetBkColor
DeleteObject
GetClipBox
CreatePenIndirect
DeleteMetaFile
CopyMetaFileA
CreateHatchBrush
CreateBrushIndirect
CreateSolidBrush
CreateDIBPatternBrushPt
CreateFontIndirectA
CreatePatternBrush
CreateBitmapIndirect
SetBitmapBits
CreateFontA
SetBitmapDimensionEx
GetBitmapDimensionEx
GetBitmapBits
CreateDiscardableBitmap
CreatePalette
CreateCompatibleBitmap
CreateBitmap
CreateMetaFileA
CloseMetaFile
CreateEnhMetaFileA
CloseEnhMetaFile
ExtTextOutA
GetStockObject
UnrealizeObject
PlayMetaFileRecord
ExtSelectClipRgn
EnumMetaFile
GetPaletteEntries
SetPaletteEntries
AnimatePalette
GetNearestPaletteIndex
ResizePalette
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreateEllipticRgnIndirect
CreatePolygonRgn
CreatePolyPolygonRgn
CreateRoundRectRgn
PathToRegion
ExtCreateRegion
GetRegionData
SetRectRgn
CombineRgn
EqualRgn
OffsetRgn
GetRgnBox
PtInRegion
RectInRegion
CreateDCA
CreateICA
CreateCompatibleDC
GetDeviceCaps
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
SelectObject
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
CreatePen
GetObjectType
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetCharWidthA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
SetPixelV
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
GetCurrentObject
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
DeleteDC
SaveDC
ExtCreatePen
CreateHalftonePalette
SetBkMode
SetPolyFillMode
SelectPalette
SetStretchBltMode
SetMapMode
SetROP2
GetDCOrgEx
SelectClipPath
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SetWindowExtEx
IntersectClipRect
OffsetClipRgn
ExcludeClipRect
LineTo
SetTextAlign
MoveToEx
SetTextCharacterExtra
CreateDIBitmap
GetTextExtentPointA
SetTextJustification
GetClipRgn
StretchDIBits
PlayMetaFile
RestoreDC
SetColorAdjustment
SetMapperFlags
SetArcDirection
PolyBezierTo
PolyDraw
PolylineTo
ArcTo

winio

SetPortVal
ShutdownWinIo
InitializeWinIo

comctl32

ImageList_BeginDrag
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_EndDrag
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_Draw
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_DragShowNolock
ImageList_DragEnter
ImageList_GetDragImage
ImageList_Remove
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_DragLeave
CreatePropertySheetPageA
ord13
ImageList_Add
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Write
ord6
ord17
ord8
PropertySheetA
DestroyPropertySheetPage
ImageList_Read
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge

oledlg

ord3
ord8
ord6
ord5
ord9
ord4
ord7

olepro32

ord253

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA
PageSetupDlgA
PrintDlgA
CommDlgExtendedError

advapi32

RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegEnumKeyA
SetFileSecurityA
GetFileSecurityA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
ExtractIconA

ole32

OleFlushClipboard
CreateItemMoniker
CreateGenericComposite
CreateFileMoniker
GetClassFile
OleSetClipboard
CreateStreamOnHGlobal
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
OleLockRunning
OleSetContainedObject
OleCreateFromData
OleCreateLinkFromData
OleCreateStaticFromData
OleCreateFromFile
OleCreateLinkToFile
OleCreate
OleLoad
OleSave
StgIsStorageILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
CoRevokeClassObject
OleIsCurrentClipboard
OleGetClipboard
OleSetMenuDescriptor
DoDragDrop
OleUninitialize
OleRegGetMiscStatus
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CreateOleAdviseHolder
CreateDataAdviseHolder
OleTranslateAccelerator
IsAccelerator
GetRunningObjectTable
CoLockObjectExternal
OleInitialize
CoDisconnectObject
OleRun
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CreateBindCtx
CoFreeUnusedLibraries
OleDuplicateData
OleQueryLinkFromData
OleQueryCreateFromData
OleRegEnumVerbs

oleaut32

SafeArrayDestroy
VariantClear
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SysFreeString
SafeArrayDestroyData
SafeArrayDestroyDescriptor
DosDateTimeToVariantTime
SysStringLen
LoadTypeLi
SysAllocStringLen
VariantCopy
VariantChangeType
VariantTimeToSystemTime
SysAllocString
SafeArrayUnaccessData
SysReAllocStringLen
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SysStringByteLen
VarCyFromStr
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayRedim
SafeArrayCreate
SysAllocStringByteLen
SafeArrayAllocData
SafeArrayAllocDescriptor
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
6215331953/yuntai.h
6215331953/yuntai.ncb
6215331953/yuntai.opt
6215331953/yuntai.plg
.html
6215331953/yuntai.rc
6215331953/yuntaiDlg.cpp
6215331953/yuntaiDlg.h
6215331953/yuntaiconfig.ini
6215331953/下载说明.htm
.html .js polyglot
6215331953/使用注意.txt

Sharing

General

Malware Config

Signatures

Files

a60230f04970e848ed4116a23520b69d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winio

comctl32

oledlg

olepro32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 132KB - Virtual size: 128KB

.data Size: 76KB - Virtual size: 91KB

.idata Size: 24KB - Virtual size: 22KB

.rsrc Size: 40KB - Virtual size: 38KB

.reloc Size: 76KB - Virtual size: 74KB

b9b2bee901bb36181f387e1e336faa1f

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 936B

.reloc Size: 4KB - Virtual size: 3KB

172b54da983eaa27abf08d8ed525b840

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 32B - Virtual size: 4B

INIT Size: 544B - Virtual size: 536B

.reloc Size: 128B - Virtual size: 108B

a60230f04970e848ed4116a23520b69d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winio

comctl32

oledlg

olepro32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 132KB - Virtual size: 128KB

.data Size: 76KB - Virtual size: 91KB

.idata Size: 24KB - Virtual size: 22KB

.rsrc Size: 40KB - Virtual size: 38KB

.reloc Size: 76KB - Virtual size: 74KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 132KB - Virtual size: 128KB

.data
Size: 76KB - Virtual size: 91KB

.idata
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 40KB - Virtual size: 38KB

.reloc
Size: 76KB - Virtual size: 74KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 32B - Virtual size: 4B

INIT
Size: 544B - Virtual size: 536B

.reloc
Size: 128B - Virtual size: 108B

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 132KB - Virtual size: 128KB

.data
Size: 76KB - Virtual size: 91KB

.idata
Size: 24KB - Virtual size: 22KB

.rsrc
Size: 40KB - Virtual size: 38KB

.reloc
Size: 76KB - Virtual size: 74KB