260182d1c7cb7b3571efa9582fadccaf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

260182d1c7cb7b3571efa9582fadccaf_JaffaCakes118
Size

1.8MB
MD5

260182d1c7cb7b3571efa9582fadccaf
SHA1

81a849c03d71bbf00af7c31a0f24f68059838b25
SHA256

aaabf77a0d22e7c752e986c856f1dceda55812b26956158d614b7e793de14b32
SHA512

e69a9e77c4feb42cc3349f5ecb8d911cfbd106d4d2aa41af491e8b21ec1110ec97133bb016b67eabf98c9fe0d0f9f01bae426aa22c2277574193ed8fc7883c75
SSDEEP

49152:/gY2cUXsbqO4h4p0OKWyQRwLZ3us4lB0y:YQisbl49Fjur+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PYShowIP063/MynaQQ.exe
unpack001/PYShowIP063/MynaQQEx.dll
unpack001/PYShowIP063/MynaQQNetKnl.dll
unpack001/PYShowIP063/ipsearcher.dll

Files

260182d1c7cb7b3571efa9582fadccaf_JaffaCakes118
.rar
PYShowIP063/Myna.ini
PYShowIP063/MynaQQ.exe
.exe windows:4 windows x86 arch:x86

a4bbb7ab576c3d14de5305d34a5a84a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFreeEx
Sleep
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
lstrlenA
GetProcAddress
GetModuleHandleA
CreateProcessA
GetStringTypeA
LCMapStringW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
GetStringTypeW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PYShowIP063/MynaQQEx.dll
.dll regsvr32 windows:4 windows x86 arch:x86

1c1a877d9af731bf97c884a9ebfdc03e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mynaqqnetknl

?GetFriendInfo@ChatMonitor@@QAEHKPAVFriendInf@@@Z
?GetSingleton@ChatMonitor@@SAAAV1@XZ
?Run@ChatMonitor@@QAEKXZ
?QQCoreInit@ChatMonitor@@QAEXXZ
?CurQQNum@ChatMonitor@@0KA

mfc42

ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5252
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord366
ord674
ord4242
ord537
ord1233
ord6467
ord4078
ord5241
ord5290
ord4441
ord5261
ord4424
ord3742
ord3619
ord567
ord3663
ord3626
ord818
ord2414
ord4275
ord2859
ord1641
ord2379
ord3573
ord755
ord3874
ord4353
ord5789
ord5875
ord470
ord3721
ord795
ord283
ord3571
ord3706
ord6197
ord6380
ord858
ord6215
ord4299
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord5500
ord3953
ord1199
ord1247
ord1132
ord1131
ord6354
ord2725
ord6199
ord2915
ord860
ord6442
ord1146
ord5645
ord6374
ord2116
ord326
ord5163
ord2385
ord5237
ord4407
ord1776
ord4077
ord6055
ord4151
ord2878
ord2879
ord269
ord826
ord600
ord1578
ord1255
ord1253
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord1842
ord823
ord540
ord825
ord800
ord1577
ord1168
ord1575
ord1176
ord1116
ord6172
ord641
ord1182
ord342
ord1243
ord1197
ord1570

msvcrt

atoi
time
ctime
__CxxFrameHandler
_itoa
strstr
fclose
_purecall
_EH_prolog
__dllonexit
_onexit
free
_initterm
malloc
_adjust_fdiv
??1type_info@@UAE@XZ

kernel32

CreateToolhelp32Snapshot
Thread32First
Thread32Next
OpenThread
ResumeThread
GetCurrentProcessId
GetPrivateProfileIntA
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
GetLastError
FormatMessageA
GetCurrentProcess
GetPrivateProfileStringA
CreateMutexA
CreateThread
ReleaseMutex
WaitForSingleObject
CloseHandle
TerminateThread
LocalFree
Sleep
LocalAlloc

user32

SetWindowsHookExA
CallWindowProcA
GetClassNameA
GetWindowTextA
SetWindowLongA
GetWindowLongA
GetDlgItem
GetWindowRect
DestroyWindow
CallNextHookEx
SetWindowRgn
TrackMouseEvent
ClientToScreen
EnableWindow
WaitForInputIdle
FrameRect
FillRect
GetDC
IsWindowVisible
CreateWindowExA
RegisterHotKey
GetMessageA
EnumThreadWindows
TranslateMessage
DispatchMessageA
ShowWindow
FindWindowExA
GetWindowThreadProcessId
PostThreadMessageA
LoadBitmapA
SetWindowPos
GetWindow
GetClientRect

gdi32

FillRgn
FrameRgn
CreatePolygonRgn
CreateRoundRectRgn
CreateRectRgn
CombineRgn
CreateSolidBrush
CreateFontA
SelectObject
GetPixel

msvcp60

??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??_7?$basic_fstream@DU?$char_traits@D@std@@@std@@6B@
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXPBDH@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??1?$basic_fstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0ios_base@std@@IAE@XZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?_Initcvt@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
??1locale@std@@QAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1ios_base@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PYShowIP063/MynaQQNetKnl.dll
.dll regsvr32 windows:4 windows x86 arch:x86

a1cdb84fb8af0948c7692ab73ba4802d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imagehlp

ImageDirectoryEntryToData

mfc42

ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord5500
ord1199
ord1247
ord1132
ord6467
ord1131
ord6354
ord4204
ord1578
ord600
ord826
ord269
ord1253
ord1570
ord1197
ord1243
ord342
ord1182
ord1577
ord1168
ord1575
ord1176
ord1116
ord823
ord825
ord800
ord535
ord537
ord939
ord858
ord941
ord860
ord4274
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord1255

msvcrt

sscanf
strchr
sprintf
srand
rand
??0exception@@QAE@ABV0@@Z
_itoa
??0exception@@QAE@ABQBD@Z
free
_CxxThrowException
fclose
_mbscmp
_EH_prolog
_except_handler3
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
malloc
_adjust_fdiv
time
ctime
__CxxFrameHandler
_purecall

kernel32

LocalAlloc
LocalFree
TerminateThread
CloseHandle
WaitForSingleObject
ReleaseMutex
CreateThread
CreateMutexA
VirtualProtect
GetCurrentProcess
ReadProcessMemory
WriteProcessMemory
GetModuleHandleA
Sleep
LoadLibraryA
GetProcAddress
GetLastError
FormatMessageA

wsock32

closesocket
connect
socket
recvfrom
sendto
ntohl
send
htons
htonl
inet_addr
recv

msvcp60

??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_fstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_filebuf@DU?$char_traits@D@std@@@std@@6B@
?close@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
?__Fiopen@std@@YAPAU_iobuf@@PBDH@Z
?_Init@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXPAU_iobuf@@W4_Initfl@12@@Z
?_Initcvt@?$basic_filebuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?clear@ios_base@std@@QAEXH_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
??1ios_base@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$ctype@D@std@@UAE@XZ
?id@?$ctype@D@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_filebuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??_D?$basic_fstream@DU?$char_traits@D@std@@@std@@QAEXXZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADHD@Z
??1locale@std@@QAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?open@?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAEPAV12@PBDH@Z
??_7?$basic_fstream@DU?$char_traits@D@std@@@std@@6B@
??0?$basic_filebuf@DU?$char_traits@D@std@@@std@@QAE@PAU_iobuf@@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??0ios_base@std@@IAE@XZ
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_fstream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
?do_toupper@?$ctype@D@std@@MBEDD@Z
?do_toupper@?$ctype@D@std@@MBEPBDPADPBD@Z
?do_tolower@?$ctype@D@std@@MBEDD@Z
?do_tolower@?$ctype@D@std@@MBEPBDPADPBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??_7bad_cast@std@@6B@
??1_Locinfo@std@@QAE@XZ
?_Term@?$ctype@D@std@@KAXXZ
?_Cltab@?$ctype@D@std@@0PBFB
_Getctype
??0_Locinfo@std@@QAE@PBD@Z
??_7?$ctype@D@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
?_Iscloc@locale@std@@QBE_NXZ
?_Getfacet@locale@std@@QBEPBVfacet@12@I_N@Z
?_Id_cnt@id@locale@std@@0HA

Exports

Exports

??0ChatMonitor@@AAE@XZ
??0ChatMonitor@@QAE@ABV0@@Z
??1ChatMonitor@@UAE@XZ
??4ChatMonitor@@QAEAAV0@ABV0@@Z
??_7ChatMonitor@@6B@
?AfterStop@ChatMonitor@@EAEXXZ
?CurQQNum@ChatMonitor@@0KA
?FillShareRqPack@ChatMonitor@@QAEHKPAUShareRqPack@@@Z
?Friends@ChatMonitor@@0V?$set@KU?$less@K@std@@V?$allocator@K@2@@std@@A
?GetAnswer@ChatMonitor@@QAEXKAAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@@Z
?GetCurQQNum@ChatMonitor@@QAEKXZ
?GetDecryptFunc@ChatMonitor@@QAEP6AXPAEK00PAK@ZXZ
?GetFriendInfo@ChatMonitor@@QAEHKPAVFriendInf@@@Z
?GetIp@ChatMonitor@@AAEKK@Z
?GetPort@ChatMonitor@@AAEKK@Z
?GetSessionKey@ChatMonitor@@QAEHPAE@Z
?GetSingleton@ChatMonitor@@SAAAV1@XZ
?GetVer@ChatMonitor@@AAEKK@Z
?IsIdentityFlagEx@ChatMonitor@@SAKKKK@Z
?IsTmFriend@ChatMonitor@@QAEHK@Z
?LoginOk@ChatMonitor@@QAEXXZ
?PreOpen@ChatMonitor@@EAEXXZ
?QQCoreInit@ChatMonitor@@QAEXXZ
?Run@ChatMonitor@@QAEKXZ
?SetPsw@ChatMonitor@@QAEXABVCString@@@Z
?SetQQNum@ChatMonitor@@QAEXK@Z
?SetVersion@ChatMonitor@@QAEXG@Z
?ThreadProc@ChatMonitor@@EAEKPAX@Z
?UpdateSKey@ChatMonitor@@QAEXXZ
?fIsIdentify@ChatMonitor@@0P6AKKKK@ZA
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PYShowIP063/QQWry.Dat
PYShowIP063/Version.ini
PYShowIP063/ipsearcher.dll
.dll windows:4 windows x86 arch:x86

bcbc4703c59d2fd0161de0cbcb4074fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

MessageBoxA

ws2_32

htonl

shlwapi

PathRemoveFileSpecA

Exports

Exports

LookupAddress
_GetAddress

Sections

.text
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PYShowIP063/下载说明.htm
.html .js polyglot
PYShowIP063/安装说明.txt
PYShowIP063/非常世纪资源网.url
.url

Sharing

General

Malware Config

Signatures

Files

a4bbb7ab576c3d14de5305d34a5a84a1

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

1c1a877d9af731bf97c884a9ebfdc03e

Headers

File Characteristics

Imports

mynaqqnetknl

mfc42

msvcrt

kernel32

user32

gdi32

msvcp60

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

a1cdb84fb8af0948c7692ab73ba4802d

Headers

File Characteristics

Imports

imagehlp

mfc42

msvcrt

kernel32

wsock32

msvcp60

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 7KB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

bcbc4703c59d2fd0161de0cbcb4074fe

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

shlwapi

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 48KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 48KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB