3751777815e3760cc919f4f0762ce0f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3751777815e3760cc919f4f0762ce0f2_JaffaCakes118
Size

4.1MB
MD5

3751777815e3760cc919f4f0762ce0f2
SHA1

82146fc5ab1c9294c84b2a0f30a73992877438f7
SHA256

9ead08dc73da036a585196871f265eb9338498a14c06304c698fac2c94945a25
SHA512

ca693597103400761e97616b29cc30f2c2159231e56c6142eb19edfb476427f0265e696bb84011405b5233dff53056834ddd5075fa08b51b1b51f5673fb236bd
SSDEEP

98304:WO/1pwczyL3JyOJNo20QBwbtlw2Fh8Bx2fUf3R0OruBuGI:WO/rdqLesBwLw2v8+fUfsBu3

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Videomach 5.8.3 Professional Software/Crack/videomach.exe
unpack001/Videomach 5.8.3 Professional Software/videomach-5.8.3-setup.exe
unpack002/$PLUGINSDIR/InstallOptions.dll
unpack002/libcvr-1.1.3.dll
unpack002/libdsw-1.0.7.dll
unpack002/libgif-1.1.0.dll
unpack002/libhav-1.0.1.dll
unpack002/libjp2-1.0.1.dll
unpack002/libjpg-1.1.0.dll
unpack002/libmpg-2.2.2.dll
unpack002/libogg-2.1.0.dll
unpack002/libpng-1.0.1.dll
unpack002/libtif-1.0.3.dll
unpack002/libwmv-3.0.1.dll
unpack002/libxpm-1.0.0.dll
unpack002/uninstall.exe
unpack002/videomach.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
static1/unpack001/Videomach 5.8.3 Professional Software/videomach-5.8.3-setup.exe	nsis_installer_1
static1/unpack001/Videomach 5.8.3 Professional Software/videomach-5.8.3-setup.exe	nsis_installer_2
static1/unpack002/uninstall.exe	nsis_installer_1
static1/unpack002/uninstall.exe	nsis_installer_2

Files

3751777815e3760cc919f4f0762ce0f2_JaffaCakes118
.rar
Videomach 5.8.3 Professional Software/Crack/videomach.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Videomach 5.8.3 Professional Software/^ Enter Here.url
Videomach 5.8.3 Professional Software/^Just one Click to Get More Stuff.url
Videomach 5.8.3 Professional Software/videomach-5.8.3-setup.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
doc/def_about.html
.html
doc/def_codec.html
.html
doc/def_command_line.html
.html
doc/def_formats.html
.html
doc/def_image_sequence.html
.html
doc/def_vfl_format.html
.html
doc/dlg_openwith_add.html
.html
doc/dlg_openwith_default.html
.html
doc/dlg_openwith_list.html
.html
doc/dlg_options.html
.html
doc/dlg_options_input.html
.html
doc/dlg_options_output.html
.html
doc/dlg_options_preview.html
.html
doc/dlg_options_shell.html
.html
doc/dlg_options_warnings_1.html
.html
doc/dlg_options_warnings_2.html
.html
doc/dlg_output.html
.html
doc/dlg_output_audio.html
.html
doc/dlg_output_audio_avi.html
.html
doc/dlg_output_audio_wma.html
.html
doc/dlg_output_files.html
.html
doc/dlg_output_video.html
.html
doc/dlg_output_video_avi.html
.html
doc/dlg_output_video_hav.html
.html
doc/dlg_output_video_mpeg.html
.html
doc/dlg_output_video_wmv.html
.html
doc/edit_copy.html
.html
doc/edit_delete.html
.html
doc/edit_delete_frames.html
.html
doc/edit_frame_rate.html
.html
doc/edit_move.html
.html
doc/edit_select.html
.html
doc/file_export_list.html
.html
doc/file_import_list.html
.html
doc/file_in_out_points.html
.html
doc/file_info.html
.html
doc/file_input_settings.html
.html
doc/file_insert_silence.html
.html
doc/file_linking.html
.html
doc/file_open.html
.html
doc/file_split.html
.html
doc/index.html
.html
doc/menu_edit.html
.html
doc/menu_file.html
.html
doc/menu_help.html
.html
doc/menu_preview.html
.html
doc/menu_project.html
.html
doc/menu_tools.html
.html
doc/menu_video_effect.html
.html
doc/optic_add.html
.html
doc/optic_adjust_rgb.html
.html
doc/optic_blur.html
.html
doc/optic_border.html
.html
doc/optic_brightness.html
.html
doc/optic_chaos.html
.html
doc/optic_contrast.html
.html
doc/optic_crop.html
.html
doc/optic_deinterlace.html
.html
doc/optic_despeckle.html
.html
doc/optic_edge_enhance.html
.html
doc/optic_emboss.html
.html
doc/optic_equalize.html
.html
doc/optic_fade_in.html
.html
doc/optic_fade_out.html
.html
doc/optic_find_edges.html
.html
doc/optic_flip_horizontal.html
.html
doc/optic_flip_vertical.html
.html
doc/optic_gamma.html
.html
doc/optic_grayscale.html
.html
doc/optic_hue.html
.html
doc/optic_in_out_points.html
.html
doc/optic_mirror_horizontal.html
.html
doc/optic_mirror_vertical.html
.html
doc/optic_motion_blur.html
.html
doc/optic_negative.html
.html
doc/optic_noise_gaussian.html
.html
doc/optic_noise_interference.html
.html
doc/optic_noise_uniform.html
.html
doc/optic_oil_painting.html
.html
doc/optic_pixelize.html
.html
doc/optic_posterize.html
.html
doc/optic_resize.html
.html
doc/optic_rotate.html
.html
doc/optic_rotate_free.html
.html
doc/optic_saturation.html
.html
doc/optic_settings.html
.html
doc/optic_sharpen.html
.html
doc/optic_soften.html
.html
doc/optic_solarize.html
.html
doc/optic_swap_red_blue.html
.html
doc/optic_text_overlay.html
.html
doc/optic_trace_contour.html
.html
doc/optic_video_overlay.html
.html
doc/optic_white_balance.html
.html
doc/output_playing.html
.html
doc/preview_creating.html
.html
doc/preview_picture.html
.html
doc/projects_working_with.html
.html
doc/style.css
doc/title.png
.png
doc/tools_count_colors.html
.html
doc/tools_matrix.html
.html
doc/tools_temporal_average.html
.html
libcvr-1.1.3.dll
.dll windows:4 windows x86 arch:x86

8acb5ea810d8a8fd7e6cff26af5cb224

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_close
_open
_read
_write
__dllonexit
_errno
_iob
_lseeki64
_telli64
_winmajor
abort
calloc
fflush
free
fwrite
malloc
memcpy
memmove
strncpy
vfprintf

Exports

Exports

cvr_close
cvr_info
cvr_open
cvr_read
cvr_seek

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 260B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libdsw-1.0.7.dll
.dll windows:4 windows x86 arch:x86

1585c2380102e680b77b6c58d433bde0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

ddraw

DirectDrawCreate

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__dllonexit
_errno
_iob
_winmajor
abort
calloc
fflush
free
fwrite
malloc
memcpy
memmove
puts
sprintf
vfprintf

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize

oleaut32

SysAllocString
SysFreeString

Exports

Exports

dsw_audio_info
dsw_audio_open
dsw_audio_read
dsw_close
dsw_video_info
dsw_video_open
dsw_video_read

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libgif-1.1.0.dll
.dll windows:4 windows x86 arch:x86

1de929e7359ecc08cae86a773f3eca3e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_close
_fdopen
_open
_setmode
__dllonexit
_assert
_errno
_iob
abort
calloc
fclose
fflush
fprintf
fputs
fread
free
fwrite
malloc
memcpy
memset
qsort
realloc
strncpy
strtok
vsprintf

Exports

Exports

AddExtensionBlock
ApplyTranslation
AsciiTable
BitSize
DGifCloseFile
DGifGetCode
DGifGetCodeNext
DGifGetExtension
DGifGetExtensionNext
DGifGetImageDesc
DGifGetLZCodes
DGifGetLine
DGifGetPixel
DGifGetRecordType
DGifGetScreenDesc
DGifOpen
DGifOpenFileHandle
DGifOpenFileName
DGifSlurp
DllGetVersion
DrawBox
DrawBoxedText
DrawRectangle
DumpScreen2Gif
EGifCloseFile
EGifOpen
EGifOpenFileHandle
EGifOpenFileName
EGifPutCode
EGifPutCodeNext
EGifPutComment
EGifPutExtension
EGifPutExtensionFirst
EGifPutExtensionLast
EGifPutExtensionNext
EGifPutImageDesc
EGifPutLine
EGifPutPixel
EGifPutScreenDesc
EGifSetGifVersion
EGifSpew
FreeExtension
FreeMapObject
FreeSavedImages
GifLastError
GifQprintf
GifQuietPrint
MakeExtension
MakeMapObject
MakeSavedImage
PrintGifError
QuantizeBuffer
UnionColorMap

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 240B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libhav-1.0.1.dll
.dll windows:4 windows x86 arch:x86

8acb5ea810d8a8fd7e6cff26af5cb224

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_close
_open
_read
_write
__dllonexit
_errno
_iob
_lseeki64
_telli64
_winmajor
abort
calloc
fflush
free
fwrite
malloc
memcpy
memmove
strncpy
vfprintf

Exports

Exports

hav_audio_get_format
hav_audio_read
hav_audio_seek
hav_audio_set_format
hav_audio_write
hav_audio_write_ex
hav_close
hav_create
hav_decode
hav_encode
hav_handle_alloc
hav_handle_free
hav_open
hav_video_get_format
hav_video_get_palette
hav_video_read
hav_video_seek
hav_video_set_format
hav_video_write
hav_video_write_ex

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 260B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libjp2-1.0.1.dll
.dll windows:4 windows x86 arch:x86

346b7f2daae9ee5eb02e37086ed03ed6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_close
_lseek
_open
_read
_setmode
_strdup
_unlink
_write
__dllonexit
__mb_cur_max
_assert
_errno
_iob
_isctype
_pctype
_winmajor
abort
atof
atoi
calloc
ceil
fclose
fflush
floor
fprintf
fputc
fread
free
fseek
fwrite
malloc
memcpy
memmove
pow
qsort
realloc
sprintf
sqrt
strchr
strcmp
strcpy
strncpy
strrchr
strtok
tmpnam
vfprintf
vsprintf

Exports

Exports

jp2_info
jp2_read
jp2_write

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libjpg-1.1.0.dll
.dll windows:4 windows x86 arch:x86

7d576c534bb5b2f416796de48ef2d274

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_errno
_iob
_setjmp
_winmajor
abort
calloc
exit
fclose
fflush
fopen
fprintf
fread
free
fwrite
getenv
longjmp
malloc
memcpy
memmove
sprintf
sscanf
vfprintf

Exports

Exports

jpg_close
jpg_img_load
jpg_info
jpg_open_file
jpg_open_mem
jpg_write_file

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 260B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libmpg-2.2.2.dll
.dll windows:4 windows x86 arch:x86

124f2965082f04752df24487607a6f64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_close
_fstat
_open
_read
_setmode
_stat
_strdup
_tempnam
_unlink
_write
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
_filbuf
_findclose
_findfirsti64
_iob
_lseeki64
_stricmp
_strnicmp
_telli64
_tempnam
_winmajor
abort
acos
asin
atan
atoi
bsearch
calloc
ceil
cos
cosh
exit
exp
fclose
fflush
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
fwrite
getenv
gmtime
isalpha
isprint
isspace
ldexp
localeconv
localtime
log
log10
malloc
memchr
memcmp
memcpy
memmove
memset
mktime
pow
printf
puts
qsort
realloc
sin
sinh
sprintf
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncpy
strrchr
strstr
strtol
tan
tanh
time
tmpnam
tolower
toupper
vfprintf
wcslen

wsock32

WSACleanup
WSAGetLastError
WSAStartup
__WSAFDIsSet
bind
closesocket
gethostbyaddr
gethostbyname
gethostname
getpeername
getservbyport
getsockname
htonl
htons
inet_ntoa
ioctlsocket
ntohl
ntohs
recv
recvfrom
select
sendto
setsockopt
socket

Exports

Exports

bbmpeg_close
bbmpeg_create
bbmpeg_set_aspect_ratio
bbmpeg_set_bitrate
bbmpeg_set_closed_gop
bbmpeg_set_resolution
bbmpeg_write
ffmpeg_audio_set_bitrate
ffmpeg_audio_write
ffmpeg_close
ffmpeg_create
ffmpeg_video_set_aspect_ratio
ffmpeg_video_set_bitrate
ffmpeg_video_set_closed_gop
ffmpeg_video_set_resolution
ffmpeg_video_write_bgr24
ffmpeg_video_write_rgb24
ffmpeg_video_write_yuv420
mpg_audio_close
mpg_audio_info
mpg_audio_open
mpg_audio_read
mpg_audio_seek
mpg_demux
mpg_get_type
mpg_mplex
mpg_video_close
mpg_video_info
mpg_video_open
mpg_video_read
mpg_video_read_frame_fast
mpg_video_read_frame_fast_free
mpg_video_seek
mpg_video_set_error_func

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 880KB - Virtual size: 879KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libogg-2.1.0.dll
.dll windows:4 windows x86 arch:x86

22dcc641d8f181f9305d19a6eee98170

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_close
_open
_read
_write
__dllonexit
_errno
_iob
_lseeki64
_telli64
_winmajor
abort
acos
atan
calloc
ceil
cos
exit
exp
fclose
fflush
floor
fopen
fread
free
fseek
ftell
fwrite
ldexp
log
malloc
memchr
memcmp
memcpy
memmove
pow
qsort
rand
realloc
sin
sqrt
srand
strcat
strcpy
strncpy
time
toupper
vfprintf

Exports

Exports

ogg_audio_get_info
ogg_audio_read
ogg_audio_seek
ogg_audio_write
ogg_close
ogg_create
ogg_open
ogg_video_find_keyframe
ogg_video_get_info
ogg_video_read
ogg_video_seek
ogg_video_write

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 268B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libpng-1.0.1.dll
.dll windows:4 windows x86 arch:x86

4cb88a65aeca06dab09343e27c670e66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_errno
_iob
_setjmp
_winmajor
abort
calloc
fflush
fprintf
fread
free
fwrite
gmtime
localeconv
longjmp
malloc
memcmp
memcpy
pow
sprintf
strcpy
strlen
vfprintf

Exports

Exports

png_build_grayscale_palette
png_create_info_struct
png_create_read_struct
png_create_write_struct
png_destroy_read_struct
png_destroy_write_struct
png_get_IHDR
png_get_PLTE
png_get_channels
png_get_pHYs
png_get_rowbytes
png_read_end
png_read_image
png_read_info
png_read_update_info
png_set_IHDR
png_set_PLTE
png_set_bgr
png_set_compression_level
png_set_pHYs
png_set_packing
png_set_read_fn
png_set_strip_16
png_set_strip_alpha
png_set_write_fn
png_sig_cmp
png_write_end
png_write_image
png_write_info

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libtif-1.0.3.dll
.dll windows:4 windows x86 arch:x86

f9dc411bf12e96a82d19e9845d01589d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
GlobalReAlloc
GlobalSize
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MapViewOfFile
ReadFile
SetFilePointer
TlsGetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WriteFile
lstrlenA

msvcrt

__dllonexit
_assert
_errno
_iob
_setjmp
_winmajor
abort
calloc
exit
fflush
floor
fprintf
free
fwrite
getenv
longjmp
malloc
memcpy
pow
qsort
sprintf
sscanf
strcpy
vfprintf

user32

GetFocus
MessageBoxA
wsprintfA
wvsprintfA

Exports

Exports

ExternErrorSet
ExternWarningSet
TIFFClose
TIFFDefaultStripSize
TIFFGetField
TIFFGetFieldDefaulted
TIFFNumberOfStrips
TIFFOpen
TIFFReadEncodedStrip
TIFFReadRGBAImage
TIFFReadScanline
TIFFScanlineSize
TIFFSetField
TIFFStripSize
TIFFWriteScanline

Sections

.text
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 284B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libwmv-3.0.1.dll
.dll windows:4 windows x86 arch:x86

12e6bdfdec7e9dcf5d1b622abc655e5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
GetTempPathA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

_unlink
__dllonexit
_errno
_iob
_winmajor
abort
calloc
fflush
floor
free
fwrite
malloc
memcpy
memmove
sprintf
strcat
time
vfprintf

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoUninitialize

oleaut32

SysAllocString
SysFreeString

Exports

Exports

wm_audio_info
wm_audio_read
wm_audio_seek
wm_audio_write
wm_close
wm_codecs_audio_get_codec_id
wm_codecs_audio_get_name
wm_codecs_audio_init
wm_codecs_video_get_bpp
wm_codecs_video_get_codec_id
wm_codecs_video_get_name
wm_codecs_video_init
wm_create
wm_encoder_installed
wm_get_author
wm_get_copyright
wm_get_description
wm_get_genre
wm_get_title
wm_get_year
wm_open
wm_set_author
wm_set_copyright
wm_set_description
wm_set_genre
wm_set_title
wm_set_year
wm_video_info
wm_video_read
wm_video_seek
wm_video_write

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 300B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libxpm-1.0.0.dll
.dll windows:4 windows x86 arch:x86

f49991ed838bb9e492000dfcd9a4cb47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

CreateBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDeviceCaps
SelectObject
SetPixel

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_strdup
__dllonexit
__mb_cur_max
_errno
_filbuf
_iob
_isctype
_pclose
_pctype
_popen
_winmajor
abort
calloc
fclose
fflush
fopen
fprintf
fputs
free
fwrite
malloc
memcpy
realloc
sprintf
strcat
strchr
strcmp
strcpy
strncmp
strncpy
strrchr
strstr
tolower
ungetc
vfprintf

Exports

Exports

ReadXpm
WriteXpm

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 260B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
license.rtf
.rtf
order.html
.html
readme.html
.html
uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
videomach.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 335KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
whatsnew.html
.html
^ Enter Here.url
^Just one Click to Get More Stuff.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: - Virtual size: 4.0MB

Size: 1.3MB - Virtual size: 1.3MB

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 18KB - Virtual size: 18KB

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

8acb5ea810d8a8fd7e6cff26af5cb224

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 8B

.rdata Size: 512B - Virtual size: 336B

/4 Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 260B

.edata Size: 512B - Virtual size: 156B

.idata Size: 1024B - Virtual size: 964B

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 464B

.rsrc Size: 1024B - Virtual size: 844B

1585c2380102e680b77b6c58d433bde0

Headers

File Characteristics

Imports

ddraw

kernel32

msvcrt

ole32

oleaut32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 18KB - Virtual size: 18KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 336B

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 260B

.edata
Size: 512B - Virtual size: 156B

.idata
Size: 1024B - Virtual size: 964B

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 464B

.rsrc
Size: 1024B - Virtual size: 844B

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 12B

.rdata
Size: 16KB - Virtual size: 16KB

/4
Size: 512B - Virtual size: 72B

.bss
Size: - Virtual size: 272B

.edata
Size: 512B - Virtual size: 232B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 712B

.rsrc
Size: 1024B - Virtual size: 844B

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 240B

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 820B

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 764B

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 380B

/4
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 260B

.edata
Size: 1024B - Virtual size: 584B

.idata
Size: 1024B - Virtual size: 964B

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 1024B - Virtual size: 804B

.rsrc
Size: 1024B - Virtual size: 844B

.text
Size: 186KB - Virtual size: 185KB

.data
Size: 7KB - Virtual size: 7KB

.rdata
Size: 14KB - Virtual size: 13KB

/4
Size: 512B - Virtual size: 72B

.bss
Size: - Virtual size: 25KB

.edata
Size: 512B - Virtual size: 120B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 844B