5ceaae0639bf0f77350b4d07f1c7e4d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ceaae0639bf0f77350b4d07f1c7e4d5_JaffaCakes118
Size

8.3MB
MD5

5ceaae0639bf0f77350b4d07f1c7e4d5
SHA1

b7aada34064a6f76d33d8dee41caebde1c22dbe6
SHA256

969a2d232a3f87c2415f2363cabe4bf1e1cea2bf502645d81ad43ef95f38d5bc
SHA512

cbdc6343412bb5c2f88df73301eb2032bb53cd9dc99e2634d5cee9775889d4f8ee6db046002ac20300bd3f8776498cc0e66d6dbc819bd6c2000ffbee999fe61c
SSDEEP

196608:jO0uFWs3Qhc8f6HjrGBZv5RqvFV/mhcsOdowKpI8q/bpFIu:iBF5k4jGNiscmFgVFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
5ceaae0639bf0f77350b4d07f1c7e4d5_JaffaCakes118
unpack001/$PLUGINSDIR/BrandingURL.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/Asianata.RWG
unpack001/Asianata.exe
unpack001/RAW_005.wdt
unpack001/ReflexiveArcade/RAW_003.wdt
unpack001/ReflexiveArcade/ReflexiveArcade.dll
unpack001/Resource/Music/WaveMaker.exe
unpack001/uninst.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

5ceaae0639bf0f77350b4d07f1c7e4d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c042238f43557c055fca8642de8a074

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$APPDATA/ȫַ!.lnk
.lnk
$APPDATA/Ա-!.lnk
.lnk
$DESKTOP/Ա-!.lnk
.lnk
$FAVORITES/Ա-!.url
.url
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SMPROGRAMS/̫/155ɫվ.lnk
.lnk
$SMPROGRAMS/ȫַ!.lnk
.lnk
$SMPROGRAMS/Ա-!.lnk
.lnk
$WINDIR/taobao.ico
155ɫվ.lnk
.lnk
Asianata.RWG
.exe windows:4 windows x86 arch:x86

87549621345347d79460fe536cb930a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work\Projects\Balls\Release\Templet.pdb

Imports

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

dsound

ord1

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetAttemptConnect
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

kernel32

GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
GetLastError
CreateMutexA
Sleep
ResumeThread
CreateThread
GetDateFormatA
GetTimeFormatA
OutputDebugStringA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WaitForSingleObject
CompareFileTime
GetFileTime
CopyFileA
VirtualFree
VirtualAlloc
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
IsProcessorFeaturePresent
MapViewOfFile
CreateFileMappingA
CreateFileW
UnmapViewOfFile
HeapFree
GetProcessHeap
LockResource
LoadResource
SizeofResource
FindResourceA
FindResourceW
WriteFile
InterlockedIncrement
InterlockedDecrement
DeleteFileA
GetTempFileNameA
SetEndOfFile
HeapValidate
EnumSystemLocalesA
GetThreadLocale
GetCPInfo
LCMapStringW
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsBadWritePtr
HeapCreate
HeapDestroy
GetCurrentProcess
IsValidLocale
TerminateProcess
GetFullPathNameA
GetCurrentDirectoryA
GetDriveTypeA
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetStartupInfoA
ExitProcess
RtlUnwind
HeapAlloc
HeapReAlloc
IsValidCodePage
GetStringTypeA
GetStringTypeW
IsBadReadPtr
GetLocaleInfoW
CompareStringA
GetLocaleInfoA
GetACP
CompareStringW
SetEnvironmentVariableA
EnterCriticalSection
InterlockedExchange
GetCommandLineA
lstrcmpiA
GetModuleFileNameA
GetSystemTime
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA
IsBadCodePtr
SetStdHandle
GetOEMCP
VirtualProtect
GetSystemInfo
GetTimeZoneInformation
GetUserDefaultLCID
SetConsoleCtrlHandler
GetTempPathA
LeaveCriticalSection

user32

DrawTextA
GetDlgItem
DestroyMenu
DrawTextW
LoadStringA
GetKeyState
LoadCursorA
RegisterClassA
AdjustWindowRectEx
SystemParametersInfoA
SetWindowPos
DialogBoxParamA
EndDialog
GetDlgItemTextA
wsprintfA
MessageBoxA
SendDlgItemMessageA
GetWindowRect
SetWindowTextA
SetDlgItemTextA
InvalidateRect
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetWindowLongA
DefWindowProcA
MoveWindow
SetWindowLongA
PostQuitMessage
UnregisterClassA
OffsetRect
PtInRect
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
WaitMessage
DestroyIcon
DestroyWindow
LoadIconA
SetClassLongA
ShowWindow
ShowCursor
GetSystemMetrics
SetCursorPos
GetCursorPos
ScreenToClient
ReleaseCapture
SetCapture
CreateWindowExA

gdi32

SetBkMode
SetBkColor
SetTextColor
SelectObject
DeleteDC
CreateFontIndirectA
CreateDIBSection
GetObjectA
MoveToEx
LineTo
Ellipse
SetTextAlign
TextOutA
GetStockObject
DeleteObject
CreateCompatibleDC

advapi32

RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegFlushKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Asianata.exe
.exe windows:4 windows x86 arch:x86

72a63eb74974a18fb0491536225613af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
GetExitCodeProcess
Sleep
TerminateProcess
FindClose
FindFirstFileA
GetCurrentDirectoryA
GetModuleFileNameA
SetEndOfFile
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
CreateMutexA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CreateEventA
WaitForSingleObject
WaitForMultipleObjectsEx
CreateThread
GetCurrentThread
SetEnvironmentVariableA
MulDiv
LocalAlloc
WriteFile
ReadFile
GetFileSize
CreateFileA
ResetEvent
GetCurrentProcess
DuplicateHandle
GetLastError
OutputDebugStringA
SuspendThread
CreateProcessA
ResumeThread
WriteProcessMemory
OpenProcess
GetVersionExA
GetEnvironmentVariableA
HeapSize
CloseHandle
HeapReAlloc
GetVersion
GetCommandLineA
FormatMessageA
LocalFree
ReadProcessMemory
SetCurrentDirectoryA
DeleteFileA
SetFileAttributesA
FindNextFileA
MoveFileA
RemoveDirectoryA
GetProcAddress
FreeLibrary
LoadLibraryA
HeapFree
HeapAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

SetForegroundWindow
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
UpdateWindow
PeekMessageA
TranslateMessage
DispatchMessageA
BeginPaint
EndPaint
DefWindowProcA
GetClientRect
SetWindowTextA
MessageBeep
GetWindowRect
SendMessageTimeoutA
IsWindowVisible
ShowWindow
PostMessageA
BringWindowToTop
AdjustWindowRectEx
IsIconic
SystemParametersInfoA
MoveWindow
MessageBoxA
GetTabbedTextExtentA
GetDC
ReleaseDC
GetDesktopWindow
GetActiveWindow
wsprintfA
GetForegroundWindow
GetWindowThreadProcessId
GetWindowLongA
EnumThreadWindows
EnumWindows

gdi32

GetObjectA
BitBlt
CreateCompatibleDC
DeleteDC
CreateSolidBrush
CreatePen
Rectangle
SetBkMode
LPtoDP
SetTextColor
TextOutA
CreateFontA
SelectObject
DeleteObject
CreateDIBSection

advapi32

CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

winmm

timeGetTime

raw_005.wdt

?EnableActivityTracker@@YA_N_N@Z
?IsActivityTrackerEnabled@@YA_NXZ
?ResetActivityCheck@@YAXXZ
?HasBeenActivitySinceLastReset@@YA_NXZ

imagehlp

UnMapAndLoad
MapAndLoad

comctl32

_TrackMouseEvent

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Asianata_MAINICON.ico
RAW_005.wdt
.dll windows:4 windows x86 arch:x86

a583d18953cc3155909b8f87ec4d5b1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
UnregisterClassA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
SetWindowsHookExA
UnhookWindowsHookEx
GetClassNameA
CallNextHookEx

comctl32

ord17

kernel32

GetCPInfo
GetOEMCP
GetCommandLineA
RtlUnwind
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapSize
HeapReAlloc
GetACP
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetCurrentThreadId
GetCurrentThread
WriteFile
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
GetModuleHandleA
GetProcAddress
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrcmpiA
WritePrivateProfileStringA
GlobalFlags
GetVersion
lstrlenA
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
InterlockedDecrement
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
SetHandleCount

gdi32

SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
RestoreDC
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
DeleteDC
DeleteObject
SaveDC
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

Exports

Exports

?EnableActivityTracker@@YA_N_N@Z
?HasBeenActivitySinceLastReset@@YA_NXZ
?IsActivityTrackerEnabled@@YA_NXZ
?ResetActivityCheck@@YAXXZ

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Activity
Size: 4KB - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReflexiveArcade/Application.dat
ReflexiveArcade/Arcade.dat
ReflexiveArcade/Background.jpg
.jpg
ReflexiveArcade/RAW_002.wdt
ReflexiveArcade/RAW_003.wdt
.exe windows:4 windows x86 arch:x86

87cbea85bad063a4b5b6ee40ba9a6277

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetEnvironmentVariableA
CloseHandle
TerminateProcess
GetLastError
WaitForMultipleObjectsEx
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ReflexiveArcade/RAW_004.wdt
ReflexiveArcade/ReflexiveArcade.dll
.dll windows:4 windows x86 arch:x86

1a07be9d954d016ba837689c232e4e2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetActiveWindow
wsprintfA
LoadCursorA
SetCursorPos
MessageBoxA
GetDesktopWindow
ClientToScreen
SetForegroundWindow
ShowWindow
SetCursor
SystemParametersInfoA
ScreenToClient
WindowFromPoint
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
SetTimer
KillTimer
GetCursorPos
GetClientRect

kernel32

SetCurrentDirectoryA
DeviceIoControl
CreateFileA
CloseHandle
GetShortPathNameA
SetPriorityClass
GetCurrentDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
GetComputerNameA
GetVersionExA
GetProcAddress
LoadLibraryA
GetLastError
GetModuleFileNameA
OutputDebugStringA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
SetUnhandledExceptionFilter
GetCurrentProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetTickCount
GetTempPathA
CreateProcessA
GetExitCodeProcess
IsBadReadPtr
IsBadWritePtr
MulDiv
CreateMutexA
WaitForSingleObject
ReleaseMutex
FileTimeToDosDateTime
GetSystemTimeAsFileTime
FindClose
FindFirstFileA
GetTempFileNameA
GetFileAttributesA
CreateDirectoryA
FindNextFileA
GetFileTime
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FileTimeToLocalFileTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetVersion
SetFileAttributesA
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
ExitProcess
TerminateProcess
IsBadCodePtr
HeapAlloc
HeapFree
GetCommandLineA
DeleteFileA
SetEndOfFile
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapReAlloc
GetModuleHandleA
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
FlushFileBuffers
ReadFile
SetFilePointer
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
RaiseException
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
GetUserNameA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyA

netapi32

Netbios

gdi32

DeleteObject

shell32

ShellExecuteA

Exports

Exports

radll_DrawNextFrameIntoBuffer
radll_EnterMenuSession
radll_GetDLLVersionAsInt
radll_GetDLLVersionAsString
radll_GetLastErrorInformation
radll_GetNumberOfRectsToUpdate
radll_GetUpdateRect
radll_GetValueAsFloat
radll_GetValueAsInt
radll_GetValueAsString
radll_HandleWindowsMessage
radll_HasTheProductBeenPurchased
radll_Initialize
radll_IsASystemUpdateRequired
radll_IsTheMenuSessionComplete
radll_SetPalette
radll_ShutDown

Sections

.text
Size: 728KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ReflexiveArcade/button_hover.jpg
.jpg
ReflexiveArcade/button_normal.jpg
.jpg
ReflexiveArcade/button_pressed.jpg
.jpg
Resource/Music/ArcadaClip01.ogg
Resource/Music/ArcadaClip02.ogg
Resource/Music/ArcadaClip03.ogg
Resource/Music/ArcadaClip04.ogg
Resource/Music/Interface01.ogg
Resource/Music/Interface02.ogg
Resource/Music/Interface03.ogg
Resource/Music/PazzleClip01.ogg
Resource/Music/PazzleClip02.ogg
Resource/Music/PazzleClip03.ogg
Resource/Music/PazzleClip04.ogg
Resource/Music/PlayList.txt
Resource/Music/SrategyClip01.ogg
Resource/Music/SrategyClip02.ogg
Resource/Music/SrategyClip03.ogg
Resource/Music/SrategyClip04.ogg
Resource/Music/SrategyClip05.ogg
Resource/Music/WaveMaker.exe
.exe windows:4 windows x86 arch:x86

252f274b3959c32d95d3377109167ca6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
TerminateProcess
RaiseException
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStartupInfoA
LCMapStringA
LCMapStringW
SetStdHandle
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
SetErrorMode
GetOEMCP
GetCPInfo
CreateFileA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
WritePrivateProfileStringA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
InterlockedDecrement
FreeResource
CloseHandle
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
GetLastError
SetLastError
GlobalFree
FindResourceA
LoadResource
LockResource
SizeofResource
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetCommandLineA
GetModuleFileNameA
CreateThread
lstrlenA
lstrcmpiA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStringsW
InterlockedExchange

user32

CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
UnregisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
UnhookWindowsHookEx
GetWindowTextA
SetWindowPos
SetFocus
ShowWindow
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
DestroyMenu
ValidateRect
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
wsprintfA
PostMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
IsIconic
DrawIcon
PostQuitMessage
MessageBoxA
SendMessageA
LoadCursorA
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
RegisterWindowMessageA
WinHelpA
GetCapture
GetMessagePos

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
CreateBitmap
GetDeviceCaps
GetClipBox

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantInit
VariantChangeType
VariantClear

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Resource/Resource.tdf
uninst.exe
.exe windows:4 windows x86 arch:x86

1c042238f43557c055fca8642de8a074

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp

Sharing

General

Malware Config

Signatures

Files

1c042238f43557c055fca8642de8a074

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 112KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 28KB - Virtual size: 28KB

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 992B

.rdata Size: 1024B - Virtual size: 839B

.data Size: 512B - Virtual size: 336B

.reloc Size: 512B - Virtual size: 220B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

87549621345347d79460fe536cb930a8

Headers

File Characteristics

PDB Paths

Imports

winmm

dsound

version

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 88KB - Virtual size: 266KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 160KB - Virtual size: 158KB

72a63eb74974a18fb0491536225613af

Headers

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 112KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 28KB - Virtual size: 28KB

.text
Size: 1024B - Virtual size: 992B

.rdata
Size: 1024B - Virtual size: 839B

.data
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 88KB - Virtual size: 266KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 160KB - Virtual size: 158KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 24KB - Virtual size: 35KB

.rsrc
Size: 8KB - Virtual size: 7KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 21KB

Activity
Size: 4KB - Virtual size: 17B

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.text
Size: 728KB - Virtual size: 726KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 80KB - Virtual size: 705KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 56KB - Virtual size: 53KB