6f05e43f84fc49848eddf9b22b9675c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f05e43f84fc49848eddf9b22b9675c6_JaffaCakes118
Size

1.4MB
MD5

6f05e43f84fc49848eddf9b22b9675c6
SHA1

45a99b55d119fa7ab3980fc6bb5e2fd12e5bd11d
SHA256

29f3a91e166e214a077f075a840ebfb7efdaede73e73627ba7f3bc11cba93221
SHA512

212fc2c9e0fc813210a692ebc038f006dcecf0b8098ff12bc9c11f5a1a3ac73a6b9f9b6dcd3e8c3126ccbc76c1ae7465c6cf1352c13b64e881d398943ae9aa2a
SSDEEP

24576:MxqIG11RBt0+kZimfbQtygkJLLUMuK/QjxPR+bnVarMCYmu7HFi+1djvB2XdMd+:Mxwt0+k0SNJLVuAUiTmwFi6djvsXad+

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NTLEA.exe
unpack001/neko.dll
unpack001/ntleac.exe
unpack001/ntleah.dll
unpack001/ntleap.dll

Files

6f05e43f84fc49848eddf9b22b9675c6_JaffaCakes118
.rar
NTLEA.exe
.exe windows:4 windows x86 arch:x86

4f3eb218f5117152444b5a7a0671d89d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 512B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 51KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 45KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Readme.txt
neko.dll
.dll windows:4 windows x86 arch:x86

f1786b927463f1abe43f5571638d9e46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA
midiStreamRestart
midiStreamClose
midiOutReset
midiStreamStop
midiStreamOut
midiOutPrepareHeader
midiStreamProperty
midiStreamOpen
midiOutUnprepareHeader

kernel32

CreateMutexA
ReleaseMutex
GlobalFlags
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TerminateProcess
ExitThread
HeapSize
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
SuspendThread
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEnvironmentVariableW
SetEnvironmentVariableA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetStdHandle
SetThreadPriority
ResumeThread
GetCurrentThread
lstrcmpA
FormatMessageA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpynA
SetLastError
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
WriteFile
ReadFile
PurgeComm
WaitCommEvent
ClearCommError
GetLastError
WaitForMultipleObjects
GetOverlappedResult
GetCommModemStatus
SetEvent
GetProfileStringA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetComputerNameA
EscapeCommFunction
CreateEventA
ResetEvent
OutputDebugStringA
ExpandEnvironmentStringsA
GlobalAlloc
GetTempPathA
SetFileAttributesA
GetFileAttributesA
MoveFileA
CopyFileA
CreateDirectoryA
SetVolumeLabelA
GetDiskFreeSpaceA
SetLocalTime
GetCommandLineA
CreateProcessW
SetCurrentDirectoryA
GetCurrentThreadId
GetModuleHandleA
GlobalSize
GlobalLock
GlobalFree
lstrcatA
WinExec
lstrcpyA
GetCurrentDirectoryA
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GlobalUnlock
GlobalReAlloc
HeapFree
HeapReAlloc
ExitProcess
HeapAlloc
WaitForSingleObject
GetProcessHeap
FindResourceA
LoadResource
LockResource
CreateThread
DeleteFileA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
Sleep
MulDiv
OpenFile
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetFullPathNameA
lstrlenW
lstrlenA
GetUserDefaultLCID
GetTickCount
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
HeapDestroy

user32

LoadStringA
UnregisterClassA
GetDesktopWindow
GetClassNameA
CharUpperA
EndDialog
CreateDialogIndirectParamA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ScrollWindowEx
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
GetScrollPos
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
GetWindowPlacement
ShowWindow
IsWindowEnabled
TranslateAcceleratorA
CopyAcceleratorTableA
IsZoomed
GetSystemMenu
DeleteMenu
WindowFromPoint
LoadIconA
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx
GetMessageA
SetRectEmpty
RegisterClipboardFormatA
CreatePopupMenu
AppendMenuA
ModifyMenuA
CreateMenu
CreateAcceleratorTableA
SetCursor
InvertRect
TrackPopupMenu
SetForegroundWindow
ValidateRect
LockWindowUpdate
MessageBeep
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
WaitForInputIdle
SetCursorPos
SetMenu
SetFocus
PeekMessageA
IsIconic
SetActiveWindow
DestroyMenu
SetWindowPos
GetActiveWindow
GetTopWindow
GetWindow
DestroyAcceleratorTable
DestroyCursor
SetWindowRgn
ScreenToClient
ChildWindowFromPointEx
PostMessageA
WinHelpA
KillTimer
SetTimer
GetScrollRange
SetScrollRange
SetScrollPos
SetParent
IsWindowVisible
GetWindowLongA
SetWindowLongA
TranslateMessage
DispatchMessageA
UpdateWindow
GetDC
ReleaseDC
LoadImageA
MessageBoxA
LoadBitmapA
GetKeyState
DestroyIcon
IsChild
IsRectEmpty
GetFocus
IntersectRect
EqualRect
GetMenu
GetSubMenu
EnableMenuItem
PostQuitMessage
GetSysColorBrush
AdjustWindowRect
LoadCursorA
GetCapture
ClientToScreen
wsprintfA
GetDlgCtrlID
InvalidateRect
ReleaseCapture
GetMessagePos
PtInRect
GetClientRect
GetCursorPos
SetCapture
SystemParametersInfoA
EnableWindow
SetRect
IsWindow
RedrawWindow
CopyRect
FillRect
GetSystemMetrics
DrawFrameControl
DrawEdge
InflateRect
OffsetRect
DrawFocusRect
GetWindowRect
GetParent
SendMessageA
GetSysColor
ScrollDC

gdi32

CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetClipBox
SetTextColor
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
MoveToEx
LineTo
GetBkMode
GetSystemPaletteEntries
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetBkColor
GetROP2
GetStretchBltMode
GetPolyFillMode
StartPage
EndPage
DPtoLP
CreateBrushIndirect
CreateHatchBrush
CreatePatternBrush
Ellipse
RoundRect
FillRgn
GetCurrentObject
CombineRgn
CreateRectRgn
GetClipRgn
CreatePolygonRgn
SelectPalette
GetDIBits
CreateDIBSection
ExtCreateRegion
CreateRectRgnIndirect
CreateDCA
StartDocA
GetPixel
SetPixelV
LPtoDP
GetObjectA
GetDeviceCaps
RealizePalette
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreatePalette
Pie
Chord
Arc
Polygon
EndDoc
Rectangle
SelectClipRgn
CreateDIBitmap
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
GetWindowExtEx
GetViewportOrgEx
GetWindowOrgEx
PatBlt
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetStockObject
GetTextColor

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
PrintDlgA
CommDlgExtendedError
ChooseColorA

winspool.drv

SetFormA
AddFormA
ClosePrinter
DocumentPropertiesA
OpenPrinterA
EnumFormsA
GetFormA
DeleteFormA

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageA

ole32

OleRun
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromString
OleUninitialize
OleInitialize
CLSIDFromProgID

olepro32

ord252
ord253

oleaut32

VarDateFromStr
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
UnRegisterTypeLi
SysAllocString
VariantCopyInd
VariantInit
VariantChangeType
VariantClear
GetActiveObject
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi

ws2_32

closesocket
WSAAsyncSelect
htons
bind
htonl
socket
setsockopt
sendto
recvfrom
select
gethostbyname
inet_ntoa
inet_addr
gethostbyaddr
gethostname
WSACleanup
WSAStartup
send
ioctlsocket
connect
recv
listen
getpeername
accept

Exports

Exports

GetNewInf
GetNewSock

Sections

.text
Size: 772KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ntleac.exe
.exe windows:4 windows x86 arch:x86

4839f5c4e6b9593604a736cca21543db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
CreateRemoteThread
ExitProcess
FlushInstructionCache
GetBinaryTypeW
GetCommandLineW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetFileSize
GetFullPathNameW
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetSystemDirectoryW
GetThreadContext
GetWindowsDirectoryW
HeapAlloc
HeapCreate
CreateMutexA
LocalFree
MapViewOfFile
ReadFile
ReadProcessMemory
ResumeThread
RtlMoveMemory
SetFilePointer
Sleep
SuspendThread
UnmapViewOfFile
VirtualAllocEx
VirtualProtect
WaitForMultipleObjects
WideCharToMultiByte
WriteProcessMemory
lstrcatW
lstrcpyW
lstrcpynW
lstrlenW
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
LoadLibraryW
CloseHandle

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
CommandLineToArgvW
SHBrowseForFolderW

user32

MessageBoxA

comdlg32

GetOpenFileNameW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ntleah.dll
.dll windows:4 windows x86 arch:x86

5f6c92b6c2acd78cd3bdffbcd91cb232

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsAlloc
HeapCreate
CreateThread
TlsGetValue
HeapAlloc
GetLastError
SetLastError
TlsSetValue
lstrcmpiA
GlobalFindAtomA
GlobalAddAtomA
WideCharToMultiByte
MultiByteToWideChar
IsBadWritePtr
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetVersionExA
LoadLibraryA
GetProcAddress
GetACP
GetOEMCP
GetCPInfo
CreateFileA
CompareStringA
CreateProcessA
CreateProcessW
GetTimeZoneInformation
GetThreadLocale
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetSystemDefaultLCID
GetUserDefaultLCID
GetSystemDefaultLangID
GetUserDefaultLangID
GetCommandLineA
GetCommandLineW
IsDBCSLeadByte
OpenEventA
SetEvent
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
TerminateProcess
ExitProcess
HeapFree
GetModuleHandleW
GetSystemDirectoryW
lstrcatW
LoadLibraryW
VirtualProtect
FlushInstructionCache
CreateFileW
GetSystemDirectoryA
lstrlenA
lstrcatA
lstrlenW
ReadFile
CreateEventA
ReadProcessMemory
WriteProcessMemory
ResumeThread
Sleep
SuspendThread
GetThreadContext
VirtualAllocEx
CreateRemoteThread
WaitForMultipleObjects
GetCurrentThreadId

user32

GetClassInfoA
GetClassInfoW
IsWindowUnicode
GetClassNameA
CallNextHookEx
GetPropA
SetPropA
GetWindowLongA
SetWindowLongW
CallWindowProcA
GetWindowLongW
RemovePropA
CallWindowProcW
SendMessageW
PostMessageW
SendNotifyMessageW
SendMessageCallbackW
SendMessageTimeoutW
DialogBoxIndirectParamW
CreateDialogIndirectParamW
CreateDialogParamW
DialogBoxParamW
DefWindowProcA
DefMDIChildProcA
DefDlgProcA
DefFrameProcA
DialogBoxParamA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
SetWindowTextA
GetWindowTextA
SendMessageA
SendMessageCallbackA
SendMessageTimeoutA
SendNotifyMessageA
PostMessageA
SetWindowLongA
GetMenuStringA
CharPrevA
CharNextA
CharPrevExA
CharNextExA
GetMenuStringW
GetMenuItemInfoW
SetMenuItemInfoW
GetWindowTextW
wsprintfA
GetForegroundWindow
MessageBoxA
SetWindowTextW
CreateWindowExW
DefWindowProcW
DefMDIChildProcW
DefDlgProcW
DefFrameProcW
SetWindowsHookExA
SetWindowsHookExW
UnhookWindowsHookEx

version

VerQueryValueA

gdi32

EnumFontFamiliesExA
CreateFontIndirectA
CreateFontIndirectW

ntdll

RtlMultiByteToUnicodeSize
RtlUnicodeToMultiByteSize
RtlOemToUnicodeN
RtlUnicodeToOemN

Sections

ntleat
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ntlead
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ntleap.dll
.dll windows:4 windows x86 arch:x86

173cff16bff2e323f3ffe7a88de090a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetModuleFileNameW
lstrcatW
CreateFileW
GetFileSize
VirtualAlloc
ReadFile
CloseHandle
VirtualFree
lstrcatA

Exports

Exports

NtleaGetVersionString

Sections

ntleat
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ntlead
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 342B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
乐趣下载.url
使用说明.url
用戶須知.txt

Sharing

General

Malware Config

Signatures

Files

4f3eb218f5117152444b5a7a0671d89d

Headers

File Characteristics

Imports

kernel32

user32

Sections

0 Size: 512B - Virtual size: 556B

1 Size: 512B - Virtual size: 404B

2 Size: 51KB - Virtual size: 154KB

3 Size: 15KB - Virtual size: 14KB

4 Size: 45KB - Virtual size: 69KB

5 Size: 3KB - Virtual size: 3KB

6 Size: 7KB - Virtual size: 28KB

f1786b927463f1abe43f5571638d9e46

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

ws2_32

Exports

Exports

Sections

.text Size: 772KB - Virtual size: 768KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 68KB - Virtual size: 130KB

.rsrc Size: 60KB - Virtual size: 57KB

.reloc Size: 68KB - Virtual size: 66KB

4839f5c4e6b9593604a736cca21543db

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

user32

comdlg32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

5f6c92b6c2acd78cd3bdffbcd91cb232

Headers

File Characteristics

Imports

kernel32

user32

version

gdi32

ntdll

Sections

ntleat Size: 10KB - Virtual size: 9KB

ntlead Size: 1KB - Virtual size: 2KB

.idata Size: 5KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

173cff16bff2e323f3ffe7a88de090a6

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

ntleat Size: 512B - Virtual size: 304B

0
Size: 512B - Virtual size: 556B

1
Size: 512B - Virtual size: 404B

2
Size: 51KB - Virtual size: 154KB

3
Size: 15KB - Virtual size: 14KB

4
Size: 45KB - Virtual size: 69KB

5
Size: 3KB - Virtual size: 3KB

6
Size: 7KB - Virtual size: 28KB

.text
Size: 772KB - Virtual size: 768KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 68KB - Virtual size: 130KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 68KB - Virtual size: 66KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

ntleat
Size: 10KB - Virtual size: 9KB

ntlead
Size: 1KB - Virtual size: 2KB

.idata
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB

ntleat
Size: 512B - Virtual size: 304B

ntlead
Size: 512B - Virtual size: 144B

.idata
Size: 512B - Virtual size: 342B

.edata
Size: 512B - Virtual size: 85B

.reloc
Size: 512B - Virtual size: 84B