723f5d444d5c8d1df2507eabfdadc91b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

723f5d444d5c8d1df2507eabfdadc91b_JaffaCakes118
Size

3.5MB
MD5

723f5d444d5c8d1df2507eabfdadc91b
SHA1

822946f1d462ddea97e157127e0f5c571bba7e8c
SHA256

9134e1954c1e48e7049fc1845946e7bd0786bd8f80cf729e248197bdd4779141
SHA512

46cd49ff4a653c6790acc09effff3e624d76236df9de3a338b09ce084006029ee02bd737f6b9da75db9f0e099e7331ad427117c995756cb6775ae484b5e40fb1
SSDEEP

98304:39lPE+DAcjr+e9mAoAsqhbJjUFfMdlCjBPQTyr:3DPFrmAoAs6NjUF0fCjGTe

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/PortraiturePluginUsersGuide.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
723f5d444d5c8d1df2507eabfdadc91b_JaffaCakes118
unpack001/$PLUGINSDIR/NSISArray.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/ImagenomicPluginConsole.8li
unpack001/ImagenomicPluginConsole64.8li
unpack001/Portraiture.8bf
unpack001/Portraiture64.8bf
unpack001/uninst.exe
unpack003/$PLUGINSDIR/NSISArray.dll
unpack003/$PLUGINSDIR/System.dll
unpack003/$PLUGINSDIR/nsDialogs.dll

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

723f5d444d5c8d1df2507eabfdadc91b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISArray.dll
.dll windows:4 windows x86 arch:x86

91596216b99c852af6e0fb1fe8192de4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
lstrcmpiA
lstrcmpA
lstrcatA
GlobalAlloc

user32

MessageBoxA
SendMessageA
wsprintfA
GetDlgItem
FindWindowExA
DialogBoxParamA
EnableWindow
SetWindowTextA
EndDialog
RedrawWindow
CharLowerA

Exports

Exports

ArrayCount
ArrayExists
Clear
Concat
Copy
Cut
Debug
Delete
ErrorStyle
Exists
ExistsI
FreeUnusedMem
Join
New
Pop
Push
Put
ReDim
Read
ReadToStack
Reverse
Search
SearchI
SetAutoReDim
SetSize
Shift
SizeOf
Sort
Splice
Subtract
Swap
Unload
Unshift
Write
WriteList
WriteListC

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

4364d928a98ebbc94aa9916b60a4de94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
CharPrevA
DrawFocusRect
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
RemovePropA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
GetUserData
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EULA.html
.html
ImagenomicPluginConsole.8li
.dll windows:4 windows x86 arch:x86

e03ff845a253d2283314178dac0d7926

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Arsen Petrosyan\Projects\Noiseware\Output\Win\Win32\ConsoleRelease\ImagenomicPluginConsole.pdb

Imports

msimg32

GradientFill
TransparentBlt

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CloseHandle
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
HeapReAlloc
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetCPInfo
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetProcessHeap
GetVersionExA
GetCommandLineA
GetCurrentThreadId
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CreateDirectoryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
RaiseException
CreateFileW
FreeLibrary
LoadLibraryA
FormatMessageA
LocalFree
SetEnvironmentVariableA
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
CopyFileA
DeleteFileA
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
VirtualAlloc
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
Sleep

user32

GetWindowTextA
GetKeyState
GetFocus
MoveWindow
InvalidateRect
RedrawWindow
BeginPaint
EndPaint
TrackMouseEvent
CallWindowProcA
SetMenuItemInfoA
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
AppendMenuA
ClientToScreen
TrackPopupMenuEx
IsMenu
DestroyMenu
CreatePopupMenu
GetForegroundWindow
DefWindowProcA
GetClassLongA
SetClassLongA
SetFocus
PeekMessageA
PostMessageA
SetWindowLongA
GetMessageA
GetWindowLongA
ScreenToClient
IsWindow
GetWindowTextLengthA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogIndirectParamA
CreateWindowExA
SetWindowTextA
GetDlgItem
EnableWindow
ShowWindow
IsZoomed
DestroyWindow
EndDialog
GetClientRect
SetWindowPos
SetActiveWindow
SendMessageA
GetParent
UpdateWindow
GetDesktopWindow
GetWindow
ReleaseCapture
GetCursorPos
GetWindowRect
SetCapture
LoadCursorA
SetCursor
LoadImageA
GetWindowDC
ReleaseDC
DrawTextA
FillRect
GetSysColor
SetTimer
KillTimer
GetActiveWindow
MessageBoxA
GetCapture

gdi32

Polyline
CreateFontIndirectA
CreateCompatibleBitmap
GetStretchBltMode
SetBrushOrgEx
SetStretchBltMode
StretchBlt
CreateRectRgn
SelectClipRgn
CreateDIBSection
BitBlt
GetObjectA
SetTextColor
SetBkMode
TextOutA
Polygon
CreateCompatibleDC
DeleteDC
CreateSolidBrush
CreatePen
SelectObject
MoveToEx
LineTo
SetPixel
DeleteObject
Ellipse

shell32

SHGetFolderPathA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

Exports

Exports

AutoPluginMain
_NoisewareProc@16

Sections

.text
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ImagenomicPluginConsole64.8li
.dll windows:4 windows x64 arch:x64

2096856a05b8ea394a97787c78498022

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\Users\Arsen Petrosyan\Projects\Noiseware\Output\Win\x64\ConsoleRelease\ImagenomicPluginConsole.pdb

Imports

msimg32

GradientFill
TransparentBlt

kernel32

SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
HeapReAlloc
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CloseHandle
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetModuleFileNameA
GetStdHandle
CreateFileW
HeapDestroy
HeapCreate
HeapSetInformation
FlsAlloc
TlsSetValue
FlsFree
TlsFree
FlsGetValue
RtlVirtualUnwind
ExitProcess
GetCPInfo
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetProcessHeap
GetVersionExA
GetCommandLineA
FlsSetValue
GetCurrentThreadId
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
CreateDirectoryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapAlloc
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
FreeLibrary
LoadLibraryA
FormatMessageA
LocalFree
__C_specific_handler
SetEnvironmentVariableA
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
CopyFileA
DeleteFileA
CreateFileA
SetEndOfFile
CompareStringA
CompareStringW
WriteFile
TerminateProcess
HeapFree
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection

user32

GetWindowTextA
GetKeyState
GetFocus
MoveWindow
InvalidateRect
RedrawWindow
BeginPaint
EndPaint
TrackMouseEvent
CallWindowProcA
SetMenuItemInfoA
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
AppendMenuA
ClientToScreen
TrackPopupMenuEx
IsMenu
DestroyMenu
CreatePopupMenu
GetForegroundWindow
DefWindowProcA
GetClassLongPtrA
SetClassLongPtrA
SetFocus
PeekMessageA
PostMessageA
SetWindowLongPtrA
GetMessageA
GetWindowLongA
GetWindowLongPtrA
ScreenToClient
GetWindowTextLengthA
IsDialogMessageA
TranslateMessage
DispatchMessageA
IsWindow
CreateDialogIndirectParamA
CreateWindowExA
SetWindowTextA
GetDlgItem
EnableWindow
ShowWindow
IsZoomed
DestroyWindow
EndDialog
GetClientRect
SetWindowPos
SetActiveWindow
SendMessageA
GetParent
UpdateWindow
GetDesktopWindow
GetWindow
ReleaseCapture
GetCursorPos
GetWindowRect
SetCapture
LoadCursorA
SetCursor
LoadImageA
GetWindowDC
ReleaseDC
DrawTextA
FillRect
GetSysColor
SetTimer
KillTimer
GetActiveWindow
MessageBoxA
GetCapture

gdi32

Polyline
CreateFontIndirectA
CreateCompatibleBitmap
GetStretchBltMode
SetBrushOrgEx
SetStretchBltMode
StretchBlt
CreateRectRgn
SelectClipRgn
CreateDIBSection
BitBlt
GetObjectA
SetTextColor
SetBkMode
TextOutA
Polygon
CreateCompatibleDC
DeleteDC
CreateSolidBrush
CreatePen
SelectObject
MoveToEx
LineTo
SetPixel
DeleteObject
Ellipse

shell32

SHGetFolderPathA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

Exports

Exports

AutoPluginMain
NoisewareProc

Sections

.text
Size: 463KB - Virtual size: 463KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Portraiture.8bf
.dll windows:4 windows x86 arch:x86

39d0c3e5b301e6df4760a79d8270736b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

TransparentBlt
GradientFill

kernel32

LoadLibraryA
GetProcessHeap
FreeLibrary
LocalFree
FormatMessageA
FreeResource
LockResource
LoadResource
FindResourceA
GlobalUnlock
GlobalLock
GlobalAlloc
ReadFile
GetSystemInfo
SetProcessAffinityMask
Sleep
GetProcessAffinityMask
GetCurrentProcess
GetCurrentThreadId
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
OutputDebugStringA
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
VirtualAlloc
DeleteCriticalSection
HeapCreate
HeapDestroy
GetConsoleMode
GetConsoleCP
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetVersionExA
GetCommandLineA
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapReAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
RtlUnwind
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
CreateEventA
VirtualFree
VirtualQuery
SetEvent
CreateFileA
GetCurrentProcessId
HeapFree
HeapAlloc
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
CreateFileW
WriteFile
DeleteFileW
CreateThread
CreateDirectoryA
CopyFileA
DeleteFileA
WaitForSingleObject
ReleaseMutex
CloseHandle
CreateMutexA
SetFilePointer
SetEnvironmentVariableA

user32

GetActiveWindow
MessageBoxA
SetTimer
OpenClipboard
SetClipboardData
EmptyClipboard
SendMessageA
SetWindowPos
GetClientRect
GetDlgItem
EnableWindow
GetSysColor
FillRect
SetRect
KillTimer
GetClipboardData
CloseClipboard
GetWindowTextLengthA
GetFocus
MoveWindow
InvalidateRect
RedrawWindow
BeginPaint
EndPaint
TrackMouseEvent
GetKeyState
CallWindowProcA
GetWindowTextA
SetMenuItemInfoA
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
AppendMenuA
ClientToScreen
TrackPopupMenuEx
IsMenu
DestroyMenu
CreatePopupMenu
GetForegroundWindow
DefWindowProcA
GetClassLongA
SetClassLongA
SetFocus
PeekMessageA
PostMessageA
SetWindowLongA
GetMessageA
GetWindowLongA
ScreenToClient
IsWindow
GetCapture
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogIndirectParamA
CreateWindowExA
SetWindowTextA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
IsZoomed
DestroyWindow
EndDialog
SetActiveWindow
GetParent
UpdateWindow
GetDesktopWindow
GetWindow
ReleaseCapture
GetCursorPos
GetWindowRect
SetCapture
LoadCursorA
SetCursor
LoadImageA
GetWindowDC
ReleaseDC
DrawTextA

gdi32

CreateRectRgn
SelectClipRgn
CreateDIBSection
BitBlt
GetObjectA
SetTextColor
SetBkMode
TextOutA
Polyline
Polygon
StretchBlt
DeleteDC
CreateSolidBrush
CreatePen
SelectObject
MoveToEx
LineTo
SetPixel
DeleteObject
Ellipse
SetStretchBltMode
SetBrushOrgEx
CreateFontIndirectA
CreateCompatibleBitmap
CreateCompatibleDC
GetStretchBltMode

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

SHGetFolderPathA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCloseHandle

Exports

Exports

PluginMain
_NoisewareProc@16

Sections

.text
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Portraiture64.8bf
.dll windows:4 windows x64 arch:x64

d268401c508e86f3d18412feb7c47e96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msimg32

GradientFill
TransparentBlt

kernel32

GlobalLock
GlobalAlloc
CreateFileA
ReadFile
GetSystemInfo
SetEvent
CreateEventA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
InitializeCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
DeleteCriticalSection
GetStartupInfoA
GetFileType
SetHandleCount
HeapDestroy
HeapCreate
HeapSetInformation
GetConsoleMode
GetConsoleCP
LeaveCriticalSection
EnterCriticalSection
GlobalUnlock
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
Sleep
RtlVirtualUnwind
FlsAlloc
TlsSetValue
FlsFree
TlsFree
FlsGetValue
GetProcessHeap
GetVersionExA
GetCommandLineA
FlsSetValue
GetCurrentThreadId
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
HeapAlloc
HeapReAlloc
HeapFree
GetTimeZoneInformation
GetSystemTimeAsFileTime
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
FindResourceA
LoadResource
LockResource
FreeResource
FreeLibrary
LoadLibraryA
SetEnvironmentVariableA
FormatMessageA
LocalFree
__C_specific_handler
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetVersion
GetFileAttributesW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
CreateFileW
WriteFile
DeleteFileW
CreateThread
CreateDirectoryA
CopyFileA
DeleteFileA
WaitForSingleObject
ReleaseMutex
CloseHandle
CreateMutexA
CompareStringA
CompareStringW
GetStringTypeW

user32

KillTimer
MessageBoxA
SendMessageA
SetWindowPos
GetClientRect
SetTimer
GetActiveWindow
PostMessageA
SetRect
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
GetWindowTextLengthA
GetFocus
MoveWindow
InvalidateRect
RedrawWindow
BeginPaint
EndPaint
TrackMouseEvent
GetKeyState
CallWindowProcA
GetWindowTextA
SetMenuItemInfoA
EnableMenuItem
CheckMenuItem
GetMenuItemID
GetMenuItemCount
AppendMenuA
ClientToScreen
TrackPopupMenuEx
IsMenu
DestroyMenu
GetDlgItem
GetForegroundWindow
DefWindowProcA
GetClassLongPtrA
SetClassLongPtrA
SetFocus
PeekMessageA
CreatePopupMenu
SetWindowLongPtrA
GetMessageA
GetWindowLongA
GetWindowLongPtrA
ScreenToClient
GetCapture
IsDialogMessageA
TranslateMessage
DispatchMessageA
IsWindow
CreateDialogIndirectParamA
CreateWindowExA
SetWindowTextA
MonitorFromWindow
GetMonitorInfoA
ShowWindow
IsZoomed
DestroyWindow
EndDialog
SetActiveWindow
GetParent
UpdateWindow
GetDesktopWindow
GetWindow
ReleaseCapture
GetCursorPos
GetWindowRect
SetCapture
LoadCursorA
SetCursor
LoadImageA
GetWindowDC
ReleaseDC
DrawTextA
FillRect
GetSysColor
EnableWindow

gdi32

CreateFontIndirectA
CreateCompatibleBitmap
GetStretchBltMode
SetBrushOrgEx
SetStretchBltMode
StretchBlt
CreateRectRgn
SelectClipRgn
CreateDIBSection
BitBlt
GetObjectA
SetTextColor
SetBkMode
TextOutA
Polyline
Polygon
CreateCompatibleDC
DeleteDC
CreateSolidBrush
SelectObject
MoveToEx
LineTo
SetPixel
DeleteObject
Ellipse
CreatePen

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetFolderPathA
ShellExecuteA
SHBrowseForFolderA

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetCloseHandle
InternetReadFile
HttpSendRequestA

Exports

Exports

NoisewareProc
PluginMain

Sections

.text
Size: 942KB - Virtual size: 941KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PortraiturePluginUsersGuide.pdf
.pdf
- http://www.imagenomic.com/contact
- http://www.imagenomic.com/support
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/NSISArray.dll
.dll windows:4 windows x86 arch:x86

91596216b99c852af6e0fb1fe8192de4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpyA
lstrcpynA
lstrcmpiA
lstrcmpA
lstrcatA
GlobalAlloc

user32

MessageBoxA
SendMessageA
wsprintfA
GetDlgItem
FindWindowExA
DialogBoxParamA
EnableWindow
SetWindowTextA
EndDialog
RedrawWindow
CharLowerA

Exports

Exports

ArrayCount
ArrayExists
Clear
Concat
Copy
Cut
Debug
Delete
ErrorStyle
Exists
ExistsI
FreeUnusedMem
Join
New
Pop
Push
Put
ReDim
Read
ReadToStack
Reverse
Search
SearchI
SetAutoReDim
SetSize
Shift
SizeOf
Sort
Splice
Subtract
Swap
Unload
Unshift
Write
WriteList
WriteListC

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

4364d928a98ebbc94aa9916b60a4de94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA

user32

GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
CharPrevA
DrawFocusRect
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
RemovePropA

gdi32

SetTextColor

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
GetUserData
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.ico

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 96KB

.rsrc Size: 28KB - Virtual size: 27KB

91596216b99c852af6e0fb1fe8192de4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 432B

.reloc Size: 1KB - Virtual size: 1KB

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

4364d928a98ebbc94aa9916b60a4de94

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 522B

e03ff845a253d2283314178dac0d7926

Headers

File Characteristics

PDB Paths

Imports

msimg32

kernel32

user32

gdi32

shell32

Exports

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 96KB

.rsrc
Size: 28KB - Virtual size: 27KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 522B

.text
Size: 324KB - Virtual size: 323KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 44KB - Virtual size: 40KB

.text
Size: 463KB - Virtual size: 463KB

.rdata
Size: 155KB - Virtual size: 155KB

.data
Size: 13KB - Virtual size: 29KB

.pdata
Size: 31KB - Virtual size: 30KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 23KB

.text
Size: 692KB - Virtual size: 691KB

.rdata
Size: 184KB - Virtual size: 180KB

.data
Size: 16KB - Virtual size: 95KB

.rsrc
Size: 312KB - Virtual size: 308KB

.reloc
Size: 88KB - Virtual size: 85KB

.text
Size: 942KB - Virtual size: 941KB

.rdata
Size: 350KB - Virtual size: 350KB

.data
Size: 20KB - Virtual size: 110KB

.pdata
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 308KB - Virtual size: 308KB

.reloc
Size: 56KB - Virtual size: 55KB