22035-CrapV3[.]3b[.]rar

Resubmissions

10/08/2024, 23:31

240810-3h3k1stfkj 4

10/08/2024, 23:31

240810-3htccayane 3

Sharing

Copy URL Twitter E-mail

General

Target

22035-CrapV3.3b.rar
Size

8.7MB
MD5

d9f4ce2ce6bf3ad6b8ca84bc5478e008
SHA1

17aabaf4a10f8ad725d8948d3a005d0fbe67f104
SHA256

7e0b358af30ad41cce7cc9a34a64da5dc25e0330db70f7be1d15106a5e34a5ad
SHA512

65724bdee6f60c87e6ee1453dd53bb74409222fd21e7123566bb0ecbb86d3b0daf041979a8d01e4885e2096aae313b80e4f77d7051c98af91d437e81ea1b46ce
SSDEEP

196608:QT4k6URLHH8AeOj8MhZA9cxHSadSNtD0n0/xqne8PODYRu1W:QjbLHLeOjGUHwt0Cqne8PCc

Score

3^/10

Malware Config

Signatures

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CrapV3.3b/3rdParty/wbfs_file.exe
unpack001/CrapV3.3b/CommonHelpers.dll
unpack001/CrapV3.3b/Crap.exe
unpack001/CrapV3.3b/CrapInstaller.dll
unpack001/CrapV3.3b/CrazyInstaller.exe
unpack001/CrapV3.3b/IOManager.dll
unpack001/CrapV3.3b/KeyStego.exe
unpack001/CrapV3.3b/Log.dll
unpack001/CrapV3.3b/MultiLanguage.dll
unpack001/CrapV3.3b/Schema.dll
unpack001/CrapV3.3b/UpdateManager.dll
unpack001/CrapV3.3b/WiiBackupFileSystem.dll
unpack001/CrapV3.3b/WiiHelpers.dll
unpack001/CrapV3.3b/WordStegoLib.dll
unpack001/CrapV3.3b/libconfig++.dll
unpack001/CrapV3.3b/zlib1.dll

Files

22035-CrapV3.3b.rar
.rar
CrapV3.3b/3rdParty/wbfs_file.exe
.exe windows:4 windows x86 arch:x86

743aa73ce239941b1a9a3bbc6f09c1b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreateFileA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindAtomA
FormatMessageA
GetAtomNameA
GetLastError
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReadFile
SetEndOfFile
SetFilePointerEx
SetUnhandledExceptionFilter
Sleep
WideCharToMultiByte
WriteFile

msvcrt

_chdir
_mkdir
_strdup
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_filelengthi64
_get_osfhandle
_iob
_isctype
_onexit
_pctype
_setmode
_stricmp
abort
atexit
calloc
exit
fclose
fflush
fgetpos
fopen
fprintf
fputc
fread
free
fsetpos
fwrite
getenv
localeconv
malloc
mbstowcs
memchr
memcpy
memset
perror
printf
putchar
puts
realloc
rename
setlocale
setvbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strlen
strncpy
strrchr
system
time
wcslen
wcstombs

wsock32

htonl
htons
ntohl
ntohs

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CrapV3.3b/Alt-Dol/launcher.dol
CrapV3.3b/BlockedGames.xml
.xml
CrapV3.3b/Changes.txt
CrapV3.3b/CommonHelpers.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CBackup\projects\crapwii\Crap\CommonHelpers\obj\Release\CommonHelpers.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/Crap.config
.xml
CrapV3.3b/Crap.exe
.exe windows:5 windows x86 arch:x86

c200b977b2a7210b653c857e8c62a6e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\CBackup\projects\crapwii\Crap\Release\Crap.pdb

Imports

winmm

waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite
waveOutClose
waveOutGetPosition
waveOutOpen

msvcr90

_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
??3@YAXPAX@Z
?what@exception@std@@UBEPBDXZ
__FrameUnwindFilter
??2@YAPAXI@Z
abort
_encoded_null
_decode_pointer
_encode_pointer
_amsg_exit
__CxxExceptionFilter
__CxxRegisterExceptionObject
__CxxDetectRethrow
__CxxQueryExceptionSize
__CxxUnregisterExceptionObject
??1exception@std@@UAE@XZ
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
fopen
printf
exit
fclose
puts
_cexit
_crt_debugger_hook

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SizeofResource
LoadResource
FindResourceA
SetFilePointer
IsDebuggerPresent
WaitForSingleObject
CloseHandle
CreateThread
SetThreadPriority
HeapAlloc
HeapCreate
HeapDestroy
Sleep
CreateFileA
ReadFile
SetUnhandledExceptionFilter

libconfig++

?getLine@ParseException@libconfig@@QAEHXZ
?getError@ParseException@libconfig@@QAEPBDXZ
??1SettingNotFoundException@libconfig@@UAE@XZ
??BSetting@libconfig@@QBEHXZ
?getLength@Setting@libconfig@@QBEHXZ
?getPath@SettingException@libconfig@@QBEPBDXZ
?read@Config@libconfig@@QAEXPAU_iobuf@@@Z
??1Config@libconfig@@UAE@XZ
??0Config@libconfig@@QAE@XZ
?lookup@Config@libconfig@@QBEAAVSetting@2@PBD@Z
??BSetting@libconfig@@QBEPBDXZ

msvcm90

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$allocator@_W@std@@QAE@ABV01@@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Lockit_dtor@_Lockit@std@@SAXH@Z
?_Lockit_ctor@_Lockit@std@@SAXH@Z

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/CrapInstaller.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CBackup\projects\crapwii\Crap\Helpers\obj\Release\CrapInstaller.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/CrazyInstaller.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\CBackup\projects\crapwii\Crap\CrazyInstaller\obj\Release\CrazyInstaller.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/IOManager.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\CBackup\projects\crapwii\Crap\IOManager\obj\Release\IOManager.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/InstallerStub/Form1.Designer.cs
CrapV3.3b/InstallerStub/Form1.cs
.js
CrapV3.3b/InstallerStub/Form1.resx
.vbs .xml polyglot
CrapV3.3b/InstallerStub/Info.cs
CrapV3.3b/InstallerStub/InstallerStub.csproj
CrapV3.3b/InstallerStub/Program.cs
CrapV3.3b/InstallerStub/Properties/AssemblyInfo.cs
CrapV3.3b/InstallerStub/Properties/Resources.Designer.cs
.vbs
CrapV3.3b/InstallerStub/Properties/Resources.resx
.vbs
CrapV3.3b/InstallerStub/Properties/Settings.Designer.cs
CrapV3.3b/InstallerStub/Properties/Settings.settings
CrapV3.3b/KeyStego.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\KeyStego\KeyStego\obj\Release\KeyStego.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/Lang/Danish.xml
CrapV3.3b/Lang/Deutsch.xml
CrapV3.3b/Lang/Dutch.xml
.xml
CrapV3.3b/Lang/English.xml
.xml
CrapV3.3b/Lang/French-1.xml
CrapV3.3b/Lang/French-2.xml
CrapV3.3b/Lang/Italian.xml
.xml
CrapV3.3b/Lang/Spanish.xml
CrapV3.3b/Lang/Turkish.xml
CrapV3.3b/Loaders/ConfForwarder.dol
CrapV3.3b/Loaders/ConfForwarderNoIntro.dol
CrapV3.3b/Loaders/ConfUsbLoader.dol
CrapV3.3b/Loaders/ConfUsbLoaderFat.dol
CrapV3.3b/Loaders/CrapTriiforcemodv22.dol
CrapV3.3b/Loaders/CrapTriiforcemodv23.dol
CrapV3.3b/Loaders/Craptriiforce.dol
CrapV3.3b/Loaders/GXForwarder.dol
CrapV3.3b/Loaders/USBL15USB.dol
CrapV3.3b/Loaders/USBL15USBFix.dol
CrapV3.3b/Loaders/USBL16.dol
CrapV3.3b/Loaders/WiiFlowForwarder.dol
CrapV3.3b/Loaders/YalWithFixes.dol
CrapV3.3b/Loaders/booter.dol
CrapV3.3b/Loaders/bootersorg.dol
CrapV3.3b/Loaders/loader.dol
CrapV3.3b/Log.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\CBackup\projects\crapwii\Crap\Log\obj\Release\Log.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/MultiLanguage.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\CBackup\projects\crapwii\Crap\MultiLanguage\obj\Release\MultiLanguage.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/Muzak/jt_1999.txt
CrapV3.3b/Muzak/jt_1999.xm
CrapV3.3b/Muzak/jt_breez.txt
CrapV3.3b/Muzak/jt_breez.xm
CrapV3.3b/Muzak/jt_letgo.txt
CrapV3.3b/Muzak/jt_letgo.xm
CrapV3.3b/Muzak/jt_mind.txt
CrapV3.3b/Muzak/jt_mind.xm
CrapV3.3b/Muzak/jt_xmas.txt
CrapV3.3b/Muzak/jt_xmas.xm
CrapV3.3b/NandLoaders/altdolbase.wxd
CrapV3.3b/NandLoaders/comex-base.wxd
CrapV3.3b/NandLoaders/marcan-base.wxd
CrapV3.3b/NandLoaders/taiko-base.wxd
CrapV3.3b/NandLoaders/waninkoko-base.wxd
CrapV3.3b/Readme.txt
CrapV3.3b/Schema.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\CBackup\projects\crapwii\Crap\Schema\obj\Release\Schema.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/Shared/common-key
CrapV3.3b/UpdateManager.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\CBackup\projects\crapwii\Crap\UpdateManager\obj\Release\UpdateManager.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/WiiBackupFileSystem.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CBackup\projects\crapwii\Crap\WiiBackupFileSystem\obj\Release\WiiBackupFileSystem.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/WiiHackingHistory.txt
CrapV3.3b/WiiHelpers.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CBackup\projects\crapwii\Crap\WiiHelpers\obj\Release\WiiHelpers.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/WordStegoLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Projects\KeyStego\WordStegoLib\obj\Release\WordStegoLib.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/Words.txt
.vbs
CrapV3.3b/crap.cfg
CrapV3.3b/libconfig++.dll
.dll windows:5 windows x86 arch:x86

afad3e344e441a5a93e088954ce4d87f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_malloc_crt
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_encode_pointer
?terminate@@YAXXZ
exit
clearerr
getc
atof
strtoul
fwrite
ferror
fread
_errno
__iob_func
_strtoui64
_atoi64
??2@YAPAXI@Z
??3@YAXPAX@Z
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??4exception@std@@QAEAAV01@ABV01@@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
strcat
fclose
setlocale
realloc
_configthreadlocale
fprintf
isdigit
isalpha
memset
fopen
_snprintf
atoi
strchr
fputs
strlen
calloc
memmove
fputc
malloc
_crt_debugger_hook
free
_strdup
_isatty
_fileno
__CxxFrameHandler3
_CxxThrowException

msvcp90

?eq_int_type@?$char_traits@D@std@@SA_NABH0@Z
?eof@?$char_traits@D@std@@SAHXZ
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBEHXZ
?width@ios_base@std@@QAEHH@Z
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tellp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@H@2@XZ
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?uncaught_exception@std@@YA_NXZ
?length@?$char_traits@D@std@@SAIPBD@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

??0Config@libconfig@@QAE@XZ
??0ConfigException@libconfig@@QAE@ABV01@@Z
??0ConfigException@libconfig@@QAE@XZ
??0FileIOException@libconfig@@QAE@ABV01@@Z
??0FileIOException@libconfig@@QAE@XZ
??0ParseException@libconfig@@AAE@HPBD@Z
??0ParseException@libconfig@@QAE@ABV01@@Z
??0Setting@libconfig@@AAE@PAUconfig_setting_t@1@@Z
??0SettingException@libconfig@@IAE@ABVSetting@1@@Z
??0SettingException@libconfig@@IAE@ABVSetting@1@H@Z
??0SettingException@libconfig@@IAE@ABVSetting@1@PBD@Z
??0SettingException@libconfig@@IAE@PBD@Z
??0SettingException@libconfig@@QAE@ABV01@@Z
??0SettingNameException@libconfig@@AAE@ABVSetting@1@PBD@Z
??0SettingNameException@libconfig@@QAE@ABV01@@Z
??0SettingNotFoundException@libconfig@@AAE@ABVSetting@1@H@Z
??0SettingNotFoundException@libconfig@@AAE@ABVSetting@1@PBD@Z
??0SettingNotFoundException@libconfig@@AAE@PBD@Z
??0SettingNotFoundException@libconfig@@QAE@ABV01@@Z
??0SettingTypeException@libconfig@@AAE@ABVSetting@1@@Z
??0SettingTypeException@libconfig@@AAE@ABVSetting@1@H@Z
??0SettingTypeException@libconfig@@AAE@ABVSetting@1@PBD@Z
??0SettingTypeException@libconfig@@QAE@ABV01@@Z
??1Config@libconfig@@UAE@XZ
??1ConfigException@libconfig@@UAE@XZ
??1FileIOException@libconfig@@UAE@XZ
??1ParseException@libconfig@@UAE@XZ
??1Setting@libconfig@@UAE@XZ
??1SettingException@libconfig@@UAE@XZ
??1SettingNameException@libconfig@@UAE@XZ
??1SettingNotFoundException@libconfig@@UAE@XZ
??1SettingTypeException@libconfig@@UAE@XZ
??4ConfigException@libconfig@@QAEAAV01@ABV01@@Z
??4FileIOException@libconfig@@QAEAAV01@ABV01@@Z
??4ParseException@libconfig@@QAEAAV01@ABV01@@Z
??4Setting@libconfig@@QAEAAV01@ABN@Z
??4Setting@libconfig@@QAEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??4Setting@libconfig@@QAEAAV01@AB_J@Z
??4Setting@libconfig@@QAEAAV01@H@Z
??4Setting@libconfig@@QAEAAV01@J@Z
??4Setting@libconfig@@QAEAAV01@M@Z
??4Setting@libconfig@@QAEAAV01@PBD@Z
??4Setting@libconfig@@QAEAAV01@_N@Z
??4SettingException@libconfig@@QAEAAV01@ABV01@@Z
??4SettingNameException@libconfig@@QAEAAV01@ABV01@@Z
??4SettingNotFoundException@libconfig@@QAEAAV01@ABV01@@Z
??4SettingTypeException@libconfig@@QAEAAV01@ABV01@@Z
??ASetting@libconfig@@QBEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??ASetting@libconfig@@QBEAAV01@H@Z
??ASetting@libconfig@@QBEAAV01@PBD@Z
??BSetting@libconfig@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??BSetting@libconfig@@QBEHXZ
??BSetting@libconfig@@QBEIXZ
??BSetting@libconfig@@QBEJXZ
??BSetting@libconfig@@QBEKXZ
??BSetting@libconfig@@QBEMXZ
??BSetting@libconfig@@QBENXZ
??BSetting@libconfig@@QBEPBDXZ
??BSetting@libconfig@@QBE_JXZ
??BSetting@libconfig@@QBE_KXZ
??BSetting@libconfig@@QBE_NXZ
??_7Config@libconfig@@6B@
??_7ConfigException@libconfig@@6B@
??_7FileIOException@libconfig@@6B@
??_7ParseException@libconfig@@6B@
??_7Setting@libconfig@@6B@
??_7SettingException@libconfig@@6B@
??_7SettingNameException@libconfig@@6B@
??_7SettingNotFoundException@libconfig@@6B@
??_7SettingTypeException@libconfig@@6B@
?ConfigDestructor@Config@libconfig@@CAXPAX@Z
?add@Setting@libconfig@@QAEAAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4Type@12@@Z
?add@Setting@libconfig@@QAEAAV12@PBDW4Type@12@@Z
?add@Setting@libconfig@@QAEAAV12@W4Type@12@@Z
?assertType@Setting@libconfig@@ABEXW4Type@12@@Z
?exists@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?exists@Config@libconfig@@QBE_NPBD@Z
?exists@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?exists@Setting@libconfig@@QBE_NPBD@Z
?getAutoConvert@Config@libconfig@@QBE_NXZ
?getError@ParseException@libconfig@@QAEPBDXZ
?getFormat@Setting@libconfig@@QBE?AW4Format@12@XZ
?getIndex@Setting@libconfig@@QBEHXZ
?getLength@Setting@libconfig@@QBEHXZ
?getLine@ParseException@libconfig@@QAEHXZ
?getName@Setting@libconfig@@QBEPBDXZ
?getParent@Setting@libconfig@@QAEAAV12@XZ
?getParent@Setting@libconfig@@QBEABV12@XZ
?getPath@Setting@libconfig@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getPath@SettingException@libconfig@@QBEPBDXZ
?getRoot@Config@libconfig@@QBEAAVSetting@2@XZ
?getSourceLine@Setting@libconfig@@QBEIXZ
?getType@Setting@libconfig@@QBE?AW4Type@12@XZ
?isAggregate@Setting@libconfig@@QBE_NXZ
?isArray@Setting@libconfig@@QBE_NXZ
?isGroup@Setting@libconfig@@QBE_NXZ
?isList@Setting@libconfig@@QBE_NXZ
?isNumber@Setting@libconfig@@QBE_NXZ
?isRoot@Setting@libconfig@@QBE_NXZ
?isScalar@Setting@libconfig@@QBE_NXZ
?lookup@Config@libconfig@@QBEAAVSetting@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?lookup@Config@libconfig@@QBEAAVSetting@2@PBD@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAI@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAJ@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAK@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAM@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPBD@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_J@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_K@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_N@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAH@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAI@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAJ@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAK@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAM@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAN@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAPBD@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?lookupValue@Config@libconfig@@QBE_NPBDAA_J@Z
?lookupValue@Config@libconfig@@QBE_NPBDAA_K@Z
?lookupValue@Config@libconfig@@QBE_NPBDAA_N@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAI@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAJ@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAK@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAM@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPBD@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_J@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_K@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_N@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAH@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAI@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAJ@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAK@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAM@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAN@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAPBD@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAA_J@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAA_K@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAA_N@Z
?read@Config@libconfig@@QAEXPAU_iobuf@@@Z
?readFile@Config@libconfig@@QAEXPBD@Z
?remove@Setting@libconfig@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?remove@Setting@libconfig@@QAEXI@Z
?remove@Setting@libconfig@@QAEXPBD@Z
?setAutoConvert@Config@libconfig@@QAEX_N@Z
?setFormat@Setting@libconfig@@QAEXW4Format@12@@Z
?what@FileIOException@libconfig@@EBEPBDXZ
?what@ParseException@libconfig@@UBEPBDXZ
?what@SettingException@libconfig@@UBEPBDXZ
?what@SettingNameException@libconfig@@EBEPBDXZ
?what@SettingNotFoundException@libconfig@@EBEPBDXZ
?what@SettingTypeException@libconfig@@EBEPBDXZ
?wrapSetting@Setting@libconfig@@CAAAV12@PAUconfig_setting_t@2@@Z
?write@Config@libconfig@@QBEXPAU_iobuf@@@Z
?writeFile@Config@libconfig@@QAEXPBD@Z
config_destroy
config_get_auto_convert
config_init
config_lookup
config_lookup_bool
config_lookup_float
config_lookup_int
config_lookup_int64
config_lookup_string
config_read
config_read_file
config_set_auto_convert
config_set_destructor
config_setting_add
config_setting_get_bool
config_setting_get_bool_elem
config_setting_get_elem
config_setting_get_float
config_setting_get_float_elem
config_setting_get_format
config_setting_get_int
config_setting_get_int64
config_setting_get_int64_elem
config_setting_get_int_elem
config_setting_get_member
config_setting_get_string
config_setting_get_string_elem
config_setting_index
config_setting_length
config_setting_lookup_bool
config_setting_lookup_float
config_setting_lookup_int
config_setting_lookup_int64
config_setting_lookup_string
config_setting_remove
config_setting_remove_elem
config_setting_set_bool
config_setting_set_bool_elem
config_setting_set_float
config_setting_set_float_elem
config_setting_set_format
config_setting_set_hook
config_setting_set_int
config_setting_set_int64
config_setting_set_int64_elem
config_setting_set_int_elem
config_setting_set_string
config_setting_set_string_elem
config_write
config_write_file

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CrapV3.3b/temp/00000000.app
CrapV3.3b/temp/00000001.app
CrapV3.3b/temp/00000002.app
CrapV3.3b/temp/0001000155535050.cert
CrapV3.3b/temp/0001000155535050.tik
CrapV3.3b/temp/0001000155535050.tmd
CrapV3.3b/temp/0001000155535050.trailer
CrapV3.3b/tempwad/00000000.app
CrapV3.3b/tempwad/00000001.app
CrapV3.3b/tempwad/00000002.app
CrapV3.3b/tempwad/0001000155584245.cert
CrapV3.3b/tempwad/0001000155584245.tik
CrapV3.3b/tempwad/0001000155584245.tmd
CrapV3.3b/tempwad/0001000155584245.trailer
CrapV3.3b/zlib1.dll
.dll windows:4 windows x86 arch:x86

7e3560e4dd2deaa398fa039458dd4b4b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
malloc
strerror
fflush
_errno
fopen
fread
fprintf
_vsnprintf
sprintf
ftell
fseek
fclose
clearerr
_fdopen
_initterm
_adjust_fdiv
fwrite
fputc

kernel32

DisableThreadLibraryCalls

Exports

Exports

adler32
compress
compress2
compressBound
crc32
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
get_crc_table
gzclearerr
gzclose
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateInit2_
inflateInit_
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
uncompress
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

743aa73ce239941b1a9a3bbc6f09c1b6

Headers

File Characteristics

Imports

kernel32

msvcrt

wsock32

Sections

.text Size: 76KB - Virtual size: 76KB

.data Size: 1024B - Virtual size: 592B

.rdata Size: 7KB - Virtual size: 7KB

.bss Size: - Virtual size: 104KB

.idata Size: 2KB - Virtual size: 2KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 512B - Virtual size: 12B

c200b977b2a7210b653c857e8c62a6e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

msvcr90

kernel32

libconfig++

msvcm90

msvcp90

mscoree

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 110KB - Virtual size: 110KB

.data Size: 1024B - Virtual size: 83KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 618KB - Virtual size: 618KB

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 25KB - Virtual size: 24KB

.text
Size: 76KB - Virtual size: 76KB

.data
Size: 1024B - Virtual size: 592B

.rdata
Size: 7KB - Virtual size: 7KB

.bss
Size: - Virtual size: 104KB

.idata
Size: 2KB - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 110KB - Virtual size: 110KB

.data
Size: 1024B - Virtual size: 83KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 618KB - Virtual size: 618KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 53KB - Virtual size: 53KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 512B - Virtual size: 12B