aef5a93372baec48fa7bb992dabc97ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aef5a93372baec48fa7bb992dabc97ce_JaffaCakes118
Size

2.7MB
MD5

aef5a93372baec48fa7bb992dabc97ce
SHA1

34a56e179e13312bf611e294bc65b1cff002c76b
SHA256

5b1bc85820a3e0dca0dcb41d08064eb3cc0f19240065e549daefab8a6bb69a58
SHA512

96a44db5472aac9205d4abf4bd5a0c3311d001e883d7a101ddb4bdb6c5236adc4d137babbf42f1abd87aaac8dd7f1e4e348d4ddff0be5838e17195fe751ae3cd
SSDEEP

49152:/bbUxqQ+VkvnZ8sgKf0sle1JJuIEF0pJkkewxti/mo1APNr5KXfgIio4iz3SyYVF:z4YVw8940soJDnJkkewxtlpPZPaz3Syk

Score

3^/10

Malware Config

Signatures

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
aef5a93372baec48fa7bb992dabc97ce_JaffaCakes118
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/libiconv-2.dll
unpack001/libintl-8.dll
unpack001/magic1.dll
unpack001/mingwm10.dll
unpack001/mkvextract.exe
unpack001/mkvinfo.exe
unpack001/mkvmerge.exe
unpack001/mkvpropedit.exe
unpack001/regex2.dll
unpack001/zlib1.dll

NSIS installer 1 IoCs

installer

resource	yara_rule
sample	nsis_installer_2

Files

aef5a93372baec48fa7bb992dabc97ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28a099a911237a28521d8b7ea250f089

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectA
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateFileA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetDiskFreeSpaceA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
LoadLibraryExA
MoveFileA
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryA
SearchPathA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA

user32

AppendMenuA
BeginPaint
CallWindowProcA
CharNextA
CharPrevA
CheckDlgButton
CloseClipboard
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExA
GetClassInfoA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadImageA
MessageBoxIndirectA
OpenClipboard
PeekMessageA
PostQuitMessage
RegisterClassA
ScreenToClient
SendMessageA
SendMessageTimeoutA
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TrackPopupMenu
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 727KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 32KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

a4cdec8650dfe0ec28dd3e52e25dae2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

CreateFontIndirectA
DeleteObject
GetDeviceCaps

kernel32

GetACP
GetModuleHandleA
GlobalAlloc
GlobalFree
MulDiv
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

DialogBoxParamA
EndDialog
GetDC
LoadIconA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetWindowTextA
ShowWindow
wsprintfA

Exports

Exports

LangDialog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

bdab983d6ad23427df2ffbe18eafb197

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

GetTextMetricsA
SelectObject

kernel32

FindClose
FindFirstFileA
FindNextFileA
GetModuleHandleA
GlobalAlloc
GlobalFree
MulDiv
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA

ole32

CoTaskMemFree

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation

user32

CallWindowProcA
CheckDlgButton
CreateDialogParamA
DestroyWindow
DispatchMessageA
EnableWindow
GetClientRect
GetDC
GetDlgItem
GetMessageA
GetWindowLongA
GetWindowRect
GetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
LoadIconA
MoveWindow
PostMessageA
ReleaseDC
ScreenToClient
SendMessageA
SetWindowLongA
SetWindowTextA
ShowWindow
TranslateMessage
wsprintfA

Exports

Exports

Init
Select
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

a4d9ccb79010dc08617de79e5fce07f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
GlobalSize
LoadLibraryA
MultiByteToWideChar
VirtualAlloc
VirtualProtect
WideCharToMultiByte
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

__dllonexit
_errno
fflush
free
malloc
memcpy

ole32

CLSIDFromString
StringFromGUID2

user32

wsprintfA

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 264B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/external_links.ini
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

4fb4d15e957b6564bf15c23e80f0202a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

SetTextColor

kernel32

GetCurrentDirectoryA
GetFileAttributesA
GetProcessHeap
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
HeapReAlloc
MulDiv
SetCurrentDirectoryA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

ole32

CoTaskMemFree

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

user32

CallWindowProcA
CharNextA
CharPrevA
CreateDialogParamA
CreateWindowExA
DestroyWindow
DispatchMessageA
DrawFocusRect
DrawTextA
GetClientRect
GetDlgItem
GetMessageA
GetPropA
GetWindowLongA
GetWindowRect
GetWindowTextA
IsDialogMessageA
IsWindow
KillTimer
LoadCursorA
MapDialogRect
MapWindowPoints
RemovePropA
SendMessageA
SetCursor
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
ShowWindow
TranslateMessage
wsprintfA

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiconv-2.dll
.dll windows:4 windows x86 arch:x86

4b10c1ef119ea3d46439977b03f17e1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetACP
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDBCSLeadByteEx
MultiByteToWideChar
WideCharToMultiByte

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_errno
abort
fflush
free
malloc
memcpy
qsort
sprintf
strchr
strcmp
strcpy
strlen
strncmp

Exports

Exports

_libiconv_version
aliases2_lookup
aliases_lookup
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_relocate
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 816KB - Virtual size: 815KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 536B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 370B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libintl-8.dll
.dll windows:4 windows x86 arch:x86

20f0bf0b7c3dee59835e4d9d93d2ad03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libiconv-2

libiconv
libiconv_open
libiconv_set_relocation_prefix

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetThreadLocale
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetEvent
Sleep
WaitForSingleObject
WideCharToMultiByte

msvcrt

_close
_fstat
_getcwd
_open
_read
_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_errno
_flsbuf
_iob
_isctype
_pctype
_snprintf
_snwprintf
_stricmp
_vsnprintf
_vsnwprintf
abort
bsearch
calloc
fclose
fflush
fgets
fopen
fputc
fputwc
free
fwrite
getenv
localeconv
malloc
memcpy
qsort
realloc
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strstr
strtoul
tolower
vfwprintf
wcschr
wcslen

Exports

Exports

__printf__
_get_output_format
_nl_expand_alias
_nl_explode_name
_nl_find_domain
_nl_find_msg
_nl_language_preferences_default
_nl_load_domain
_nl_locale_name
_nl_locale_name_default
_nl_locale_name_posix
_nl_log_untranslated
_nl_make_l10nflist
_nl_msg_cat_cntr
_nl_normalize_codeset
_nl_state_lock
bind_textdomain_codeset
bindtextdomain
dcgettext
dcngettext
dgettext
dngettext
gettext
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dcigettext
libintl_dcngettext
libintl_dgettext
libintl_dngettext
libintl_fprintf
libintl_fwprintf
libintl_gettext
libintl_gettext_extract_plural
libintl_gettext_free_exp
libintl_gettext_germanic_plural
libintl_gettextparse
libintl_hash_string
libintl_lock_destroy
libintl_lock_init
libintl_lock_lock
libintl_lock_unlock
libintl_ngettext
libintl_nl_current_default_domain
libintl_nl_default_default_domain
libintl_nl_default_dirname
libintl_nl_domain_bindings
libintl_once
libintl_recursive_lock_destroy
libintl_recursive_lock_init
libintl_recursive_lock_lock
libintl_recursive_lock_unlock
libintl_relocate
libintl_rwlock_destroy
libintl_rwlock_init
libintl_rwlock_rdlock
libintl_rwlock_unlock
libintl_rwlock_wrlock
libintl_set_relocation_prefix
libintl_snprintf
libintl_sprintf
libintl_swprintf
libintl_textdomain
libintl_vasnprintf
libintl_vasnwprintf
libintl_version
libintl_vfprintf
libintl_vfwprintf
libintl_vprintf
libintl_vsnprintf
libintl_vsprintf
libintl_vswprintf
libintl_vwprintf
libintl_wprintf
locale_charset
ngettext
textdomain

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
magic1.dll
.dll windows:4 windows x86 arch:x86

d8adf44f90c973053779f7dd96649e25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

regex2

regcomp
regerror
regexec
regfree

zlib1

inflate
inflateEnd
inflateInit2_

kernel32

AddAtomA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetFileAttributesA
GetLastError
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
Sleep

msvcrt

_close
_dup2
_mktemp
_open
_read
_strdup
_unlink
_utime
_write
__dllonexit
__mb_cur_max
_access
_assert
_errno
_findclose
_findfirst
_findnext
_fstati64
_fullpath
_iob
_isctype
_lseeki64
_pctype
_pipe
_stati64
abort
asctime
calloc
ctime
exit
fclose
fflush
fgets
fopen
fprintf
fputc
free
fwrite
getenv
gmtime
localtime
malloc
memcpy
memset
qsort
realloc
sprintf
strchr
strcpy
strcspn
strerror
strlen
strncmp
strrchr
strstr
strtod
strtol
strtoul
time
tolower
toupper
vfprintf
vsprintf

Exports

Exports

DllGetVersion
magic_buffer
magic_check
magic_close
magic_compile
magic_descriptor
magic_errno
magic_error
magic_file
magic_load
magic_open
magic_setflags

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 325B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
matroskalogo_big.ico
mingwm10.dll
.dll windows:4 windows x86 arch:x86

2870205e38265f891e17ab096ac00cf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

msvcrt

__dllonexit
_assert
_errno
abort
calloc
fflush
free
malloc
memset

kernel32

AddAtomA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetLastError
InitializeCriticalSection
LeaveCriticalSection
TlsGetValue

Exports

Exports

__mingwthr_key_dtor
__mingwthr_remove_key_dtor

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mkvextract.exe
.exe windows:4 windows x86 arch:x86

e923fc0e9232b34db5e9f4acf6f1c94e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libiconv-2

libiconv
libiconv_close
libiconv_open

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_textdomain

magic1

magic_buffer
magic_close
magic_load
magic_open

zlib1

deflate
deflateEnd
deflateInit_
inflate
inflateEnd
inflateInit_

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateFileA
CreateFileW
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FormatMessageA
GetACP
GetCommandLineW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetTickCount
GetVersionExA
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsValidCodePage
LeaveCriticalSection
LocalFree
MultiByteToWideChar
ReadFile
ReleaseSemaphore
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_fdopen
_fstat
_open
_read
_setmode
_strdup
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_atoi64
_cexit
_errno
_filbuf
_filelengthi64
_flsbuf
_ftime
_iob
_isctype
_lseeki64
_onexit
_pctype
_putenv
_setmode
_snprintf
_stricmp
_strnicmp
_wmkdir
_wstat
abort
acos
atan
atexit
calloc
ceil
cos
exit
exp
fclose
ferror
fflush
fgetc
fgetpos
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
fsetpos
ftell
fwrite
getenv
getwc
iswctype
ldexp
log
malloc
memchr
memcpy
memmove
memset
perror
pow
putwc
qsort
rand
realloc
rename
setlocale
setvbuf
signal
sin
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strncpy
strstr
strtod
strtol
strxfrm
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm

rpcrt4

UuidCreate

shell32

CommandLineToArgvW
SHGetFolderPathW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 322KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mkvinfo.exe
.exe windows:4 windows x86 arch:x86

90c01a37208a3c0b94ca848b8be72d7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libiconv-2

libiconv
libiconv_close
libiconv_open

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_fprintf
libintl_gettext
libintl_textdomain

magic1

magic_buffer
magic_close
magic_load
magic_open

wxbase28u_gcc_custom

_Z7wxEntryRiPPc
_Z7wxYieldv
_Z8wxGetCwdv
_ZN10wxListBase4InitE9wxKeyType
_ZN10wxListBaseD2Ev
_ZN11wxRegConfigC1ERK8wxStringS2_S2_S2_l
_ZN12wxAppConsole11FilterEventER7wxEvent
_ZN12wxAppConsole12ms_appInitFnE
_ZN12wxAppConsole13OnCmdLineHelpER15wxCmdLineParser
_ZN12wxAppConsole14OnCmdLineErrorER15wxCmdLineParser
_ZN12wxAppConsole14ms_appInstanceE
_ZN12wxAppConsole17CheckBuildOptionsEPKcS1_
_ZN12wxAppConsole20ProcessPendingEventsEv
_ZN12wxConfigBase10ms_pConfigE
_ZN12wxConfigBase3SetEPS_
_ZN12wxConfigBase6CreateEv
_ZN12wxEvtHandler12ProcessEventER7wxEvent
_ZN12wxEvtHandler15DoSetClientDataEPv
_ZN12wxEvtHandler16SearchEventTableER12wxEventTableR7wxEvent
_ZN12wxEvtHandler17DoSetClientObjectEP12wxClientData
_ZN12wxEvtHandler9TryParentER7wxEvent
_ZN12wxEvtHandlerC2Ev
_ZN12wxEvtHandlerD2Ev
_ZN12wxStringBase4nposE
_ZN12wxStringBase8InitWithEPKwjj
_ZN12wxStringBaseaSERKS_
_ZN13wxArrayStringD1Ev
_ZN15wxBaseArrayLongC2Ev
_ZN16wxEventHashTableC1ERK12wxEventTable
_ZN16wxEventHashTableD1Ev
_ZN17_wxHashTableBase211DeleteNodesEjPP21_wxHashTable_NodeBasePFvS1_E
_ZN17_wxHashTableBase212GetNextPrimeEm
_ZN18wxBaseArrayPtrVoidC2Ev
_ZN18wxBaseArrayPtrVoidD2Ev
_ZN8wxObject3RefERKS_
_ZN8wxObject5UnRefEv
_ZN8wxString6PrintfEPKwz
_ZN8wxStringC1EPKcRK8wxMBConvj
_ZNK12wxAppConsole11HandleEventEP12wxEvtHandlerMS0_FvR7wxEventES3_
_ZNK12wxConfigBase4ReadERK8wxStringPS0_
_ZNK12wxEvtHandler15DoGetClientDataEv
_ZNK12wxEvtHandler17DoGetClientObjectEv
_ZNK12wxStringBase4findERKS_j
_ZNK8wxObject12CloneRefDataEPK15wxObjectRefData
_ZNK8wxObject13CreateRefDataEv
_ZNK8wxString3CmpEPKw
_ZNK8wxString5LowerEv
_ZNK8wxString5RightEj
_ZNK8wxString6mb_strERK8wxMBConv
_ZTV10wxListBase
_ZTV8wxObject
wxConvUTF8
wxEVT_NULL
wxEmptyString

wxmsw28u_core_gcc_custom

_Z12wxMessageBoxRK8wxStringS1_lP8wxWindowii
_Z19wxGetTopLevelParentP8wxWindow
_ZN10wxMenuBase4InitEl
_ZN10wxMenuBase5CheckEib
_ZN10wxMenuBase6EnableEib
_ZN10wxMenuBaseD2Ev
_ZN10wxTreeCtrl6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN11wxFrameBase10DoGiveHelpERK8wxStringb
_ZN11wxFrameBase10SetMenuBarEP9wxMenuBar
_ZN11wxFrameBase10SetToolBarEP9wxToolBar
_ZN11wxFrameBase12SetStatusBarEP11wxStatusBar
_ZN11wxFrameBase13DetachMenuBarEv
_ZN11wxFrameBase13DoMenuUpdatesEP6wxMenu
_ZN11wxFrameBase13SetStatusTextERK8wxStringi
_ZN11wxFrameBase14OnInternalIdleEv
_ZN11wxFrameBase14UpdateWindowUIEl
_ZN11wxFrameBase15CreateStatusBarEiliRK8wxString
_ZN11wxFrameBase15OnCreateToolBarEliRK8wxString
_ZN11wxFrameBase15SetStatusWidthsEiPKi
_ZN11wxFrameBaseC2Ev
_ZN11wxFrameBaseD2Ev
_ZN12wxDropTarget6OnDropEii
_ZN12wxDropTarget7GetDataEv
_ZN12wxDropTargetD2Ev
_ZN12wxFileDialog9ShowModalEv
_ZN12wxFileDialogC1EP8wxWindowRK8wxStringS4_S4_S4_lRK7wxPointRK6wxSizeS4_
_ZN12wxWindowBase10GetCaptureEv
_ZN12wxWindowBase10InitDialogEv
_ZN12wxWindowBase12LayoutPhase1EPi
_ZN12wxWindowBase12LayoutPhase2EPi
_ZN12wxWindowBase12SetValidatorERK11wxValidator
_ZN12wxWindowBase12TryValidatorER7wxEvent
_ZN12wxWindowBase14MoveConstraintEii
_ZN12wxWindowBase14SetInitialSizeERK6wxSize
_ZN12wxWindowBase15ClearBackgroundEv
_ZN12wxWindowBase16DoMoveInTabOrderEP8wxWindowNS_8MoveKindE
_ZN12wxWindowBase16DoSetVirtualSizeEii
_ZN12wxWindowBase17InheritAttributesEv
_ZN12wxWindowBase17SetSizeConstraintEiiii
_ZN12wxWindowBase18DoSetWindowVariantE15wxWindowVariant
_ZN12wxWindowBase18SetConstraintSizesEb
_ZN12wxWindowBase19SetBackgroundColourERK8wxColour
_ZN12wxWindowBase19SetForegroundColourERK8wxColour
_ZN12wxWindowBase19SetVirtualSizeHintsEiiii
_ZN12wxWindowBase20TransferDataToWindowEv
_ZN12wxWindowBase22TransferDataFromWindowEv
_ZN12wxWindowBase25GetClassDefaultAttributesE15wxWindowVariant
_ZN12wxWindowBase3FitEv
_ZN12wxWindowBase5CloseEb
_ZN12wxWindowBase6LayoutEv
_ZN12wxWindowBase7DoPhaseEi
_ZN12wxWindowBase8AddChildEPS_
_ZN12wxWindowBase8NavigateEi
_ZN12wxWindowBase8ValidateEv
_ZN12wxWindowBase9FindFocusEv
_ZN12wxWindowBase9FitInsideEv
_ZN12wxWindowBase9MakeModalEb
_ZN12wxWindowBase9TryParentER7wxEvent
_ZN12wxWindowBaseC2Ev
_ZN12wxWindowBaseD2Ev
_ZN13wxControlBaseD2Ev
_ZN14wxMenuItemBase3NewEP6wxMenuiRK8wxStringS4_10wxItemKindS1_
_ZN14wxTreeCtrlBaseD2Ev
_ZN16wxFileDropTarget6OnDataEii12wxDragResult
_ZN16wxFileDropTargetC2Ev
_ZN19wxTopLevelWindowMSW14SetTransparentEh
_ZN19wxTopLevelWindowMSW17CanSetTransparentEv
_ZN19wxTopLevelWindowMSW17EnableCloseButtonEb
_ZN19wxTopLevelWindowMSW18SetLayoutDirectionE17wxLayoutDirection
_ZN19wxTopLevelWindowMSW20RequestUserAttentionEi
_ZN19wxTopLevelWindowMSW4ShowEb
_ZN19wxTopLevelWindowMSW7IconizeEb
_ZN19wxTopLevelWindowMSW7RestoreEv
_ZN19wxTopLevelWindowMSW7SetIconERK6wxIcon
_ZN19wxTopLevelWindowMSW8MaximizeEb
_ZN19wxTopLevelWindowMSW8SetIconsERK12wxIconBundle
_ZN19wxTopLevelWindowMSW8SetShapeERK8wxRegion
_ZN19wxTopLevelWindowMSW8SetTitleERK8wxString
_ZN20wxTopLevelWindowBase10SetMaxSizeERK6wxSize
_ZN20wxTopLevelWindowBase10SetMinSizeERK6wxSize
_ZN20wxTopLevelWindowBase11RemoveChildEP12wxWindowBase
_ZN20wxTopLevelWindowBase14DoSetSizeHintsEiiiiii
_ZN20wxTopLevelWindowBase16DoUpdateWindowUIER15wxUpdateUIEvent
_ZN20wxTopLevelWindowBase26GetRectForTopLevelChildrenEPiS0_S0_S0_
_ZN20wxTopLevelWindowBase7DestroyEv
_ZN20wxTopLevelWindowBase8DoCentreEi
_ZN5wxApp10InitializeERiPPw
_ZN5wxApp10WakeUpIdleEv
_ZN5wxApp21OnExceptionInMainLoopEv
_ZN5wxApp5YieldEb
_ZN5wxApp7CleanUpEv
_ZN5wxAppC2Ev
_ZN5wxAppD2Ev
_ZN6wxIconC1ERK8wxStringlii
_ZN6wxIconD1Ev
_ZN6wxMenu4InitEv
_ZN7wxFrame13AttachMenuBarEP9wxMenuBar
_ZN7wxFrame13CreateToolBarEliRK8wxString
_ZN7wxFrame13MSWWindowProcEjjl
_ZN7wxFrame13SendSizeEventEv
_ZN7wxFrame13sm_eventTableE
_ZN7wxFrame14ShowFullScreenEbl
_ZN7wxFrame15DoSetClientSizeEii
_ZN7wxFrame15PositionToolBarEv
_ZN7wxFrame17OnCreateStatusBarEiliRK8wxString
_ZN7wxFrame17PositionStatusBarEv
_ZN7wxFrame18InternalSetMenuBarEv
_ZN7wxFrame21MSWDoTranslateMessageEPS_P6tagMSG
_ZN7wxFrame4InitEv
_ZN7wxFrame5RaiseEv
_ZN7wxFrame6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelS4_
_ZN7wxFrameD2Ev
_ZN8wxDialogD2Ev
_ZN8wxWindow10MSWCommandEjt
_ZN8wxWindow11DoPopupMenuEP6wxMenuii
_ZN8wxWindow11MSWOnNotifyEilPl
_ZN8wxWindow11MSWOnScrollEittPv
_ZN8wxWindow11ScrollLinesEi
_ZN8wxWindow11ScrollPagesEi
_ZN8wxWindow11WarpPointerEii
_ZN8wxWindow12DoMoveWindowEiiii
_ZN8wxWindow12DoSetToolTipEP9wxToolTip
_ZN8wxWindow12ScrollWindowEiiPK6wxRect
_ZN8wxWindow12SetScrollPosEiib
_ZN8wxWindow12SetScrollbarEiiiib
_ZN8wxWindow12SetupColoursEv
_ZN8wxWindow13MSWOnDrawItemEiPPv
_ZN8wxWindow13SetDropTargetEP12wxDropTarget
_ZN8wxWindow13SetExtraStyleEl
_ZN8wxWindow14DoCaptureMouseEv
_ZN8wxWindow14DoReleaseMouseEv
_ZN8wxWindow15AssociateHandleEPv
_ZN8wxWindow15DragAcceptFilesEb
_ZN8wxWindow15SetFocusFromKbdEv
_ZN8wxWindow16DissociateHandleEv
_ZN8wxWindow16LoadNativeDialogEPS_RK8wxString
_ZN8wxWindow16LoadNativeDialogEPS_Ri
_ZN8wxWindow16MSWDefWindowProcEjjl
_ZN8wxWindow16MSWDestroyWindowEv
_ZN8wxWindow16MSWOnMeasureItemEiPPv
_ZN8wxWindow17MSWProcessMessageEP6tagMSG
_ZN8wxWindow18SetWindowStyleFlagEl
_ZN8wxWindow19HandleSettingChangeEjl
_ZN8wxWindow20CreateWindowFromHWNDEPS_Pv
_ZN8wxWindow21MSWGetBgBrushForChildEPvS0_
_ZN8wxWindow23AdoptAttributesFromHWNDEv
_ZN8wxWindow26MSWShouldPreProcessMessageEP6tagMSG
_ZN8wxWindow4InitEv
_ZN8wxWindow4ThawEv
_ZN8wxWindow5LowerEv
_ZN8wxWindow6EnableEb
_ZN8wxWindow6FreezeEv
_ZN8wxWindow6UpdateEv
_ZN8wxWindow7RefreshEbPK6wxRect
_ZN8wxWindow7SetFontERK6wxFont
_ZN8wxWindow8ReparentEP12wxWindowBase
_ZN8wxWindow8SetFocusEv
_ZN8wxWindow8SetLabelERK8wxString
_ZN8wxWindow9DoSetSizeEiiiii
_ZN8wxWindow9SetCursorERK8wxCursor
_ZN9wxAppBase11ProcessIdleEv
_ZN9wxAppBase12CreateTraitsEv
_ZN9wxAppBase12ExitMainLoopEv
_ZN9wxAppBase13OnInitCmdLineER15wxCmdLineParser
_ZN9wxAppBase14SendIdleEventsEP8wxWindowR11wxIdleEvent
_ZN9wxAppBase15OnCmdLineParsedER15wxCmdLineParser
_ZN9wxAppBase4ExitEv
_ZN9wxAppBase5OnRunEv
_ZN9wxAppBase6OnExitEv
_ZN9wxAppBase7PendingEv
_ZN9wxAppBase8DispatchEv
_ZN9wxAppBase8MainLoopEv
_ZN9wxAppBase9OnInitGuiEv
_ZN9wxAppBase9SetActiveEbP8wxWindow
_ZN9wxMenuBarC1Ev
_ZNK11wxFrameBase11IsOneOfBarsEPK8wxWindow
_ZNK12wxWindowBase11DoIsExposedEii
_ZNK12wxWindowBase11DoIsExposedEiiii
_ZNK12wxWindowBase13DoGetBestSizeEv
_ZNK12wxWindowBase15IsShownOnScreenEv
_ZNK12wxWindowBase16DoGetVirtualSizeEv
_ZNK12wxWindowBase16GetDefaultBorderEv
_ZNK12wxWindowBase17GetSizeConstraintEPiS0_
_ZNK12wxWindowBase18GetHelpTextAtPointERK7wxPointN11wxHelpEvent6OriginE
_ZNK12wxWindowBase19GetWindowBorderSizeEv
_ZNK12wxWindowBase21GetPositionConstraintEPiS0_
_ZNK12wxWindowBase23GetClientSizeConstraintEPiS0_
_ZNK12wxWindowBase27AdjustForParentClientOriginERiS0_i
_ZNK12wxWindowBase9DoHitTestEii
_ZNK19wxTopLevelWindowMSW10IsIconizedEv
_ZNK19wxTopLevelWindowMSW11IsMaximizedEv
_ZNK19wxTopLevelWindowMSW11MSWGetStyleElPm
_ZNK19wxTopLevelWindowMSW12MSWGetParentEv
_ZNK19wxTopLevelWindowMSW8GetTitleEv
_ZNK20wxTopLevelWindowBase16DoClientToScreenEPiS0_
_ZNK20wxTopLevelWindowBase16DoScreenToClientEPiS0_
_ZNK20wxTopLevelWindowBase17IsAlwaysMaximizedEv
_ZNK5wxApp12GetClassInfoEv
_ZNK5wxApp13GetEventTableEv
_ZNK5wxApp17GetEventHashTableEv
_ZNK7wxFrame12GetClassInfoEv
_ZNK7wxFrame14GetDefaultIconEv
_ZNK7wxFrame15DoGetClientSizeEPiS0_
_ZNK7wxFrame19GetClientAreaOriginEv
_ZNK8wxWindow12GetCharWidthEv
_ZNK8wxWindow12GetScrollPosEi
_ZNK8wxWindow13DoGetPositionEPiS0_
_ZNK8wxWindow13GetCharHeightEv
_ZNK8wxWindow13GetTextExtentERK8wxStringPiS3_S3_S3_PK6wxFont
_ZNK8wxWindow14GetScrollRangeEi
_ZNK8wxWindow14GetScrollThumbEi
_ZNK8wxWindow16IsDoubleBufferedEv
_ZNK8wxWindow18GetLayoutDirectionEv
_ZNK8wxWindow24AdjustForLayoutDirectionEiii
_ZNK8wxWindow8GetLabelEv
_ZNK8wxWindow9DoGetSizeEPiS0_
_ZNK9wxAppBase12GetTopWindowEv
_ZNK9wxAppBase14GetDisplayModeEv
_ZNK9wxAppBase18GetLayoutDirectionEv
_ZTV10wxMenuBase
_ZTV10wxTreeCtrl
_ZTV12wxFileDialog
_ZTV14wxMenuItemList
_ZTV14wxTreeCtrlBase
_ZTV16wxFileDialogBase
_ZTV16wxFileDropTarget
_ZTV6wxMenu
_ZTV7wxFrame
_ZTV8wxWindow
_ZTV9wxControl
wxDefaultPosition
wxDefaultSize
wxDefaultValidator
wxEVT_COMMAND_MENU_SELECTED
wxEVT_COMMAND_TREE_ITEM_RIGHT_CLICK
wxFileDialogNameStr
wxFrameNameStr
wxStatusLineNameStr
wxTreeCtrlNameStr

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateFileW
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FormatMessageA
FreeConsole
GetACP
GetCommandLineW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetTickCount
GetVersionExA
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsValidCodePage
LeaveCriticalSection
LocalFree
MultiByteToWideChar
ReadFile
ReleaseSemaphore
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

mingwm10

__mingwthr_key_dtor

msvcrt

_fdopen
_read
_strdup
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_filbuf
_filelengthi64
_flsbuf
_ftime
_iob
_isctype
_lseeki64
_onexit
_pctype
_putenv
_setmode
_stricmp
_strnicmp
_wmkdir
_wstat
abort
asctime
atexit
calloc
exit
fclose
fflush
fgetpos
fopen
fputc
fputs
fread
free
fsetpos
fwrite
getenv
getwc
gmtime
iswctype
malloc
memchr
memcpy
memmove
memset
putwc
rand
realloc
setlocale
setvbuf
signal
srand
sscanf
strcat
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strstr
strtod
strxfrm
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
wcscoll
wcsftime
wcslen
wcsxfrm

rpcrt4

UuidCreate

shell32

CommandLineToArgvW
SHGetFolderPathW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 37KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mkvmerge.exe
.exe windows:4 windows x86 arch:x86

e6afc71f30439c9ca8030c97e23bf4f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libiconv-2

libiconv
libiconv_close
libiconv_open

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_textdomain

magic1

magic_buffer
magic_close
magic_load
magic_open

zlib1

deflate
deflateEnd
deflateInit_
inflate
inflateEnd
inflateInit_

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CopyFileA
CopyFileW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateSemaphoreA
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FormatMessageA
GetACP
GetCommandLineW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetEnvironmentVariableA
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileTime
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetShortPathNameW
GetTickCount
GetVersionExA
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsValidCodePage
LeaveCriticalSection
LocalFree
MoveFileA
MoveFileW
MultiByteToWideChar
ReadFile
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetFileTime
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_fdopen
_fstat
_open
_read
_setmode
_strdup
_swab
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_atoi64
_cexit
_errno
_filbuf
_filelengthi64
_flsbuf
_ftime
_iob
_isctype
_lseeki64
_onexit
_pctype
_putenv
_setmode
_snprintf
_stricmp
_strnicmp
_wmkdir
_wstat
abort
acos
atan
atexit
atoi
atol
calloc
ceil
cos
exit
exp
fclose
ferror
fflush
fgetc
fgetpos
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fseek
fsetpos
ftell
fwrite
getenv
getwc
iswctype
ldexp
log
malloc
memchr
memcpy
memmove
memset
perror
pow
putwc
qsort
rand
realloc
rename
setlocale
setvbuf
signal
sin
sprintf
sqrt
srand
sscanf
strcat
strchr
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strncpy
strstr
strtod
strtol
strxfrm
time
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm

rpcrt4

UuidCreate

shell32

CommandLineToArgvW
SHGetFolderPathW

wsock32

ntohl

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mkvpropedit.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
regex2.dll
.dll windows:4 windows x86 arch:x86

034666ac012e8ddbed7c20dac60b4b4f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
__mb_cur_max
_assert
_errno
_isctype
_pctype
_stricmp
abort
calloc
fflush
free
getenv
malloc
memcpy
memmove
memset
realloc
strchr
tolower
toupper

Exports

Exports

DllGetVersion
re_comp
re_compile_fastmap
re_compile_pattern
re_exec
re_match
re_match_2
re_search
re_search_2
re_set_registers
re_set_syntax
re_syntax_options
regcomp
regerror
regexec
regfree

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 256B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows:4 windows x86 arch:x86

07761085e6d5abbc4cbf0976d6b9a264

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

_fdopen
__dllonexit
_errno
_filelengthi64
_vsnprintf
abort
clearerr
fclose
fflush
fgetpos
fopen
fprintf
fputc
fread
free
fsetpos
fwrite
malloc
memcpy
memset
sprintf
strcat
strcpy
strerror
strlen

Exports

Exports

DllGetVersion
_dist_code
_length_code
_tr_align
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
compress
compress2
compressBound
crc32
crc32_combine
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gzclearerr
gzclose
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzgetc
gzgets
gzopen
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzsetparams
gztell
gzungetc
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflatePrime
inflateReset
inflateSetDictionary
inflateSync
inflateSyncPoint
inflate_copyright
inflate_fast
inflate_table
uncompress
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 144B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28a099a911237a28521d8b7ea250f089

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

version

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 140B

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 727KB

.idata Size: 5KB - Virtual size: 4KB

.ndata Size: 32KB - Virtual size: 2.5MB

.rsrc Size: 23KB - Virtual size: 23KB

a4cdec8650dfe0ec28dd3e52e25dae2c

Headers

File Characteristics

Imports

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 28B

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 73B

.idata Size: 1024B - Virtual size: 752B

.rsrc Size: 512B - Virtual size: 340B

.reloc Size: 512B - Virtual size: 252B

bdab983d6ad23427df2ffbe18eafb197

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 244B

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 101B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 292B

.reloc Size: 512B - Virtual size: 356B

a4d9ccb79010dc08617de79e5fce07f9

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

user32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 28B

.rdata Size: 1024B - Virtual size: 552B

.bss Size: - Virtual size: 264B

.edata Size: 512B - Virtual size: 160B

.idata Size: 1024B - Virtual size: 880B

.reloc Size: 1024B - Virtual size: 620B

4fb4d15e957b6564bf15c23e80f0202a

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 140B

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 727KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 32KB - Virtual size: 2.5MB

.rsrc
Size: 23KB - Virtual size: 23KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 28B

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 73B

.idata
Size: 1024B - Virtual size: 752B

.rsrc
Size: 512B - Virtual size: 340B

.reloc
Size: 512B - Virtual size: 252B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 244B

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 101B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 292B

.reloc
Size: 512B - Virtual size: 356B

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 28B

.rdata
Size: 1024B - Virtual size: 552B

.bss
Size: - Virtual size: 264B

.edata
Size: 512B - Virtual size: 160B

.idata
Size: 1024B - Virtual size: 880B

.reloc
Size: 1024B - Virtual size: 620B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 512B - Virtual size: 176B

.bss
Size: - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 363B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 140B

.reloc
Size: 512B - Virtual size: 416B

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 816KB - Virtual size: 815KB

.bss
Size: - Virtual size: 536B

.edata
Size: 512B - Virtual size: 370B

.idata
Size: 1024B - Virtual size: 772B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 1024B - Virtual size: 548B

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 2KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 1024B - Virtual size: 784B

.rdata
Size: 17KB - Virtual size: 16KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 325B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 6KB