Perm+Loader[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Perm+Loader.zip
Size

1.7MB
MD5

7c64eec22a0c21fc414a17efd4f6ac79
SHA1

1cfcca62184425f97df5bd6c325c81f2d754fb50
SHA256

a66855400f85d712775dd19262b9bef79aa8c717ef1968e3f357bc12920b8010
SHA512

913ef7b39dc54ba1b07ef183479e9cf1aca70069ed2395b423636523d6190845c6e45f142ca52eca06c9ba594c36e3079e86bdc270e93f67ad5d2e26c4a91d01
SSDEEP

49152:kghxM1/7zhpp3VKoM7IEhWWY8671QcYp4H6QhuQxx:kgh2NzJfEhWWY867PYp4HduQT

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Loader.exe
unpack001/libcurl.dll
unpack001/zlib1.dll

Files

Perm+Loader.zip
.zip
Loader.exe
.exe windows:6 windows x64 arch:x64

2abf1cb8fc7559f30c82fe5e33894b07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Ex\Desktop\Downloads\Lowkey Spoofer\Spoofer\examples\example_win32_directx11\Release\Loader.pdb

Imports

d3d11

D3D11CreateDeviceAndSwapChain

d3dcompiler_43

D3DCompile

kernel32

CreateFileA
HeapDestroy
HeapSize
InitializeCriticalSectionEx
DeleteCriticalSection
GetModuleFileNameA
GetModuleHandleW
LocalFree
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
GetTickCount
CreateProcessA
CloseHandle
DeleteFileA
GetLastError
GetTempPathA
Sleep
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObject
CreatePipe
GetCurrentProcess
ReadFile
QueryPerformanceCounter
FreeLibrary
GetProcAddress
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
QueryPerformanceFrequency
LoadLibraryA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
WakeAllConditionVariable
GetFileSizeEx
GlobalAlloc
MultiByteToWideChar
CreateFileMappingA

user32

GetClipboardData
MessageBoxA
ShowWindow
TranslateMessage
RegisterClassExW
LoadIconA
UnregisterClassW
GetSystemMetrics
PeekMessageA
CreateWindowExW
EmptyClipboard
SetClipboardData
PostQuitMessage
FillRect
DestroyWindow
OpenClipboard
GetCursorPos
ReleaseDC
MoveWindow
GetWindowRect
SetCursorPos
DispatchMessageA
ReleaseCapture
IsWindowUnicode
GetDesktopWindow
GetClientRect
CloseClipboard
DefWindowProcA
SetCursor
SetCapture
UpdateWindow
GetForegroundWindow
TrackMouseEvent
ClientToScreen
GetCapture
ScreenToClient
GetDC
LoadCursorA
GetKeyState

gdi32

GetStockObject

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
ConvertSidToStringSidA
CopySid
IsValidSid
GetLengthSid
GetTokenInformation
RegOpenKeyExA

libcurl

curl_easy_cleanup
curl_easy_perform
curl_easy_setopt
curl_easy_init
curl_easy_strerror
curl_easy_escape

msvcp140

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setf@ios_base@std@@QEAAHHH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Query_perf_counter
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
_Query_perf_frequency
?_Xlength_error@std@@YAXPEBD@Z

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow

dwmapi

DwmExtendFrameIntoClientArea

d3dx11_43

D3DX11CreateShaderResourceViewFromMemory

urlmon

URLDownloadToFileA

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

userenv

UnloadUserProfile

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__current_exception_context
__C_specific_handler
memcmp
memchr
__current_exception
__std_exception_destroy
__std_exception_copy
__std_terminate
strstr
strrchr
longjmp
memcpy
memmove
memset
__intrinsic_setjmp

api-ms-win-crt-stdio-l1-1-0

__p__commode
fclose
_popen
_pclose
fgets
_wfopen
fwrite
fread
__stdio_common_vsscanf
ftell
__acrt_iob_func
fflush
__stdio_common_vfprintf
__stdio_common_vsprintf
_set_fmode
fseek

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-string-l1-1-0

strcpy_s
strncpy
strcmp
strncmp

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_errno
_wassert
exit
system
_invalid_parameter_noinfo
_resetstkoflw
_register_thread_local_exe_atexit_callback
_c_exit
_exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-convert-l1-1-0

strtol
strtoll
strtoull
strtod

api-ms-win-crt-math-l1-1-0

powf
__setusermatherr
pow
roundf
sqrtf
fmodf
_dclass
cosf
ceilf
acosf
sinf

api-ms-win-crt-filesystem-l1-1-0

remove

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
localeconv

api-ms-win-crt-time-l1-1-0

_time64

shell32

ShellExecuteA

Sections

.text
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libcurl.dll
.dll windows:6 windows x64 arch:x64

8571205d611243f448ca93f8273cd505

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\KC\Documents\GitHub\vcpkg\buildtrees\curl\x64-windows-rel\lib\libcurl.pdb

Imports

ws2_32

__WSAFDIsSet
ntohl
ioctlsocket
WSAWaitForMultipleEvents
WSASetEvent
WSAResetEvent
WSAEventSelect
select
WSACreateEvent
WSACloseEvent
socket
send
recv
closesocket
accept
htonl
WSAGetLastError
WSAStartup
WSACleanup
recvfrom
sendto
listen
getsockopt
getsockname
getpeername
connect
bind
WSAEnumNetworkEvents
htons
ntohs
setsockopt
gethostname
WSASetLastError
WSAIoctl
inet_pton
getaddrinfo
freeaddrinfo

zlib1

zlibVersion
inflate
inflateEnd
inflateInit_
inflateInit2_

advapi32

CryptAcquireContextA
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGenRandom
CryptReleaseContext

crypt32

CertFindCertificateInStore
PFXImportCertStore
CertCloseStore
CertOpenStore
CertFreeCertificateContext
CryptStringToBinaryA
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertEnumCertificatesInStore
CertFreeCertificateChain

kernel32

LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
QueryPerformanceFrequency
FormatMessageW
SetLastError
GetLastError
GetStdHandle
Sleep
GetEnvironmentVariableA
WaitForSingleObjectEx
CloseHandle
GetProcAddress
FreeLibrary
MultiByteToWideChar
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
QueryPerformanceCounter
GetTickCount
VerSetConditionMask
VerifyVersionInfoA
CreateFileA
GetFileSizeEx
DeleteCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
MoveFileExA
InitializeSListHead
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
SleepEx

vcruntime140

memset
__std_type_info_destroy_list
__C_specific_handler
memchr
strstr
memcmp
memmove
strrchr
strchr
memcpy

api-ms-win-crt-stdio-l1-1-0

ftell
fgets
fopen
fread
fseek
fputs
__stdio_common_vsprintf
fputc
feof
fwrite
fflush
_lseeki64
_close
fclose
__acrt_iob_func
_write
_read
__stdio_common_vsscanf
_open

api-ms-win-crt-time-l1-1-0

strftime
_gmtime64
_time64

api-ms-win-crt-convert-l1-1-0

strtol
atoi
strtoll
wcstombs
strtoul

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
_beginthreadex
_getpid
_crt_atexit
strerror
__sys_nerr
_errno
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

isupper
_strdup
strncmp
strncpy
tolower
strpbrk
strcspn
strspn
strcmp

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_unlink
_fstat64
_access
_stat64

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
realloc

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

_fdopen

Exports

Exports

curl_dbg_accept
curl_dbg_calloc
curl_dbg_fclose
curl_dbg_fdopen
curl_dbg_fopen
curl_dbg_free
curl_dbg_log
curl_dbg_malloc
curl_dbg_mark_sclose
curl_dbg_memdebug
curl_dbg_memlimit
curl_dbg_realloc
curl_dbg_recv
curl_dbg_sclose
curl_dbg_send
curl_dbg_socket
curl_dbg_strdup
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_perform_ev
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 370KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib1.dll
.dll windows:6 windows x64 arch:x64

3e00cc5294fc2fcbabd14c323443ba4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\KC\Documents\GitHub\vcpkg\buildtrees\zlib\x64-windows-rel\zlib.pdb

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memchr
memset
memcpy

api-ms-win-crt-stdio-l1-1-0

_wopen
_write
_read
_close
__stdio_common_vsprintf
_open
_lseeki64

api-ms-win-crt-heap-l1-1-0

malloc
free

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-runtime-l1-1-0

_errno
_cexit
strerror
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

Exports

Exports

adler32
adler32_combine
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2abf1cb8fc7559f30c82fe5e33894b07

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

d3dcompiler_43

kernel32

user32

gdi32

advapi32

libcurl

msvcp140

imm32

dwmapi

d3dx11_43

urlmon

rpcrt4

userenv

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

shell32

Sections

.text Size: 804KB - Virtual size: 804KB

.rdata Size: 246KB - Virtual size: 246KB

.data Size: 1.0MB - Virtual size: 1.0MB

.pdata Size: 38KB - Virtual size: 37KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 3KB

8571205d611243f448ca93f8273cd505

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

zlib1

advapi32

crypt32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 370KB - Virtual size: 370KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 8KB - Virtual size: 9KB

.pdata Size: 16KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

3e00cc5294fc2fcbabd14c323443ba4e

Headers

DLL Characteristics

File Characteristics

.text
Size: 804KB - Virtual size: 804KB

.rdata
Size: 246KB - Virtual size: 246KB

.data
Size: 1.0MB - Virtual size: 1.0MB

.pdata
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 370KB - Virtual size: 370KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 8KB - Virtual size: 9KB

.pdata
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 53KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 108B