b3a1050da56015a2ef48aa64f79a22ee_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b3a1050da56015a2ef48aa64f79a22ee_JaffaCakes118
Size

5.9MB
MD5

b3a1050da56015a2ef48aa64f79a22ee
SHA1

219cef0c5b5430a00c0ddf9f3e5cf0db451274e8
SHA256

988ce7496dbd1847c43074b7f20a5ea372cead7c99e090cd02740918cbb4a475
SHA512

89b61c9c4f9569d9cb81296c5bd07d497a73bf3777805e7bdaabbfdaa46a4ca61e9097d7a2b6ae96da3d4d63ec1688e9ce2f180899210cd819f5ec89ddc2e135
SSDEEP

98304:7vRhEBe5kqKkrbPTVmpv3KMRgtbee/I4KYfd2b781nrSUSonhFfNzcGMVdVW:7vRTlYM3pI4pV243Sonhd/MLU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/HDSAction.exe	upx
static1/unpack001/HDSCtrl.exe	upx
static1/unpack001/detect.dll	upx
static1/unpack001/harddisksentinelupdate.exe	upx

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HDSAction.exe
unpack001/HDSCtrl.exe
unpack001/HDSentinel.sys
unpack001/Status.icd
unpack001/Statusb.icd
unpack001/Statusg.icd
unpack001/Statusn.icd
unpack001/Statusw.icd
unpack001/detect.dll
unpack001/harddisksentinelupdate.exe
unpack001/hdsentinel.exe
unpack001/soft2cn．com汉化说明.exe
unpack001/uninst.exe

Files

b3a1050da56015a2ef48aa64f79a22ee_JaffaCakes118
.rar
HDSAction.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 864KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 291KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HDSCtrl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 170KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HDSentinel.sys
.sys windows:5 windows x86 arch:x86

389659594b01690a0b709b955935f807

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
RtlInitUnicodeString
IoDeleteDevice
MmUnmapIoSpace
MmMapIoSpace
IoDeleteSymbolicLink

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 256B - Virtual size: 254B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDnotify.wav
HDsirena.mp3
Status.icd
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Statusb.icd
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Statusg.icd
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Statusn.icd
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Statusw.icd
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
coin_gold_1.ico
coin_stone_1.ico
detect.dat
detect.dll
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 276KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
en.chm
.chm
enpro.lng
harddisksentinelupdate.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 548KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 243KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
hdd.jpg
.jpg
hdsentinel.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 647KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 58KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 178KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

LordFox
Size: 376KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
hdsentinel.ini
hu.chm
.chm
it.chm
.chm
soft2cn．com汉化说明.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HH_By_Soft2CN
Reserverd
fzh_s2c
refreshDesktop

Sections

.Upack
Size: - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uninst.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 284KB - Virtual size: 4B

��
Size: - Virtual size:
安装说明.url
.url
汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 864KB

UPX1 Size: 291KB - Virtual size: 292KB

.rsrc Size: 14KB - Virtual size: 16KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 280KB

UPX1 Size: 170KB - Virtual size: 172KB

.rsrc Size: 11KB - Virtual size: 12KB

389659594b01690a0b709b955935f807

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 160B - Virtual size: 132B

INIT Size: 256B - Virtual size: 254B

.reloc Size: 64B - Virtual size: 64B

Headers

File Characteristics

Sections

CODE Size: 9KB - Virtual size: 9KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.reloc Size: 1024B - Virtual size: 752B

.rsrc Size: 234KB - Virtual size: 233KB

Headers

File Characteristics

Sections

CODE Size: 9KB - Virtual size: 9KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.reloc Size: 1024B - Virtual size: 752B

.rsrc Size: 234KB - Virtual size: 233KB

Headers

File Characteristics

Sections

CODE Size: 9KB - Virtual size: 9KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.reloc Size: 1024B - Virtual size: 752B

.rsrc Size: 234KB - Virtual size: 233KB

Headers

File Characteristics

Sections

CODE Size: 9KB - Virtual size: 9KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.reloc Size: 1024B - Virtual size: 752B

.rsrc Size: 234KB - Virtual size: 233KB

Headers

File Characteristics

Sections

CODE Size: 9KB - Virtual size: 9KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 834B

.reloc Size: 1024B - Virtual size: 752B

.rsrc Size: 234KB - Virtual size: 233KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 276KB

UPX1 Size: 159KB - Virtual size: 160KB

.rsrc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

UPX0
Size: - Virtual size: 864KB

UPX1
Size: 291KB - Virtual size: 292KB

.rsrc
Size: 14KB - Virtual size: 16KB

UPX0
Size: - Virtual size: 280KB

UPX1
Size: 170KB - Virtual size: 172KB

.rsrc
Size: 11KB - Virtual size: 12KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 160B - Virtual size: 132B

INIT
Size: 256B - Virtual size: 254B

.reloc
Size: 64B - Virtual size: 64B

CODE
Size: 9KB - Virtual size: 9KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.reloc
Size: 1024B - Virtual size: 752B

.rsrc
Size: 234KB - Virtual size: 233KB

CODE
Size: 9KB - Virtual size: 9KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.reloc
Size: 1024B - Virtual size: 752B

.rsrc
Size: 234KB - Virtual size: 233KB

CODE
Size: 9KB - Virtual size: 9KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.reloc
Size: 1024B - Virtual size: 752B

.rsrc
Size: 234KB - Virtual size: 233KB

CODE
Size: 9KB - Virtual size: 9KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.reloc
Size: 1024B - Virtual size: 752B

.rsrc
Size: 234KB - Virtual size: 233KB

CODE
Size: 9KB - Virtual size: 9KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 834B

.reloc
Size: 1024B - Virtual size: 752B

.rsrc
Size: 234KB - Virtual size: 233KB

UPX0
Size: - Virtual size: 276KB

UPX1
Size: 159KB - Virtual size: 160KB

.rsrc
Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 548KB

UPX1
Size: 243KB - Virtual size: 244KB

.rsrc
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 178KB - Virtual size: 824KB

LordFox
Size: 376KB - Virtual size: 380KB

.adata
Size: - Virtual size: 4KB

.Upack
Size: - Virtual size: 196KB

.rsrc
Size: 71KB - Virtual size: 268KB

LoadLi
Size: 4KB - Virtual size: 1830.1MB

��
Size: - Virtual size: