Extracted

• 648c5b5b6bcdb5442bfce4bb3215479789edd3b0.rl

  .exe windows:4 windows x86 arch:x86

  765650190224c30d988bfe1c70e8de98

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  wsprintfA

  kernel32

  CreateFileA

  CreateThread

  ExitProcess

  FileTimeToSystemTime

  GetCurrentProcess

  GetLocalTime

  GetTempPathA

  GetVolumeInformationA

  CreateEventA

  LocalFree

  SetEvent

  SetFilePointer

  CloseHandle

  SystemTimeToFileTime

  VirtualAlloc

  VirtualFree

  WaitForSingleObject

  WriteFile

  LocalAlloc

  Sleep

  advapi32

  OpenProcessToken

  GetTokenInformation

  GetSidSubAuthority

  wsock32

  WSAStartup

  closesocket

  connect

  htons

  inet_addr

  inet_ntoa

  ioctlsocket

  recv

  select

  send

  setsockopt

  shutdown

  socket

  ws2_32

  freeaddrinfo

  WSAIoctl

  getaddrinfo

  ole32

  CoInitialize

  CoCreateInstance

  CoUninitialize

  secur32

  GetUserNameExW

  GetUserNameExA

  Sections

  .text

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 388B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 512B - Virtual size: 254B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ