D:\a\ImHex\ImHex\plugins\script_loader\support\dotnet\AssemblyLoader\obj\Release\net8.0\AssemblyLoader.pdb
Static task
static1
1 signatures
General
-
Target
@^NewFile_2025_UseAs_ṔḁṨṨCṏḌḙ^$.zip
-
Size
6.8MB
-
MD5
7cb8d2ea84a6074e777fb8778561a19c
-
SHA1
9b44f8bda070cc5970bff066391aa9df48f520a1
-
SHA256
67160444712ce4a997624c49a13c17bfe4e4222dbe9e120476de5af9f45202fb
-
SHA512
e06f3faaa239b203c4496e0bf8ab1f1a984910e4bbdb3814b67fbb20e223a57f7ca40ea2f5606907483ea0fc8b07ccf5903d419186a63db7402a98e9e11640d8
-
SSDEEP
196608:/9ij51PDpPMh2lnsYCQc9cqxhvgVGEUskrS9ozG:/Yj51Vkh6sk9qb8Gmb1
Score
3/10
Malware Config
Signatures
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack002/Info/AssemblyLoader.dll unpack002/Info/SessEnv.dll unpack002/Info/System.Dynamic.ni.dll unpack002/Info/prnfldr.dll unpack002/Setup.exe
Files
-
@^NewFile_2025_UseAs_ṔḁṨṨCṏḌḙ^$.zip.zip
Password: 2025
-
$=FulL_$etUp_Use_2025_PASSKEYS_$/$=FulL_$etUp_Use_2025_PASSKEYS_$.rar.rar
Password: 2025
-
File_PAssC0de$
-
Info/AssemblyLoader.dll.dll windows:4 windows x86 arch:x86
Password: 2025
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 940B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Info/Microsoft.Windows.ServerManager.Migration.dll
-
Info/SessEnv.dll.dll windows:10 windows x64 arch:x64
Password: 2025
e6b72945adf0de58d2975feed196509e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
SessEnv.pdb
Imports
msvcrt
wcscat_s
wcscpy_s
wcschr
_wtol
__CxxFrameHandler3
memcpy_s
_vsnprintf
_wcsicmp
_vsnwprintf
toupper
_CxxThrowException
memcmp
memcpy
memmove
memset
strcmp
_onexit
__dllonexit
_wcsnicmp
wcsrchr
wcsncmp
iswalpha
?terminate@@YAXXZ
_purecall
??1type_info@@UEAA@XZ
_unlock
_lock
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
free
_callnewh
malloc
swprintf_s
wcscmp
ntdll
NtQueryInformationProcess
NtDuplicateToken
RtlFreeHeap
RtlAllocateHeap
RtlNtStatusToDosError
RtlCaptureContext
WinSqmSetDWORD
WinSqmStartSession
WinSqmAddToStream
WinSqmEndSession
WinSqmIsOptedIn
RtlGetActiveConsoleId
EtwEventWriteFull
EtwEventRegister
EtwEventUnregister
RtlUnsubscribeWnfStateChangeNotification
RtlSubscribeWnfStateChangeNotification
NtQueryWnfStateData
RtlInsertElementGenericTable
RtlLookupElementGenericTable
RtlQueryEnvironmentVariable_U
RtlInitUnicodeStringEx
RtlInitializeGenericTable
RtlDeleteElementGenericTable
RtlEnumerateGenericTable
RtlAllocateAndInitializeSid
RtlAcquireResourceExclusive
RtlReleaseResource
RtlAcquireResourceShared
DbgPrint
RtlEqualSid
VerSetConditionMask
RtlLookupFunctionEntry
RtlFreeSid
RtlInitializeResource
RtlVerifyVersionInfo
RtlCaptureStackBackTrace
RtlDeleteResource
NtQuerySystemInformation
RtlVirtualUnwind
RtlLengthSid
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
LoadLibraryExW
FreeLibrary
GetModuleFileNameW
GetProcAddress
GetModuleHandleExW
GetModuleFileNameA
LoadStringW
api-ms-win-core-errorhandling-l1-1-0
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
api-ms-win-core-handle-l1-1-0
DuplicateHandle
CloseHandle
api-ms-win-service-core-l1-1-0
SetServiceStatus
RegisterServiceCtrlHandlerExW
api-ms-win-core-synch-l1-1-0
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection
ReleaseSRWLockExclusive
InitializeCriticalSectionAndSpinCount
CreateEventW
WaitForMultipleObjectsEx
InitializeCriticalSection
DeleteCriticalSection
SetEvent
AcquireSRWLockExclusive
ResetEvent
api-ms-win-core-registry-l1-1-0
RegOpenKeyExW
RegLoadKeyW
RegQueryValueExW
RegNotifyChangeKeyValue
RegEnumValueW
RegDeleteValueW
RegEnumKeyExW
RegOpenCurrentUser
RegUnLoadKeyW
RegDeleteTreeW
RegSetValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegGetValueW
RegCloseKey
api-ms-win-eventing-provider-l1-1-0
EventSetInformation
EventActivityIdControl
EventUnregister
EventProviderEnabled
EventWriteTransfer
EventRegister
api-ms-win-core-synch-l1-2-0
Sleep
InitOnceExecuteOnce
api-ms-win-core-profile-l1-1-0
QueryPerformanceFrequency
QueryPerformanceCounter
api-ms-win-core-processthreads-l1-1-0
OpenThreadToken
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
CreateProcessAsUserW
CreateProcessW
GetCurrentThread
GetThreadId
ProcessIdToSessionId
TerminateThread
OpenProcessToken
GetCurrentThreadId
CreateThread
api-ms-win-core-sysinfo-l1-1-0
GetSystemTimeAsFileTime
GetVersionExW
GetSystemTime
GetSystemDirectoryW
GetComputerNameExW
GetTickCount
GetLocalTime
kernel32
UnregisterWaitEx
VerifyVersionInfoW
CreateTimerQueueTimer
DeleteTimerQueueEx
SetVolumeMountPointW
MoveFileW
WTSGetActiveConsoleSessionId
CreateTimerQueue
DeleteTimerQueueTimer
GetComputerNameW
sysntfy
SysNotifyStartServer
SysNotifyStopServer
dismapi
DismOpenSession
DismEnableFeature
DismDisableFeature
DismShutdown
DismInitialize
api-ms-win-eventing-controller-l1-1-0
ControlTraceW
StartTraceW
EnableTraceEx2
api-ms-win-core-com-l1-1-0
CoTaskMemFree
CoCreateGuid
CoInitializeEx
CoWaitForMultipleHandles
CoSetProxyBlanket
CoCreateInstance
StringFromCLSID
CoTaskMemAlloc
CoUninitialize
CoCreateInstanceEx
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
DebugBreak
OutputDebugStringA
api-ms-win-security-base-l1-1-0
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
GetAclInformation
GetFileSecurityW
GetSecurityDescriptorLength
SetSecurityDescriptorControl
InitializeSecurityDescriptor
IsValidSid
AdjustTokenPrivileges
GetSecurityDescriptorControl
SetFileSecurityW
GetAce
EqualSid
DuplicateToken
SetTokenInformation
ImpersonateLoggedOnUser
AllocateAndInitializeSid
GetTokenInformation
FreeSid
MakeAbsoluteSD
CreateWellKnownSid
CopySid
DeleteAce
CheckTokenMembership
RevertToSelf
GetLengthSid
DuplicateTokenEx
api-ms-win-core-heap-l2-1-0
LocalFree
LocalAlloc
api-ms-win-security-sddl-l1-1-0
ConvertStringSidToSidW
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
rpcrt4
Ndr64AsyncClientCall
RpcBindingUnbind
RpcBindingVectorFree
RpcEpRegisterW
RpcServerInqBindings
RpcServerUseProtseqExW
RpcBindingFree
RpcBindingInqAuthClientW
RpcRevertToSelf
RpcImpersonateClient
RpcFreeAuthorizationContext
RpcGetAuthorizationContextForClient
RpcServerInqCallAttributesW
RpcStringBindingParseW
RpcBindingToStringBindingW
RpcServerUnregisterIfEx
RpcServerRegisterIfEx
RpcServerUseProtseqEpW
RpcServerRegisterAuthInfoW
RpcServerInqDefaultPrincNameW
NdrServerCallAll
NdrServerCall2
I_RpcBindingInqLocalClientPID
UuidCreate
UuidToStringW
RpcStringFreeW
RpcBindingCopy
I_RpcExceptionFilter
RpcAsyncCompleteCall
RpcBindingBind
UuidFromStringW
RpcAsyncInitializeHandle
RpcBindingServerFromClient
RpcBindingCreateW
api-ms-win-core-heap-l1-1-0
HeapReAlloc
GetProcessHeap
HeapAlloc
HeapFree
api-ms-win-core-file-l1-1-0
FindNextFileW
FindFirstFileW
RemoveDirectoryW
FindClose
WriteFile
SetFileAttributesW
CreateDirectoryW
SetFilePointer
CompareFileTime
DeleteVolumeMountPointW
DeleteFileW
FileTimeToLocalFileTime
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
CreateFileW
ReadFile
GetFileSizeEx
GetFileTime
GetFileAttributesW
api-ms-win-core-string-l1-1-0
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-synch-l1-2-1
WaitForMultipleObjects
api-ms-win-core-shutdown-l1-1-0
InitiateSystemShutdownExW
api-ms-win-core-timezone-l1-1-0
SystemTimeToFileTime
FileTimeToSystemTime
api-ms-win-core-processenvironment-l1-1-0
ExpandEnvironmentStringsW
api-ms-win-core-io-l1-1-0
DeviceIoControl
api-ms-win-core-file-l2-1-0
GetFileInformationByHandleEx
MoveFileWithProgressW
CopyFileExW
CreateSymbolicLinkW
api-ms-win-core-path-l1-1-0
PathCchCombine
api-ms-win-core-processthreads-l1-1-1
OpenProcess
GetProcessMitigationPolicy
api-ms-win-core-psapi-l1-1-0
QueryFullProcessImageNameW
samcli
NetLocalGroupDelMembers
NetLocalGroupAddMembers
NetUserGetInfo
api-ms-win-core-file-l1-2-0
GetTempPathW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
api-ms-win-eventing-classicprovider-l1-1-0
TraceMessage
api-ms-win-security-credentials-l1-1-0
CredUnprotectW
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
api-ms-win-core-heap-obsolete-l1-1-0
LocalSize
api-ms-win-core-string-obsolete-l1-1-0
lstrcmpiW
api-ms-win-core-shlwapi-obsolete-l1-1-0
StrToIntExW
api-ms-win-security-lsalookup-l1-1-0
LookupAccountSidLocalW
shell32
SHGetKnownFolderPath
scecli
SceSetupSystemByInfName
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-security-lsapolicy-l1-1-0
LsaFreeMemory
api-ms-win-core-apiquery-l1-1-0
ApiSetQueryApiSetPresence
Exports
Exports
ServiceMain
SvchostPushServiceGlobals
Sections
.text Size: 316KB - Virtual size: 316KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Info/System.Dynamic.ni.dll.dll windows:5 windows x64 arch:x64
Password: 2025
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
System.Dynamic.ni.pdb
System.Dynamic.pdb
Sections
.data Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.xdata Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 346KB - Virtual size: 345KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Info/prnfldr.dll.dll regsvr32 windows:10 windows x64 arch:x64
Password: 2025
d453af5dbbf8f638e6f81acef39f9d2a
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
prnfldr.pdb
Imports
msvcrt
??1type_info@@UEAA@XZ
_amsg_exit
_initterm
memmove
memcpy
_unlock
__dllonexit
__C_specific_handler
_onexit
free
_lock
memset
__CxxFrameHandler3
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
malloc
_wtoi
_vsnwprintf
wcschr
??3@YAXPEAX@Z
_wcsicmp
_purecall
_XcptFilter
wcscmp
oleaut32
SysAllocString
VariantClear
VariantInit
VariantCopy
SysAllocStringLen
SysStringLen
SysFreeString
api-ms-win-eventing-classicprovider-l1-1-0
GetTraceEnableLevel
GetTraceEnableFlags
UnregisterTraceGuids
TraceMessage
GetTraceLoggerHandle
RegisterTraceGuidsW
api-ms-win-core-synch-l1-1-0
ReleaseSRWLockShared
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetEvent
LeaveCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeSRWLock
CreateEventW
WaitForSingleObject
AcquireSRWLockShared
api-ms-win-core-errorhandling-l1-1-0
SetLastError
RaiseException
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
api-ms-win-core-libraryloader-l1-2-1
LoadLibraryW
api-ms-win-core-libraryloader-l1-2-0
DisableThreadLibraryCalls
GetProcAddress
FreeLibrary
LoadStringW
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
LoadStringA
api-ms-win-core-debug-l1-1-0
IsDebuggerPresent
DebugBreak
OutputDebugStringA
api-ms-win-core-sysinfo-l1-1-0
GetTickCount64
GetTickCount
GetSystemTimeAsFileTime
GetSystemDirectoryW
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
SleepConditionVariableSRW
Sleep
WakeAllConditionVariable
api-ms-win-core-handle-l1-1-0
CloseHandle
api-ms-win-core-heap-l2-1-0
LocalReAlloc
GlobalAlloc
LocalAlloc
LocalFree
api-ms-win-core-com-l1-1-0
CoTaskMemFree
CoGetInterfaceAndReleaseStream
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoGetMalloc
CoTaskMemAlloc
PropVariantClear
CoInitializeEx
CoUninitialize
CLSIDFromProgID
api-ms-win-eventing-provider-l1-1-0
EventWriteTransfer
EventRegister
EventUnregister
api-ms-win-core-registry-l1-1-0
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
api-ms-win-core-processthreads-l1-1-0
TerminateProcess
OpenProcessToken
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
api-ms-win-core-localization-l1-2-0
FormatMessageW
api-ms-win-core-path-l1-1-0
PathIsUNCEx
api-ms-win-core-rtlsupport-l1-1-0
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
ole32
ReleaseStgMedium
CreateBindCtx
gdi32
DeleteObject
SelectObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
user32
GetSystemMetrics
SendNotifyMessageW
GetAncestor
DestroyIcon
ReleaseDC
GetDC
GetMenuItemCount
RegisterClipboardFormatW
DestroyMenu
SetForegroundWindow
GetSubMenu
LoadMenuW
RemoveMenu
SetMenuDefaultItem
SetMenuItemInfoW
DeleteMenu
GetMenuItemInfoW
GetMenuInfo
SetMenuInfo
PostMessageW
TrackPopupMenuEx
shell32
ord100
ord19
ord67
ord256
SHCreateDefaultExtractIcon
SHCreateDefaultContextMenu
ord155
ShellExecuteExW
AssocGetDetailsOfPropKey
SHGetIconOverlayIndexW
SHGetKnownFolderIDList
SHCreateShellItemArrayFromIDLists
ShellExecuteW
SHCreateDataObject
ord102
SHBindToParent
ord147
SHBindToObject
ord190
SHGetFolderLocation
ord18
ord25
SHChangeNotify
ord744
ord76
ord237
ord702
ord69
ord172
ord866
ord264
ntdll
NtQueryInformationToken
WinSqmAddToStream
WinSqmIncrementDWORD
shlwapi
ord437
ord256
ord388
ord16
ord500
ord176
ord219
StrChrW
IntlStrEqWorkerW
ord501
ord619
StrStrIW
PathRemoveBlanksW
SHStrDupW
AssocCreate
ord158
ord157
SHRegGetValueW
ord217
StrDupW
ord236
PathFindFileNameW
ord186
ord208
ord210
ord209
ord211
StrRetToBufW
ord197
propsys
InitVariantFromResource
VariantToPropVariant
PSFormatForDisplay
VariantToBuffer
kernel32
CreateActCtxW
FindActCtxSectionStringW
QueryActCtxW
QueueUserWorkItem
ActivateActCtx
DeactivateActCtx
lstrcmpiW
lstrcmpW
GetComputerNameW
GetProcessHeap
HeapAlloc
GetProcessMitigationPolicy
HeapFree
GlobalUnlock
GlobalSize
GlobalLock
CheckElevationEnabled
api-ms-win-core-delayload-l1-1-1
ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0
DelayLoadFailureHook
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 166KB - Virtual size: 165KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 47KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 208B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 245KB - Virtual size: 245KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Setup.exe.exe windows:6 windows x86 arch:x86
Password: 2025
39d5c04458acdb2fecb1fc360743ee8d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
RaiseFailFastException
QueryPerformanceFrequency
QueryPerformanceCounter
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler
Sections
.text Size: 9.3MB - Virtual size: 9.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 10.7MB - Virtual size: 10.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 543KB - Virtual size: 769KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 513KB - Virtual size: 512KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.symtab Size: 512B - Virtual size: 4B
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 152KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
.data
-
.idata
-
.rdata
-
.reloc
-
.rsrc/GROUP_ICON/103
-
.rsrc/ICON/1.ico
-
.rsrc/ICON/2.ico
-
.rsrc/ICON/3.ico
-
.rsrc/ICON/4.png
Password: 2025
-
.rsrc/ICON/5.ico
-
.rsrc/ICON/6.ico
-
.rsrc/ICON/7.ico
-
.rsrc/ICON/8.ico
-
.rsrc/MANIFEST/1.xml
-
.rsrc/version.txt
-
.symtab
-
.text
-
$=FulL_$etUp_Use_2025_PASSKEYS_$/File_PAssC0de$
-
File_PAssC0de$