dc66aa9f201d3e0b4ed864c76c38f904_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc66aa9f201d3e0b4ed864c76c38f904_JaffaCakes118
Size

3.2MB
MD5

dc66aa9f201d3e0b4ed864c76c38f904
SHA1

cd142678f8439ae309412dd6ebf38b8cb7d84f98
SHA256

4fa5090b944c34d509012e08164cea76c348bebc570cc1a8fc484361f7c23a14
SHA512

655dc51d962b8f8f83c9d1e1ffd4d964517e7e373c395f2fa1c6e3baf0d5c8b8852e58ab197476fc6ffe3107bc6a3c1e09ff47d0d8492920c0461e77f02d1a78
SSDEEP

98304:2CFll+kcxnpkMjIVhrt40+++80ev+nIeSSY:BFll+1aVhrOFrfev+nIhSY

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 4 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/家庭收支记账理财宝/MyMoney.exe	aspack_v212_v242
static1/unpack001/密码宝/StarPass.exe	aspack_v212_v242
static1/unpack001/行动计划宝/Ework.exe	aspack_v212_v242
static1/unpack001/起名宝/StarName.exe	aspack_v212_v242

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/加密宝/StarEnc.exe
unpack001/家庭收支记账理财宝/MyMoney.exe
unpack001/密码宝/StarPass.exe
unpack001/系统监视宝/bin/sysmon.ocx
unpack001/系统监视宝/sysmon.exe
unpack001/行动计划宝/Ework.exe
unpack001/起名宝/StarName.exe

Files

dc66aa9f201d3e0b4ed864c76c38f904_JaffaCakes118
.rar
下载说明.htm
.html .js polyglot
加密宝/Readme.txt
加密宝/StarEnc.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 427KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
加密宝/StarEnc.htm
.html
加密宝/StarEnc.swf
加密宝/下载说明.htm
.html .js polyglot
加密宝/使用帮助.htm
.html
家庭收支记账理财宝/MyMoney.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 669KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
家庭收支记账理财宝/MyMoney.mdb
家庭收支记账理财宝/Readme.txt
家庭收支记账理财宝/下载说明.htm
.html .js polyglot
密码宝/Readme.txt
密码宝/StarPass.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 824KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
密码宝/StarPass.mdb
密码宝/下载说明.htm
.html .js polyglot
系统监视宝/bin/sysmon.ocx
.dll regsvr32 windows:5 windows x86 arch:x86

d3b4f41938a951494fdc28310fc23bce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

mfc42u

ord823
ord825

msvcrt

?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_purecall
_CIpow
_wgetenv
wcsrchr
swscanf
malloc
free
_wsplitpath
wcscspn
wcslen
__CxxFrameHandler
_EH_prolog
wcsncpy
wcscpy
strstr
wcscmp
wcsstr
wcstok
swprintf
_ftol
wcschr
qsort

user32

GetDlgItemTextW
EnableWindow
FillRect
PostMessageW
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
UnionRect
TranslateMessage
DispatchMessageW
TranslateAcceleratorW
LoadAcceleratorsW
LoadMenuW
GetSubMenu
TrackPopupMenu
DestroyMenu
CallWindowProcW
DrawFocusRect
GetSysColor
MoveWindow
DrawEdge
GetSystemMetrics
IsRectEmpty
MessageBoxW
CreateDialogParamW
GetDesktopWindow
GetWindowLongW
GetWindowRect
GetParent
GetDlgItem
DefWindowProcW
BeginPaint
EndPaint
SetCursor
ReleaseCapture
SendMessageW
KillTimer
SetCapture
SetTimer
EqualRect
InflateRect
IntersectRect
SetWindowPos
RegisterClassW
LoadCursorW
CreateWindowExW
SetFocus
SetParent
ShowWindow
GetClientRect
GetDC
ReleaseDC
CheckRadioButton
FrameRect
CopyRect
IsWindow
LoadBitmapW
GetScrollPos
SetScrollRange
SetScrollPos
ScrollWindow
ClientToScreen
IsDialogMessageW
GetScrollRange
IsWindowEnabled
PtInRect
GetWindow
IsChild
GetFocus
GetKeyState
WinHelpW
GetDlgCtrlID
SetPropW
GetDlgItemInt
RemovePropW
GetPropW
SetDlgItemTextW
CheckDlgButton
OffsetRect
SetWindowLongW
LoadStringW
UpdateWindow
InvalidateRect
UnregisterClassW
DestroyWindow
SetRect
RegisterClipboardFormatW

gdi32

SetWindowOrgEx
IntersectClipRect
Rectangle
GetStockObject
CreateBitmap
CreatePatternBrush
DeleteObject
CreateMetaFileW
SetMapMode
CloseMetaFile
DeleteMetaFile
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
GetDeviceCaps
CreateRectRgn
PatBlt
GetClipBox
SelectClipRgn
SetTextColor
SetWindowExtEx
SetBkColor
SetViewportOrgEx
RestoreDC
SaveDC
RectVisible
GetTextExtentPoint32W
ExtTextOutW
LPtoDP
GetClipRgn
SetBkMode
SetTextAlign
MoveToEx
CreateSolidBrush
LineTo
GetTextMetricsW
GetTextExtentPointW
GetTextExtentExPointW
CreateDCW
Polyline
ExtCreatePen
CreatePen
GetTextFaceW
TextOutW
CreateFontIndirectW
CombineRgn
SetViewportExtEx

kernel32

lstrcmpW
lstrcatW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
DeleteCriticalSection
lstrlenW
lstrcpyW
ResetEvent
WaitForSingleObject
CreateFileW
lstrlenA
ReadFile
GetLastError
EnterCriticalSection
GetProfileIntW
LeaveCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
GetModuleFileNameW
GetFileSize
SetLastError
FindClose
FindFirstFileW
GetLocalTime
GetDateFormatW
GetTimeFormatW
CreateThread
GetComputerNameW
SetThreadPriority
GlobalFree
GetWindowsDirectoryW
GetTickCount
FileTimeToSystemTime
SetCurrentDirectoryW
SystemTimeToFileTime
LoadLibraryW
FreeLibrary
FormatMessageW
WriteFile
GetLocaleInfoW
GetNumberFormatW
GetProcAddress
lstrcpynW
SetEvent
LoadLibraryA
CloseHandle
lstrcmpiW
CreateEventW

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExW
RegDeleteKeyW
RegCloseKey
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

comdlg32

GetSaveFileNameW

comctl32

ord17
CreateToolbarEx

ole32

ReleaseStgMedium
CreateBindCtx
CreateOleAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateStreamOnHGlobal
StringFromGUID2
WriteFmtUserTypeStg
CoLockObjectExternal
CoTaskMemFree
CreateDataAdviseHolder
CoCreateInstance
CoGetMalloc
CreateDataCache
GetRunningObjectTable

oleaut32

LoadRegTypeLi
VariantClear
VariantChangeType
SysAllocString
OleCreatePropertyFrame
OleTranslateColor
DispGetIDsOfNames
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysFreeString
OleCreateFontIndirect
LoadTypeLi
VariantInit

pdh

PdhGetCounterInfoW
PdhAddCounterW
PdhSelectDataSourceW
PdhSetQueryTimeRange
PdhRemoveCounter
PdhParseCounterPathW
PdhGetRawCounterValue
PdhExpandWildCardPathW
PdhCalculateCounterFromRawValue
PdhBrowseCountersW
PdhGetDataSourceTimeRangeW
PdhCollectQueryData
PdhCloseQuery
PdhSetDefaultRealTimeDataSource
PdhOpenQueryW
PdhComputeCounterStatistics

shell32

DragFinish
DragAcceptFiles
DragQueryFileW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
系统监视宝/sysmon.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
系统监视宝/下载说明.htm
.html .js polyglot
行动计划宝/Ework.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 703KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
行动计划宝/calendar.mht
.eml
email-html-1.txt
.html .js polyglot
行动计划宝/xwork.mdb
行动计划宝/下载说明.htm
.html .js polyglot
行动计划宝/注意.txt
起名宝/Readme.txt
起名宝/StarName.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 288KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
起名宝/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 427KB - Virtual size: 426KB

DATA Size: 21KB - Virtual size: 20KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 32KB - Virtual size: 31KB

.rsrc Size: 71KB - Virtual size: 71KB

Headers

File Characteristics

Sections

CODE Size: 669KB - Virtual size: 1.9MB

DATA Size: 6KB - Virtual size: 16KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 160KB

.rsrc Size: 37KB - Virtual size: 136KB

.aspack Size: 11KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 824KB - Virtual size: 2.4MB

DATA Size: 9KB - Virtual size: 24KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 216KB

.rsrc Size: 44KB - Virtual size: 144KB

.aspack Size: 15KB - Virtual size: 16KB

.adata Size: - Virtual size: 4KB

d3b4f41938a951494fdc28310fc23bce

Headers

File Characteristics

Imports

mfc42u

msvcrt

user32

gdi32

kernel32

advapi32

comdlg32

comctl32

ole32

oleaut32

pdh

shell32

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 121KB

.data Size: 3KB - Virtual size: 13KB

.rsrc Size: 33KB - Virtual size: 33KB

.reloc Size: 7KB - Virtual size: 7KB

Headers

File Characteristics

Sections

CODE Size: 364KB - Virtual size: 364KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 26KB - Virtual size: 25KB

.rsrc Size: 33KB - Virtual size: 33KB

Headers

File Characteristics

Sections

CODE Size: 703KB - Virtual size: 2.0MB

CODE
Size: 427KB - Virtual size: 426KB

DATA
Size: 21KB - Virtual size: 20KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 71KB - Virtual size: 71KB

CODE
Size: 669KB - Virtual size: 1.9MB

DATA
Size: 6KB - Virtual size: 16KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 160KB

.rsrc
Size: 37KB - Virtual size: 136KB

.aspack
Size: 11KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 824KB - Virtual size: 2.4MB

DATA
Size: 9KB - Virtual size: 24KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 216KB

.rsrc
Size: 44KB - Virtual size: 144KB

.aspack
Size: 15KB - Virtual size: 16KB

.adata
Size: - Virtual size: 4KB

.text
Size: 121KB - Virtual size: 121KB

.data
Size: 3KB - Virtual size: 13KB

.rsrc
Size: 33KB - Virtual size: 33KB

.reloc
Size: 7KB - Virtual size: 7KB

CODE
Size: 364KB - Virtual size: 364KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 33KB - Virtual size: 33KB

CODE
Size: 703KB - Virtual size: 2.0MB

DATA
Size: 7KB - Virtual size: 20KB

BSS
Size: - Virtual size: 12KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 152KB

.rsrc
Size: 52KB - Virtual size: 184KB

.aspack
Size: 15KB - Virtual size: 16KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 288KB - Virtual size: 760KB

DATA
Size: 3KB - Virtual size: 12KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 60KB

.rsrc
Size: 23KB - Virtual size: 88KB

.aspack
Size: 12KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB