dc8f0c59d905d023d7ce4b6ec2f7e51c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc8f0c59d905d023d7ce4b6ec2f7e51c_JaffaCakes118
Size

1.1MB
MD5

dc8f0c59d905d023d7ce4b6ec2f7e51c
SHA1

1ef299c33e15dfbdcaf75090e8afe66e6474c53d
SHA256

084daf6dc70c5a8e1c9bfbbd528126f944bcae947b7707c9909b7ab193cac86e
SHA512

aa53d4692a8fd904a1da440ffe4453a918bebf4a03215d519b8eb982c8c6df758ac4cade0afbaa841a3f94c39fa793c966e91efc013fc6e46d3907f01edd21fb
SSDEEP

24576:cNzhg6//P4DkkiP0Kaj3t/S9JhDhp3ae6/jD4RhhHCE:U9/wIz8F7tqNba1nefZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 55 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PECompact2/PEC2.exe
unpack001/PECompact2/PEChksum.exe
unpack001/PECompact2/PEHideText.exe
unpack001/PECompact2/PEInsert.exe
unpack001/PECompact2/PESubsys.exe
unpack001/PECompact2/PETrim.exe
unpack001/PECompact2/PEWaterMark.exe
unpack001/PECompact2/PurchaseDialog.dll
unpack001/PECompact2/UpdateChecker.dll
unpack001/PECompact2/bmstrstr.dll
unpack001/PECompact2/cs_cpl.dll
unpack001/PECompact2/lzma.exe
unpack001/PECompact2/pec2codec_aplib.dll
unpack001/PECompact2/pec2codec_brieflz.dll
unpack001/PECompact2/pec2codec_copy.dll
unpack001/PECompact2/pec2codec_crc32.dll
unpack001/PECompact2/pec2codec_expand.dll
unpack001/PECompact2/pec2codec_ffce.dll
unpack001/PECompact2/pec2codec_inv.dll
unpack001/PECompact2/pec2codec_jcalg1.dll
unpack001/PECompact2/pec2codec_lzma.dll
unpack001/PECompact2/pec2codec_lzma2.dll
unpack001/PECompact2/pec2codec_messagebox.dll
unpack001/PECompact2/pec2codec_password.dll
unpack001/PECompact2/pec2gui.exe
unpack001/PECompact2/pec2hooks_api_ispacked.dll
unpack001/PECompact2/pec2hooks_api_watermark.dll
unpack001/PECompact2/pec2hooks_fastimport.dll
unpack001/PECompact2/pec2ldr_default.dll
unpack001/PECompact2/pec2ldr_reduced.dll
unpack001/PECompact2/pec2rsrc.dll
unpack001/PECompact2/pec2rsrc_brazilian.dll
unpack001/PECompact2/pec2rsrc_chinese.dll
unpack001/PECompact2/pec2rsrc_dutch.dll
unpack001/PECompact2/pec2rsrc_french.dll
unpack001/PECompact2/pec2rsrc_german.dll
unpack001/PECompact2/pec2rsrc_italian.dll
unpack001/PECompact2/pec2rsrc_japanese.dll
unpack001/PECompact2/pec2rsrc_korean.dll
unpack001/PECompact2/pec2rsrc_polish.dll
unpack001/PECompact2/pec2rsrc_russian.dll
unpack001/PECompact2/pec2rsrc_slovenian.dll
unpack001/PECompact2/pec2rsrc_swedish.dll
unpack001/PECompact2/peclassify.exe
unpack001/PECompact2/testcodec.exe
unpack001/PECompact2/uninstall.exe
unpack002/$PLUGINSDIR/LangDLL.dll
unpack001/PECompact2/updatechecker_dutch.dll
unpack001/PECompact2/updatechecker_english.dll
unpack001/PECompact2/updatechecker_german.dll
unpack001/PECompact2/updatechecker_korean.dll
unpack001/PECompact2/updatechecker_polish.dll
unpack001/PECompact2/updatechecker_russian.dll
unpack001/PECompact2/updatechecker_slovenian.dll
unpack001/PECompact2/updatechecker_swedish.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
static1/unpack001/PECompact2/uninstall.exe	nsis_installer_1
static1/unpack001/PECompact2/uninstall.exe	nsis_installer_2

Files

dc8f0c59d905d023d7ce4b6ec2f7e51c_JaffaCakes118
.rar
PECompact2/9xl.bat
PECompact2/PEC2.CHM
.chm
PECompact2/PEC2.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 98KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PEChksum.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 31KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PEHT.h
PECompact2/PEHTLib.lib
PECompact2/PEHideText.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 34KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PEInsert.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 35KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PESubsys.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 32KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PETrim.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 40KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PEWaterMark.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 50KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/PurchaseDialog.dll
.dll windows:5 windows x86 arch:x86

8da0183ae386376479d570b0d33b2b19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\PurchaseDialog\Release\PurchaseDialog.pdb

Imports

user32

DialogBoxParamA
SetWindowTextA
SetDlgItemTextA
SetWindowLongA
EndDialog
GetWindowLongA

shell32

ShellExecuteA

kernel32

GetTickCount
LCMapStringW
LCMapStringA
GetStringTypeW
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
RaiseException
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar

Exports

Exports

?InvokePurchaseDialog@@YAHPAD00@Z

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/UpdateChecker.dll
.dll windows:5 windows x86 arch:x86

e7ceca2a865aee534d99e0d2d23b8b94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\UpdateChecker\Release\UpdateChecker.pdb

Imports

comctl32

ord6

wininet

InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

kernel32

LoadLibraryA
CloseHandle
CreateThread
WaitForSingleObject
TerminateThread
GetSystemTimeAsFileTime
OutputDebugStringA
GetLocaleInfoA
FreeLibrary
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
InitializeCriticalSectionAndSpinCount
WriteFile
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
VirtualAlloc
EnterCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetCurrentThreadId
GetCommandLineA
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection

user32

DialogBoxParamA
GetDlgItem
EnableWindow
EndDialog
IsDlgButtonChecked
CheckDlgButton
SetWindowTextA
SetWindowLongA
GetWindowLongA
SetDlgItemTextA
SendMessageA
LoadIconA
LoadStringA
PostMessageA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA

cs_cpl

?GetRegString@@YAPADPAUHINSTANCE__@@HPADH@Z

shlwapi

SHDeleteEmptyKeyA

Exports

Exports

IsTimeToUpdate
IsUpdateAvailable
ShowUpdateDialog
ShowUpdateDialog2
UpdateCheckerUninstall

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/bmstrstr.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BMBinBin
BMStrStr
BMStrStri
StrLen

Sections

.text
Size: 1024B - Virtual size: 651B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/cs_cpl.dll
.dll windows:5 windows x86 arch:x86

8240ca658c24201845a82f927477a199

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceExA
FlushFileBuffers
LoadResource
CreateFileA
WriteConsoleW
GetConsoleOutputCP
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
CloseHandle
LoadLibraryA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
MultiByteToWideChar
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA

user32

LoadStringW
LoadStringA
DialogBoxParamA
GetDlgItem
SendMessageA
PostMessageA
EndDialog
MessageBoxA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA

Exports

Exports

??0CProductLanguage@@QAE@PADPAW4CS_LANGUAGE@@PAUHINSTANCE__@@2@Z
??4CProductLanguage@@QAEAAV0@ABV0@@Z
?GetLanguageFromRegistry@CProductLanguage@@AAE?AW4CS_LANGUAGE@@XZ
?GetProductLanguage@CProductLanguage@@QAE?AW4CS_LANGUAGE@@_N0@Z
?GetRegString@@YAPADPAUHINSTANCE__@@HPADH@Z
?GetRegStringW@@YAPA_WPAUHINSTANCE__@@HPA_WH@Z
?IsASupportedLanguage@CProductLanguage@@QAE_NW4CS_LANGUAGE@@@Z
?ResetLanguageSelection@CProductLanguage@@QAE_NXZ
?StoreLanguageInRegistry@CProductLanguage@@AAE_NXZ

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/localizable resources/bitmap1.bmp
PECompact2/localizable resources/installer_strings.txt
PECompact2/localizable resources/packedby_small3.bmp
PECompact2/localizable resources/pec2.ico
PECompact2/localizable resources/pec2rsrc.rc
PECompact2/localizable resources/resource.h
PECompact2/localizable resources/update checker/strings.rc
PECompact2/lzma.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 48KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2codec_aplib.dll
.dll windows:4 windows x86 arch:x86

cf133e1997971d8062f9bfd4fc44935c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
lstrcmpiA
ExitProcess
GetProcessHeap
HeapFree

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 598B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_brieflz.dll
.dll windows:4 windows x86 arch:x86

4a6a83cc422c6f8bc873ef4218b5c023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
lstrcmpiA
ExitProcess
GlobalFree

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 114B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_copy.dll
.dll windows:4 windows x86 arch:x86

db46c8ced858ea768b5397c51f0629c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
lstrcmpiA

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_crc32.dll
.dll windows:4 windows x86 arch:x86

db46c8ced858ea768b5397c51f0629c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
lstrcmpiA

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_expand.dll
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 19KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2codec_ffce.dll
.dll windows:4 windows x86 arch:x86

4a6a83cc422c6f8bc873ef4218b5c023

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
lstrcmpiA
ExitProcess
GlobalFree

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_inv.dll
.dll windows:5 windows x86 arch:x86

5306966d556ca4123d46e107c55a8f5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\pecompact2\output\pec2codec_inv.pdb

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
HeapAlloc
RaiseException
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapSize
VirtualAlloc
HeapReAlloc
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_jcalg1.dll
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 16KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2codec_lzma.dll
.dll windows:4 windows x86 arch:x86

c586ef6d782cd24e07987e632418322e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

UnregisterClassA

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 37KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2codec_lzma2.dll
.dll windows:5 windows x86 arch:x86

a10741248b2bd7c724a037ee2e392182

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\pecompact2\pec2codec_lzma\debug\pec2codec_lzma2.pdb

Imports

kernel32

VirtualAlloc
DisableThreadLibraryCalls
VirtualFree
GetProcAddress
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
RaiseException

user32

MessageBoxA

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_messagebox.dll
.dll windows:4 windows x86 arch:x86

7505654618f822b2448c2311abcc51f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
lstrcmpiA

user32

SendMessageA
GetDlgItem
GetDlgItemTextA
PostMessageA
SendDlgItemMessageA
EndDialog
MessageBoxA
DialogBoxParamA

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 779B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2codec_password.dll
.dll windows:4 windows x86 arch:x86

5f254d925cfd150944b3d21c446fb307

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpiA
ExitProcess
GetTickCount

user32

PostMessageA
SendDlgItemMessageA
EndDialog
EnableWindow
GetDlgItem
GetDlgItemTextA
DialogBoxParamA

Exports

Exports

CodecGetProcAddress
GetNumberOfCodecs

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 809B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2gui.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 81KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2hooks/miscdef.inc
PECompact2/pec2hooks/pec2hooks.h
PECompact2/pec2hooks/pec2hooks.inc
PECompact2/pec2hooks/pec2hooks_fastimport/ReadMe.txt
PECompact2/pec2hooks/pec2hooks_fastimport/fastimport.asm
PECompact2/pec2hooks/pec2hooks_fastimport/fastimport.obj
PECompact2/pec2hooks/pec2hooks_fastimport/miscdef.inc
PECompact2/pec2hooks/pec2hooks_fastimport/pec2hooks_fastimport.cpp
PECompact2/pec2hooks/pec2hooks_fastimport/pec2hooks_fastimport.def
PECompact2/pec2hooks/pec2hooks_fastimport/pec2hooks_fastimport.h
PECompact2/pec2hooks/pec2hooks_fastimport/pec2hooks_fastimport.vcproj
.xml
PECompact2/pec2hooks/pec2hooks_fastimport/stdafx.cpp
PECompact2/pec2hooks/pec2hooks_fastimport/stdafx.h
PECompact2/pec2hooks_api_ispacked.dll
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\pecompact2\output\pec2hooks_api_ispacked.pdb

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

GetHookAuthor
GetHookDataSize
GetHookName
GetPointerToHookData

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2hooks_api_watermark.dll
.dll windows:5 windows x86 arch:x86

55d5aaeefc6112652771d614145be977

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

GetHookAuthor
GetHookDataSize
GetHookName
GetPointerToHookData

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2hooks_fastimport.dll
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\pecompact2\pec2hooks_fastimport\Release\pec2hooks_fastimport.pdb

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

??4Cpec2hooks_fastimport@@QAEAAV0@ABV0@@Z
GetHookAuthor
GetHookDataSize
GetHookFlags
GetHookName
GetPointerToHookData

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2ldr_default.dll
.dll windows:5 windows x86 arch:x86

db052a05bb0a133e99379938ff773169

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

GetAuthorName
GetCompileTimeKnownPECVersion
GetCompiledOffsetOfDecoderStub
GetDecompressionStubSize
GetEntryPointStubSize
GetLoaderName
GetLoaderSize
GetPointerToDecompressionStub
GetPointerToEntryPointStub
GetPointerToLoader
GetSupportedFeatureFlags
SetUsedFeatureFlags

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2ldr_reduced.dll
.dll windows:5 windows x86 arch:x86

d0b0ab81bf0e4cd20070f6525db9fd67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\pecompact2\pec2ldr_default_slim\Release\pec2ldr_reduced.pdb

Imports

kernel32

GetCurrentThreadId
GetCommandLineA
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

GetAuthorName
GetCompileTimeKnownPECVersion
GetCompiledOffsetOfDecoderStub
GetDecompressionStubSize
GetEntryPointStubSize
GetLoaderName
GetLoaderSize
GetPointerToDecompressionStub
GetPointerToEntryPointStub
GetPointerToLoader
GetSupportedFeatureFlags
SetUsedFeatureFlags

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_brazilian.dll
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.rsrc
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2rsrc_chinese.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_dutch.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_french.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_german.dll
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_italian.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_japanese.dll
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.rsrc
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2rsrc_korean.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\dev\projs\pecompact2\output\pec2rsrc_korean.pdb

Sections

.rdata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_polish.dll
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.rdata
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/pec2rsrc_russian.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_slovenian.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/pec2rsrc_swedish.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/peclassify.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 31KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/sdk/codec/PEC2CodecSDK.h
PECompact2/sdk/codec/inv_codec_src/pec2codec_inv.cpp
PECompact2/sdk/codec/inv_codec_src/pec2codec_inv.def
PECompact2/sdk/codec/inv_codec_src/pec2codec_inv.h
PECompact2/sdk/codec/inv_codec_src/pec2codec_inv.vcproj
.xml
PECompact2/sdk/codec/inv_codec_src/stdafx.cpp
PECompact2/sdk/codec/inv_codec_src/stdafx.h
PECompact2/sdk/codec/template/Codec_0_EntryPoints.asm
PECompact2/sdk/codec/template/Codec_0_EntryPoints.cpp
PECompact2/sdk/codec/template/Codec_0_EntryPoints.h
PECompact2/sdk/codec/template/Codec_0_EntryPoints.inc
PECompact2/sdk/codec/template/pec2codec_template.def
PECompact2/sdk/codec/template/pec2codec_template.h
PECompact2/sdk/codec/template/pec2codec_template.vcproj
.xml
PECompact2/sdk/codec/template/pec2codec_template_host.cpp
PECompact2/sdk/codec/template/stdafx.h
PECompact2/testcodec.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PECompact2/uninstall.exe
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

d23fbd09100caad5e10f17163f511668

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrcpynA
GlobalAlloc
lstrcmpA
lstrlenA
GetModuleHandleA
MulDiv
lstrcpyA
GetACP

user32

SetWindowTextA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
LoadIconA
SendMessageA
ShowWindow
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_dutch.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_english.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_german.dll
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_korean.dll
.dll windows:5 windows x86 arch:x86

d056332cf3b8d6b9c5dfda1fdbccf8ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\cpeengine\Release\updatechecker_korean.pdb

Imports

msvcr90

_lock
__dllonexit
_except_handler4_common
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_onexit
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_polish.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\ProcessSupervisor\Release\updatechecker_polish.pdb

Sections

.rdata
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_russian.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_slovenian.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\cpeengine\Release\updatechecker_slovenian.pdb

Sections

.rdata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/updatechecker_swedish.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\projs\cpeengine\Release\updatechecker_swedish.pdb

Sections

.rdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PECompact2/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 98KB - Virtual size: 268KB

.rsrc Size: 4KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 31KB - Virtual size: 84KB

.rsrc Size: 3KB - Virtual size: 4KB

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 34KB - Virtual size: 92KB

.rsrc Size: 3KB - Virtual size: 4KB

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 35KB - Virtual size: 88KB

.rsrc Size: 3KB - Virtual size: 4KB

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 84KB

.rsrc Size: 4KB - Virtual size: 8KB

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 40KB - Virtual size: 140KB

.rsrc Size: 28KB - Virtual size: 32KB

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 50KB - Virtual size: 132KB

.rsrc Size: 4KB - Virtual size: 8KB

8da0183ae386376479d570b0d33b2b19

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.text
Size: 98KB - Virtual size: 268KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 31KB - Virtual size: 84KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 92KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 88KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 84KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 140KB

.rsrc
Size: 28KB - Virtual size: 32KB

.text
Size: 50KB - Virtual size: 132KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 408B

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 42KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 5KB

.text
Size: 1024B - Virtual size: 651B

.rdata
Size: 512B - Virtual size: 128B

.data
Size: 512B - Virtual size: 56B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 132KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 598B

.data
Size: 512B - Virtual size: 488B

.reloc
Size: 512B - Virtual size: 154B