eaa13e634f6d18a87658af4858dd939f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eaa13e634f6d18a87658af4858dd939f_JaffaCakes118
Size

1.1MB
MD5

eaa13e634f6d18a87658af4858dd939f
SHA1

fc91f678d472ecd7e34e0e42ea1b74eefbe18f07
SHA256

e71eb722e0477942dc8e79aed4eaa547193b59af9ae12fe2a58ef5e6fb31e74f
SHA512

0149f9caa3bf3df32397bf9b8f77e8b8b3db1b4ff56a2ef7eed3b30d0e3e921eeb56e131a50052ab8c3e82728fc5f86a26e7da39b6db9f6c98a3f7dd03cc990e
SSDEEP

24576:YWrj+8RKgBEXFzYcS+I5ii6n9mjwlqRtUTi+dbZAvqPtytlWOKNWy2VX77t:/PRRBE9LUii69mntgoSY3WR6VX3t

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 3 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/ExtraCut1.dll	aspack_v212_v242
static1/unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/ExtraCut2.dll	aspack_v212_v242
static1/unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/vorbis.dll	aspack_v212_v242

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ExtraCut(play.jb51.net)/ExtraCut/ExtraCut.exe
unpack001/ExtraCut(play.jb51.net)/ExtraCut/bass.dll
unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/ExtraCut1.dll
unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/ExtraCut2.dll
unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/ogg.dll
unpack001/ExtraCut(play.jb51.net)/ExtraCut/tools/vorbis.dll

Files

eaa13e634f6d18a87658af4858dd939f_JaffaCakes118
.rar
ExtraCut(play.jb51.net)/ExtraCut/2.9.5 .ico
ExtraCut(play.jb51.net)/ExtraCut/ExtraCut.chm
.chm
ExtraCut(play.jb51.net)/ExtraCut/ExtraCut.exe
.exe windows:4 windows x86 arch:x86

d89f46bd5a98d9a9c557fe6ceb1d826d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaVarTstGt
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLateIdCall
__vbaLineInputStr
__vbaLenBstr
__vbaStrVarMove
__vbaPut3
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
ord518
__vbaCopyBytes
__vbaVarCmpNe
__vbaStrCat
__vbaLsetFixstr
ord660
__vbaRecDestruct
__vbaSetSystemError
__vbaNameFile
__vbaHresultCheckObj
__vbaVargVarCopy
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaLateMemSt
__vbaForEachCollObj
__vbaBoolStr
ord593
__vbaExitProc
ord300
__vbaI4Abs
ord594
ord301
__vbaObjSet
ord595
__vbaStrLike
__vbaOnError
ord596
_adj_fdiv_m16i
ord303
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaFpR4
ord306
__vbaStrFixstr
__vbaBoolVar
ord520
ord307
ord309
__vbaFpR8
__vbaBoolVarNull
_CIsin
__vbaVarZero
__vbaNextEachCollObj
__vbaVargVarMove
__vbaVarCmpGt
ord632
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
ord528
ord529
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaPutOwner3
__vbaR4Str
__vbaObjVar
__vbaVarLikeVar
ord561
__vbaI2I4
DllFunctionCall
__vbaVarOr
ord670
__vbaCastObjVar
__vbaStrR4
__vbaRedimPreserve
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRedim
__vbaStrR8
__vbaRecUniToAnsi
EVENT_SINK_Release
ord600
__vbaUI1I2
_CIsqrt
__vbaObjIs
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaStrUI1
ord710
__vbaExceptHandler
ord711
ord712
__vbaPrintFile
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaLateIdStAd
__vbaVarDiv
__vbaI2Str
__vbaFailedFriend
ord607
ord608
ord530
ord716
__vbaFPException
ord717
__vbaInStrVar
__vbaStrVarVal
ord533
__vbaUbound
__vbaGetOwner4
__vbaVarCat
__vbaCheckType
ord535
__vbaI2Var
__vbaLsetFixstrFree
__vbaFileSeek
ord645
_CIlog
__vbaErrorOverflow
ord647
__vbaFileOpen
ord570
__vbaNew2
__vbaInStr
__vbaVar2Vec
ord648
__vbaR8Str
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
ord681
__vbaVarCmpLt
__vbaFreeStrList
ord576
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord685
ord578
ord100
ord579
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaVarAdd
__vbaAryLock
__vbaLateMemCall
__vbaStrComp
__vbaVarDup
__vbaStrToAnsi
__vbaVerifyVarObj
__vbaFpI2
__vbaVarCopy
__vbaVarLateMemCallLd
__vbaFpI4
__vbaR8IntI2
__vbaRecDestructAnsi
__vbaLateMemCallLd
ord617
_CIatan
__vbaCastObj
__vbaStrMove
__vbaAryCopy
ord619
__vbaR8IntI4
_allmul
__vbaLenVarB
__vbaLateIdSt
__vbaLateMemCallSt
_CItan
__vbaAryUnlock
__vbaFPInt
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581

Sections

.text
Size: 644KB - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 848KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ExtraCut(play.jb51.net)/ExtraCut/bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetEAXMix
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelPreBuf
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetFlags
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetAttribute
BASS_MusicGetName
BASS_MusicGetOrderPosition
BASS_MusicGetOrders
BASS_MusicLoad
BASS_MusicSetAttribute
BASS_Pause
BASS_PluginFree
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamGetTags
BASS_Update
_

Sections

Size: 85KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtraCut(play.jb51.net)/ExtraCut/tools/ExtraCut1.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

?AsyncNotifyProc@CAsyncNetThread@@KGJPAUHWND__@@IIJ@Z
?AsyncNotifyProc@CAsyncSockN@@KGJPAUHWND__@@IIJ@Z
?CPNSiteStatusTextProc@@YGJPAUHWND__@@IIJ@Z
?CPNSiteWindowedProc@@YGJPAUHWND__@@IIJ@Z
?CRNSiteWindowedProc@@YGJPAUHWND__@@IIJ@Z
?PNxSubclassProc@@YGJPAUHWND__@@IIJ@Z
?PNxSubclassProcFroFullScreen@@YGJPAUHWND__@@IIJ@Z
?RNxHookAllMessages@@YGJHIJ@Z
?RNxHookChar@@YGJHIJ@Z
?RNxHookSiteProc@@YGJPAUHWND__@@IIJ@Z
?WinDrawHelperCallWndProc@@YGJHIJ@Z
?WindowProc@CPNFullScreenWindow@@SGJPAUHWND__@@IIJ@Z
?WindowProc@CPNNewFullScreenWindow@@SGJPAUHWND__@@IIJ@Z
RMACreateAsmConversionFilter
RMACreateRM1Merge
RMACreateRM2Converter
RMACreateRM2Converter2
RMClose
RMInit
RMMerge
RMMergeConvert
_windraw_GetColorConverter@8
_windraw_InitColorConverter@0
_windraw_ScanAllCompatibleColorFormats@12
_windraw_ScanCompatibleColorFormats@16
_windraw_SetRGB8Palette@12
_windraw_SuggestRGB8Palette@8

Sections

.text
Size: 164KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtraCut(play.jb51.net)/ExtraCut/tools/ExtraCut2.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

RMACreateRMEdit
RMACreateRMEvents
RMACreateRMFF2Reader
RMACreateRMFFCopy
RMACreateRMFFDump
RMACreateRMFile
RMACreateRealMediaRegistration
SetDLLAccessPath

Sections

.text
Size: 109KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtraCut(play.jb51.net)/ExtraCut/tools/ogg.dll
.dll windows:4 windows x86 arch:x86

9eafc5d28eca8275d632e7cc55ca88c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr70

realloc
memmove
memchr
_initterm
malloc
__dllonexit
_onexit
_except_handler3
_adjust_fdiv
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

ogg_packet_clear
ogg_page_bos
ogg_page_continued
ogg_page_eos
ogg_page_granulepos
ogg_page_packets
ogg_page_pageno
ogg_page_serialno
ogg_page_version
ogg_stream_clear
ogg_stream_destroy
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_packetpeek
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_sync_buffer
ogg_sync_clear
ogg_sync_destroy
ogg_sync_init
ogg_sync_pageout
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
oggpack_adv
oggpack_adv1
oggpack_adv_huff
oggpack_bits
oggpack_bytes
oggpack_get_buffer
oggpack_look
oggpack_look1
oggpack_look_huff
oggpack_read
oggpack_read1
oggpack_readinit
oggpack_reset
oggpack_write
oggpack_writeclear
oggpack_writeinit

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 198B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtraCut(play.jb51.net)/ExtraCut/tools/vorbis.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

_floor_P
_mapping_P
_residue_P
_time_P
_vi_psy_copy
residue_free_info
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_comment_query
vorbis_comment_query_count
vorbis_commentheader_out
vorbis_dsp_clear
vorbis_info_blocksize
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_headerin
vorbis_synthesis_init
vorbis_synthesis_pcmout
vorbis_synthesis_read

Sections

.text
Size: 48KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtraCut(play.jb51.net)/p2p种子搜索神器.url
.url
ExtraCut(play.jb51.net)/去脚本之家看看.url
ExtraCut(play.jb51.net)/快播播放器下载_播放器之家_play.jb51.net.url
.url
ExtraCut(play.jb51.net)/电影搜索神器.url
.url
ExtraCut(play.jb51.net)/种子搜索神器.url
.url

Sharing

General

Malware Config

Signatures

Files

d89f46bd5a98d9a9c557fe6ceb1d826d

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 644KB - Virtual size: 642KB

.data Size: 4KB - Virtual size: 23KB

.rsrc Size: 848KB - Virtual size: 847KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 85KB - Virtual size: 244KB

.rsrc Size: 568B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 424KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 68KB

.rsrc Size: 3KB - Virtual size: 12KB

.reloc Size: 10KB - Virtual size: 20KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 280KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 19KB - Virtual size: 36KB

.rsrc Size: 2KB - Virtual size: 8KB

.reloc Size: 6KB - Virtual size: 12KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

9eafc5d28eca8275d632e7cc55ca88c9

Headers

File Characteristics

Imports

msvcr70

kernel32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 198B

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 92KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 12KB

.reloc Size: 2KB - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 644KB - Virtual size: 642KB

.data
Size: 4KB - Virtual size: 23KB

.rsrc
Size: 848KB - Virtual size: 847KB

.rsrc
Size: 568B - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 424KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 68KB

.rsrc
Size: 3KB - Virtual size: 12KB

.reloc
Size: 10KB - Virtual size: 20KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 109KB - Virtual size: 280KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 19KB - Virtual size: 36KB

.rsrc
Size: 2KB - Virtual size: 8KB

.reloc
Size: 6KB - Virtual size: 12KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 198B

.text
Size: 48KB - Virtual size: 92KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 12KB

.reloc
Size: 2KB - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB