eb6ad74ce7e38c55ad52d65abd7145f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb6ad74ce7e38c55ad52d65abd7145f7_JaffaCakes118
Size

5.2MB
MD5

eb6ad74ce7e38c55ad52d65abd7145f7
SHA1

bf027ee37c65dad1ac4b2f1a3e8a1879cc2d278c
SHA256

8f1c7e848890a1f8c9f5addb54036ff8b2135eb7578a37f9666532458a22d58e
SHA512

3770ab8592c91ef20ff65c688dc819a1dbd872b6e31a60c6aa7ed1597390b891888b472e45a265b02bc4e72be38b4294e88654166a99ff1827046a437547655a
SSDEEP

98304:k0ZIvd73Iyz8XmSiAenjzTEjzP5yyycl1SO54jvYQoKup0ltsY/5P/TFd:LIV71imSmPTE/P5vycl1PuwQ520l/Pb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/gamebox/bin/GameBox.exe
unpack001/gamebox/bin/GdiPlus.dll
unpack001/gamebox/bin/StaticClient.exe
unpack001/gamebox/bin/kxTransfer.dll
unpack001/gamebox/bin/update.exe

Files

eb6ad74ce7e38c55ad52d65abd7145f7_JaffaCakes118
.rar
gamebox/bin/GameBox.exe
.exe windows:5 windows x86 arch:x86

59d558ba694d8443a244aa4aaabc8e76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\WorkSpace\Desktop\GameBox\source\Release\GameBox.pdb

Imports

gdiplus

GdipCreateBitmapFromFile
GdipCloneImage
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipSetImageAttributesWrapMode
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipDeleteFont
GdipCreateFont
GdipCreateFontFamilyFromName
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipFillRectangleI
GdipCreateSolidFill
GdipCloneBrush
GdipDeleteBrush
GdipAlloc
GdipFree
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRect
GdipDeleteGraphics
GdipDeleteFontFamily
GdipCreateFromHDC

kxtransfer

?StopThread@CSingleThreadManager@@MAEXXZ
??1CAsyncPostHttpFile@@UAE@XZ
?CreateThread@CSingleThreadManager@@MAEHPAUHWND__@@IP6GKPAX@Z1@Z
?AsyncMainThread@CAsyncHttpFile@@KGKPAX@Z
?BeforeStartThread@CAsyncHttpFile@@MAEXXZ
?StartThread@CSingleThreadManager@@MAEHXZ
?PostMessageW@CSingleThreadManager@@MAEHI@Z
?AsyncInternetOpen@CAsyncHttpFile@@MAEHXZ
?AsyncInternetRequest@CAsyncPostHttpFile@@MAEHXZ
?AsyncHttpQueryInfo@CAsyncHttpFile@@MAEHXZ
?AsyncInternetReadFile@CAsyncHttpFile@@MAEHXZ
?SafeCloseIntenetHandle@CAsyncHttpFile@@MAEXXZ
?SafeStopCallbackThread@CAsyncHttpFile@@MAEXXZ
?SafeCloseFileHandle@CAsyncPostHttpFile@@MAEXXZ
?WaitExitEvent@CAsyncHttpFile@@MAEHXZ
?GetBuffer@CAsyncHttpFile@@MAEXXZ
?ReleaseBuffer@CAsyncHttpFile@@MAEXXZ
?AsyncHttpOpenRequest@CAsyncPostHttpFile@@MAEHXZ
?ReleaseInternetBuf@CAsyncPostHttpFile@@MAEXPAU_INTERNET_BUFFERSW@@@Z
?NotifyMainThreadExit@CAsyncHttpFile@@MAEXXZ
?GetContent@CAsyncHttpFile@@UAEPBDXZ
?GetContentLength@CAsyncHttpFile@@UAEKXZ
?GetLastModifiedTime@CAsyncHttpFile@@UAEABU_SYSTEMTIME@@XZ
?GetStatusCode@CAsyncHttpFile@@UAEKXZ
?Stop@CAsyncHttpFile@@UAEXXZ
??0CAsyncGetHttpFile@@QAE@PB_W@Z
??1CAsyncGetHttpFile@@UAE@XZ
?s_wMsg_Success@CAsyncHttpFile@@2GB
?s_wMsg_Fail@CAsyncHttpFile@@2GB
??0CAsyncPostHttpFile@@QAE@PB_W@Z

mfc90u

ord3340
ord4641
ord2090
ord5171
ord5285
ord4677
ord5945
ord3009
ord5861
ord1462
ord6044
ord5606
ord2239
ord2204
ord6762
ord2867
ord2859
ord4994
ord6801
ord4042
ord588
ord793
ord5624
ord4693
ord1441
ord3681
ord5601
ord4378
ord5294
ord5297
ord4800
ord4805
ord4802
ord4820
ord4823
ord4807
ord5210
ord5020
ord4599
ord4590
ord5418
ord5214
ord4622
ord5224
ord4865
ord4866
ord6547
ord6096
ord2593
ord6187
ord4516
ord6579
ord4741
ord2901
ord3819
ord4007
ord415
ord670
ord5615
ord4685
ord3225
ord6375
ord4697
ord1380
ord2369
ord5655
ord5598
ord4344
ord1681
ord4429
ord2650
ord2651
ord3287
ord5803
ord980
ord6381
ord3230
ord6379
ord3229
ord5338
ord3232
ord4553
ord4730
ord5450
ord5447
ord2860
ord2079
ord2445
ord5354
ord4985
ord6687
ord5938
ord4530
ord3953
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord4347
ord4996
ord5680
ord5663
ord6018
ord3115
ord4905
ord3670
ord2490
ord665
ord406
ord2447
ord5675
ord5567
ord617
ord341
ord996
ord570
ord4441
ord6482
ord1098
ord1186
ord4211
ord794
ord589
ord4043
ord2695
ord5979
ord1599
ord5851
ord2694
ord2479
ord6013
ord4405
ord811
ord3962
ord6808
ord6604
ord280
ord3035
ord1745
ord4131
ord778
ord3654
ord4660
ord1719
ord2283
ord3933
ord795
ord590
ord654
ord3807
ord4410
ord4541
ord2263
ord744
ord524
ord5182
ord5653
ord4000
ord3637
ord639
ord374
ord3794
ord613
ord337
ord2592
ord4527
ord1354
ord1353
ord2597
ord6065
ord2097
ord4044
ord2069
ord6091
ord3543
ord2106
ord296
ord2537
ord1183
ord3486
ord636
ord367
ord611
ord595
ord797
ord4681
ord3286
ord5650
ord5664
ord6800
ord4652
ord1493
ord6411
ord3355
ord1665
ord3768
ord265
ord266
ord799
ord5632
ord5167
ord5324
ord2208
ord1810
ord1809
ord1675
ord3353
ord6408
ord1754
ord1751
ord4345
ord1492
ord4664
ord5602
ord2074
ord5512
ord4603
ord3743
ord5154
ord4702
ord1728
ord6466
ord5685
ord5683
ord960
ord965
ord969
ord967
ord971
ord2615
ord2635
ord2619
ord2625
ord2623
ord2621
ord2638
ord2633
ord2617
ord2640
ord2628
ord2610
ord2612
ord2630
ord2375
ord2368
ord1641
ord6802
ord4174
ord6804
ord3682
ord5404
ord6376
ord3226
ord1442
ord5625
ord2139
ord1792
ord1791
ord1727
ord2771
ord2983
ord3112
ord4728
ord2966
ord3140
ord2774
ord2893
ord2764
ord4080
ord4081
ord4071
ord2891
ord4348
ord4910
ord4682
ord4631
ord1047
ord6577
ord600
ord286
ord5008
ord1938
ord790
ord586
ord801
ord6439
ord6553
ord4906
ord4684
ord5137
ord650
ord388
ord4004
ord3803
ord935
ord938
ord2364
ord6666
ord2596
ord1357
ord2130
ord3577
ord2282
ord4512
ord813
ord1486
ord1137
ord1108
ord4295
ord5939
ord1607
ord285
ord3220
ord4448
ord1250
ord4423
ord949
ord1272
ord3948

msvcr90

_invoke_watson
?terminate@@YAXXZ
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
memcpy
_encode_pointer
__p__fmode
__p__commode
_controlfp_s
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_adjust_fdiv
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
sscanf
_purecall
memset
_CxxThrowException
__CxxFrameHandler3
sprintf
wcsncpy_s
rand
_time64
srand
_wcsnicmp
memmove_s
_wtoi
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
__iob_func
fwprintf
free
malloc
wprintf
__setusermatherr
swprintf_s

kernel32

lstrlenW
lstrcpynW
InterlockedDecrement
GetLastError
WriteFile
ReadFile
CloseHandle
GetModuleFileNameW
GlobalAlloc
GlobalFree
GetPrivateProfileStringW
WritePrivateProfileStringW
CreateMutexW
GetCommandLineW
GetStartupInfoW
CreateProcessW
GetLocalTime
DeleteFileW
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
HeapFree
GetProcessHeap
InterlockedExchange
Sleep
InterlockedCompareExchange
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent
UnhandledExceptionFilter
GetCurrentProcess
CreateFileW
TerminateProcess

user32

SetTimer
FindWindowW
CharLowerBuffW
GetLastActivePopup
SetForegroundWindow
RegisterWindowMessageW
LoadIconW
GetDesktopWindow
IsIconic
KillTimer
ShowWindow
LoadMenuW
IsWindowVisible
GetSubMenu
GetCursorPos
MessageBoxW
PostQuitMessage
UpdateWindow
InflateRect
OffsetRect
SetWindowRgn
SetWindowLongW
GetSystemMetrics
DrawIcon
IsZoomed
GetWindowLongW
LoadCursorW
SetCursor
InvalidateRect
IsWindow
TrackMouseEvent
CopyRect
GetParent
GetWindowRect
GetClientRect
EnableWindow
SendMessageW

gdi32

TextOutW
Rectangle
CombineRgn
CreateRectRgn
CreateRoundRectRgn
DeleteObject
Arc
CreatePen
GetStockObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject

advapi32

CryptReleaseContext
CryptGetHashParam
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW
CryptDecrypt
CryptAcquireContextW
CryptDestroyHash
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptDestroyKey

shell32

ShellExecuteW
Shell_NotifyIconW
CommandLineToArgvW

comctl32

InitCommonControlsEx

oleaut32

VariantClear
VarBstrCmp
SysStringLen
SysFreeString
SysAllocString

ws2_32

WSAStartup

msvcp90

??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?length@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?empty@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE_NXZ
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

iphlpapi

GetAdaptersInfo

wininet

InternetCrackUrlW

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gamebox/bin/GdiPlus.dll
.dll windows:6 windows x86 arch:x86

ef4c749f5dec4632456950949469f18c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

gdiplus.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
memmove
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
_CIatan2
_CIsqrt
_CIsin
_CIcos
??3@YAXPAX@Z
_iob
_CIexp
_CIatan
_vsnprintf
_vsnwprintf
_errno
memset
memcpy
_purecall
_CIlog

kernel32

GetFileInformationByHandle
RaiseException
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InterlockedCompareExchange
HeapAlloc
InterlockedExchange
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
DisableThreadLibraryCalls
HeapFree
VirtualAlloc
GetProcAddress
GetModuleHandleW
GetSystemInfo
GetVersion
HeapReAlloc
CloseHandle
WaitForSingleObject
SetEvent
lstrcmpiA
IsValidLocale
ConvertDefaultLocale
GetLocaleInfoW
GetModuleFileNameW
GetModuleFileNameA
FindResourceA
LockResource
GetProfileIntA
GetProfileStringA
lstrcmpiW
LocalReAlloc
MulDiv
SetLastError
LocalAlloc
LocalFree
IsDBCSLeadByteEx
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
Sleep
GetFileTime
SearchPathW
SearchPathA
GetOEMCP
SetEndOfFile
WriteFile
SetFilePointer
ReadFile
UnlockFile
LoadResource
LockFile
FlushFileBuffers
CreateSemaphoreA
CreateFileW
LoadLibraryW
GetSystemDirectoryA
CreateFileMappingW
ReleaseSemaphore
GetFileAttributesW
GetProfileSectionA
GetLastError
VirtualFree
GlobalAlloc
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
HeapCreate
GetModuleHandleA
FreeLibrary
HeapDestroy
LoadLibraryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetVersionExA
GetACP
GetSystemDefaultLCID
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CreateEventA
CreateThread

user32

ReleaseDC
GetDC
GetSysColor
UnregisterClassA
DestroyWindow
GetSystemMetrics
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
RegisterClassA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageA
GetClientRect
GetDesktopWindow
GetWindowRect
WindowFromDC
CreateIconIndirect
LoadBitmapW
LoadBitmapA
ClientToScreen
SystemParametersInfoA
GetClassLongA
GetWindowLongA
GetDCEx
GetIconInfo

gdi32

ModifyWorldTransform
GetTextCharsetInfo
TranslateCharsetInfo
GetCurrentPositionEx
ArcTo
SetArcDirection
GetPath
AbortPath
FlattenPath
WidenPath
Ellipse
AngleArc
RoundRect
PolyDraw
Pie
Chord
Arc
OffsetClipRgn
GetRgnBox
CombineRgn
SetPaletteEntries
ResizePalette
ExcludeClipRect
PlayEnhMetaFile
GetWinMetaFileBits
PlgBlt
BitBlt
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineTransform
SetMapperFlags
CreateDIBitmap
CreatePen
CreatePatternBrush
GetBkMode
GetTextAlign
ExtCreateRegion
Polyline
PolyPolyline
StrokeAndFillPath
FillPath
SetPolyFillMode
PolyBezier
SelectClipPath
BeginPath
PolylineTo
PolyBezierTo
MoveToEx
CloseFigure
EndPath
StrokePath
ExtSelectClipRgn
GetPixel
ExtTextOutA
CreateSolidBrush
SetMiterLimit
FillRgn
GetDIBColorTable
GetNearestPaletteIndex
StretchBlt
CreateCompatibleBitmap
ExtCreatePen
GetWorldTransform
GetROP2
Rectangle
Polygon
SetBrushOrgEx
GetClipRgn
SelectClipRgn
GetBkColor
GetTextColor
CreatePenIndirect
GetObjectW
DPtoLP
CreateDIBPatternBrushPt
GetNearestColor
SetStretchBltMode
StretchDIBits
SetTextAlign
SetTextJustification
SetROP2
PolyPolygon
IntersectClipRect
PlayMetaFileRecord
ExtTextOutW
SetBitmapBits
SetDIBColorTable
CreateEnhMetaFileW
GdiComment
GetMetaFileW
GetMetaFileA
GetEnhMetaFileW
GetEnhMetaFileA
SaveDC
SetWindowOrgEx
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
GetEnhMetaFileBits
CopyEnhMetaFileA
CopyMetaFileA
DeleteMetaFile
GetEnhMetaFileHeader
SetMetaFileBitsEx
SetEnhMetaFileBits
CreateEnhMetaFileA
SetMapMode
SetViewportExtEx
SetWindowExtEx
PlayMetaFile
CloseEnhMetaFile
DeleteEnhMetaFile
SetMetaRgn
GetObjectType
GetMetaFileBitsEx
EnumMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
RestoreDC
GetStockObject
CreateBitmap
SetTextColor
SetBkColor
SetBkMode
SetDIBits
CreateBrushIndirect
PatBlt
GdiFlush
GetPaletteEntries
RealizePalette
CreateDIBSection
CreateCompatibleDC
GetDIBits
GetCurrentObject
GetObjectA
GetDCOrgEx
Escape
SetICMMode
GetMapMode
GetViewportOrgEx
GetWindowOrgEx
GetGraphicsMode
GetViewportExtEx
GetWindowExtEx
LPtoDP
GetRandomRgn
ExtEscape
CreateRectRgn
CreateICA
CreateDCA
DeleteDC
GetRegionData
CreateFontIndirectA
CreateFontIndirectW
SelectObject
EnumFontFamiliesExW
EnumFontFamiliesExA
GetTextMetricsW
GetTextFaceW
GetTextMetricsA
GetTextFaceA
SelectPalette
DeleteObject
GetDeviceCaps
GetSystemPaletteUse
GetSystemPaletteEntries
CreatePalette
LineTo

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

advapi32

RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegEnumKeyExA
RegOpenKeyW
RegOpenKeyA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueW
RegCloseKey
RegEnumValueA
RegDeleteKeyW
RegSetValueExA
RegSetValueExW

Exports

Exports

GdipAddPathArc
GdipAddPathArcI
GdipAddPathBezier
GdipAddPathBezierI
GdipAddPathBeziers
GdipAddPathBeziersI
GdipAddPathClosedCurve
GdipAddPathClosedCurve2
GdipAddPathClosedCurve2I
GdipAddPathClosedCurveI
GdipAddPathCurve
GdipAddPathCurve2
GdipAddPathCurve2I
GdipAddPathCurve3
GdipAddPathCurve3I
GdipAddPathCurveI
GdipAddPathEllipse
GdipAddPathEllipseI
GdipAddPathLine
GdipAddPathLine2
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathPath
GdipAddPathPie
GdipAddPathPieI
GdipAddPathPolygon
GdipAddPathPolygonI
GdipAddPathRectangle
GdipAddPathRectangleI
GdipAddPathRectangles
GdipAddPathRectanglesI
GdipAddPathString
GdipAddPathStringI
GdipAlloc
GdipBeginContainer
GdipBeginContainer2
GdipBeginContainerI
GdipBitmapGetPixel
GdipBitmapLockBits
GdipBitmapSetPixel
GdipBitmapSetResolution
GdipBitmapUnlockBits
GdipClearPathMarkers
GdipCloneBitmapArea
GdipCloneBitmapAreaI
GdipCloneBrush
GdipCloneCustomLineCap
GdipCloneFont
GdipCloneFontFamily
GdipCloneImage
GdipCloneImageAttributes
GdipCloneMatrix
GdipClonePath
GdipClonePen
GdipCloneRegion
GdipCloneStringFormat
GdipClosePathFigure
GdipClosePathFigures
GdipCombineRegionPath
GdipCombineRegionRect
GdipCombineRegionRectI
GdipCombineRegionRegion
GdipComment
GdipCreateAdjustableArrowCap
GdipCreateBitmapFromDirectDrawSurface
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromHICON
GdipCreateBitmapFromResource
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateCachedBitmap
GdipCreateCustomLineCap
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFontFromLogfontW
GdipCreateFromHDC
GdipCreateFromHDC2
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipCreateHBITMAPFromBitmap
GdipCreateHICONFromBitmap
GdipCreateHalftonePalette
GdipCreateHatchBrush
GdipCreateImageAttributes
GdipCreateLineBrush
GdipCreateLineBrushFromRect
GdipCreateLineBrushFromRectI
GdipCreateLineBrushFromRectWithAngle
GdipCreateLineBrushFromRectWithAngleI
GdipCreateLineBrushI
GdipCreateMatrix
GdipCreateMatrix2
GdipCreateMatrix3
GdipCreateMatrix3I
GdipCreateMetafileFromEmf
GdipCreateMetafileFromFile
GdipCreateMetafileFromStream
GdipCreateMetafileFromWmf
GdipCreateMetafileFromWmfFile
GdipCreatePath
GdipCreatePath2
GdipCreatePath2I
GdipCreatePathGradient
GdipCreatePathGradientFromPath
GdipCreatePathGradientI
GdipCreatePathIter
GdipCreatePen1
GdipCreatePen2
GdipCreateRegion
GdipCreateRegionHrgn
GdipCreateRegionPath
GdipCreateRegionRect
GdipCreateRegionRectI
GdipCreateRegionRgnData
GdipCreateSolidFill
GdipCreateStreamOnFile
GdipCreateStringFormat
GdipCreateTexture
GdipCreateTexture2
GdipCreateTexture2I
GdipCreateTextureIA
GdipCreateTextureIAI
GdipDeleteBrush
GdipDeleteCachedBitmap
GdipDeleteCustomLineCap
GdipDeleteFont
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeleteMatrix
GdipDeletePath
GdipDeletePathIter
GdipDeletePen
GdipDeletePrivateFontCollection
GdipDeleteRegion
GdipDeleteStringFormat
GdipDisposeImage
GdipDisposeImageAttributes
GdipDrawArc
GdipDrawArcI
GdipDrawBezier
GdipDrawBezierI
GdipDrawBeziers
GdipDrawBeziersI
GdipDrawCachedBitmap
GdipDrawClosedCurve
GdipDrawClosedCurve2
GdipDrawClosedCurve2I
GdipDrawClosedCurveI
GdipDrawCurve
GdipDrawCurve2
GdipDrawCurve2I
GdipDrawCurve3
GdipDrawCurve3I
GdipDrawCurveI
GdipDrawDriverString
GdipDrawEllipse
GdipDrawEllipseI
GdipDrawImage
GdipDrawImageI
GdipDrawImagePointRect
GdipDrawImagePointRectI
GdipDrawImagePoints
GdipDrawImagePointsI
GdipDrawImagePointsRect
GdipDrawImagePointsRectI
GdipDrawImageRect
GdipDrawImageRectI
GdipDrawImageRectRect
GdipDrawImageRectRectI
GdipDrawLine
GdipDrawLineI
GdipDrawLines
GdipDrawLinesI
GdipDrawPath
GdipDrawPie
GdipDrawPieI
GdipDrawPolygon
GdipDrawPolygonI
GdipDrawRectangle
GdipDrawRectangleI
GdipDrawRectangles
GdipDrawRectanglesI
GdipDrawString
GdipEmfToWmfBits
GdipEndContainer
GdipEnumerateMetafileDestPoint
GdipEnumerateMetafileDestPointI
GdipEnumerateMetafileDestPoints
GdipEnumerateMetafileDestPointsI
GdipEnumerateMetafileDestRect
GdipEnumerateMetafileDestRectI
GdipEnumerateMetafileSrcRectDestPoint
GdipEnumerateMetafileSrcRectDestPointI
GdipEnumerateMetafileSrcRectDestPoints
GdipEnumerateMetafileSrcRectDestPointsI
GdipEnumerateMetafileSrcRectDestRect
GdipEnumerateMetafileSrcRectDestRectI
GdipFillClosedCurve
GdipFillClosedCurve2
GdipFillClosedCurve2I
GdipFillClosedCurveI
GdipFillEllipse
GdipFillEllipseI
GdipFillPath
GdipFillPie
GdipFillPieI
GdipFillPolygon
GdipFillPolygon2
GdipFillPolygon2I
GdipFillPolygonI
GdipFillRectangle
GdipFillRectangleI
GdipFillRectangles
GdipFillRectanglesI
GdipFillRegion
GdipFlattenPath
GdipFlush
GdipFree
GdipGetAdjustableArrowCapFillState
GdipGetAdjustableArrowCapHeight
GdipGetAdjustableArrowCapMiddleInset
GdipGetAdjustableArrowCapWidth
GdipGetAllPropertyItems
GdipGetBrushType
GdipGetCellAscent
GdipGetCellDescent
GdipGetClip
GdipGetClipBounds
GdipGetClipBoundsI
GdipGetCompositingMode
GdipGetCompositingQuality
GdipGetCustomLineCapBaseCap
GdipGetCustomLineCapBaseInset
GdipGetCustomLineCapStrokeCaps
GdipGetCustomLineCapStrokeJoin
GdipGetCustomLineCapType
GdipGetCustomLineCapWidthScale
GdipGetDC
GdipGetDpiX
GdipGetDpiY
GdipGetEmHeight
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipGetFamily
GdipGetFamilyName
GdipGetFontCollectionFamilyCount
GdipGetFontCollectionFamilyList
GdipGetFontHeight
GdipGetFontHeightGivenDPI
GdipGetFontSize
GdipGetFontStyle
GdipGetFontUnit
GdipGetGenericFontFamilyMonospace
GdipGetGenericFontFamilySansSerif
GdipGetGenericFontFamilySerif
GdipGetHatchBackgroundColor
GdipGetHatchForegroundColor
GdipGetHatchStyle
GdipGetHemfFromMetafile
GdipGetImageAttributesAdjustedPalette
GdipGetImageBounds
GdipGetImageDecoders
GdipGetImageDecodersSize
GdipGetImageDimension
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageFlags
GdipGetImageGraphicsContext
GdipGetImageHeight
GdipGetImageHorizontalResolution
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageThumbnail
GdipGetImageType
GdipGetImageVerticalResolution
GdipGetImageWidth
GdipGetInterpolationMode
GdipGetLineBlend
GdipGetLineBlendCount
GdipGetLineColors
GdipGetLineGammaCorrection
GdipGetLinePresetBlend
GdipGetLinePresetBlendCount
GdipGetLineRect
GdipGetLineRectI
GdipGetLineSpacing
GdipGetLineTransform
GdipGetLineWrapMode
GdipGetLogFontA
GdipGetLogFontW
GdipGetMatrixElements
GdipGetMetafileDownLevelRasterizationLimit
GdipGetMetafileHeaderFromEmf
GdipGetMetafileHeaderFromFile
GdipGetMetafileHeaderFromMetafile
GdipGetMetafileHeaderFromStream
GdipGetMetafileHeaderFromWmf
GdipGetNearestColor
GdipGetPageScale
GdipGetPageUnit
GdipGetPathData
GdipGetPathFillMode
GdipGetPathGradientBlend
GdipGetPathGradientBlendCount
GdipGetPathGradientCenterColor
GdipGetPathGradientCenterPoint
GdipGetPathGradientCenterPointI
GdipGetPathGradientFocusScales
GdipGetPathGradientGammaCorrection
GdipGetPathGradientPath
GdipGetPathGradientPointCount
GdipGetPathGradientPresetBlend
GdipGetPathGradientPresetBlendCount
GdipGetPathGradientRect
GdipGetPathGradientRectI
GdipGetPathGradientSurroundColorCount
GdipGetPathGradientSurroundColorsWithCount
GdipGetPathGradientTransform
GdipGetPathGradientWrapMode
GdipGetPathLastPoint
GdipGetPathPoints
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPathWorldBounds
GdipGetPathWorldBoundsI
GdipGetPenBrushFill
GdipGetPenColor
GdipGetPenCompoundArray
GdipGetPenCompoundCount
GdipGetPenCustomEndCap
GdipGetPenCustomStartCap
GdipGetPenDashArray
GdipGetPenDashCap197819
GdipGetPenDashCount
GdipGetPenDashOffset
GdipGetPenDashStyle
GdipGetPenEndCap
GdipGetPenFillType
GdipGetPenLineJoin
GdipGetPenMiterLimit
GdipGetPenMode
GdipGetPenStartCap
GdipGetPenTransform
GdipGetPenUnit
GdipGetPenWidth
GdipGetPixelOffsetMode
GdipGetPointCount
GdipGetPropertyCount
GdipGetPropertyIdList
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipGetPropertySize
GdipGetRegionBounds
GdipGetRegionBoundsI
GdipGetRegionData
GdipGetRegionDataSize
GdipGetRegionHRgn
GdipGetRegionScans
GdipGetRegionScansCount
GdipGetRegionScansI
GdipGetRenderingOrigin
GdipGetSmoothingMode
GdipGetSolidFillColor
GdipGetStringFormatAlign
GdipGetStringFormatDigitSubstitution
GdipGetStringFormatFlags
GdipGetStringFormatHotkeyPrefix
GdipGetStringFormatLineAlign
GdipGetStringFormatMeasurableCharacterRangeCount
GdipGetStringFormatTabStopCount
GdipGetStringFormatTabStops
GdipGetStringFormatTrimming
GdipGetTextContrast
GdipGetTextRenderingHint
GdipGetTextureImage
GdipGetTextureTransform
GdipGetTextureWrapMode
GdipGetVisibleClipBounds
GdipGetVisibleClipBoundsI
GdipGetWorldTransform
GdipGraphicsClear
GdipImageForceValidation
GdipImageGetFrameCount
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipInvertMatrix
GdipIsClipEmpty
GdipIsEmptyRegion
GdipIsEqualRegion
GdipIsInfiniteRegion
GdipIsMatrixEqual
GdipIsMatrixIdentity
GdipIsMatrixInvertible
GdipIsOutlineVisiblePathPoint
GdipIsOutlineVisiblePathPointI
GdipIsStyleAvailable
GdipIsVisibleClipEmpty
GdipIsVisiblePathPoint
GdipIsVisiblePathPointI
GdipIsVisiblePoint
GdipIsVisiblePointI
GdipIsVisibleRect
GdipIsVisibleRectI
GdipIsVisibleRegionPoint
GdipIsVisibleRegionPointI
GdipIsVisibleRegionRect
GdipIsVisibleRegionRectI
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipMeasureCharacterRanges
GdipMeasureDriverString
GdipMeasureString
GdipMultiplyLineTransform
GdipMultiplyMatrix
GdipMultiplyPathGradientTransform
GdipMultiplyPenTransform
GdipMultiplyTextureTransform
GdipMultiplyWorldTransform
GdipNewInstalledFontCollection
GdipNewPrivateFontCollection
GdipPathIterCopyData
GdipPathIterEnumerate
GdipPathIterGetCount
GdipPathIterGetSubpathCount
GdipPathIterHasCurve
GdipPathIterIsValid
GdipPathIterNextMarker
GdipPathIterNextMarkerPath
GdipPathIterNextPathType
GdipPathIterNextSubpath
GdipPathIterNextSubpathPath
GdipPathIterRewind
GdipPlayMetafileRecord
GdipPrivateAddFontFile
GdipPrivateAddMemoryFont
GdipRecordMetafile
GdipRecordMetafileFileName
GdipRecordMetafileFileNameI
GdipRecordMetafileI
GdipRecordMetafileStream
GdipRecordMetafileStreamI
GdipReleaseDC
GdipRemovePropertyItem
GdipResetClip
GdipResetImageAttributes
GdipResetLineTransform
GdipResetPageTransform
GdipResetPath
GdipResetPathGradientTransform
GdipResetPenTransform
GdipResetTextureTransform
GdipResetWorldTransform
GdipRestoreGraphics
GdipReversePath
GdipRotateLineTransform
GdipRotateMatrix
GdipRotatePathGradientTransform
GdipRotatePenTransform
GdipRotateTextureTransform
GdipRotateWorldTransform
GdipSaveAdd
GdipSaveAddImage
GdipSaveGraphics
GdipSaveImageToFile
GdipSaveImageToStream
GdipScaleLineTransform
GdipScaleMatrix
GdipScalePathGradientTransform
GdipScalePenTransform
GdipScaleTextureTransform
GdipScaleWorldTransform
GdipSetAdjustableArrowCapFillState
GdipSetAdjustableArrowCapHeight
GdipSetAdjustableArrowCapMiddleInset
GdipSetAdjustableArrowCapWidth
GdipSetClipGraphics
GdipSetClipHrgn
GdipSetClipPath
GdipSetClipRect
GdipSetClipRectI
GdipSetClipRegion
GdipSetCompositingMode
GdipSetCompositingQuality
GdipSetCustomLineCapBaseCap
GdipSetCustomLineCapBaseInset
GdipSetCustomLineCapStrokeCaps
GdipSetCustomLineCapStrokeJoin

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gamebox/bin/StaticClient.exe
.exe windows:5 windows x86 arch:x86

1a1b83a3b4e91d8364e12e682a1aa0f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\WorkSpace\Desktop\GameBox\source\Release\StaticClient.pdb

Imports

kxtransfer

?s_wMsg_Fail@CAsyncHttpFile@@2GB
?s_wMsg_Success@CAsyncHttpFile@@2GB
?StartGetHttpFile@CAsyncGetHttpFile@@UAEHPAUHWND__@@IPB_W1PAX@Z
??1CAsyncGetHttpFile@@UAE@XZ
??0CAsyncGetHttpFile@@QAE@PB_W@Z
?Stop@CAsyncHttpFile@@UAEXXZ
?GetStatusCode@CAsyncHttpFile@@UAEKXZ
?GetLastModifiedTime@CAsyncHttpFile@@UAEABU_SYSTEMTIME@@XZ
?GetContentLength@CAsyncHttpFile@@UAEKXZ
?GetContent@CAsyncHttpFile@@UAEPBDXZ
?NotifyMainThreadExit@CAsyncHttpFile@@MAEXXZ
?ReleaseInternetBuf@CAsyncPostHttpFile@@MAEXPAU_INTERNET_BUFFERSW@@@Z
?AsyncHttpOpenRequest@CAsyncPostHttpFile@@MAEHXZ
?ReleaseBuffer@CAsyncHttpFile@@MAEXXZ
?GetBuffer@CAsyncHttpFile@@MAEXXZ
?WaitExitEvent@CAsyncHttpFile@@MAEHXZ
?SafeCloseFileHandle@CAsyncPostHttpFile@@MAEXXZ
?SafeStopCallbackThread@CAsyncHttpFile@@MAEXXZ
?SafeCloseIntenetHandle@CAsyncHttpFile@@MAEXXZ
?AsyncInternetReadFile@CAsyncHttpFile@@MAEHXZ
?AsyncHttpQueryInfo@CAsyncHttpFile@@MAEHXZ
?AsyncInternetRequest@CAsyncPostHttpFile@@MAEHXZ
?AsyncInternetOpen@CAsyncHttpFile@@MAEHXZ
?PostMessageW@CSingleThreadManager@@MAEHI@Z
?StartThread@CSingleThreadManager@@MAEHXZ
?BeforeStartThread@CAsyncHttpFile@@MAEXXZ
?AsyncMainThread@CAsyncHttpFile@@KGKPAX@Z
?CreateThread@CSingleThreadManager@@MAEHPAUHWND__@@IP6GKPAX@Z1@Z
??1CAsyncPostHttpFile@@UAE@XZ
??0CAsyncPostHttpFile@@QAE@PB_W@Z
?StopThread@CSingleThreadManager@@MAEXXZ

kernel32

RaiseException
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
EnterCriticalSection
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
InterlockedDecrement
lstrcpynW
lstrlenW
GlobalAlloc
GlobalFree
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
GetCommandLineW
GetLocalTime
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
HeapFree
GetProcessHeap

user32

EndDialog
PostQuitMessage
SendMessageW
EndPaint
BeginPaint
DefWindowProcW
DestroyWindow
DialogBoxParamW
RegisterClassExW
LoadCursorW
LoadIconW
TranslateAcceleratorW
LoadAcceleratorsW
ShowWindow
CreateWindowExW
TranslateMessage
DispatchMessageW
GetMessageW
LoadStringW

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptAcquireContextW

oleaut32

VariantClear
SysFreeString
SysAllocString

msvcr90

_except_handler4_common
__set_app_type
__p__fmode
_crt_debugger_hook
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
__p__commode
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
??3@YAXPAX@Z
??2@YAPAXI@Z
swprintf_s
memcpy_s
memmove_s
wcsnlen
wcsstr
_vscwprintf
vswprintf_s
sprintf
free
malloc
__CxxFrameHandler3
_CxxThrowException
memset
_unlock
__dllonexit
exit

msvcp90

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gamebox/bin/kxTransfer.dll
.dll windows:5 windows x86 arch:x86

359254c893abc5ace04405d8628f8e3a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\WorkSpace\Desktop\GameBox\source\Release\kxTransfer.pdb

Imports

wininet

InternetOpenW
InternetOpenUrlW
HttpEndRequestW
HttpOpenRequestW
InternetConnectW
HttpSendRequestExW
InternetCloseHandle
HttpQueryInfoW
InternetSetStatusCallbackW
InternetReadFileExA

kernel32

GetCurrentThreadId
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetEvent
lstrcpynW
GetLastError
ResetEvent
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
CloseHandle
CreateThread
InterlockedExchange
GetCurrentProcessId
CreateDirectoryW
GetSystemTimeAsFileTime
CompareStringW
lstrlenW
lstrcatW
Sleep
ResumeThread
GetTickCount
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange

user32

CreateWindowExW
IsWindow
GetWindowLongW
SetWindowLongW
DefWindowProcW
PostMessageW
DestroyWindow
UnregisterClassW
RegisterClassW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

msvcr90

__CxxFrameHandler3
memcpy
memset
_CxxThrowException
_onexit
_lock
__dllonexit
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
swprintf_s
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
free
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
?terminate@@YAXXZ
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

??0CAsyncGetHttpFile@@QAE@ABV0@@Z
??0CAsyncGetHttpFile@@QAE@PB_W@Z
??0CAsyncHttpFile@@QAE@ABV0@@Z
??0CAsyncHttpFile@@QAE@PB_W@Z
??0CAsyncPostHttpFile@@QAE@ABV0@@Z
??0CAsyncPostHttpFile@@QAE@PB_W@Z
??0CSingleThreadManager@@QAE@ABV0@@Z
??0CSingleThreadManager@@QAE@XZ
??1CAsyncGetHttpFile@@UAE@XZ
??1CAsyncHttpFile@@UAE@XZ
??1CAsyncPostHttpFile@@UAE@XZ
??1CSingleThreadManager@@UAE@XZ
??4CAsyncGetHttpFile@@QAEAAV0@ABV0@@Z
??4CAsyncHttpFile@@QAEAAV0@ABV0@@Z
??4CAsyncPostHttpFile@@QAEAAV0@ABV0@@Z
??4CSingleThreadManager@@QAEAAV0@ABV0@@Z
??_7CAsyncGetHttpFile@@6B@
??_7CAsyncHttpFile@@6B@
??_7CAsyncPostHttpFile@@6B@
??_7CSingleThreadManager@@6B@
??_FCAsyncGetHttpFile@@QAEXXZ
??_FCAsyncHttpFile@@QAEXXZ
??_FCAsyncPostHttpFile@@QAEXXZ
?AsyncCallbackThread@CAsyncHttpFile@@KGKPAX@Z
?AsyncHttpOpenRequest@CAsyncPostHttpFile@@MAEHXZ
?AsyncHttpQueryInfo@CAsyncHttpFile@@MAEHXZ
?AsyncInternetCallback@CAsyncHttpFile@@KGXPAXKK0K@Z
?AsyncInternetOpen@CAsyncHttpFile@@MAEHXZ
?AsyncInternetOpenUrl@CAsyncGetHttpFile@@MAEHXZ
?AsyncInternetReadFile@CAsyncHttpFile@@MAEHXZ
?AsyncInternetRequest@CAsyncGetHttpFile@@MAEHXZ
?AsyncInternetRequest@CAsyncPostHttpFile@@MAEHXZ
?AsyncMainThread@CAsyncHttpFile@@KGKPAX@Z
?BeforeStartThread@CAsyncHttpFile@@MAEXXZ
?CreateThread@CSingleThreadManager@@MAEHPAUHWND__@@IP6GKPAX@Z1@Z
?GetBuffer@CAsyncHttpFile@@MAEXXZ
?GetContent@CAsyncHttpFile@@UAEPBDXZ
?GetContentLength@CAsyncHttpFile@@UAEKXZ
?GetLastModifiedTime@CAsyncHttpFile@@UAEABU_SYSTEMTIME@@XZ
?GetStatusCode@CAsyncHttpFile@@UAEKXZ
?GetUrl@CAsyncGetHttpFile@@UAEPB_WXZ
?InitTransfer@@YAPAUHWND__@@PAU1@@Z
?NotifyMainThreadExit@CAsyncHttpFile@@MAEXXZ
?PostMessageW@CSingleThreadManager@@MAEHI@Z
?ReleaseBuffer@CAsyncHttpFile@@MAEXXZ
?ReleaseInternetBuf@CAsyncPostHttpFile@@MAEXPAU_INTERNET_BUFFERSW@@@Z
?SafeCloseFileHandle@CAsyncHttpFile@@MAEXXZ
?SafeCloseFileHandle@CAsyncPostHttpFile@@MAEXXZ
?SafeCloseIntenetHandle@CAsyncHttpFile@@MAEXXZ
?SafeStopCallbackThread@CAsyncHttpFile@@MAEXXZ
?SetCookie@@YAXPB_W@Z
?StartGetHttpFile@CAsyncGetHttpFile@@UAEHPAUHWND__@@IPB_W1PAX@Z
?StartThread@CSingleThreadManager@@MAEHXZ
?Stop@CAsyncHttpFile@@UAEXXZ
?StopThread@CSingleThreadManager@@MAEXXZ
?UnInitTransfer@@YAXXZ
?WaitExitEvent@CAsyncHttpFile@@MAEHXZ
?s_szBoundary@CAsyncPostHttpFile@@2PB_WB
?s_wMsg_Fail@CAsyncHttpFile@@2GB
?s_wMsg_Length@CAsyncHttpFile@@2GB
?s_wMsg_Process@CAsyncHttpFile@@2GB
?s_wMsg_Success@CAsyncHttpFile@@2GB

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gamebox/bin/update.exe
.exe windows:5 windows x86 arch:x86

ca3fa4f6008d15315a6a36b6ba22f36d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\WorkSpace\Desktop\Updater\Unicode Release\update.pdb

Imports

kernel32

GetModuleFileNameW
CreateDirectoryW
CopyFileW
Sleep
FindFirstFileW
FindNextFileW
FindClose
DeleteFileW
RemoveDirectoryW
InterlockedCompareExchange
GetCommandLineW
CreateMutexW
GetStartupInfoW
CreateProcessW
WaitForSingleObject
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
CreateThread
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
InterlockedExchange
CloseHandle
ReadFile
lstrlenW
WriteFile
GetLastError
TerminateThread
CreateFileW
EnterCriticalSection
RaiseException
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter

user32

LoadCursorW
RegisterClassExW
TranslateMessage
DispatchMessageW
GetMessageW
DefWindowProcW
PostQuitMessage
DestroyWindow
PostMessageW
SendMessageW
ShowWindow
CreateWindowExW

advapi32

CryptImportKey
CryptReleaseContext
CryptDestroyHash
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptDestroyKey
CryptAcquireContextW
CryptDecrypt

shell32

CommandLineToArgvW

msvcr90

vswprintf_s
_time64
srand
rand
_wtol
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
_vswprintf
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_vscwprintf
_wcslwr
wcsstr
wcsnlen
_invalid_parameter_noinfo
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
memmove_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
__setusermatherr
__iob_func
fwprintf
free
malloc
wprintf
memset
__CxxFrameHandler3
memcpy
memcpy_s
_CxxThrowException

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??$?8_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

wininet

InternetOpenW
InternetSetOptionW
InternetOpenUrlW
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gamebox/html/fgame.css
gamebox/html/i/83x60.bmp
gamebox/html/i/avatar.jpg
.jpg
gamebox/html/i/bg.png
.png
gamebox/html/i/bg1.png
.png
gamebox/html/i/bg2.png
.png
gamebox/html/i/bgad.gif
.gif
gamebox/html/i/cpm.jpg
.jpg
gamebox/html/i/error.png
.png
gamebox/html/i/finalbg.jpg
.jpg
gamebox/html/i/fkzdy.jpeg
.jpg
gamebox/html/i/gamepic.jpg
.jpg
gamebox/html/i/gs_bg.gif
.gif
gamebox/html/i/gs_bgl.gif
.gif
gamebox/html/i/h2.png
.png
gamebox/html/i/key_arrowl.png
.png
gamebox/html/i/key_arrowr.png
.png
gamebox/html/i/key_null.png
.png
gamebox/html/i/key_space.png
.png
gamebox/html/i/menua.png
.png
gamebox/html/i/menubg.jpg
.jpg
gamebox/html/i/menuhover.png
.png
gamebox/html/i/menuon.png
.png
gamebox/html/i/newspic.jpg
.jpg
gamebox/html/i/page_bg.png
.png
gamebox/html/i/pic.jpg
.jpg
gamebox/html/i/picmask.png
.png
gamebox/html/i/pricetag.png
.png
gamebox/html/i/sbar_bg.png
.png
gamebox/html/i/star3.gif
.gif
gamebox/html/i/userbg.jpg
.jpg
gamebox/html/menu.html
.html
gamebox/html/menu.html.bak
.html
gamebox/html/network_error.html
.html
gamebox/html/network_error.html.bak
.html
gamebox/html/searchbar.html
.html
gamebox/html/searchbar.html.bak
.html
gamebox/images/png/1MainLogo.png
.png
gamebox/images/png/AboutBK.png
.png
gamebox/images/png/AboutOkBtn.png
.png
gamebox/images/png/AutoLogin.png
.png
gamebox/images/png/Avatar.png
.png
gamebox/images/png/CloseBtn.png
.png
gamebox/images/png/DailyDlg.png
.png
gamebox/images/png/FeedbackBtn.png
.png
gamebox/images/png/GameHell.png
.png
gamebox/images/png/MainBK.png
.png
gamebox/images/png/MainBKBottom.png
.png
gamebox/images/png/MainDlgLoginBtn.png
.png
gamebox/images/png/MainDlgRegisterBtn.png
.png
gamebox/images/png/MainLogo.png
.png
gamebox/images/png/MaxBtn.png
.png
gamebox/images/png/MaxBtnRestore.png
.png
gamebox/images/png/MinBtn.png
.png
gamebox/images/png/RightBottom.png
.png
gamebox/images/png/Tab1BtnBK.png
.png
gamebox/images/png/Tab2BtnBK.png
.png
gamebox/images/png/Title.png
.png
gamebox/images/png/ViewDlg.png
.png
gamebox/images/png/btnCancel.png
.png
gamebox/images/png/btnLogin.png
.png
gamebox/images/png/loginBack.png
.png
gamebox/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

092eb6daba2f17cbda102fd1a32acd00

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:9f:10:fb:28:5b:a0:06:4b:55:37:02:3f:8b:c9:e0:6e:17:38:01
Signer

Actual PE Digest

0a:9f:10:fb:28:5b:a0:06:4b:55:37:02:3f:8b:c9:e0:6e:17:38:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
SetEvent
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
GetVersionExA
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
CreateFileA
FindNextFileA
FindFirstFileA
CopyFileA
SetFileAttributesA
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceA
QueryDosDeviceA
GetCurrentDirectoryA
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetExitCodeProcess
CreateProcessA
ExpandEnvironmentStringsA
GetFileSize
CreateThread
CreateEventA
GetProcessHeap
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
CloseHandle
DeviceIoControl
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
SetErrorMode
GetTickCount
CreateDirectoryA
GetLastError
RemoveDirectoryA
MoveFileExA
SetFilePointer
FindClose
ReadFile

msvcrt

strchr
_strnicmp
_stricmp
strrchr
_strlwr
strncpy
strstr
_snprintf
sprintf

advapi32

AllocateAndInitializeSid
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken

user32

ShowWindow
SendDlgItemMessageA
SendMessageA
DialogBoxParamA
LoadStringA
EndDialog
SetParent
MessageBoxA

ntdll

NtShutdownSystem
NtAdjustPrivilegesToken
NtClose
NtOpenProcessToken

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59d558ba694d8443a244aa4aaabc8e76

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

kxtransfer

mfc90u

msvcr90

kernel32

user32

gdi32

advapi32

shell32

comctl32

oleaut32

ws2_32

msvcp90

iphlpapi

wininet

Sections

.text Size: 135KB - Virtual size: 135KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 453KB - Virtual size: 452KB

.reloc Size: 20KB - Virtual size: 20KB

ef4c749f5dec4632456950949469f18c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

gdi32

ole32

advapi32

Exports

Exports

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.data Size: 36KB - Virtual size: 34KB

Shared Size: 4KB - Virtual size: 3KB

.rsrc Size: 72KB - Virtual size: 70KB

.reloc Size: 32KB - Virtual size: 28KB

1a1b83a3b4e91d8364e12e682a1aa0f8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kxtransfer

kernel32

user32

advapi32

oleaut32

msvcr90

msvcp90

iphlpapi

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 16KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 2KB - Virtual size: 1KB

359254c893abc5ace04405d8628f8e3a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

kernel32

.text
Size: 135KB - Virtual size: 135KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 453KB - Virtual size: 452KB

.reloc
Size: 20KB - Virtual size: 20KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 36KB - Virtual size: 34KB

Shared
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 72KB - Virtual size: 70KB

.reloc
Size: 32KB - Virtual size: 28KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 16KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 2KB - Virtual size: 2KB

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:0f:78:4d:00:00:00:00:00:03
Certificate

61:47:52:ba:00:00:00:00:00:04
Certificate

61:49:7c:ed:00:00:00:00:00:05
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

0a:9f:10:fb:28:5b:a0:06:4b:55:37:02:3f:8b:c9:e0:6e:17:38:01
Signer

.text
Size: 30KB - Virtual size: 30KB

.data
Size: 512B - Virtual size: 68KB

.rsrc
Size: 4.0MB - Virtual size: 5KB