b7b712dc0cad3b193ff7bd9f6f67c332b438eea5e43e2fad2a575765210d910e

Sharing

Copy URL Twitter E-mail

General

Target

b7b712dc0cad3b193ff7bd9f6f67c332b438eea5e43e2fad2a575765210d910e
Size

4.8MB
MD5

23693da6e11ae6198de4c84be75552cc
SHA1

2953c1ccf52d7a45c8c29adcca7ce215f572e9a8
SHA256

b7b712dc0cad3b193ff7bd9f6f67c332b438eea5e43e2fad2a575765210d910e
SHA512

1924b055fefa067041fdd79b1ba13a288ff3891f3e06e6f78823341271a7b9be081b7e781e0dbe20619dfb0be79ac8ca08af3369828b5b144a458e3f14205f25
SSDEEP

98304:MOSl0Ph4lfDYE8yKcLJDbJAEVSTwY+NDopFoHTVP:ySulf8YKcxdVST5+NmWVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b7b712dc0cad3b193ff7bd9f6f67c332b438eea5e43e2fad2a575765210d910e
unpack001/tiny_dl/TinyDL.exe

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

b7b712dc0cad3b193ff7bd9f6f67c332b438eea5e43e2fad2a575765210d910e
.exe windows:4 windows x86 arch:x86

06d235e1d95999f62a9f41eec8fe85b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA
ShellExecuteExA

ole32

OleUninitialize
OleInitialize
IIDFromString
CoCreateInstance
CoTaskMemFree

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

user32

GetDlgItemTextA
SetDlgItemTextA
GetSystemMetrics
CreatePopupMenu
AppendMenuA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcA
GetMessagePos
IsDlgButtonChecked
GetAsyncKeyState
CheckDlgButton
LoadCursorA
SetCursor
GetSysColor
SetWindowPos
GetWindowLongA
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassA
SystemParametersInfoA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
PeekMessageA
DispatchMessageA
wvsprintfA
CharPrevA
CreateWindowExA
MessageBoxIndirectA
TrackPopupMenu

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor

kernel32

CreateProcessA
RemoveDirectoryA
GetTempFileNameA
CreateDirectoryA
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersionExA
lstrlenA
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
SetEnvironmentVariableA
ExitProcess
CopyFileA
WriteFile
ReadFile
GetModuleFileNameA
GetFileSize
CreateFileA
GetTickCount
Sleep
SetFileAttributesA
GetFileAttributesA
SetCurrentDirectoryA
GetLastError
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
GetModuleHandleA
LoadLibraryExA
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
MulDiv
lstrcpyA
MoveFileExA
lstrcatA
WideCharToMultiByte
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
GetCurrentProcess

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LogConfig.ini
Minidown.xml
WeGameMiniLoader.exe
.exe windows:5 windows x86 arch:x86

329d997ee41badab9171652777dbebc6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:b3:eb:32:a8:da:76:2c:d5:5d:13:ff:1f:8c:fc:a0:02:f0:87:b7:3f:3c:f9:fe:15:5a:eb:c8:c2:54:4f:60
Signer

Actual PE Digest

17:b3:eb:32:a8:da:76:2c:d5:5d:13:ff:1f:8c:fc:a0:02:f0:87:b7:3f:3c:f9:fe:15:5a:eb:c8:c2:54:4f:60

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\miniloader\MiniLoader_Game_Repo\build\bin\ReleaseNoLogin\TGPMiniLoader\WeGameMiniLoader.pdb

Imports

kernel32

ConvertThreadToFiber
ConvertFiberToThread
GetModuleHandleExW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetSystemTime
CreateFiber
DeleteFiber
SwitchToFiber
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
GetEnvironmentVariableW
VerifyVersionInfoA
LoadLibraryA
GetSystemDirectoryA
FormatMessageA
WaitForMultipleObjects
PeekNamedPipe
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
SleepEx
lstrcmpiW
lstrcpynW
GlobalAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
FormatMessageW
VerSetConditionMask
VerifyVersionInfoW
MulDiv
GetACP
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceW
GlobalUnlock
GlobalLock
lstrlenW
GetCurrentDirectoryW
GetModuleFileNameA
GetDriveTypeW
GetDiskFreeSpaceExW
GetModuleHandleA
GetExitCodeProcess
GetFileSize
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
GetProcessId
FreeLibrary
LoadLibraryW
ExitProcess
SetFileAttributesW
GetCommandLineA
WritePrivateProfileStringW
ReleaseMutex
GetVersionExW
CreateMutexW
InterlockedIncrement
SetLastError
Sleep
ReadFile
GetLocalTime
DeleteFileW
OutputDebugStringW
CreateFileW
FindClose
SetFilePointer
LeaveCriticalSection
WriteFile
FindNextFileW
FindFirstFileW
GetFileAttributesExW
GetPrivateProfileStringW
GetFileAttributesW
GetPrivateProfileIntW
CreateDirectoryW
GetTickCount
ResetEvent
CreateThread
TerminateThread
SetEvent
DeleteCriticalSection
DecodePointer
RaiseException
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
LocalFree
GetLastError
LocalAlloc
InterlockedDecrement
SetUnhandledExceptionFilter
VirtualQuery
GetModuleHandleW
CreateProcessW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
GetProcessHeap
GetCurrentProcessId
VirtualAllocEx
GetProcAddress
FindFirstFileExA
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
GetConsoleCP
SetStdHandle
VirtualAlloc
GetSystemInfo
HeapQueryInformation
SetConsoleCtrlHandler
SetFilePointerEx
GetCommandLineW
FreeLibraryAndExitThread
ExitThread
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
LCMapStringW
SwitchToThread
QueryPerformanceFrequency
TryEnterCriticalSection
GetStringTypeW
InitializeSListHead
GetStartupInfoW
HeapAlloc
CloseHandle
CreateEventW
DuplicateHandle
GetCurrentThreadId
WaitForSingleObject
SetErrorMode
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetUserDefaultLCID
GetTempFileNameW
GetProfileIntW
GetTempPathW
GetWindowsDirectoryW
FindResourceExW
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetLocaleInfoW
GetCurrentThread
GlobalFlags
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
FileTimeToSystemTime
GlobalGetAtomNameW
lstrcmpA
CompareStringW
ResumeThread
SetThreadPriority
CopyFileW
GlobalSize
LocalReAlloc
GlobalFree
GlobalHandle
GlobalReAlloc
HeapSize
HeapReAlloc
OutputDebugStringA
EnterCriticalSection
HeapFree
WriteProcessMemory
SearchPathW

user32

PostQuitMessage
KillTimer
MessageBoxW
GetClientRect
ScreenToClient
SetTimer
SetParent
HideCaret
GetCaretPos
SetCaretPos
CreatePopupMenu
SetWindowRgn
GetKeyState
CharNextW
ReleaseDC
GetDC
GetActiveWindow
GetWindow
SetFocus
BeginPaint
EndPaint
GetUpdateRect
IsRectEmpty
UnionRect
IsWindowVisible
IntersectRect
MapWindowPoints
GetMonitorInfoW
GetWindowRect
OffsetRect
PtInRect
ReleaseCapture
GetSysColor
InvalidateRect
TranslateMessage
DispatchMessageW
IsZoomed
GetFocus
SetCapture
GetParent
GetSystemMetrics
LoadCursorW
RegisterClassW
GetClassInfoExW
AppendMenuW
EnableMenuItem
DestroyMenu
IsWindowEnabled
EqualRect
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
wsprintfA
DrawTextA
MapVirtualKeyExW
GetKeyboardLayout
GetKeyNameTextW
LoadMenuW
SetWindowPos
SendMessageW
GetWindowPlacement
TrackPopupMenu
GetSubMenu
BringWindowToTop
LoadImageW
GetCursorPos
FindWindowW
SetForegroundWindow
PostMessageW
RegisterClassExW
IsWindow
MonitorFromWindow
ShowCaret
CreateCaret
CharPrevW
SetRect
CallNextHookEx
PeekMessageW
UnhookWindowsHookEx
SetWindowsHookExW
PostThreadMessageW
RegisterWindowMessageW
DefWindowProcW
DestroyWindow
CreateWindowExW
CallWindowProcW
SetPropW
GetPropW
AdjustWindowRectEx
GetMenu
InflateRect
SetCursor
FillRect
InvalidateRgn
CreateAcceleratorTableW
GetCaretBlinkTime
GetGUIThreadInfo
ClientToScreen
MoveWindow
MonitorFromPoint
UpdateLayeredWindow
GetWindowThreadProcessId
GetLastActivePopup
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
ValidateRect
GetSysColorBrush
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetMessagePos
GetMessageTime
GetClassInfoW
IsMenu
IsChild
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
GetCapture
SetMenu
SetActiveWindow
GetForegroundWindow
RedrawWindow
ScrollWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
RemovePropW
CopyRect
GetClassLongW
GetClassNameW
GetTopWindow
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpW
CheckDlgButton
IsDialogMessageW
DestroyIcon
CharUpperW
GetDesktopWindow
RealChildWindowFromPoint
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
GetMenuItemInfoW
SystemParametersInfoW
CopyImage
SendDlgItemMessageA
SetRectEmpty
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
MapDialogRect
TrackMouseEvent
ShowOwnedPopups
DeleteMenu
GetNextDlgGroupItem
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
InvertRect
NotifyWinEvent
GetMenuDefaultItem
MapVirtualKeyW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
GetProcessWindowStation
DrawEdge
DrawFrameControl
GetSystemMenu
SetCursorPos
CopyIcon
FrameRect
DrawIcon
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
WaitMessage
IsCharLowerW
ToUnicodeEx
GetKeyboardState
DestroyAcceleratorTable
CopyAcceleratorTableW
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
RegisterClipboardFormatW
CharUpperBuffW
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
CreateMenu
DestroyCursor
GetWindowRgn
GetMessageW
ShowWindow
UpdateWindow
GetWindowLongW
SetWindowLongW
IsIconic
EnableWindow
UnregisterClassW
DrawStateW
GetUserObjectInformationW
DrawTextW

gdi32

CopyMetaFileW
CreateDCW
CreateBitmap
CreateHatchBrush
Escape
ExcludeClipRect
SetBitmapBits
GetBitmapBits
GetTextExtentPointA
CreatePatternBrush
GdiFlush
TextOutW
GetTextExtentPoint32W
GetCharABCWidthsW
SetBkColor
SetTextColor
SetBkMode
GetObjectA
LineTo
MoveToEx
CreatePenIndirect
SetStretchBltMode
StretchBlt
CombineRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
PtInRegion
CreateRectRgn
CreateDIBSection
GetPixel
PlayEnhMetaFile
CreateCompatibleBitmap
GetDeviceCaps
GetEnhMetaFileHeader
AddFontMemResourceEx
GetTextMetricsW
CloseEnhMetaFile
CreateEnhMetaFileW
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleDC
DeleteDC
RemoveFontMemResourceEx
CreatePen
CreateFontIndirectW
GetStockObject
GetObjectW
CreateRoundRectRgn
DeleteObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
PtVisible
RectVisible
PatBlt
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetObjectType
CreateDIBitmap
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
CreateSolidBrush
SelectPalette
GetTextFaceW
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
GetRgnBox
LPtoDP
Polyline
Polygon
CreatePolygonRgn
GetTextColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
SetPixel
GetTextCharsetInfo
EnumFontFamiliesW
GetBkColor
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
EnumFontFamiliesExW
DPtoLP
SetRectRgn
OffsetViewportOrgEx

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyW
MapGenericMask
DuplicateToken
GetFileSecurityW
OpenProcessToken
AccessCheck
AdjustTokenPrivileges
LookupPrivilegeValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey

shell32

DragQueryFileW
SHGetFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFileInfoW
ShellExecuteExW
Shell_NotifyIconW
SHGetFolderPathW
DragFinish

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
RevokeDragDrop
CoLockObjectExternal
CoInitializeEx
CoDisconnectObject
CoTaskMemAlloc
CreateStreamOnHGlobal
ReleaseStgMedium
CLSIDFromString
OleLockRunning
RegisterDragDrop
DoDragDrop
OleDuplicateData
StringFromGUID2
CoCreateGuid
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
OleGetClipboard

oleaut32

SysAllocString
SysFreeString
VariantChangeType
SysStringLen
VariantInit
SysAllocStringLen
VariantTimeToSystemTime
LoadTypeLi
SystemTimeToVariantTime
VarBstrFromDate
VariantCopy
VariantClear

msimg32

AlphaBlend
TransparentBlt

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

shlwapi

PathAppendW
PathFileExistsW
PathIsDirectoryW
PathGetDriveNumberW
PathBuildRootW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetThemeSysColor

crypt32

CertOpenStore
CertEnumCertificatesInStore
CertCloseStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertFindCertificateInStore
CertFreeCertificateContext

ws2_32

WSAGetLastError
socket
__WSAFDIsSet
select
WSASetLastError
recv
send
bind
closesocket
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
WSAIoctl
getaddrinfo
freeaddrinfo
accept
listen
recvfrom
sendto
ioctlsocket
getnameinfo
shutdown
WSACleanup
htonl
ntohl
WSAStartup
gethostbyname
inet_addr
gethostname

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdipSetClipPath
GdipDrawImageRectI
GdipCreatePen1
GdipDeletePath
GdipDrawEllipseI
GdipLoadImageFromStream
GdipFree
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipAddPathEllipseI
GdipCreateFontFromDC
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageWidth
GdipGetImageHeight
GdipCreatePath
GdipImageSelectActiveFrame
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipGetImageGraphicsContext
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipSetTextRenderingHint
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipDrawPath
ord1
GdipAddPathLine
GdipDrawRectangleI
GdipSetPenMode
GdipFillRectangleI
GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetInterpolationMode
GdipDeletePen

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

wldap32

ord211
ord46
ord217
ord143
ord41
ord60
ord35
ord79
ord30
ord200
ord301
ord33
ord22
ord26
ord50
ord32
ord27

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 948KB - Virtual size: 947KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bugreport.exe
.exe windows:4 windows x86 arch:x86

351eb3b8caab398f03a53a7730291d4c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

17/10/2025, 23:59

Subject

CN=Tencent Technology (Shenzhen) Company Limited,O=Tencent Technology (Shenzhen) Company Limited,L=Shenzhen,ST=Guangdong Province,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:1d:92:e2:28:ee:82:0c:58:3f:11:76:dc:9a:fb:ae:db:a1:dd:24:5a:3e:60:56:40:75:c9:9d:ab:47:ed:3f
Signer

Actual PE Digest

96:1d:92:e2:28:ee:82:0c:58:3f:11:76:dc:9a:fb:ae:db:a1:dd:24:5a:3e:60:56:40:75:c9:9d:ab:47:ed:3f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\TXCorp\platform_QQ1.75_Report\Basic_HummerPlatform_VOB\Platform\Output\PdbFinal\bugreport.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

dbghelp

SymCleanup
SymSetOptions
SymInitialize
SymGetModuleInfoW
SymLoadModule

wininet

InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

psapi

GetModuleFileNameExA

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create

kernel32

HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetModuleHandleW
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
GetTickCount
SetCurrentDirectoryW
FindResourceW
OpenThread
ReadProcessMemory
WriteProcessMemory
CloseHandle
CreateThread
OpenProcess
lstrlenW
lstrcatW
DeleteFileW
CopyFileW
LoadLibraryW
FindFirstFileW
FindNextFileW
GetExitCodeProcess
FindClose
TerminateProcess
lstrcpyW
VirtualQueryEx
SetEvent
CreateFileA
WaitForSingleObject
CreateProcessW
SizeofResource
LockResource
LoadResource
FindResourceExW
FreeLibrary
GlobalFree
InterlockedIncrement
InterlockedDecrement
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
WideCharToMultiByte
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
ResumeThread
FreeResource
CreateEventW
Sleep
CreateFileW
WriteFile
DeleteCriticalSection
InterlockedCompareExchange
ReadFile
SetFilePointer
GetProcAddress
GetFileSize
GetTempPathW
CreateDirectoryW
GetModuleFileNameW
GetPrivateProfileSectionW
GetVersionExW
GetThreadSelectorEntry
GetFileAttributesW
GetCurrentProcessId
GetCurrentThreadId
MultiByteToWideChar
InitializeCriticalSection
GetCommandLineW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetProcessTimes
GetCurrentProcess
GetSystemTimeAsFileTime
SetFileAttributesW
VirtualQuery
MoveFileW
UnhandledExceptionFilter
GetStartupInfoW
RaiseException

user32

CreateWindowExW
RegisterClassExW
GetClassInfoExW
DefWindowProcW
DestroyMenu
TrackPopupMenu
GetWindowThreadProcessId
GetMenuItemCount
CreatePopupMenu
IsWindow
GetDC
ReleaseDC
OpenClipboard
RegisterClipboardFormatW
CallWindowProcW
InvalidateRect
MapDialogRect
DestroyWindow
MapWindowPoints
SetWindowLongW
ClientToScreen
KillTimer
GetKeyState
MessageBoxW
SetDlgItemTextW
GetWindow
DialogBoxParamW
GetWindowTextW
SetTimer
GetWindowTextLengthW
CloseClipboard
SetClipboardData
EnableWindow
EmptyClipboard
SendDlgItemMessageW
GetDesktopWindow
PostMessageW
EndDialog
DrawIconEx
GetDlgItem
GetClientRect
ShowWindow
LoadImageW
SetWindowPos
SetWindowTextW
SendMessageW
LoadIconW
UnregisterClassA
GetWindowRect

gdi32

GetStockObject
DeleteObject
SetTextColor

advapi32

RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW

shell32

ord155
SHBindToParent
SHGetDesktopFolder
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

DoDragDrop
CreateStreamOnHGlobal
OleUninitialize
OleInitialize

oleaut32

SysStringLen
SysStringByteLen
SysAllocString
SysFreeString
SysAllocStringByteLen

gdiplus

GdiplusShutdown
GdipCreateFromHDC
GdipDisposeImage
GdipDeleteGraphics
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdiplusStartup
GdipCloneImage
GdipImageSelectActiveFrame
GdipGetImageHeight
GdipGetImageWidth
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipAlloc
GdipFree

shlwapi

PathFileExistsW

msvcp80

??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?reserve@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?reserve@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z

msvcr80

_wcslwr_s
?what@exception@std@@UBEPBDXZ
wcsrchr
??1exception@std@@UAE@XZ
??_V@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
wcschr
_vscwprintf
_CxxThrowException
_mbscmp
vswprintf_s
iswspace
_wcsicmp
strtoul
fprintf
_wfopen
fseek
??2@YAPAXI@Z
_snprintf
??0exception@std@@QAE@ABQBD@Z
_time32
_snwprintf
_mbslwr_s
malloc
ftell
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_mbsstr
??0exception@std@@QAE@XZ
swscanf
_invalid_parameter_noinfo
wcsncmp
__wargv
_crt_debugger_hook
__argc
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_decode_pointer
_onexit
free
vsprintf_s
fwrite
fclose
_beginthreadex
isspace
strncmp
strchr
strrchr
atoi
_gmtime32
wcscpy_s
wcsstr
wcscat_s
fread
iswdigit
iswalpha
iswalnum
memmove
_vsnprintf_s
isalpha
isalnum
tolower
wcsncpy
_wtoi
memset
memcpy
__CxxFrameHandler3
_unlock
__dllonexit
_encode_pointer
_time64
??3@YAXPAX@Z
_purecall
memmove_s
memcpy_s
srand
_vscprintf
_lock

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

crypt32

CertGetNameStringW

wintrust

WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
bugreport.ini
icon.ico
res.zip
.zip
ErrorCode.xml
QLCListItem.xml
.xml
UILogin.xml
.xml
UISkinCloseInfo.xml
.xml
UISkinMinidown.xml
.xml
UISkinSelectDir.xml
.xml
UITips.xml
.xml
bg_large.png
.png
[email protected]
.png
bg_normal.png
.png
[email protected]
.png
cancel_disable.png
.png
[email protected]
.png
cancel_hover.png
.png
[email protected]
.png
cancel_normal.png
.png
[email protected]
.png
cancel_press.png
.png
[email protected]
.png
check_hover.png
.png
[email protected]
.png
check_normal.png
.png
[email protected]
.png
check_select.png
.png
[email protected]
.png
close_black_disabled.png
.png
[email protected]
.png
close_black_hover.png
.png
[email protected]
.png
close_black_normal.png
.png
[email protected]
.png
close_black_press.png
.png
[email protected]
.png
close_disable.png
.png
[email protected]
.png
close_hover.png
.png
[email protected]
.png
close_normal.png
.png
[email protected]
.png
close_pressed.png
.png
[email protected]
.png
confirm_disable.png
.png
[email protected]
.png
confirm_hover.png
.png
[email protected]
.png
confirm_normal.png
.png
[email protected]
.png
confirm_press.png
.png
[email protected]
.png
default_head.png
.png
dl_pause_disable.png
.png
[email protected]
.png
dl_pause_hover.png
.png
[email protected]
.png
dl_pause_normal.png
.png
[email protected]
.png
dl_pause_press.png
.png
[email protected]
.png
dl_start_disable.png
.png
[email protected]
.png
dl_start_hover.png
.png
[email protected]
.png
dl_start_normal.png
.png
[email protected]
.png
dl_start_press.png
.png
[email protected]
.png
down_mask.png
.png
[email protected]
.png
icon-wrong-little.png
.png
[email protected]
.png
icon_warning.png
.png
[email protected]
.png
input_bg.png
.png
[email protected]
.png
input_bg_hover.png
.png
[email protected]
.png
item_select.png
.png
[email protected]
.png
list_bg.png
.png
[email protected]
.png
login_bg.png
.png
[email protected]
.png
login_input.png
.png
[email protected]
.png
mask_large.png
.png
[email protected]
.png
mask_normal.png
.png
[email protected]
.png
minimize_disabled.png
.png
[email protected]
.png
minimize_hover.png
.png
[email protected]
.png
minimize_normal.png
.png
[email protected]
.png
minimize_pressed.png
.png
[email protected]
.png
nav_tab_icon_qq_off.png
.png
[email protected]
.png
nav_tab_icon_qq_on.png
.png
[email protected]
.png
nav_tab_icon_wechat_off.png
.png
[email protected]
.png
nav_tab_icon_wechat_on.png
.png
[email protected]
.png
ok_disable.png
.png
[email protected]
.png
ok_hover.png
.png
[email protected]
.png
ok_normal.png
.png
[email protected]
.png
ok_press.png
.png
[email protected]
.png
pict_input.png
.png
[email protected]
.png
popup_wnd.png
.png
[email protected]
.png
poster.png
.png
progress_bar_bk.png
.png
[email protected]
.png
progress_bar_disable.png
.png
[email protected]
.png
progress_bar_normal.png
.png
[email protected]
.png
qrcode_fail.png
.png
restart_disabled.png
.png
[email protected]
.png
restart_hover.png
.png
[email protected]
.png
restart_normal.png
.png
[email protected]
.png
restart_pressed.png
.png
[email protected]
.png
scan_succ_icon.png
.png
select_hover.png
.png
[email protected]
.png
select_off.png
.png
[email protected]
.png
select_on.png
.png
[email protected]
.png
set_disable.png
.png
[email protected]
.png
set_hover.png
.png
[email protected]
.png
set_normal.png
.png
[email protected]
.png
set_press.png
.png
[email protected]
.png
setting_back_disabled.png
.png
[email protected]
.png
setting_back_hover.png
.png
[email protected]
.png
setting_back_normal.png
.png
[email protected]
.png
setting_back_press.png
.png
[email protected]
.png
setting_disabled.png
.png
[email protected]
.png
setting_hover.png
.png
[email protected]
.png
setting_normal.png
.png
[email protected]
.png
setting_pressed.png
.png
[email protected]
.png
speed_input_normal.png
.png
[email protected]
.png
speed_input_select.png
.png
[email protected]
.png
start_install_disabled.png
.png
[email protected]
.png
start_install_hover.png
.png
[email protected]
.png
start_install_normal.png
.png
[email protected]
.png
start_install_pressed.png
.png
[email protected]
.png
startgame_disabled.png
.png
[email protected]
.png
startgame_hover.png
.png
[email protected]
.png
startgame_normal.png
.png
[email protected]
.png
startgame_pressed.png
.png
[email protected]
.png
title.png
.png
[email protected]
.png
up_mask.png
.png
[email protected]
.png
vscrollbar.png
.png
[email protected]
.png
warning.png
.png
[email protected]
.png
tiny_dl/TinyDL.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QMGuid
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 426KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06d235e1d95999f62a9f41eec8fe85b5

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 27KB - Virtual size: 26KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 110KB

.ndata Size: - Virtual size: 40KB

.rsrc Size: 160KB - Virtual size: 159KB

329d997ee41badab9171652777dbebc6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

17:b3:eb:32:a8:da:76:2c:d5:5d:13:ff:1f:8c:fc:a0:02:f0:87:b7:3f:3c:f9:fe:15:5a:eb:c8:c2:54:4f:60Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

uxtheme

crypt32

ws2_32

version

gdiplus

imm32

winmm

wldap32

oleacc

winspool.drv

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 948KB - Virtual size: 947KB

.data Size: 97KB - Virtual size: 135KB

.rsrc Size: 161KB - Virtual size: 160KB

.reloc Size: 244KB - Virtual size: 243KB

351eb3b8caab398f03a53a7730291d4c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fcCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

.text
Size: 27KB - Virtual size: 26KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 110KB

.ndata
Size: - Virtual size: 40KB

.rsrc
Size: 160KB - Virtual size: 159KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

17:b3:eb:32:a8:da:76:2c:d5:5d:13:ff:1f:8c:fc:a0:02:f0:87:b7:3f:3c:f9:fe:15:5a:eb:c8:c2:54:4f:60
Signer

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 948KB - Virtual size: 947KB

.data
Size: 97KB - Virtual size: 135KB

.rsrc
Size: 161KB - Virtual size: 160KB

.reloc
Size: 244KB - Virtual size: 243KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:da:f2:fe:51:f3:b2:e9:4c:bb:69:5a:4a:51:74:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

96:1d:92:e2:28:ee:82:0c:58:3f:11:76:dc:9a:fb:ae:db:a1:dd:24:5a:3e:60:56:40:75:c9:9d:ab:47:ed:3f
Signer

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 60KB - Virtual size: 58KB

.text
Size: 8.5MB - Virtual size: 8.5MB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 104KB - Virtual size: 143KB

.QMGuid
Size: 512B - Virtual size: 20B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 426KB - Virtual size: 425KB