045112617b741909be753d04cdaa0578_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

045112617b741909be753d04cdaa0578_JaffaCakes118
Size

1.1MB
MD5

045112617b741909be753d04cdaa0578
SHA1

4779c2765209957a47dc4ccc254caedc7a3a185c
SHA256

946bdfd9943eb96aa35f8cdc95f665740d5f6ad6ee87920dbc7c258465dd390a
SHA512

f2a848f510aa4714f8da574b13767223ba56e35b6cf5e6b2b8c29a6686c83cbe87856c9429d840b3399c4b007473405b4eb7ca8fe122232da22aa1a4583f3b02
SSDEEP

24576:K+wcUE9ayfg6AVFl2Ju1bz+TiUmyyrsssozZFH1x+Sd1QRj1mqFaFg6ZC:Kdyah6AVF89Tipyqscx+M+1vnf

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Formats/7zxa.dll
unpack001/Formats/UNACEV2.DLL
unpack001/Rar.exe
unpack001/RarExt.dll
unpack001/RarExt64.dll
unpack001/RarExtLoader.exe
unpack001/UnRAR.exe
unpack001/Uninstall.exe
unpack001/WinRAR.exe
unpack001/setup.exe
unpack001/setup2.exe

Files

045112617b741909be753d04cdaa0578_JaffaCakes118
.rar
Descript.ion
File_Id.diz
Formats/7zxa.dll
.dll windows:4 windows x86 arch:x86

3dc4afefc02cd881eb79acc807bf4bce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CharUpperW
CharUpperA

oleaut32

SysFreeString
SysAllocStringByteLen
VariantClear
SysAllocString

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
VirtualAlloc
VirtualFree
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
CloseHandle
SetLastError
WriteFile
CreateEventA
LeaveCriticalSection
EnterCriticalSection
ResetEvent
SetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateThread
GetVersionExA
DeleteCriticalSection
InitializeCriticalSection
GetSystemInfo
HeapAlloc
HeapFree
RaiseException
RtlUnwind
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
ExitProcess
SetUnhandledExceptionFilter
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
LCMapStringA

Exports

Exports

CreateObject
GetHandlerProperty

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Formats/UNACEV2.DLL
.dll windows:1 windows x86 arch:x86

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

ShellExecuteA
ShellExecuteExA

kernel32

AllocConsole
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
DeleteFileA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeConsole
GetCommandLineA
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
GetCurrentDirectoryA
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetTempPathA
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputA
ReadFile
RemoveDirectoryA
ScrollConsoleScreenBufferA
SearchPathA
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
Sleep
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteConsoleOutputA
WriteConsoleOutputCharacterA
WriteFile

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

CreateFontA
DeleteObject

user32

CharToOemBuffA
CreateDialogParamA
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
GetDlgItem
GetDlgItemTextA
GetKeyState
GetWindowTextA
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MessageBeep
MessageBoxA
OemToCharBuffA
PeekMessageA
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetTimer
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage

Exports

Exports

ACEExtract
ACEInitDll
ACEList
ACEReadArchiveData
ACETest
___DllMainCRTStartup@12

Sections

AUTO
Size: 59KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 210KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
License.txt
Order.htm
.html .js polyglot
Rar.exe
.exe windows:4 windows x86 arch:x86

ab369c4db94893cbae59850b1a0da0d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
GetFileSecurityA
GetFileSecurityW
GetSecurityDescriptorLength
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

BackupRead
BackupSeek
CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
CreateThread
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MoveFileA
MoveFileW
MultiByteToWideChar
RaiseException
ReadConsoleA
ReadFile
RemoveDirectoryA
RemoveDirectoryW
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
ExitWindowsEx
LoadStringA
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Rar.txt
RarExt.dll
.dll windows:4 windows x86 arch:x86

03dc17bd3a57ac2349fc00288c2ae55f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateFileA
CreateFileW
DeleteCriticalSection
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByte
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
Sleep
SystemTimeToFileTime
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcpynA
lstrcpynW

comctl32

ord8
CreatePropertySheetPageA
DestroyPropertySheetPage

gdi32

CreateCompatibleDC
CreateFontA
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
GetObjectA
GetPixel
GetTextFaceA
GetTextMetricsA
Polygon
Polyline
SelectObject
SetBkColor
SetPixel
SetTextColor
TextOutA

shell32

DragQueryFileA
DragQueryFileW
ShellExecuteExA
SHGetPathFromIDListA

user32

BeginPaint
CharLowerA
CharLowerW
CharToOemA
CharUpperA
CharUpperW
CreatePopupMenu
EndPaint
EnumThreadWindows
GetClassNameA
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
InsertMenuItemA
InvalidateRect
LoadImageA
LoadStringA
MessageBoxA
OemToCharA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
wsprintfA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
ExtAddNames
ExtGetCommandString
ExtInvokeCommand
ExtProcessDrop
ExtQueryContextMenu
ExtSetDestFolder
___CPPdebugHook

Sections

.text
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RarExt64.dll
.dll windows:4 windows x64 arch:x64

7cfb181cdd03a8089bdd043557b8705e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ole32

ReleaseStgMedium

kernel32

lstrcpyW
CreateProcessA
GetTickCount
FreeLibrary
MultiByteToWideChar
FormatMessageA
LocalFree
WideCharToMultiByte
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
lstrcpynA
lstrcpynW
LoadLibraryExA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetLocaleInfoA
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetProcAddress
GetModuleHandleA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
Sleep
HeapSetInformation
HeapCreate
HeapDestroy
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
LeaveCriticalSection
EnterCriticalSection
RtlUnwindEx
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
LoadLibraryA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

wsprintfA
FindWindowA
WaitForInputIdle
LoadImageA
GetSysColor
CopyImage
CreatePopupMenu
InsertMenuItemA
IsWindow
SendMessageA
MessageBoxA

gdi32

GetObjectA
CreateCompatibleDC
SelectObject
GetPixel
SetPixel
DeleteDC
DeleteObject

shell32

SHGetPathFromIDListW
DragQueryFileA
DragQueryFileW

comctl32

ord8

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RarExtLoader.exe
.exe windows:4 windows x86 arch:x86

5b0fc82d05ce78abc7d8de8277908ca1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CreateFileA
ExitProcess
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTickCount
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
MapViewOfFile
OpenFileMappingA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumThreadWindows
GetMessageA
KillTimer
MessageBoxA
PostQuitMessage
RegisterClassA
SetTimer
TranslateMessage
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RarFiles.lst
ReadMe.txt
TechNote.txt
UnRAR.exe
.exe windows:4 windows x86 arch:x86

6ead8cdd324aa83b32b7037bd7925408

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CompareStringW
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetVersion
GetVersionExA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MoveFileA
MultiByteToWideChar
RaiseException
ReadConsoleA
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA

user32

CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
EnumThreadWindows
ExitWindowsEx
LoadStringA
MessageBoxA
OemToCharA
OemToCharBuffA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninstall.exe
.exe windows:4 windows x86 arch:x86

c61d8c850719ddcd92aa317807aae655

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
OleInitialize
OleUninitialize

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CopyFileA
CreateDirectoryA
CreateFileA
CreateFileW
CreateProcessA
DeleteFileA
DeleteFileW
ExitProcess
FindResourceA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTempPathA
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalMemoryStatus
HeapAlloc
HeapFree
IsDBCSLeadByte
LCMapStringA
LoadLibraryA
MoveFileA
MoveFileExA
MultiByteToWideChar
RaiseException
ReadFile
RemoveDirectoryA
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetHandleCount
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA

gdi32

CreateFontA
DeleteObject

shell32

SHChangeNotify
SHFileOperationA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
SHGetPathFromIDListA

user32

CheckDlgButton
DialogBoxParamA
EnableWindow
EndDialog
EnumThreadWindows
GetClassNameA
GetClientRect
GetDlgItem
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
InvalidateRect
IsDlgButtonChecked
LoadIconA
LoadStringA
MessageBoxA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
wsprintfA

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Uninstall.lst
UnrarSrc.txt
WhatsNew.txt
WinRAR.exe
.exe windows:4 windows x86 arch:x86

ad7d9d2ba8b191d67264494e50d82396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
GetFileSecurityA
GetFileSecurityW
GetSecurityDescriptorLength
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
SetFileSecurityA
SetFileSecurityW

kernel32

BackupRead
BackupSeek
BeginUpdateResourceA
CloseHandle
CompareFileTime
CompareStringA
CompareStringW
CopyFileA
CreateDirectoryA
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateThread
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DosDateTimeToFileTime
EndUpdateResourceA
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
ExitProcess
ExitThread
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindResourceA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetOEMCP
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProfileStringA
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetThreadPriority
GetTickCount
GetTimeFormatA
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
IsDBCSLeadByte
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileW
MulDiv
MultiByteToWideChar
OpenFileMappingA
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
RemoveDirectoryW
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetPriorityClass
SetThreadPriority
SizeofResource
Sleep
SuspendThread
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
UpdateResourceA
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcmpiA
lstrcpyA
lstrlenA

comctl32

ord8
ord6
ImageList_Add
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Remove
ImageList_ReplaceIcon
ord17
PropertySheetA

comdlg32

ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA

gdi32

BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreatePatternBrush
CreatePen
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
ExtTextOutA
GetDeviceCaps
GetMapMode
GetObjectA
GetPixel
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
LineTo
MoveToEx
Polygon
Polyline
Rectangle
SelectObject
SetBkColor
SetMapMode
SetPixel
SetTextColor
StretchBlt
TextOutA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileW
ExtractIconExA
FindExecutableA
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
Shell_NotifyIconA
SHGetPathFromIDListA

user32

AppendMenuA
AppendMenuW
BeginPaint
BringWindowToTop
CallWindowProcA
CharLowerA
CharLowerW
CharToOemA
CharToOemBuffA
CharUpperA
CharUpperW
CheckDlgButton
CheckMenuItem
ClientToScreen
CloseClipboard
CopyIcon
CopyImage
CreateDialogIndirectParamA
CreateDialogParamA
CreateIcon
CreateIconIndirect
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawIconEx
DrawMenuBar
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumThreadWindows
EnumWindows
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FlashWindow
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetFocus
GetIconInfo
GetKeyState
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMessageA
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowTextW
GetWindowThreadProcessId
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsCharAlphaA
IsCharAlphaW
IsCharUpperA
IsCharUpperW
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadMenuA
LoadStringA
MapWindowPoints
MessageBeep
MessageBoxA
MoveWindow
OemToCharA
OemToCharBuffA
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseDC
RemovePropA
ScreenToClient
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageW
SetClipboardData
SetCursor
SetDlgItemInt
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoA
SetPropA
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UpdateWindow
ValidateRect
WindowFromPoint
wsprintfA
GetSystemMenu

ole32

CoCreateInstance
DoDragDrop
OleInitialize
OleSetClipboard
OleUninitialize

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 648KB - Virtual size: 652KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup.exe
.exe windows:4 windows x86 arch:x86

9973a3f6e39c19b8d727e1698f339914

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
WinExec
ResumeThread
SetFileAttributesA
SetPriorityClass
GetCurrentProcess
GetLastError
CreateProcessA
GetShortPathNameA
GetEnvironmentVariableA
GetModuleFileNameA

user32

PostQuitMessage
IsDlgButtonChecked
SetClassLongA
LoadIconA
CheckDlgButton
DialogBoxParamA

Sections

.ipe
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
setup2.exe
.exe windows:4 windows x86 arch:x86

237a51742fed62d237b6f1b75452402f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
SetFileTime
ExitProcess
GetCommandLineA
GetWindowsDirectoryA
GetTempPathA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
CloseHandle
lstrcmpiA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
MulDiv
FindNextFileA
FindFirstFileA
DeleteFileA
CopyFileA

user32

ExitWindowsEx
CharNextA
DialogBoxParamA
GetClassInfoA
SystemParametersInfoA
RegisterClassA
EndDialog
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CreateDialogParamA
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
LoadImageA
GetDC
EnableWindow
InvalidateRect
CreateWindowExA
GetWindowLongA
DrawFocusRect
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
TrackPopupMenu
wsprintfA
SendMessageA
CallWindowProcA
MapWindowPoints
GetWindowRect
ScreenToClient
PtInRect
LoadCursorA
SetCursor
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetWindowLongA

gdi32

SetBkColor
GetDeviceCaps
GetCurrentObject
GetObjectA
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegEnumKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 264KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dc4afefc02cd881eb79acc807bf4bce

Headers

File Characteristics

Imports

user32

oleaut32

kernel32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 13KB - Virtual size: 37KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 11KB - Virtual size: 10KB

8390514c40641509cd0941c1fb7588ab

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

gdi32

user32

Exports

Exports

Sections

AUTO Size: 59KB - Virtual size:

.idata Size: 4KB - Virtual size:

DGROUP Size: 4KB - Virtual size:

.bss Size: 210KB - Virtual size:

.edata Size: 512B - Virtual size:

.reloc Size: 5KB - Virtual size:

.rsrc Size: 1KB - Virtual size:

ab369c4db94893cbae59850b1a0da0d4

Headers

File Characteristics

Imports

advapi32

kernel32

shell32

user32

Exports

Exports

Sections

.text Size: 261KB - Virtual size: 264KB

.data Size: 16KB - Virtual size: 72KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 40KB - Virtual size: 40KB

03dc17bd3a57ac2349fc00288c2ae55f

Headers

File Characteristics

Imports

ole32

advapi32

kernel32

comctl32

gdi32

shell32

user32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 100KB

.data Size: 14KB - Virtual size: 52KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 8KB

7cfb181cdd03a8089bdd043557b8705e

Headers

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 13KB - Virtual size: 37KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 11KB - Virtual size: 10KB

AUTO
Size: 59KB - Virtual size:

.idata
Size: 4KB - Virtual size:

DGROUP
Size: 4KB - Virtual size:

.bss
Size: 210KB - Virtual size:

.edata
Size: 512B - Virtual size:

.reloc
Size: 5KB - Virtual size:

.rsrc
Size: 1KB - Virtual size:

.text
Size: 261KB - Virtual size: 264KB

.data
Size: 16KB - Virtual size: 72KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 40KB - Virtual size: 40KB

.text
Size: 96KB - Virtual size: 100KB

.data
Size: 14KB - Virtual size: 52KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 2KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 32KB

.data
Size: 6KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

.text
Size: 155KB - Virtual size: 156KB

.data
Size: 12KB - Virtual size: 56KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 40KB - Virtual size: 40KB

.text
Size: 58KB - Virtual size: 60KB

.data
Size: 10KB - Virtual size: 32KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB