Hiren's[.]BootCD[.]15[.]1[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

Hiren's.BootCD.15.1.iso
Size

500.1MB
MD5

b5de7a10dd1586d47535372ea1ad9bed
SHA1

ab491754b1c78e3d3f6a70b7c9ee02f9e694df93
SHA256

4efb2ff29af4395bf5188faae253cba1ac95b628159237095522974fac04e45f
SHA512

57bd9a03cf9dd97dc60217a45019869df4a6f62a346d61754c8169b44fad4a0ee108f145ff43c5dd5fbe7d1f9aeef15b42cfb13bc98a9ce595fabe41a4de9bd3
SSDEEP

12582912:k3QRpeNUB3pkj71E6uW2bsEEnl5yE5zDoHd/bBlf1zlvrW:kARpeNM3G/1E6X2bsE0YWny9bHf3j

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack002/HBCD/Programs/7z.dll	acprotect

UPX packed file 13 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/HBCD/HBCDMenu.exe	upx
static1/unpack002/HBCD/Programs/7z.dll	upx
static1/unpack002/HBCD/Programs/7z.exe	upx
static1/unpack002/HBCD/Programs/ComboFix.exe	upx
static1/unpack002/HBCD/Programs/EasyUHA.exe	upx
static1/unpack002/HBCD/Programs/IBProcMan.exe	upx
static1/unpack002/HBCD/Programs/KillBox.exe	upx
static1/unpack002/HBCD/Programs/ProcExp.exe	upx
static1/unpack002/HBCD/Programs/R-Kill.com	upx
static1/unpack002/HBCD/Programs/Splitter.exe	upx
static1/unpack002/HBCD/Programs/StartupMonitor.exe	upx
static1/unpack002/HBCD/Programs/snapshot.exe	upx
static1/unpack002/HBCD/Programs/uharc.exe	upx

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack002/HBCD/HBCDMenu.exe
unpack002/HBCD/Programs/7z.dll
unpack002/HBCD/Programs/7z.exe
unpack002/HBCD/Programs/ComboFix.exe
unpack002/HBCD/Programs/EasyUHA.exe
unpack002/HBCD/Programs/HBCDCustomizer.exe
unpack002/HBCD/Programs/IBProcMan.exe
unpack002/HBCD/Programs/KillBox.exe
unpack002/HBCD/Programs/ProcExp.exe
unpack002/HBCD/Programs/R-Kill.com
unpack002/HBCD/Programs/Splitter.exe
unpack002/HBCD/Programs/StartupMonitor.exe
unpack002/HBCD/Programs/uharc.exe

Files

Hiren's.BootCD.15.1.iso
.iso
out.iso
.iso
HBCD.txt
HBCD/Boot/Keyboard.bat
HBCD/Boot/SeagatDW
HBCD/Boot/SeagatDW.gz
.gz
SeagatDW
HBCD/Boot/chain.c32
HBCD/Boot/chntpw
HBCD/Boot/chntpw.gz
.gz
chntpw
HBCD/Boot/dban.gz
.gz
dban-1.0.7_i386.ima
HBCD/Boot/konboot.gz
.gz
FD0-konboot-v1.1-2in1.img
HBCD/Boot/memdisk
HBCD/Boot/memtest.gz
.gz
memtest
HBCD/Boot/menu.c32
HBCD/Boot/ntldr.gz
.gz
ntldr.img
HBCD/Boot/plpbt.bin
HBCD/Boot/pmagic.lst
.vbs
HBCD/Boot/pmagic/bzImage
HBCD/Boot/pmagic/initramfs
.gz
initramfs
HBCD/Boot/pmagic/pmodules/pmagic-6.7.sqfs
HBCD/Boot/smartbm.gz
.gz
HBCD/Boot/wmemtest.gz
.gz
HBCD/Dos/Astra.7z
.7z
HBCD/Dos/BiosBoot.7z
.7z
HBCD/Dos/CopyR.7z
.7z
HBCD/Dos/CopyWipe.7z
.7z
HBCD/Dos/DCC.7z
.7z
HBCD/Dos/DosNav.7z
.7z
HBCD/Dos/ESTest.7z
.7z
HBCD/Dos/FWizard.7z
.7z
HBCD/Dos/FastLynx.7z
.7z
HBCD/Dos/FileMave.7z
.7z
HBCD/Dos/HDAT2.7z
.7z
HBCD/Dos/HWiNFO.7z
.7z
HBCD/Dos/HddErase.7z
.7z
HBCD/Dos/HddTools.7z
.7z
HBCD/Dos/Img4Dos.7z
.7z
HBCD/Dos/Killdisk.7z
.7z
HBCD/Dos/MBRUtil.7z
.7z
HBCD/Dos/MHDD.7z
.7z
HBCD/Dos/Mix.7z
.7z
HBCD/Dos/NSSI.7z
.7z
HBCD/Dos/Network.7z
.7z
HBCD/Dos/NtPwd.7z
.7z
HBCD/Dos/Ntfs4Dos.7z
.7z
HBCD/Dos/PCI32.7z
.7z
HBCD/Dos/PtEdit.7z
.7z
HBCD/Dos/QuickVie.7z
.7z
HBCD/Dos/ReadNtfs.7z
.7z
HBCD/Dos/RegView.7z
.7z
HBCD/Dos/SavePart.7z
.7z
HBCD/Dos/SystemAn.7z
.7z
HBCD/Dos/TestDisk.7z
.7z
HBCD/Dos/Tools.7z
.7z
HBCD/Dos/VC.7z
.7z
HBCD/Dos/Victoria.7z
.7z
HBCD/Dos/VideoTes.7z
.7z
HBCD/Dos/Vivard.7z
.7z
HBCD/Dos/XOSL.7z
.7z
HBCD/Dos/dos.gz
.gz
HBCD/Dos/pResizer.7z
.7z
HBCD/HBCDMenu.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/3DPChip.cmd
HBCD/Programs/7-Zip.cmd
HBCD/Programs/7z.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CreateObject
GetHandlerProperty
GetHandlerProperty2
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetLargePageMode

Sections

UPX0
Size: - Virtual size: 568KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 320KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/7z.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/ATFCleaner.cmd
HBCD/Programs/AcronisDiskDirector.cmd
HBCD/Programs/AllUsersTempCleaner.cmd
.cmd .vbs
HBCD/Programs/AlternateStreamView.cmd
HBCD/Programs/AngryIPScanner.cmd
HBCD/Programs/AtlantisWord.cmd
.cmd .vbs
HBCD/Programs/AutoMountDrives.cmd
HBCD/Programs/AutoRuns.cmd
HBCD/Programs/Autologon.cmd
HBCD/Programs/AviraAntiVir.cmd
HBCD/Programs/BIOSMasterPasswordGenerator.cmd
HBCD/Programs/BartsStuffTest.cmd
HBCD/Programs/BellaVista.cmd
HBCD/Programs/BlueScreenView.cmd
HBCD/Programs/BootICE.cmd
HBCD/Programs/BootSect.cmd
HBCD/Programs/BulkRenameUtility.cmd
HBCD/Programs/BulletsPassView.cmd
HBCD/Programs/CCleaner.cmd
HBCD/Programs/CPUz.cmd
HBCD/Programs/CPorts.cmd
HBCD/Programs/Calcute.cmd
HBCD/Programs/ClamWinFreeAntivirus.cmd
HBCD/Programs/Cleanup.cmd
HBCD/Programs/CloneDisk.cmd
HBCD/Programs/CloneSpy.cmd
HBCD/Programs/ComboFix.cmd
HBCD/Programs/ComboFix.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/CompleteInternetRepair.cmd
HBCD/Programs/ContentAdvisorPasswordRemover.cmd
HBCD/Programs/CopyWipe.cmd
HBCD/Programs/CrystalDiskInfo.cmd
HBCD/Programs/DTemp.cmd
HBCD/Programs/DataRescueDD.cmd
HBCD/Programs/Defraggler.cmd
HBCD/Programs/DeleteDoctor.cmd
HBCD/Programs/DependencyWalker.cmd
HBCD/Programs/DeviceDoctor.cmd
HBCD/Programs/DialAFix.cmd
HBCD/Programs/Dialupass.cmd
HBCD/Programs/DisableAutorun.cmd
HBCD/Programs/DisableCompressOldFiles.cmd
HBCD/Programs/DiskCryptor.cmd
HBCD/Programs/DiskDigger.cmd
HBCD/Programs/DiskGenius.cmd
HBCD/Programs/DiskImage.cmd
HBCD/Programs/DiskMan4.cmd
HBCD/Programs/DiskSpeed.cmd
HBCD/Programs/DiskView.cmd
HBCD/Programs/DiskWipe.cmd
HBCD/Programs/DontSleep.cmd
HBCD/Programs/DoubleDriver.cmd
HBCD/Programs/DrWebCureIt.cmd
HBCD/Programs/DriveImageXML.cmd
HBCD/Programs/DuplicateFileFinder.cmd
HBCD/Programs/ERDComputerManagement.cmd
.cmd .vbs
HBCD/Programs/ERDExplorer.cmd
HBCD/Programs/ERUNT.cmd
HBCD/Programs/EasyUHA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/EditHosts.cmd
HBCD/Programs/Everything.cmd
HBCD/Programs/Explore2fs.cmd
HBCD/Programs/Ext2Explore.cmd
HBCD/Programs/Ext2fsd.cmd
HBCD/Programs/EzPCFix.cmd
HBCD/Programs/FastCopy.cmd
HBCD/Programs/Fat32Formatter.cmd
HBCD/Programs/FbInst.cmd
HBCD/Programs/FileDisk.cmd
HBCD/Programs/FileMon.cmd
HBCD/Programs/FileTypesMan.cmd
HBCD/Programs/Files/3DPChip.7z
.7z
HBCD/Programs/Files/7Zip.7z
.7z
HBCD/Programs/Files/ATFCleaner.7z
.7z
HBCD/Programs/Files/AngryIPScanner.7z
.7z
HBCD/Programs/Files/Atlantis.7z
.7z
HBCD/Programs/Files/AutoMountDrives.7z
.7z
HBCD/Programs/Files/AviraAntiVir.7z
.7z
HBCD/Programs/Files/BIOSMasterPasswordGenerator.7z
.7z
HBCD/Programs/Files/BellaVista.7z
.7z
HBCD/Programs/Files/BootICE.7z
.7z
HBCD/Programs/Files/BootSect.7z
.7z
HBCD/Programs/Files/BulkRenameUtility.7z
.7z
HBCD/Programs/Files/Calcute.7z
.7z
HBCD/Programs/Files/ClamWin.7z
.7z
HBCD/Programs/Files/Cleanup.7z
.7z
HBCD/Programs/Files/CloneDisk.7z
.7z
HBCD/Programs/Files/CloneSpy.7z
.7z
HBCD/Programs/Files/CompleteInternetRepair.7z
.7z
HBCD/Programs/Files/CopyWipeW.7z
.7z
HBCD/Programs/Files/CpuZ.7z
.7z
HBCD/Programs/Files/CrystalDiskInfo.7z
.7z
HBCD/Programs/Files/DLL.7z
.7z
HBCD/Programs/Files/DataRescueDD.7z
.7z
HBCD/Programs/Files/DependencyWalker.7z
.7z
HBCD/Programs/Files/DeviceDoctor.7z
.7z
HBCD/Programs/Files/DialAFix.7z
.7z
HBCD/Programs/Files/DiskCryptor.7z
.7z
HBCD/Programs/Files/DiskDigger.7z
.7z
HBCD/Programs/Files/DiskGenius.7z
.7z
HBCD/Programs/Files/DoubleDriver.7z
.7z
HBCD/Programs/Files/DriveImageXML.7z
.7z
HBCD/Programs/Files/DupFinder.7z
.7z
HBCD/Programs/Files/Everything.7z
.7z
HBCD/Programs/Files/Explore2fs.7z
.7z
HBCD/Programs/Files/Ext2Explore.7z
.7z
HBCD/Programs/Files/Ext2fsd.7z
.7z
HBCD/Programs/Files/EzPCFix.7z
.7z
HBCD/Programs/Files/FastCopy.7z
.7z
HBCD/Programs/Files/FileDisk.7z
.7z
HBCD/Programs/Files/FreeOTFE.7z
.7z
HBCD/Programs/Files/GImageX.7z
.7z
HBCD/Programs/Files/GMER.7z
.7z
HBCD/Programs/Files/GPU-Z.7z
.7z
HBCD/Programs/Files/GlaryRegistryRepair.7z
.7z
HBCD/Programs/Files/H2testw.7z
.7z
HBCD/Programs/Files/HDDCapacityRestore.7z
.7z
HBCD/Programs/Files/HDDLowLevelFormat.7z
.7z
HBCD/Programs/Files/HDDScan.7z
.7z
HBCD/Programs/Files/HDTune.7z
.7z
HBCD/Programs/Files/HijackThis.7z
.7z
HBCD/Programs/Files/HxD.7z
.7z
HBCD/Programs/Files/ImageForWindows.7z
.7z
HBCD/Programs/Files/ImgBurn.7z
.7z
HBCD/Programs/Files/InfraRecorder.7z
.7z
HBCD/Programs/Files/IrfanView.7z
.7z
HBCD/Programs/Files/IsoBuster.7z
.7z
HBCD/Programs/Files/LicenseCrawler.7z
.7z
HBCD/Programs/Files/MBRWiz.7z
.7z
HBCD/Programs/Files/MacriumReflect.7z
.7z
HBCD/Programs/Files/Malwarebytes.7z
.7z
HBCD/Programs/Files/Mkisofs.7z
.7z
HBCD/Programs/Files/MyDefrag.7z
.7z
HBCD/Programs/Files/NT6xFastInstaller.7z
.7z
HBCD/Programs/Files/NTPWEdit.7z
.7z
HBCD/Programs/Files/NTREGOPT.7z
.7z
HBCD/Programs/Files/NirSoft.7z
.7z
HBCD/Programs/Files/Notepad.7z
.7z
HBCD/Programs/Files/ODIN.7z
.7z
HBCD/Programs/Files/Opera.7z
.7z
HBCD/Programs/Files/PCwizard.7z
.7z
HBCD/Programs/Files/PartitionFindAndMount.7z
.7z
HBCD/Programs/Files/PartitionRecovery.7z
.7z
HBCD/Programs/Files/PartitionWizard.7z
.7z
HBCD/Programs/Files/PasswordRenew.7z
.7z
HBCD/Programs/Files/PcDecrapifier.7z
.7z
HBCD/Programs/Files/PhotoFiltre.7z
.7z
HBCD/Programs/Files/Piriform.7z
.7z
HBCD/Programs/Files/Prime95.7z
.7z
HBCD/Programs/Files/PuTTY.7z
.7z
HBCD/Programs/Files/RMPrepUSB.7z
.7z
HBCD/Programs/Files/RegEditPE.7z
.7z
HBCD/Programs/Files/RemoveFakeAntivirus.7z
.7z
HBCD/Programs/Files/Restoration.7z
.7z
HBCD/Programs/Files/Revouninstaller.7z
.7z
HBCD/Programs/Files/Roadkil.7z
.7z
HBCD/Programs/Files/SIW.7z
.7z
HBCD/Programs/Files/SM-StressTests.7z
.7z
HBCD/Programs/Files/SeagateDiscWizard.7z
.7z
HBCD/Programs/Files/SelfImage.7z
.7z
HBCD/Programs/Files/ShadowExplorer.7z
.7z
HBCD/Programs/Files/SmartDriverBackup.7z
.7z
HBCD/Programs/Files/SmartPartitionRecovery.7z
.7z
HBCD/Programs/Files/SoftPerfectFileRecovery.7z
.7z
HBCD/Programs/Files/SoftPerfectNetworkScanner.7z
.7z
HBCD/Programs/Files/SpaceSniffer.7z
.7z
HBCD/Programs/Files/Spread32.7z
.7z
HBCD/Programs/Files/SpybotSD.7z
.7z
HBCD/Programs/Files/SumatraPDF.7z
.7z
HBCD/Programs/Files/SuperAntiSpyware.7z
.7z
HBCD/Programs/Files/Sysinternals.7z
.7z
HBCD/Programs/Files/SystemExplorer.7z
.7z
HBCD/Programs/Files/TDSSKiller.7z
.7z
HBCD/Programs/Files/TFtpd32.7z
.7z
HBCD/Programs/Files/TeamViewer.7z
.7z
HBCD/Programs/Files/TeraCopy.7z
.7z
HBCD/Programs/Files/TestDisk.7z
.7z
HBCD/Programs/Files/TightVNC.7z
.7z
HBCD/Programs/Files/Tools.7z
.7z
HBCD/Programs/Files/TotalCmd.7z
.7z
HBCD/Programs/Files/TrID.7z
.7z
HBCD/Programs/Files/TrueCrypt.7z
.7z
HBCD/Programs/Files/TweakUI.7z
.7z
HBCD/Programs/Files/USBGrub.7z
.7z
HBCD/Programs/Files/UltimateWindowsTweaker.7z
.7z
HBCD/Programs/Files/Unlocker.7z
.7z
HBCD/Programs/Files/VFD.7z
.7z
HBCD/Programs/Files/Victoria.7z
.7z
HBCD/Programs/Files/VideoMemoryStressTest.7z
.7z
HBCD/Programs/Files/WDDataLifeguardDiagnostic.7z
.7z
HBCD/Programs/Files/WinMerge.7z
.7z
HBCD/Programs/Files/WinNTSetup.7z
.7z
HBCD/Programs/Files/WinSCP.7z
.7z
HBCD/Programs/Files/WindirStat.7z
.7z
HBCD/Programs/Files/WindowsGate.7z
.7z
HBCD/Programs/Files/XXClone.7z
.7z
HBCD/Programs/Files/XpAntiSpy.7z
.7z
HBCD/Programs/Files/XpFiles.7z
.7z
HBCD/Programs/FixHDC.cmd
HBCD/Programs/ForceRestart.cmd
HBCD/Programs/ForceShutdown.cmd
HBCD/Programs/FreeOTFE.cmd
HBCD/Programs/GImageX.cmd
HBCD/Programs/GMER.cmd
HBCD/Programs/GPU-Z.cmd
HBCD/Programs/GetDataFAT.cmd
HBCD/Programs/GetDataNTFS.cmd
HBCD/Programs/Ghost32.cmd
HBCD/Programs/GhostExp.cmd
HBCD/Programs/GlaryRegistryRepair.cmd
HBCD/Programs/Grub4DosInstaller.cmd
HBCD/Programs/H2testw.cmd
HBCD/Programs/HBCDCustomizer.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 208KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
HBCD/Programs/HBCDMenu.csv
HBCD/Programs/HDDCapacityRestore.cmd
HBCD/Programs/HDDLowLevelFormat.cmd
HBCD/Programs/HDDScan.cmd
HBCD/Programs/HDDScan28.cmd
HBCD/Programs/HDHacker.cmd
HBCD/Programs/HDTune.cmd
HBCD/Programs/HashMyFiles.cmd
HBCD/Programs/HijackThis.cmd
HBCD/Programs/HxD.cmd
HBCD/Programs/IBProcMan.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/ImageForWindows.cmd
HBCD/Programs/ImgBurn.cmd
HBCD/Programs/InfraRecorder.cmd
HBCD/Programs/InstalledCodec.cmd
HBCD/Programs/IrfanView.cmd
HBCD/Programs/IsoBuster.cmd
HBCD/Programs/JunctionDelete.cmd
HBCD/Programs/KeyTweak.cmd
HBCD/Programs/KillBox.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 244KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/LicenseCrawler.cmd
HBCD/Programs/MBRUtility.cmd
HBCD/Programs/MacriumReflect.cmd
HBCD/Programs/MailPassView.cmd
HBCD/Programs/Malwarebytes.cmd
HBCD/Programs/MbrFix.cmd
HBCD/Programs/MbrWizard.cmd
HBCD/Programs/MemTest.cmd
HBCD/Programs/MessenPass.cmd
HBCD/Programs/MonitorTester.cmd
HBCD/Programs/MouseEmulator.cmd
HBCD/Programs/MyDefrag.cmd
HBCD/Programs/MyUninstaller.cmd
HBCD/Programs/NT6xFastInstaller.cmd
HBCD/Programs/NTFSAccess.cmd
HBCD/Programs/NTFSLinksView.cmd
HBCD/Programs/NTPWEdit.cmd
HBCD/Programs/NetworkPasswordRecovery.cmd
HBCD/Programs/NewSID.cmd
HBCD/Programs/Ninite.cmd
HBCD/Programs/Notepad.cmd
HBCD/Programs/NtRegOpt.cmd
HBCD/Programs/ODINOpenDiskImagerinaNutshell.cmd
HBCD/Programs/OnScreenKeyboard.cmd
HBCD/Programs/OpenedFilesView.cmd
HBCD/Programs/OperaWebBrowser.cmd
HBCD/Programs/PCI32.cmd
HBCD/Programs/PCWizard.cmd
HBCD/Programs/PageDfrg.cmd
HBCD/Programs/PartSaving.cmd
HBCD/Programs/PartitionFindAndMount.cmd
HBCD/Programs/PartitionRecovery.cmd
HBCD/Programs/PartitionWizard.cmd
HBCD/Programs/PasswordRenew.cmd
HBCD/Programs/PcDecrapifier.cmd
HBCD/Programs/PhotoFiltre.cmd
HBCD/Programs/PhotoRec.cmd
HBCD/Programs/Prime95.cmd
HBCD/Programs/PrintFlush.cmd
HBCD/Programs/ProcExp.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/ProcessActivityView.cmd
HBCD/Programs/ProcessExplorer.cmd
HBCD/Programs/ProcessMonitor.cmd
HBCD/Programs/ProduKey.cmd
HBCD/Programs/ProtectDriveFromAutorunVirus.cmd
HBCD/Programs/PstPassword.cmd
HBCD/Programs/PuTTY.cmd
HBCD/Programs/R-Kill.com
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/RMPrepUSB.cmd
HBCD/Programs/RawCopy.cmd
HBCD/Programs/Recuva.cmd
HBCD/Programs/RegEditPE.cmd
HBCD/Programs/RegFromApp.cmd
HBCD/Programs/RegMon.cmd
HBCD/Programs/RegRestoreWizard.cmd
HBCD/Programs/RegScanner.cmd
HBCD/Programs/RegShot.cmd
HBCD/Programs/RegistryBackup.cmd
HBCD/Programs/RemoveFakeAntivirus.cmd
HBCD/Programs/RemoveRestrictionsTool.cmd
HBCD/Programs/RemoveWGA.cmd
HBCD/Programs/Restoration.cmd
HBCD/Programs/RevoUninstaller.cmd
HBCD/Programs/RootkitRevealer.cmd
HBCD/Programs/RouterPasswords.cmd
HBCD/Programs/RunAsDate.cmd
HBCD/Programs/SM-StressTests.cmd
HBCD/Programs/SeagateDiscWizard.cmd
HBCD/Programs/SearchMyFiles.cmd
HBCD/Programs/SelfImage.cmd
HBCD/Programs/ServiWin.cmd
HBCD/Programs/ShExView.cmd
HBCD/Programs/ShadowCopy.cmd
HBCD/Programs/ShadowExplorer.cmd
HBCD/Programs/ShellMenuNew.cmd
HBCD/Programs/ShowHiddenDevices.cmd
HBCD/Programs/Shredder.cmd
HBCD/Programs/SilentRunners.cmd
HBCD/Programs/SiwSystemInformation.cmd
HBCD/Programs/SmartDriverBackup.cmd
HBCD/Programs/SmartPartitionRecovery.cmd
HBCD/Programs/SmartSniff.cmd
HBCD/Programs/SnapShot.cmd
HBCD/Programs/SniffPass.cmd
HBCD/Programs/SoftPerfectFileRecovery.cmd
HBCD/Programs/SoftPerfectNetworkScanner.cmd
HBCD/Programs/SpaceMonger.cmd
HBCD/Programs/SpaceSniffer.cmd
HBCD/Programs/Speccy.cmd
HBCD/Programs/Splitter.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/Spread32.cmd
HBCD/Programs/SpybotSD.cmd
HBCD/Programs/SpywareBlaster.cmd
HBCD/Programs/StartupCPL.cmd
HBCD/Programs/StartupMonitor.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/SumatraPDF.cmd
HBCD/Programs/SuperAntiSpyware.cmd
HBCD/Programs/SystemExplorer.cmd
HBCD/Programs/TCPView.cmd
HBCD/Programs/TDSSKiller.cmd
HBCD/Programs/TFtpd32.cmd
HBCD/Programs/TeamViewer.cmd
HBCD/Programs/TeraCopy.cmd
HBCD/Programs/TestDisk.cmd
HBCD/Programs/TightVNCServer.cmd
HBCD/Programs/TightVNCViewer.cmd
HBCD/Programs/TotalCommander.cmd
HBCD/Programs/TrIDFileIdentifier.cmd
.cmd .vbs
HBCD/Programs/TrueCrypt.cmd
HBCD/Programs/TweakUI.cmd
HBCD/Programs/USBFormat.cmd
HBCD/Programs/UltimateWindowsTweaker.cmd
HBCD/Programs/Undelete.cmd
HBCD/Programs/UnknownDevices.cmd
HBCD/Programs/Unlocker.cmd
HBCD/Programs/UnstoppableCopier.cmd
HBCD/Programs/UpdateChecker.cmd
HBCD/Programs/UsbDeView.cmd
HBCD/Programs/Victoria.cmd
HBCD/Programs/VideoMemoryStressTest.cmd
HBCD/Programs/VirtualFloppyDrive.cmd
HBCD/Programs/VolumeSerialNumberChanger.cmd
HBCD/Programs/WDDataLifeguardDiagnostic.cmd
HBCD/Programs/WebBrowserPassView.cmd
HBCD/Programs/WinDirStat.cmd
HBCD/Programs/WinMerge.cmd
HBCD/Programs/WinNTSetup.cmd
HBCD/Programs/WinSCP.cmd
HBCD/Programs/WindowsGate.cmd
HBCD/Programs/WirelessKeyView.cmd
HBCD/Programs/WirelessNetView.cmd
HBCD/Programs/WriteProtectUSBDevicesOnThisPC.cmd
HBCD/Programs/XPAntiSpy.cmd
HBCD/Programs/XPKeyReader.cmd
HBCD/Programs/XXClone.cmd
HBCD/Programs/XpTCPIPWinsockRepair.cmd
HBCD/Programs/snapshot.exe
.exe windows:4 windows x86 arch:x86

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

07/11/2021, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1b:ee:e1:63:a1:b5:b6:e3:ed:fa:c4:a2:cd:5f:5e:dd
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

01/02/2011, 00:00

Not After

23/02/2014, 23:59

Subject

CN=Tom Ehlert Software e.K,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tom Ehlert Software e.K,L=Aachen,ST=North Rhine-Westphalia,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:34:9e:7f:05:8d:ef:3c:b8:8d:d8:79:88:e2:b2:63:c9:81:1b:7f
Signer

Actual PE Digest

10:34:9e:7f:05:8d:ef:3c:b8:8d:d8:79:88:e2:b2:63:c9:81:1b:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Sections

UPX0
Size: - Virtual size: 572KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/Programs/uharc.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 476KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 100KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HBCD/XP/X
HBCD/XP/XP.BIN
HBCD/XP/XP.wim
HBCD/XP/XpCustomize.cmd
HBCD/XP/XpDrvLAN.7z
.7z
HBCD/XP/XpDrvWLAN.7z
.7z
HBCD/grldr
HBCD/isolinux.bin
HBCD/isolinux.cfg
HBCD/menu-custom.lst
HBCD/menu.lst
.vbs
HBCDMenu.cmd
[BOOT]/Boot-NoEmul.img
autorun.inf
changes.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 44KB

UPX1 Size: 13KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 568KB

UPX1 Size: 320KB - Virtual size: 324KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 120KB

UPX1 Size: 68KB - Virtual size: 72KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 176KB

UPX1 Size: 17KB - Virtual size: 20KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 32KB

UPX1 Size: 8KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

LoadLi Size: 4KB - Virtual size: 1830.1MB

Size: 208KB - Virtual size: 4B

���� Size: - Virtual size:

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 64KB

UPX1 Size: 23KB - Virtual size: 24KB

.rsrc Size: 9KB - Virtual size: 12KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 244KB

UPX1 Size: 79KB - Virtual size: 80KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.7MB

UPX1 Size: 1.0MB - Virtual size: 1.0MB

.rsrc Size: 34KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 236KB

UPX1 Size: 45KB - Virtual size: 48KB

.rsrc Size: 137KB - Virtual size: 140KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 40KB

UPX1 Size: 16KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 60KB

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 13KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 568KB

UPX1
Size: 320KB - Virtual size: 324KB

.rsrc
Size: 6KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 120KB

UPX1
Size: 68KB - Virtual size: 72KB

.rsrc
Size: 1KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 176KB

UPX1
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 7KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 32KB

UPX1
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 4KB

LoadLi
Size: 4KB - Virtual size: 1830.1MB

��
Size: - Virtual size:

UPX0
Size: - Virtual size: 64KB

UPX1
Size: 23KB - Virtual size: 24KB

.rsrc
Size: 9KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 244KB

UPX1
Size: 79KB - Virtual size: 80KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 3.7MB

UPX1
Size: 1.0MB - Virtual size: 1.0MB

.rsrc
Size: 34KB - Virtual size: 36KB

UPX0
Size: - Virtual size: 236KB

UPX1
Size: 45KB - Virtual size: 48KB

.rsrc
Size: 137KB - Virtual size: 140KB

UPX0
Size: - Virtual size: 40KB

UPX1
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 60KB

UPX1
Size: 31KB - Virtual size: 32KB

.rsrc
Size: 2KB - Virtual size: 4KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

1b:ee:e1:63:a1:b5:b6:e3:ed:fa:c4:a2:cd:5f:5e:dd
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

10:34:9e:7f:05:8d:ef:3c:b8:8d:d8:79:88:e2:b2:63:c9:81:1b:7f
Signer

UPX0
Size: - Virtual size: 572KB

UPX1
Size: 226KB - Virtual size: 228KB

.rsrc
Size: 11KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 476KB

UPX1
Size: 100KB - Virtual size: 104KB

UPX2
Size: 512B - Virtual size: 4KB