281abe5b4bfe97bf512f548f9912c235_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

281abe5b4bfe97bf512f548f9912c235_JaffaCakes118
Size

954KB
MD5

281abe5b4bfe97bf512f548f9912c235
SHA1

708f7c52ec4acf1f5ee764fa51ccdbd981b21235
SHA256

ca10bb9856a34822627e07725cafdcee8721b5e15609275023cbf5d2af646832
SHA512

8f4b87ca77b79c15e99465080625e3b0c75bf9639a78ae211c5c5401312308cfd3638369ee1543e9e109a4d1de9b7082ec6be577a1998952130aab621ddb1429
SSDEEP

24576:clTdtjzewJI93i+cWsZWT1OY9io0d4YgX7MGaR/vo:45tOwY3i+cWBVwoigrMGa2

Score

7^/10

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 3 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/Basic.dll	acprotect
static1/unpack001/Box.dll	acprotect
static1/unpack001/iBox.dll	acprotect

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Basic.dll
unpack001/Box.dll
unpack001/Demo.dll
unpack001/ExecutionDemo.dll
unpack001/Functions.dll
unpack001/Hook.dll
unpack001/Importer.dll
unpack001/Protect.dll
unpack001/RLPack.exe
unpack001/TextDemo.dll
unpack001/TimeDemo.dll
unpack001/TimerDemo.dll
unpack001/iBox.dll
unpack001/keygen.exe
unpack001/lzma.dll

Files

281abe5b4bfe97bf512f548f9912c235_JaffaCakes118
.rar
ASM/clearEnd.inc
ASM/clearStart.inc
ASM/cryptEnd.inc
ASM/cryptStart.inc
Basic.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

PackPE32File

Sections

.packed
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Box.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

PackPE32File

Sections

.packed
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
C/RLPackSDK.h
Delphi/clearEnd.inc
Delphi/clearStart.inc
Delphi/cryptEnd.inc
Delphi/cryptStart.inc
Demo.dll
.dll windows:4 windows x86 arch:x86

d76270e15fa442b5e8aecaf89006a8ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

KillTimer
LoadIconA
SendMessageA
SetTimer
EndDialog
EnableWindow
DialogBoxParamA
GetDlgItem

kernel32

GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

Exports

Exports

RLPack_Demo
RLPack_RemoveDemo

Sections

.text
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 659B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Demo.ini
ExecutionDemo.dll
.dll windows:4 windows x86 arch:x86

f25216ffe20657cc62544d9c4199ffd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

GetDlgItem
KillTimer
LoadIconA
MessageBoxExA
SendMessageA
SetTimer
SetWindowTextA
EndDialog
EnableWindow
DialogBoxParamA
wsprintfA
IsWindowVisible

kernel32

GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

Exports

Exports

RLPack_ExecutionDemo
RLPack_RemoveDemo

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 805B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExecutionDemo.ini
Functions.dll
.dll windows:4 windows x86 arch:x86

7eb8427f27c50eb0d809dd52b9ea5c50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

FindWindowA

kernel32

GetModuleHandleA
VirtualAlloc
RtlMoveMemory
CloseHandle
CreateFileA
OpenMutexA

Exports

Exports

RLPack_CheckMutex
RLPack_GetWatermark
RLPack_IsDebuggerPresent
RLPack_IsPacked

Sections

.text
Size: 1024B - Virtual size: 962B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Help.chm
.chm
Hook.dll
.dll windows:4 windows x86 arch:x86

f8b580c1349715d9d10eb55699e524f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetModuleHandleA
GetProcAddress

Exports

Exports

RLPack_FreeModule
RLPack_HookModule
RLPack_SafeFreeModule
RLPack_SafeHookModule
RLPack_SetModuleBase

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Importer.dll
.dll windows:4 windows x86 arch:x86

0a395818bb1d82851b2626298d5a90dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadProcessMemory
lstrlenA
CloseHandle
CreateFileA
CreateFileMappingA
FreeLibrary
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsBadCodePtr
LoadLibraryA
MapViewOfFile
lstrcpyA
RtlZeroMemory
SetEndOfFile
SetFilePointer
UnmapViewOfFile
VirtualAlloc
VirtualFree
lstrcmpA

psapi

GetModuleFileNameExA
EnumProcessModules

Exports

Exports

GetModuleVersion
ImporterAddNewAPI
ImporterAddNewDll
ImporterAutoFixIAT
ImporterAutoSearchIAT
ImporterAutoSearchIATEx
ImporterCleanup
ImporterEstimatedSize
ImporterExportIAT
ImporterFindAPIWriteLocation
ImporterGetAPIName
ImporterGetAPINameEx
ImporterGetAPINameFromDebugee
ImporterGetAddedAPICount
ImporterGetAddedDllCount
ImporterGetDLLIndexEx
ImporterGetDLLNameFromDebugee
ImporterGetRemoteAPIAddress
ImporterInit
ImporterMoveIAT
ImporterRelocateWriteLocation
ImporterSetAutoFixOptions

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect.dll
.dll windows:4 windows x86 arch:x86

eca5bff7d1e639139e42688be9e7dad2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA

user32

MessageBoxExA

kernel32

lstrcpyA
lstrcmpA
CreateThread
ExitProcess
GetProcAddress
GetWindowsDirectoryA
LoadLibraryA
OpenProcess
ReadProcessMemory
RtlZeroMemory
VirtualAlloc
VirtualFree
lstrcatA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

RLPack_Protect

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 749B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 282B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RLPack.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RLPack
Size: 145KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TextDemo.dll
.dll windows:4 windows x86 arch:x86

dd1268ec91ea09f6a8a8ddc368db6c4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

user32

MessageBoxA

kernel32

ExitProcess
GetModuleFileNameA

shell32

ShellExecuteA

Exports

Exports

RLPack_RemoveDemo
RLPack_TextDemo

Sections

.text
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 523B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TextDemo.ini
TimeDemo.dll
.dll windows:4 windows x86 arch:x86

b887b622729db45c70ad4dc7d335d17e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

SetTimer
SetWindowTextA
SendMessageA
LoadIconA
KillTimer
IsWindowVisible
GetDlgItem
EndDialog
EnableWindow
DialogBoxParamA
wsprintfA
MessageBoxExA

kernel32

CreateFileA
GetSystemTime
GetModuleFileNameA
GetFileTime
FileTimeToSystemTime
ExitProcess
CloseHandle

shell32

ShellExecuteA

Exports

Exports

RLPack_RemoveDemo
RLPack_TimeDemo

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TimeDemo.ini
TimerDemo.dll
.dll windows:4 windows x86 arch:x86

d9e48c9205b92fa2043a228880af4236

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

SetTimer
SetWindowTextA
SendMessageA
KillTimer
GetDlgItem
EndDialog
DialogBoxParamA
wsprintfA
LoadIconA

kernel32

CreateThread
Sleep
GetModuleFileNameA
ExitProcess

shell32

ShellExecuteA

Exports

Exports

RLPack_RemoveDemo
RLPack_TimerDemo

Sections

.text
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 733B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TimerDemo.ini
iBox.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetBundleData
GetOptions
LoadProject

Sections

.packed
Size: - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.nfJBg86
Size: 512B - Virtual size: 528KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nfJBg86
Size: 181KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
license.reg
lzma.dll
.dll windows:4 windows x86 arch:x86

02aab51368c6f5d4720ae0b1722f4ae2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

oleaut32

VariantClear

Exports

Exports

Compress
FreeCompressionMemory
GetDescription
GetMinDataSize
GetUnpackerPointer
GetUnpackerSize
GetWorkMemorySize
PackmanSignature

Sections

.text
Size: - Virtual size: 88KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
乐趣下载.url
使用说明.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.packed Size: - Virtual size: 60KB

.rsrc Size: 14KB - Virtual size: 14KB

Headers

File Characteristics

Exports

Exports

Sections

.packed Size: - Virtual size: 144KB

.rsrc Size: 37KB - Virtual size: 37KB

d76270e15fa442b5e8aecaf89006a8ec

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 796B

.rdata Size: 1024B - Virtual size: 659B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 512B - Virtual size: 274B

f25216ffe20657cc62544d9c4199ffd1

Headers

File Characteristics

Imports

advapi32

user32

kernel32

shell32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 805B

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 512B - Virtual size: 480B

7eb8427f27c50eb0d809dd52b9ea5c50

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 962B

.rdata Size: 512B - Virtual size: 445B

.data Size: 512B - Virtual size: 132B

.reloc Size: 512B - Virtual size: 60B

f8b580c1349715d9d10eb55699e524f9

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 360B

.data Size: 512B - Virtual size: 152B

.reloc Size: 512B - Virtual size: 144B

0a395818bb1d82851b2626298d5a90dc

Headers

File Characteristics

Imports

.packed
Size: - Virtual size: 60KB

.rsrc
Size: 14KB - Virtual size: 14KB

.packed
Size: - Virtual size: 144KB

.rsrc
Size: 37KB - Virtual size: 37KB

.text
Size: 1024B - Virtual size: 796B

.rdata
Size: 1024B - Virtual size: 659B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 512B - Virtual size: 274B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 805B

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 512B - Virtual size: 480B

.text
Size: 1024B - Virtual size: 962B

.rdata
Size: 512B - Virtual size: 445B

.data
Size: 512B - Virtual size: 132B

.reloc
Size: 512B - Virtual size: 60B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 360B

.data
Size: 512B - Virtual size: 152B

.reloc
Size: 512B - Virtual size: 144B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 560B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 749B

.data
Size: 1024B - Virtual size: 14KB

.reloc
Size: 512B - Virtual size: 282B

.packed
Size: 512B - Virtual size: 216KB

.RLPack
Size: 145KB - Virtual size: 161KB

.text
Size: 1024B - Virtual size: 544B

.rdata
Size: 1024B - Virtual size: 523B

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 116B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1024B - Virtual size: 923B

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 1024B - Virtual size: 674B