skuld | Xeno-v1[.]1[.]4-x641[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Xeno-v1.1.4-x641.zip
Size

4.9MB
MD5

10d6a09d9e0031ce8446257c6cbe2776
SHA1

b35d206a3ee429647817f2640577058cd5324a40
SHA256

b4a941d057f1368a7314e07279a3c08691d93a2b0cf9310eb1edff63e9ddf4b8
SHA512

c669324d1577da7d0980953dabd69eb1cbaa68c91f5d19fb903faeb7e8baaf2794d85c2cd9b28b7f09e821efd6292f42434523b28bd26730a870bc747557f53f
SSDEEP

98304:MJ9cxX7dTh6upOa/855+s0HqGR58qsHQOa+Em1RPwlhuzqDeE2Q9wsWl:MXcxRQSNqZijR583M+57PwlIqCkfWl

Score

10^/10

skuld

Malware Config

Extracted

Family

skuld

https://discord.com/api/webhooks/1343723753242103868/09fTd57-J6ekLWzm8Uc27OAXCUKtS7zCT95Y4jS6IqKufxX_46yVhlzvdh3or-nI8svk

Signatures

Skuld family
skuld

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Xeno-v1.1.4-x64/Xeno.dll
unpack001/Xeno-v1.1.4-x64/Xeno.exe
unpack001/Xeno-v1.1.4-x64/XenoUI.dll

Files

Xeno-v1.1.4-x641.zip
.zip
Xeno-v1.1.4-x64/Xeno.dll
.dll windows:6 windows x64 arch:x64

27a311b1330c0aee48d1ddba70a324fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\rizve\Desktop\Projects\Xeno\build\Release\net8.0-windows\Xeno.pdb

Imports

libcrypto-3-x64

X509_get_ext_d2i
EVP_DigestFinal_ex
ASN1_STRING_length
X509_free
BIO_new_socket
EVP_sha512
ASN1_STRING_get0_data
OPENSSL_sk_value
EVP_DigestInit_ex
EVP_MD_CTX_free
GENERAL_NAMES_free
EVP_DigestUpdate
EVP_sha256
EVP_md5
X509_get_subject_name
OPENSSL_sk_num
X509_STORE_add_cert
d2i_X509
EVP_MD_CTX_new
X509_NAME_get_text_by_NID
X509_STORE_free
OPENSSL_thread_stop
BIO_ctrl

libssl-3-x64

OPENSSL_init_ssl
SSL_connect
SSL_peek
SSL_free
SSL_CTX_get_cert_store
SSL_CTX_set_default_verify_paths
SSL_new
SSL_CTX_free
SSL_CTX_ctrl
SSL_CTX_set_cert_store
SSL_CTX_use_certificate_file
SSL_CTX_use_PrivateKey_file
SSL_CTX_new
SSL_write
SSL_get_verify_result
TLS_client_method
SSL_CTX_set_default_passwd_cb_userdata
SSL_ctrl
SSL_set_bio
SSL_pending
SSL_read
SSL_set_verify
SSL_CTX_load_verify_locations
SSL_get1_peer_certificate
SSL_shutdown
SSL_get_error

kernel32

IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
InitOnceBeginInitialize
InitOnceComplete
GetLocaleInfoEx
FormatMessageA
LocalFree
WideCharToMultiByte
GetFileInformationByHandleEx
CopyFileW
AreFileApisANSI
SetFileInformationByHandle
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
SetUnhandledExceptionFilter
QueryPerformanceCounter
FindNextFileW
GetFileSizeEx
SetConsoleTitleA
CreateFile2
UnmapViewOfFile
MultiByteToWideChar
GlobalAlloc
GlobalFree
CloseHandle
FreeConsole
CreateFileMappingFromApp
GlobalLock
GetConsoleWindow
MapViewOfFileFromApp
GlobalUnlock
AllocConsole
SizeofResource
GetModuleHandleExW
GetProcessId
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32NextW
QueryFullProcessImageNameA
LockResource
Process32FirstW
LoadResource
FindResourceW
VirtualProtectEx
VirtualAllocEx
ReadProcessMemory
VirtualQueryEx
GetExitCodeProcess
TerminateProcess
GetModuleFileNameW
LoadLibraryA
GetCurrentProcessId
FindClose
FindFirstFileW
FindFirstFileExW
GetCurrentProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry
GetProcAddress
GetModuleFileNameA

user32

GetWindowThreadProcessId
MapVirtualKeyW
keybd_event
EnumWindows
OpenClipboard
SetForegroundWindow
PostMessageW
SetClipboardData
EmptyClipboard
CloseClipboard
GetForegroundWindow

advapi32

GetCurrentHwProfileW

ole32

CoCreateGuid

msvcp140

_Thrd_detach
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Cnd_signal
_Thrd_hardware_concurrency
?__ExceptionPtrCreate@@YAXPEAX@Z
_Strxfrm
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exceptions@std@@YAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Winerror_map@std@@YAHH@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Random_device@std@@YAIXZ
?id@?$collate@D@std@@2V0locale@2@A
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Strcoll
_Cnd_do_broadcast_at_thread_exit
_Cnd_wait
_Thrd_id
_Query_perf_counter
_Thrd_join
_Mtx_unlock
_Cnd_broadcast
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
?good@ios_base@std@@QEBA_NXZ
??7ios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ

ws2_32

bind
closesocket
select
shutdown
listen
WSAGetLastError
WSAAccept
WSASocketW
inet_pton
WSACleanup
WSAStartup
getpeername
getsockname
send
socket
ntohs
connect
recv
getsockopt
setsockopt
getaddrinfo
__WSAFDIsSet
getnameinfo
ioctlsocket
freeaddrinfo

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CertOpenSystemStoreW

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
memchr
__C_specific_handler
__current_exception_context
__current_exception
wcsrchr
strchr
_purecall
__std_exception_copy
__std_exception_destroy
__std_terminate
memcpy
memcmp
memmove
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
realloc

api-ms-win-crt-stdio-l1-1-0

freopen_s
_fseeki64
__stdio_common_vsprintf
fread
_get_stream_buffer_pointers
fsetpos
ungetc
setvbuf
fgetpos
fwrite
fputc
fclose
fflush
__acrt_iob_func
fgetc

api-ms-win-crt-runtime-l1-1-0

system
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
abort
_invalid_parameter_noinfo
_errno
_invalid_parameter_noinfo_noreturn
_beginthreadex

api-ms-win-crt-math-l1-1-0

ceil
atan2
atan
asin
floor
fmod
log
log10
acos
cosh
ceilf
log2
pow
round
sin
sinh
sqrt
tan
exp
ldexp
cos
_dsign
tanh

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
strtoull
strtoll
strtod
strtol

api-ms-win-crt-string-l1-1-0

strncmp
isdigit
strnlen
strspn
strcpy_s
_wcsicmp
isalnum
strcmp

api-ms-win-crt-filesystem-l1-1-0

_wstat64i32
_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

Exports

Exports

Attach
Compilable
DeAllocConsole
Execute
GetClients
Initialize
SetSettings

Sections

.text
Size: 975KB - Virtual size: 975KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Xeno-v1.1.4-x64/Xeno.exe
.exe windows:6 windows x64 arch:x64

d42595b695fc008ef2c56aabd8efd68e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
RtlVirtualUnwind
RtlLookupFunctionEntry
ResumeThread
RaiseFailFastException
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler
AddVectoredContinueHandler

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 555KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Xeno-v1.1.4-x64/XenoUI.deps.json
Xeno-v1.1.4-x64/XenoUI.dll
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\rizve\Desktop\Projects\Xeno\XenoUI\obj\Release\net8.0-windows\XenoUI.pdb

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Xeno-v1.1.4-x64/XenoUI.runtimeconfig.json
Xeno-v1.1.4-x64/scripts/Dex.lua
Xeno-v1.1.4-x64/scripts/Infinite Yield.lua
Xeno-v1.1.4-x64/scripts/Sine Wave.lua
Xeno-v1.1.4-x64/scripts/Spinning Donut.lua
Xeno-v1.1.4-x64/scripts/UNCCheckEnv.lua
.js

Sharing

General

Malware Config

Extracted

Signatures

Files

27a311b1330c0aee48d1ddba70a324fa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libcrypto-3-x64

libssl-3-x64

kernel32

user32

advapi32

ole32

msvcp140

ws2_32

crypt32

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 975KB - Virtual size: 975KB

.rdata Size: 203KB - Virtual size: 203KB

.data Size: 47KB - Virtual size: 54KB

.pdata Size: 33KB - Virtual size: 33KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 5KB - Virtual size: 4KB

d42595b695fc008ef2c56aabd8efd68e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 5.0MB - Virtual size: 5.0MB

.rdata Size: 4.6MB - Virtual size: 4.6MB

.data Size: 555KB - Virtual size: 916KB

.pdata Size: 114KB - Virtual size: 113KB

.xdata Size: 512B - Virtual size: 180B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 73KB - Virtual size: 73KB

.symtab Size: 512B - Virtual size: 4B

Headers

DLL Characteristics

File Characteristics

PDB Paths

Sections

.text Size: 89KB - Virtual size: 88KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 975KB - Virtual size: 975KB

.rdata
Size: 203KB - Virtual size: 203KB

.data
Size: 47KB - Virtual size: 54KB

.pdata
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 5.0MB - Virtual size: 5.0MB

.rdata
Size: 4.6MB - Virtual size: 4.6MB

.data
Size: 555KB - Virtual size: 916KB

.pdata
Size: 114KB - Virtual size: 113KB

.xdata
Size: 512B - Virtual size: 180B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 73KB - Virtual size: 73KB

.symtab
Size: 512B - Virtual size: 4B

.text
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 6KB - Virtual size: 5KB