Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Overview
overview
10Static
static
10d4164b1dab...05.exe
windows7-x64
3d4164b1dab...05.exe
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3$TEMP/ulicense.rtf
windows7-x64
4$TEMP/ulicense.rtf
windows10-2004-x64
1FarmFrenzy...ca.exe
windows7-x64
9FarmFrenzy...ca.exe
windows10-2004-x64
9FarmFrenzy...rp.exe
windows7-x64
1FarmFrenzy...rp.exe
windows10-2004-x64
1JNGLoad.dll
windows7-x64
3JNGLoad.dll
windows10-2004-x64
3Squall.dll
windows7-x64
1Squall.dll
windows10-2004-x64
1htmlayout.dll
windows7-x64
9htmlayout.dll
windows10-2004-x64
9wrapper.dll
windows7-x64
9wrapper.dll
windows10-2004-x64
9Behavioral task
behavioral1
Sample
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$TEMP/ulicense.rtf
Resource
win7-20240221-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral8
Sample
$TEMP/ulicense.rtf
Resource
win10v2004-20240508-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral9
Sample
FarmFrenzy3_America.exe
Resource
win7-20240611-en
windows7-x64
8 signatures
150 seconds
Behavioral task
behavioral10
Sample
FarmFrenzy3_America.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
6 signatures
150 seconds
Behavioral task
behavioral11
Sample
FarmFrenzy3_America.wrp.exe
Resource
win7-20240220-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral12
Sample
FarmFrenzy3_America.wrp.exe
Resource
win10v2004-20240611-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral13
Sample
JNGLoad.dll
Resource
win7-20240419-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral14
Sample
JNGLoad.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral15
Sample
Squall.dll
Resource
win7-20240508-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral16
Sample
Squall.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral17
Sample
htmlayout.dll
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral18
Sample
htmlayout.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral19
Sample
wrapper.dll
Resource
win7-20240508-en
windows7-x64
6 signatures
150 seconds
Behavioral task
behavioral20
Sample
wrapper.dll
Resource
win10v2004-20240611-en
windows10-2004-x64
5 signatures
150 seconds
General
-
Target
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05
-
Size
4.8MB
-
MD5
4aabaf1f2d1daaba7ac4c9fc9498e59f
-
SHA1
a975ce8ba928dc4e1562a7d277bb309f7c06f712
-
SHA256
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05
-
SHA512
5a54a2bee850be430983af39a184c9fe2c42252e4e24dd3b9aa49d4de92c61226c7c0b00018221b8364f4c7ddfd35ea9b0958ddda6dae601d314ba526170f1d9
-
SSDEEP
98304:66Q2rqI0O7L41KUOY3Aqrvj99849cOjk2WQV14ayHLQ3AA:66Q2rqI0O7Lfa3Aqrz849cckI14FMf
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule static1/unpack001/htmlayout.dll UPX -
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
Processes:
resource yara_rule static1/unpack001/htmlayout.dll acprotect -
Processes:
resource yara_rule static1/unpack001/wrapper.dll aspack_v212_v242 -
Processes:
resource yara_rule static1/unpack001/htmlayout.dll upx -
Unsigned PE 9 IoCs
Checks for missing Authenticode signature.
Processes:
resource d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05 unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/FarmFrenzy3_America.wrp.exe unpack001/JNGLoad.dll unpack001/Squall.dll unpack001/htmlayout.dll unpack002/out.upx unpack001/wrapper.dll
Files
-
d4164b1dab1337e28d3ce097a32b8635c893e1acaaf7136e745b90c44ee2cf05.exe windows:5 windows x86 arch:x86
b729b61eb1515fcf7b3e511e4e66258b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA
user32
ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject
shell32
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation
advapi32
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 409KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 289KB - Virtual size: 289KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:5 windows x86 arch:x86
039bcbc605477e8e87ec550c2e60e748
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary
user32
wsprintfW
ole32
CLSIDFromString
StringFromGUID2
Exports
Exports
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 963B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 64B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 588B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/bar.bmp
-
$PLUGINSDIR/modern-header.bmp
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll.dll windows:5 windows x86 arch:x86
9ea5bdc8c90dfcffe309465c26c89758
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
MulDiv
lstrlenW
HeapFree
GetProcessHeap
lstrcmpiW
HeapReAlloc
lstrcpynW
GetFileAttributesW
lstrcpyW
GetCurrentDirectoryW
SetCurrentDirectoryW
HeapAlloc
GlobalFree
user32
LoadCursorW
RemovePropW
DrawFocusRect
GetPropW
DrawTextW
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetCursor
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
GetClientRect
CharPrevW
CallWindowProcW
SetPropW
DestroyWindow
MapDialogRect
CharNextW
SendMessageW
GetWindowLongW
gdi32
SetTextColor
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
comdlg32
GetSaveFileNameW
CommDlgExtendedError
GetOpenFileNameW
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 590B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$TEMP/ulicense.rtf.rtf
-
Data/Data.pack
-
FarmFrenzy3_America.exe.exe windows:5 windows x86 arch:x86
Code Sign
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate
IssuerCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USNot Before15-06-2007 00:00Not After14-06-2012 23:59SubjectCN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before04-12-2003 00:00Not After03-12-2013 23:59SubjectCN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
65:0a:27:a0:4d:ba:a9:df:0c:06:de:bb:a3:98:30:54Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before19-12-2011 00:00Not After31-12-2014 23:59SubjectCN=Alawar Entertainment Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=-,O=Alawar Entertainment Inc,L=Alexandria,ST=Virginia,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0c:34:6b:ae:f8:c2:3b:af:06:8d:25:f8:c6:f2:f5:b5:be:8e:2b:28Signer
Actual PE Digest0c:34:6b:ae:f8:c2:3b:af:06:8d:25:f8:c6:f2:f5:b5:be:8e:2b:28Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 76KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 25KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 3KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.4MB - Virtual size: 3.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 664KB - Virtual size: 664KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
FarmFrenzy3_America.wrp.exe.exe windows:4 windows x86 arch:x86
e94e021976b1047ad56fe91cb5099023
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
CloseHandle
Module32FirstW
Module32NextW
WideCharToMultiByte
SetEndOfFile
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
CompareStringA
SetStdHandle
GetLocaleInfoW
InterlockedExchange
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetTimeZoneInformation
FlushFileBuffers
GetStartupInfoA
LocalFree
FormatMessageA
GetLastError
GetLongPathNameA
GetCurrentProcess
Sleep
MulDiv
SetPriorityClass
GetPriorityClass
SetThreadPriority
GetThreadPriority
GetCurrentThread
CreateFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
CreateFileW
MoveFileExA
DeleteFileA
GetFileSize
SetFilePointer
ReadFile
WriteFile
GetSystemTimeAsFileTime
MultiByteToWideChar
HeapFree
RaiseException
RtlUnwind
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetStartupInfoW
GetVersionExA
HeapAlloc
GetCPInfo
GetLocalTime
HeapReAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetModuleFileNameA
HeapSize
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
shell32
ShellExecuteA
SHGetFolderPathA
squall
SQUALL_Channel_GetVolume
SQUALL_Channel_SetPan
SQUALL_Channel_GetPan
SQUALL_Channel_SetVolume
SQUALL_Channel_Pause
SQUALL_Channel_Start
SQUALL_Pause
SQUALL_ChannelGroup_SetVolume
SQUALL_Channel_SetPlayPosition
SQUALL_Sample_Unload
SQUALL_Channel_GetLength
SQUALL_Sample_GetFileFrequency
SQUALL_Free
SQUALL_Stop
SQUALL_Listener_EAX_SetPreset
SQUALL_SetFileCallbacks
SQUALL_Init
SQUALL_Sample_LoadFile
SQUALL_Channel_GetPlayPosition
SQUALL_Channel_Stop
SQUALL_Channel_Status
SQUALL_Sample_PlayEx
jngload
?freeData@@YAXAAPAK@Z
?readMNG@@YAXPBXAAK1AAPAK@Z
shlwapi
PathFindFileNameA
psapi
EnumProcessModules
GetModuleFileNameExA
d3d8
Direct3DCreate8
dinput8
DirectInput8Create
winmm
timeEndPeriod
timeGetTime
timeBeginPeriod
ws2_32
inet_ntoa
recv
WSAGetLastError
socket
accept
bind
closesocket
connect
getpeername
getsockname
getsockopt
ioctlsocket
listen
recvfrom
__WSAFDIsSet
select
send
sendto
setsockopt
shutdown
htonl
htons
ntohs
ntohl
getservbyname
inet_addr
gethostbyname
user32
GetCursor
DrawTextW
GetCursorPos
DrawTextA
PostQuitMessage
MessageBoxA
GetKeyboardLayout
SendMessageW
IsIconic
DefWindowProcW
UnregisterClassW
DestroyWindow
DispatchMessageW
TranslateMessage
PeekMessageW
DestroyIcon
SetCursor
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
SetForegroundWindow
FindWindowA
AdjustWindowRect
GetWindowInfo
ReleaseDC
GetClientRect
GetDC
SetWindowPos
SetWindowLongW
SetActiveWindow
UpdateWindow
ShowWindow
SystemParametersInfoW
GetWindowLongW
gdi32
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
DeleteObject
DeleteDC
CreateFontW
CreateSolidBrush
CreateDIBSection
SetBkMode
CreateFontIndirectA
GetObjectA
SetBkColor
SetTextColor
GetDeviceCaps
CreateFontIndirectW
GetTextExtentPoint32W
CreateCompatibleDC
advapi32
RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
Sections
.text Size: 3.6MB - Virtual size: 3.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 804KB - Virtual size: 803KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 520KB - Virtual size: 517KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
JNGLoad.dll.dll windows:4 windows x86 arch:x86
b019958100a358b3512fda93f23b2ae9
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
d:\Work\Engine\Src\JNGLoad\ReleaseGuard_st\JNGLoad.pdb
Imports
kernel32
GetTickCount
HeapAlloc
HeapFree
RaiseException
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetUnhandledExceptionFilter
GetLastError
WriteFile
ReadFile
CloseHandle
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FlushFileBuffers
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadCodePtr
HeapSize
SetStdHandle
LoadLibraryA
InterlockedExchange
VirtualQuery
CreateFileA
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
VirtualProtect
GetSystemInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetLocaleInfoA
Exports
Exports
?freeData@@YAXAAPAK@Z
?readMNG@@YAXPBXAAK1AAPAK@Z
Sections
.text Size: 308KB - Virtual size: 306KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 38KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Squall.dll.dll windows:4 windows x86 arch:x86
683559c4c245f4cde98c8ffb08209927
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
WaitForSingleObject
SetThreadPriority
CreateThread
CreateEventA
CloseHandle
TerminateThread
GetModuleHandleA
IsBadReadPtr
GetCurrentThreadId
CreateMutexA
IsBadWritePtr
IsBadCodePtr
CreateFileA
ReadFile
SetFilePointer
GlobalAlloc
GlobalFree
ReleaseMutex
lstrcpynA
lstrcpyA
GlobalLock
GlobalUnlock
GlobalHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
Sleep
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetVersion
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
ExitProcess
TerminateProcess
GetCurrentProcess
GetProcAddress
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
GetLastError
FlushFileBuffers
WriteFile
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
RaiseException
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetStdHandle
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
user32
CreateWindowExA
RegisterClassA
DefWindowProcA
DestroyWindow
IsWindow
wsprintfA
ole32
CoUninitialize
CoInitialize
CoCreateInstance
dsound
ord2
winmm
waveOutGetNumDevs
timeGetTime
Exports
Exports
SQUALL_ChannelGroup_Pause
SQUALL_ChannelGroup_SetFrequency
SQUALL_ChannelGroup_SetVolume
SQUALL_ChannelGroup_Stop
SQUALL_Channel_EAX_GetProperties
SQUALL_Channel_EAX_SetProperties
SQUALL_Channel_Get3DPosition
SQUALL_Channel_GetConeParameters
SQUALL_Channel_GetFragment
SQUALL_Channel_GetFragmentMs
SQUALL_Channel_GetFrequency
SQUALL_Channel_GetLength
SQUALL_Channel_GetLengthMs
SQUALL_Channel_GetLoop
SQUALL_Channel_GetMinMaxDistance
SQUALL_Channel_GetPan
SQUALL_Channel_GetPlayPosition
SQUALL_Channel_GetPlayPositionMs
SQUALL_Channel_GetPriority
SQUALL_Channel_GetVelocity
SQUALL_Channel_GetVolume
SQUALL_Channel_Pause
SQUALL_Channel_Set3DPosition
SQUALL_Channel_SetConeParameters
SQUALL_Channel_SetFragment
SQUALL_Channel_SetFragmentMs
SQUALL_Channel_SetFrequency
SQUALL_Channel_SetLoop
SQUALL_Channel_SetMinMaxDistance
SQUALL_Channel_SetPan
SQUALL_Channel_SetPlayPosition
SQUALL_Channel_SetPlayPositionMs
SQUALL_Channel_SetPriority
SQUALL_Channel_SetVelocity
SQUALL_Channel_SetVolume
SQUALL_Channel_SetWorker
SQUALL_Channel_Start
SQUALL_Channel_Status
SQUALL_Channel_Stop
SQUALL_Channel_ZOOMFX_GetProperties
SQUALL_Channel_ZOOMFX_SetProperties
SQUALL_Free
SQUALL_Get3DAlgorithm
SQUALL_GetBufferSize
SQUALL_GetChannelsInfo
SQUALL_GetDevice
SQUALL_GetDeviceCaps
SQUALL_GetDeviceName
SQUALL_GetEAXVersion
SQUALL_GetHardwareAcceleration
SQUALL_GetNumDevice
SQUALL_GetSpeakerMode
SQUALL_Init
SQUALL_Listener_EAX_GetProperties
SQUALL_Listener_EAX_SetPreset
SQUALL_Listener_EAX_SetProperties
SQUALL_Listener_GetDistanceFactor
SQUALL_Listener_GetDopplerFactor
SQUALL_Listener_GetParameters
SQUALL_Listener_GetPosition
SQUALL_Listener_GetRolloffFactor
SQUALL_Listener_GetVelocity
SQUALL_Listener_SetDistanceFactor
SQUALL_Listener_SetDopplerFactor
SQUALL_Listener_SetParameters
SQUALL_Listener_SetPosition
SQUALL_Listener_SetRolloffFactor
SQUALL_Listener_SetVelocity
SQUALL_Listener_SetWorker
SQUALL_Listener_Update
SQUALL_Pause
SQUALL_SampleGroup_Play
SQUALL_SampleGroup_Play3D
SQUALL_SampleGroup_Play3DEx
SQUALL_SampleGroup_PlayEx
SQUALL_Sample_GetDefault
SQUALL_Sample_GetFileFrequency
SQUALL_Sample_GetFileLength
SQUALL_Sample_GetFileLengthMs
SQUALL_Sample_LoadFile
SQUALL_Sample_Pause
SQUALL_Sample_Play
SQUALL_Sample_Play3D
SQUALL_Sample_Play3DEx
SQUALL_Sample_PlayEx
SQUALL_Sample_SetDefault
SQUALL_Sample_Stop
SQUALL_Sample_Unload
SQUALL_Sample_UnloadAll
SQUALL_Set3DAlgorithm
SQUALL_SetBufferSize
SQUALL_SetDevice
SQUALL_SetFileCallbacks
SQUALL_SetHardwareAcceleration
SQUALL_SetMemoryCallbacks
SQUALL_SetSpeakerMode
SQUALL_Stop
Sections
.text Size: 284KB - Virtual size: 280KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 168KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
htmlayout.dll.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
HTMLayoutAppendMasterCSS
HTMLayoutAttachEventHandler
HTMLayoutAttachEventHandlerEx
HTMLayoutCallBehaviorMethod
HTMLayoutClassNameA
HTMLayoutClassNameW
HTMLayoutClearAttributes
HTMLayoutClipboardCopy
HTMLayoutCloneElement
HTMLayoutCombineURL
HTMLayoutControlGetType
HTMLayoutControlGetValue
HTMLayoutControlSetValue
HTMLayoutCreateElement
HTMLayoutDataReady
HTMLayoutDataReadyAsync
HTMLayoutDeclareElementType
HTMLayoutDeleteElement
HTMLayoutDetachElement
HTMLayoutDetachEventHandler
HTMLayoutDialog
HTMLayoutElementGetExpando
HTMLayoutElementSetExpando
HTMLayoutEnumElementStyles
HTMLayoutEnumResources
HTMLayoutEnumerate
HTMLayoutFindElement
HTMLayoutGetAttributeByName
HTMLayoutGetAttributeCount
HTMLayoutGetCharacterRect
HTMLayoutGetChildrenCount
HTMLayoutGetElementByUID
HTMLayoutGetElementHtml
HTMLayoutGetElementHwnd
HTMLayoutGetElementIndex
HTMLayoutGetElementInnerText
HTMLayoutGetElementInnerText16
HTMLayoutGetElementLocation
HTMLayoutGetElementState
HTMLayoutGetElementText
HTMLayoutGetElementType
HTMLayoutGetElementUID
HTMLayoutGetFocusElement
HTMLayoutGetGraphin
HTMLayoutGetMinHeight
HTMLayoutGetMinWidth
HTMLayoutGetNthAttribute
HTMLayoutGetNthChild
HTMLayoutGetParentElement
HTMLayoutGetRootElement
HTMLayoutGetScrollInfo
HTMLayoutGetSelectedHTML
HTMLayoutGetStyleAttribute
HTMLayoutHidePopup
HTMLayoutHttpRequest
HTMLayoutInit
HTMLayoutInsertElement
HTMLayoutIsElementEnabled
HTMLayoutIsElementVisible
HTMLayoutLoadFile
HTMLayoutLoadHtml
HTMLayoutLoadHtmlEx
HTMLayoutMoveElement
HTMLayoutParseValue
HTMLayoutPostEvent
HTMLayoutProc
HTMLayoutProcND
HTMLayoutProcW
HTMLayoutProcessUIEvent
HTMLayoutRangeAdvancePos
HTMLayoutRangeCreate
HTMLayoutRangeFromPositions
HTMLayoutRangeFromSelection
HTMLayoutRangeInsertHtml
HTMLayoutRangeIsEmpty
HTMLayoutRangeRelease
HTMLayoutRangeReplace
HTMLayoutRangeToHtml
HTMLayoutRender
HTMLayoutRenderElement
HTMLayoutRequestElementData
HTMLayoutScrollToView
HTMLayoutSelectElements
HTMLayoutSelectElementsW
HTMLayoutSelectParent
HTMLayoutSelectParentW
HTMLayoutSelectionExist
HTMLayoutSendEvent
HTMLayoutSetAttributeByName
HTMLayoutSetCSS
HTMLayoutSetCallback
HTMLayoutSetCapture
HTMLayoutSetDataLoader
HTMLayoutSetElementHtml
HTMLayoutSetElementInnerText
HTMLayoutSetElementInnerText16
HTMLayoutSetElementState
HTMLayoutSetHttpHeaders
HTMLayoutSetMasterCSS
HTMLayoutSetMediaType
HTMLayoutSetMode
HTMLayoutSetOption
HTMLayoutSetScrollPos
HTMLayoutSetStyleAttribute
HTMLayoutSetTimer
HTMLayoutSetTimerEx
HTMLayoutSetupDebugOutput
HTMLayoutShowPopup
HTMLayoutShowPopupAt
HTMLayoutSortElements
HTMLayoutSwapElements
HTMLayoutTraverseUIEvent
HTMLayoutUpdateElement
HTMLayoutUpdateElementEx
HTMLayoutUpdateView
HTMLayoutUpdateWindow
HTMLayoutVisitElements
HTMLayoutWindowAttachEventHandler
HTMLayoutWindowDetachEventHandler
HTMLayout_UnuseElement
HTMLayout_UseElement
HTMLiteAdvanceFocus
HTMLiteCreateInstance
HTMLiteDestroyInstance
HTMLiteFindElement
HTMLiteGetDocumentMinHeight
HTMLiteGetDocumentMinWidth
HTMLiteGetRootElement
HTMLiteGetTag
HTMLiteLoadHtmlFromFile
HTMLiteLoadHtmlFromMemory
HTMLiteMeasure
HTMLiteRender
HTMLiteRenderOnBitmap
HTMLiteSetCallback
HTMLiteSetDataReady
HTMLiteSetDataReadyAsync
HTMLiteSetMediaType
HTMLiteSetTag
HTMLiteTraverseUIEvent
HTMPrintCreateInstance
HTMPrintDestroyInstance
HTMPrintGetDocumentHeight
HTMPrintGetDocumentMinWidth
HTMPrintGetRootElement
HTMPrintGetTag
HTMPrintLoadHtmlFromFile
HTMPrintLoadHtmlFromMemory
HTMPrintMeasure
HTMPrintRender
HTMPrintSetDataReady
HTMPrintSetHyperlinkAreaCallback
HTMPrintSetLoadDataCallback
HTMPrintSetMediaType
HTMPrintSetNextPageCallback
HTMPrintSetTag
ValueBinaryData
ValueBinaryDataSet
ValueClear
ValueCopy
ValueElementsCount
ValueFloatData
ValueFloatDataSet
ValueFromString
ValueGetValueOfKey
ValueInit
ValueInt64Data
ValueInt64DataSet
ValueIntData
ValueIntDataSet
ValueInvoke
ValueNthElementKey
ValueNthElementValue
ValueNthElementValueSet
ValueSetValueToKey
ValueStringData
ValueStringDataSet
ValueToString
ValueType
_ValueEnumElements@12
Sections
UPX0 Size: - Virtual size: 1.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 670KB - Virtual size: 672KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 164KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 95KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 80KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
license.txt
-
manifest.xml.xml
-
partner.ini
-
registrator.ini
-
wrapper.dll.dll windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
??0INIFile@@QAE@PBD_N@Z
??0INIFile@@QAE@PB_W_N@Z
??1INIFile@@QAE@XZ
?DllGetRegInfo@@YAXPAD@Z
?DllSetRegKey@@YAPADXZ
?ReadInteger@INIFile@@QAEHPBD0H@Z
?ReadInteger@INIFile@@QAEHPB_W0H@Z
?ReadString@INIFile@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD00@Z
?SetConnection@@YAXPAX@Z
?StartWrapper@@YAHXZ
?WriteValue@INIFile@@QAEXPB_W00_N@Z
?WriteValue@INIFile@@QAEXPB_W0ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@_N@Z
?WriteValue@INIFile@@QAEXPB_W0H_N@Z
?add_to_mem_store@@YAXPB_WPAXI@Z
?add_to_mem_store@PluginAPI@@YAXPB_WPAXI@Z
?banner_clicked@@YA_NXZ
?banner_clicked@PluginAPI@@YA_NXZ
?debugLog@@YAXPBD@Z
?get@INIFile@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD0@Z
?get@INIFile@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W0@Z
?getACP@INIFile@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W0@Z
?getAsUTF8@INIFile@@QBE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PB_W0@Z
?get_cache_path@PluginAPI@@YAPB_WXZ
?get_game_id@PluginAPI@@YAHXZ
?get_initial_page@@YAHXZ
?get_initial_page@PluginAPI@@YAHXZ
?get_locale@PluginAPI@@YAPBDXZ
?get_partner_id@PluginAPI@@YAHXZ
?get_protocol_version@PluginAPI@@YAPBDXZ
?get_stats_url@PluginAPI@@YAPBDXZ
?get_user_id@PluginAPI@@YAHXZ
?get_user_id_token@PluginAPI@@YAPBD_N@Z
?handle_hyperlink@@YAXPB_W@Z
?handle_hyperlink@PluginAPI@@YAXPB_W@Z
?is_game_to_start@@YA_NXZ
?is_game_to_start@PluginAPI@@YA_NXZ
?set@INIFile@@QAE_NPBD00_N@Z
?set@INIFile@@QAE_NPB_W00_N@Z
?write@INIFile@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?write_to_log@PluginAPI@@YAXPB_W@Z
DllGetAxml
Sections
Size: 364KB - Virtual size: 976KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 85KB - Virtual size: 248KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 5KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 30KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 164KB - Virtual size: 164KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE