General

Malware Config

Signatures

Files

• UNNAMED3.exe

  .exe windows x64

  99cf64363d4ed2b83ddf4532ad9d98cf

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  CloseHandle

  GetVersion

  LocalAlloc

  LocalFree

  GetModuleFileNameW

  ExitProcess

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  msvcrt

  __C_specific_handler

  shell32

  SHGetFolderPathW

  user32

  CharUpperBuffW

  Exports

  Exports

  Ȋ���T������iW�ՃV������ǂj�;����n�{[b8����J�f�U�-/������X8��ԓ��0/���]��zR��J��RiÐ�$XE����2 z�o\"��8��:u�h���l��ʽ$O���.<�(�s�"�٘9�w<C��� *�մ�4��h���"�f*XpdP=�e���t����L�=~�����V�i�%3ET�Wc�k��q��IZ�z9a)���Nb��r���vg�H3�8���%� ��������`5 j�n:]h��.F������a8lW�U�y�3��������_�:R'[I5�\�VB�x���;�ԏ�K����(ܚ�
  a�|�������o�,��?����bXB�1��&� ����h�ZI$���ڏz���X*3���{��J���֘���&�-�og��0�çp*B���.�{�.�d��NY����5������`��.�<ш΅�̀^�&�Vd��Y�X�-$8%Sf�k�"'{������^�rD|!��b�{����b;vJ������%�����#����(�U��ў&›�=d���,�O$�΃f�ԓ�7�i�N�H�U ��و� ���ʄ�;���D���i��iu��z�9��D@JKR�¬�-PL_���Y �xe
  [��V�]�*Se�I&%�*�O�{,�T���ӌN� q�e3}�i��s��@6|�������c��8��Bc��K���P̷E�M�l�����]9Eu~�
  m#)���[5��+��9G���E���A0��2�y#on���^�l�+��1O�l�[C������W��$������#.�g�����wTIa�X��1�C8^9����gA\��Mb�-��k���yb\����1��Y���y.[ZY����L�) �:�k��C����Mi���_V�1P�:!9G��iEI�
  �J�.jG�_-�q���!��Հv��|DS,��^��N�R�m�Rٴ�B�����;T�{�K&̤#�eMg�+�y7v�'��G^ꖊ�IGx>bǠ�� yH��5�!?�?5>;=��"�G��5G�Ü���Oo��I;��1�l�. �cb( �]����IX �Ǿ����<
  ����^�2%����f3&���NbE���{��M�Q.Q�y�V�`�8G=0g"��:9&N5`�YHf)�Za�dFς"���R�0.!�<Y;�� :.b����L���R��ώ�A��;J���x�+R�\���t�t���7X�9��y�Bw3ge�Z"uj��X ԓ�Y�v�e�D��L�L��� cQ��Aص��!O��u�u� �_�o��`b��f�x�����/|��6_�@���
  ��L�tTP��,�X��I��q�����i9��v+���Mt��"��uP��2=�������f�6JuRx��ϫ}ħ����^r(�鉼/�!��[u�T�=���F��%���ة��'�=��Z:]�L�p�"� a^�gg7��Q���Lĩ�&��'��t0��Q���n9J�����f�̈́�=�����?�ڗ�I6�h��^M*a��=)}̂&���ȨsOM��f��� ��?%3%���NK�6%���������M�7��f)��Դ�7�a/�wa3��3u��7�"v��.ʫ5f8�K���-��FRvA� ��$F�]�Y��$�&�R�ko������a��P �U�c��H8.�T�8�?;b���V��},*�(��e���^7g��J�Ά^� j�M�i#�Ϗ_�M"����D��>w�y�=/���>�P;�P��Ì�%��"��g��0#-�Q�_V���2V=-�5[kc���"8͍�JEͫ>�ܝ{-hK��y���3� ������/�p���!��{ e#�k4�����z���:uh�?�V�� A�nv�23��CI�&FW�ED�cSW~!�%�+�E�m�6��"��D�d�H<U54��X��lW�;9�„v�HJ�l5E�O(�|j�=+Zթ~�%��?�`�3f�����^��� ��$�4�=] �`�s���͜x�O�8L3r�������x�@��r̆+� �j��}�4� kk� _����R<��ê�������&��Z�lKơ�i�Β��4<3�}�ц�:��\��3~˙�Q{�@c��TO-�L� �eH���]��/EaX���o���Y�h�Ԛ �eu�d�Ket����c!&4�s��e,טB�,�%<xC�m��9МZx���ZП߀���ʏQ�H�_��Yaw�y�6��y_�-Vङ�����IG�d!C!��U�M?_�B�F�Ri��4u��YnS�Қv\R���24i�m?��#�
  $�U(Z�Rba������~�E�ߪC7��=��K �J�aq42���am�ͮ�t��Z���b�
  �P����q㲦��l�2�|kl�{eJsk��? $�f�
  ��=b�E�>R��)"��p g���J�A��C[p�a�%����ps��ε�oV��<Y��� _��F�X��lNC8-�p~�AJ� ���3Umոw��y����TAš'R�y�xn5@�M���0f)�������͇TΏ$��!M*+q���m�8�����6�"�}G�K�X#;�⯛&x����ԭ�A-�/����}ܚ�֜ ei�`��6�-_�A]W�B����4�<�p��T����G'�2(��iRV�`�ط�ڐ�q�-B}R�LQ�u�K�-h\�y��P���Y:tpM���S;���@Q|�q��g/�����?�3��i+���Z���T��򍿺#sS3�n�Q��%4{u�O�I�7�FhT�.�r1�_7�K�������F��7���e cAo�[�&'���h��-��OH�P:��+l�����z�%9��O�ߝxq�e�=�i���X"lִ"n������Q.�l��J�x9[S���_��D'���I��o���(��X?�fLV�kr��N�ɜF�(ۆ�M:�v�i'�[��c�@�uZf|U�Θ|�����(7-<��,6�)�h�7���֟mgq�)��䡤�Z�?ONm��4�%Sti/:����ҭ:�@
  R�K�!r�Pp����K{'����ݻ�J�

  Sections

  .text

  Size: - Virtual size: 157KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 3.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .pdata

  Size: - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .xdata

  Size: - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .bss

  Size: - Virtual size: 3KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CRT

  Size: - Virtual size: 104B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: - Virtual size: 16B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .kK1

  Size: - Virtual size: 3.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  ..9P

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .^mD

  Size: 9.1MB - Virtual size: 9.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 204B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE