General

Malware Config

Signatures

Files

• d494e9b4970d2d6792a117d6cc908d8424fe1e69c21a8075465ba431faa9c651

  .rar
• Wall Hack.dll

  .dll windows x86

  cc2e430bb17e9f2de64e87ccae96afbe

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  OutputDebugStringA

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  SetRect

  MessageBoxA

  msvcr90

  _except_handler4_common

  gdi32

  CreateFontIndirectA

  advapi32

  RegOpenKeyA

  Exports

  Exports

  ��*=��V4�CN����u9 ��I]����3�V��{|�GqN�%����.�w��'�"5Y�=Ϳ�X�$�Z}���)al�=��#�Ƹ^��4H��a���$�x����1X`��E�9r��x4 Y�T��d9���{��^AͼH`�X~R?���"���j���VXv')����ˣ�C7WT�:Ϛ^q��m=w)B���>����ŶgV��s��TK�Ը!�m �z��%n|�Gޞc�k�d��=���;8��kv�%�ʪ����4$ʚ�y�@���Q����k c�#X���m�W�1-ޚ�)t��uI,��nٛ��x h88�ú�d�t_��8�2]�ە���;�'�l�6 �)�*���t��:�6����B��P�. ���%�t˜��� -����Ɏ�"Qς�Z�`�B�Kk,C%�U￣�DŽb�A�
  ]3��7`Cu��D���t//=�����`��Ng���$@2M,��v��p�,�����$X��PrC���m]m ��u&po1�D�'g�Ӑ?s�%zϗI���:��B��R[-��OU�4C�]x+�Bޜ�.Ԗ�5CY3g��߭6u��3�s�hmU��F�L!�īS8&�@r&VC��@\�p�PK���HL�~���?�M?����������~��z�l���zwn�|�H���`�8_���Ol�L)�4��l��'*�����@}���sĂ��iʒ1�?̓��H$K�sH��8I��Xk2��pd�E��y�@��x_��62�(�!VT��ْOݮE!�;�UAӁE��m��;����Fk7x��L�H؃�F�ڹ���n„�Gu<n��Ad��<㓣��h����Lz�4{�����J�_���=�2ͳ
  �+�8n�"~�oLp���:2}wU~�F���kk�c������Ĉ�/"�q�0,?��3���D��H3A�ڎ,M�>� �!���ļ��6Y� d
  �����-�J�f��͓.��r�2�S_���r�����Hf�T�8��q&�o �x5dz9Z;,��0�T?�ɶ:CA��~ٶ켰�N_���8% �5�`�s8����9"a���lYN�"RU�!�gg �t{�)4(gq�)����F��O���p���) �oP&���;"��8�{>w����6bN4�ioc/�
  *p����w�-��e��WD��ms����p5̯.=-�@t������-�S�ѽ�^�e�4[�Kd!F �\�MZ,�ҩd4לZ����?��o��D��g0Z4~�� V̼�zu�0�@��-}�͋�X�)�d��4lC�*���@��_%�SKfb�/k�K)�Nd��1��s��?~R�}6%o�e��g���͋����d�?�����5�K��:�~ײ�+�HQ2�!D{���+����9]���Qy���\���%aC�^�_��li��u��*�nJ��B\~6NS��^[�B�:�ZhΆ�*ބe�����~�<ؒ�3k�<$Z��4�cJ������:֠R�qݤ{�(ve�J`p8ųѿ�=e�r��XQ�����@#�Y״�����]�sqL*���y
  p�`D��S�AM+�����_�l=���I���hA��:~�����Y/��B^���d μ�1�-�{���IV!X%Sn��������Fȫ��I
  ���/�+ ��TT��b���S�o���S=���[}v_cf�tp���Q�F�x�����/= �SG�_���E���"�����43�w �6������}fAjgp7j��ϊ�L�
  ��2M��a]�)�baY�כ�꘱#$�"K?~�db�H `���P��g&�G�$�aS����^z�L�pWMjF�����
  7ox��9�|1�����:OY?��B��t".���iQ���}K4��@��7�� 4������i�J%��f2�>Z*l�������>DwQxs�eɺ��ڌiR]��l��f�����eRŎ7Z�t����i����9Yb�~��?�fZD�;f ��;<6sE��rFa��԰��)��tѣ�F�ѤlØh8�a��it�x�1p�.֦�� � �LR�������=�Mw��']�Rb���l���md.q9�)��
  ������l�U_��>~o��zO�K� �)K/�'[�@ 7��s���w6�Z�d��b[�R,F����ˑ�a �$(��#�29����[
  �s�ʜ�3���q��O�������z(��
  [v�KwÄ�]f�3P��VA �LΫ�`f����Ї��M)/����S���w�M���C��/A�*A�S*6C`2�{ũ�_�r� �_�5_��z~rd�ğAs���R|o���m���7L.�s ��AǴ��@ª=t�
  ���s�^M�Vqʄ����Ҝ��29�����A����0Y��,9��֛�����
  ӱ���=0|���dv����80�+���}�t7���q]�� {�]��?�[�����t�m2�(���gU�|!xQ�leyW�x<��q�ڔ�T����:W("�)�&��{��)����rS�񟇄�|a�^�bg�. �nB���k�5/��)���;��T��'4 �\�<��Yx(HY�p�<Z��~5�/9���'�Q��������t<ڿ5�f�0�����O�R�z����1+pDێS�]��D
  �ǖ��J>�!� x��MeW�k�>�/l���u��H�k�_�Wvs��d ��~�U{�4��{��C��[��0F�11 ���4]�
  ���v��AS�n�%M���v��|��!� @EބWKByz���痡f�S(��!Ђ�DKM�
  � j��cHy��h:w�?%��SF��y��7��3+dޤ��h���^�B
  p�K��9p������)��N��_�ΚZ�ف�������MF�:�g�/��cQ�W��zq�6��(j�f-��S4�����-F��ꇐ�"���Ή��`�>H�T]�S�� C�{�m�K��nQ�|~a�
  "�Cqmj.��\lК9(�F��,�{no�7R�}�BWF���? �G��B�C�u��<������������s1!!S �"1��.� 㚤

  Sections

  .text

  Size: - Virtual size: 112KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 63KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 49KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 688B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .vmp0

  Size: - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .vmp1

  Size: - Virtual size: 73KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  .tls

  Size: 512B - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp2

  Size: 194KB - Virtual size: 193KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 512B - Virtual size: 312B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• x1nject.exe

  .exe windows x86

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Sections

  UPX0

  Size: - Virtual size: 452KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  UPX1

  Size: 169KB - Virtual size: 172KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 92KB - Virtual size: 96KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

• x1nject.ini