6f9bf32eaebb81c5b8779a5176d61945e640add5e66ebef5ae1dcc3dc09da948

Sharing

Copy URL Twitter E-mail

General

Target

6f9bf32eaebb81c5b8779a5176d61945e640add5e66ebef5ae1dcc3dc09da948
Size

3.7MB
MD5

99e091a986512a55fac78054d082b492
SHA1

22f0331c999adb7be05b976356edc7d74440da54
SHA256

6f9bf32eaebb81c5b8779a5176d61945e640add5e66ebef5ae1dcc3dc09da948
SHA512

2ce1d53f13482aa0a0bb3554788357e70db8a202b0300db6cc62d22fbf0d8fe9685d6b4babd6c42a10592090be55032a15d9127cf7735ffce851656822d4ae95
SSDEEP

98304:+vOfjD6liE7QUVcqTHkWy7id0Igv0tjBZ0U:6ObeckjLoid0IFt1mU

Score

N/A

Malware Config

Signatures

Files

6f9bf32eaebb81c5b8779a5176d61945e640add5e66ebef5ae1dcc3dc09da948
.exe windows x86

5655b4c1a7c2bb9cecd52577c6cea0c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

az

________AZ
______A2
______A3
_______AZ
______AZ
______A1

login

________V

kernel32

WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
�6�>h��f�l��n2$�n��n*f�6�f��`7� f� �f��n2$�n��n*f�6n� f�6�� f� ��9n�h�<�h��l�l� �� A�n�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
WideCharToMultiByte
SizeofResource
GetEnvironmentVariableA
GetExitCodeProcess
VirtualQueryEx
VirtualProtectEx
GetConsoleCP
GetTimeZoneInformation
SetEnvironmentVariableA
CompareStringW
LockResource
LoadResource
FindResourceA
ExitProcess
GetProcAddress
QueryPerformanceCounter
LoadLibraryA
%d#��Z��ng��n�%��,&�� H��nfA��5,&�n ��n��o��f+a,��S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
GetWindowsDirectoryA
WritePrivateProfileStringA
GetModuleFileNameA
GetModuleHandleA
CopyFileA
InterlockedDecrement
GetPrivateProfileStringA
GetPrivateProfileIntA
LocalAlloc
lstrlenA
- ��.��jeA��句��`%�a��l�% ��l�U[��l�Y�M��l��h�Q�n�%��嵍�� h�]�n�%��w��n�Y�u�� j��f
LocalFree
Sleep
TerminateThread
ResumeThread
GetSystemDirectoryA
DeleteFileA
CloseHandle
OpenProcess
VirtualAllocEx
A��句��`%�a��l�% ��l�U[��l�Y�M��l��h�Q�n�%��嵍�� h�]�n�%��w��n�Y�u�� j��f
lstrcmpiA
ReadProcessMemory
GetCurrentProcess
DeviceIoControl
CreateFileA
CreateProcessA
CreateMutexA
GetLastError
MultiByteToWideChar
MulDiv
VirtualFree
HeapCreate
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
GetACP
GetFileType
SetStdHandle
HeapSize
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
HeapReAlloc
��
HeapAlloc
��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
lstrlenW
GlobalUnlock
GlobalLock
GetCommandLineA
CreateDirectoryA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
FindResourceExA
VirtualProtect
GetFileTime
GetFileSizeEx
FileTimeToLocalFileTime
GetProfileIntA
o��f+a,��S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
GetTempPathA
GetTempFileNameA
SetErrorMode
GetFullPathNameA
`7� f� �f��n2$�n��n*f�6n� f�6�� f� ��9n�h�<�h��l�l� �� A�n�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
FindFirstFileA
FindClose
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
MoveFileA
GetFileSize
GetFileAttributesA
lstrcpyA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
ng��n�%��,&�� H��nfA��5,&�n ��n��o��f+a,��S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
InterlockedIncrement
GetModuleHandleW
FileTimeToSystemTime
GetThreadLocale
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
SetThreadPriority
GetCurrentProcessId
GetModuleFileNameW
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
SetLastError
GlobalFree
;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
GlobalAlloc
LoadLibraryA
GetProcAddress
GetLastError
%d#��Z��ng��n�%��,&�� H��nfA��5,&�n ��n��o��f+a,��S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
TerminateProcess
GetCurrentProcess
DeleteCriticalSection
LoadLibraryW
CreateEventW
CompareStringW
SetLastError
GetModuleHandleA
VirtualProtect
GetTickCount
EnterCriticalSection
LeaveCriticalSection
VirtualFree
VirtualAlloc
A��句��`%�a��l�% ��l�U[��l�Y�M��l��h�Q�n�%��嵍�� h�]�n�%��w��n�Y�u�� j��f
CreateToolhelp32Snapshot
GetCurrentProcessId
GetCurrentThreadId
Thread32First
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
GetSystemInfo
LoadResource
MultiByteToWideChar
WideCharToMultiByte
FindResourceExW
FindResourceExA
GetThreadLocale
GetUserDefaultLCID
�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
HeapAlloc
��
HeapDestroy
HeapCreate
vU��[��+�)r��
GetLocalTime
SystemTimeToFileTime
CompareFileTime
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
Sleep
ExitProcess
SetHandleCount
GetFileType
��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
HeapSize
SetFilePointer
GetConsoleCP
�6�>h��f�l��n2$�n��n*f�6�f��`7� f� �f��n2$�n��n*f�6n� f�6�� f� ��9n�h�<�h��l�l� �� A�n�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
VirtualQuery
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MapVirtualKeyExA
IsCharLowerA
GetMenuDefaultItem
SetMenuDefaultItem
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetCursorPos
DrawIconEx
DrawFrameControl
��
UnpackDDElParam
ReuseDDElParam
InsertMenuItemA
TranslateAcceleratorA
�l4z;.�~t�n��
InvalidateRgn
SetRect
CharNextA
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageA
DestroyIcon
CopyImage
�
DrawStateA
EnumChildWindows
LockWindowUpdate
BringWindowToTop
IsRectEmpty
IsMenu
GetSystemMenu
SetClassLongA
NotifyWinEvent
SetWindowRgn
CreateAcceleratorTableA
LoadAcceleratorsA
DestroyAcceleratorTable
GetAsyncKeyState
CharUpperA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CopyAcceleratorTableA
PostThreadMessageA
LoadMenuA
DeleteMenu
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
InvalidateRect
SetRectEmpty
UnregisterClassA
� ��h�]�n�%��w��n�Y�u�� j��f
GetSysColorBrush
ShowOwnedPopups
SetCursor
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatA
MessageBeep
RedrawWindow
IsZoomed
�h`U��h`U�h`U��Տ��hpU��f��l`I��h�]��]n�%�PI��PI��hpU��`%�򏀵�`%��5�h�-��,&h�- ��d��\��n�%d"��#�#��A#��&n�U�d��n�Qn�%d#��Z��ng��n�%��,&�� H��nfA��5,&�n ��n��o��f+a,��S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
DestroyMenu
GetMenuItemInfoA
2$�n��n*f�6�f��`7� f� �f��n2$�n��n*f�6n� f�6�� f� ��9n�h�<�h��l�l� �� A�n�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
GetMessageA
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
IsClipboardFormatAvailable
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
MoveWindow
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
��l�Y�M��l��h�Q�n�%��嵍�� h�]�n�%��w��n�Y�u�� j��f
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetNextDlgTabItem
EndDialog
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
EnableWindow
LoadIconA
SendMessageA
GetWindowRect
MessageBoxA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ScrollWindow
TrackPopupMenu
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
FrameRect
GetUpdateRect
CharUpperBuffA
CopyIcon
SubtractRect
GetIconInfo
GetDoubleClickTime
GetKeyState
��n��
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
�dި��n��d۵�� n&�&�n f
UpdateWindow
PostMessageA
CreateWindowExA
GetClassInfoExA
CreateMenu
GetWindowRgn
DestroyCursor
ClientToScreen
EnumWindows
SetTimer
SetWindowTextA
IsWindow
IsWindowVisible
ShowWindow
GetCursorPos
CreatePopupMenu
AppendMenuA
SetForegroundWindow
KillTimer
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetParent
IsIconic
GetLastActivePopup
SetParent
GetClientRect
GetSystemMetrics
��H��nfA��5,&�n ��n��o��f+a,��S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuA
GetMenuItemID
GetMenuStringA
GetMenuState
S,��n$�#4M��d�f]4��o�a,�;�n#5��,'�� ^��=��>�dި��n��d۵�� n&�&�n f
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetWindowLongA
GetMenu
PtInRect
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
CopyRect
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
DrawFocusRect
MessageBoxW
CharUpperBuffW

gdi32

SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
GetTextExtentPoint32A
GetTextMetricsA
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
DeleteObject
OffsetRgn
GetRgnBox
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateRoundRectRgn
GetTextColor
SetDIBColorTable
GetDIBits
RealizePalette
StretchBlt
SetPixel
CreateDIBSection
9n�h�<�h��l�l� �� A�n�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
CreateEllipticRgn
CreatePolygonRgn
Polyline
Ellipse
Polygon
Rectangle
RoundRect
CreatePalette
GetPaletteEntries
GetWindowOrgEx
PtInRegion
FillRgn
FrameRgn
g��
GetViewportOrgEx
LPtoDP
ExtFloodFill
SetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
��ޡj��n��
GetTextFaceA
SetPixelV
CreateCompatibleBitmap
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
PatBlt
CreateRectRgnIndirect
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
GetDeviceCaps
CopyMetaFileA

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

LookupPrivilegeValueA
l��h�Q�n�%��嵍�� h�]�n�%��w��n�Y�u�� j��f
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
OpenProcessToken

shell32

DragFinish
SHAppBarMessage
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteA
DragQueryFileA
Shell_NotifyIconA
SHGetFileInfoA

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathRemoveFileSpecW
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathFileExistsA
PathIsUNCA

oledlg

ord8

ole32

OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoGetClassObject
DoDragDrop
CLSIDFromString
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
OleGetClipboard
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
�l� �� A�n�n�� nn� �l� �7n=$�n��n-f�6n� e�7�6� �f� ��8n� � �m��ޠ��g
IsAccelerator
RevokeDragDrop
CoLockObjectExternal
CreateStreamOnHGlobal
RegisterDragDrop
CoTaskMemFree
OleRun
CoCreateInstance
CLSIDFromProgID

oleaut32

SysAllocStringByteLen
VariantInit
VariantCopy
SysStringLen
VariantChangeType
SysAllocStringLen
SysFreeString
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
GetErrorInfo
VariantClear

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

Exports

Exports

��M�RO<��:�/��P�P��G��Y~',�̿y��b�Y�I:WeY�O7��*��%��OhhÕ�@�� ڗ��Ew�bH/#)&�ю[`6$r�dkNx�`�M��$$��C�Q�^��*�%��+QY�')��YB!��k6�.�ָ��q�R��pv�^[�{Z��@?e��[3��zsN#Zr�[8�(0R��-K=�68� C 1�I�y��i�@��Y�=9�k�z�I��]`��y�ؐ�"�89�+3�ȁZw�d��csG��Jal{�qTf�:�]�c>��h#G�&MO��U ��%=�Bt?��Í��oXK�� ?B�5c�n�M2�dcΕ��):W��b2��4&��=r�a��2L�lk-}N�N��E]�hĖƌ\��z�[�h��zRC�y��.1��߽ J)�'d��Y�V=2�0&�嵉qɍ��Wq�UOE��>݋��M �M��{CE�|/A 5��P�� '��˰_>��0[�(Խ��'�nq��q��xʳ��<Dt�Z|��|��K��]䈥(U�-��0��2?2.bD��ʅ��{+V��m#c^h��M�ݠ?��[�Cǫ�;��U��C�ۯD!�K��[��R�"�(��1��7�McU,�6�83��-��4;�8��2��}~��_' ;OD��x4{�|�M��+~��foiص��D`dSl�x�>�i�1Wŵ�yI�V�O9��M+S��_^�a��v ��9F"<�K�$N��qQ��+��ac^��C��΅�7�Ҳ��:�)pX�Q� �xb~9(��3�6i4YiϤ��S��^��H��?)3M:?�f�FjV$�E!ً��A�Y��b�N;��U�e�ȱ�p�P�+�n�B�k2,��*��u��Q��v�ڜ$z�С��C�qؙy 3�ՇT��8l� 4{��dˡs��_,C4�!eU�%MoQ@�)L-(vW��H��0�i^�"��u�h�Su�a�5�ﭭG~��7�KQTU�g��O+��r�F�$JwA!��ϰr��_��H_+�I�#��خn�Lt}��F/��'��4�rz��Z9 {L X@�wZW�dY�~� ��]�U�=��;�T�.�c/F��r� |��g� �O��&+� (f�b��G��81�tXv��)V!J/zn�ч�r��|అg^�e��v�8�<��n$L{�@�q]�ĕ0x �W�K��!�¨��V��f�|�}#��*��~�K�E�ЊDCR��y��Ͻ�G��'��y��3^+3�J��-t��~��ͼ�??:s �;�m~�M��)@��V�_�6��H 9`X幇3��|&��U�)�IǙ�_%Q��r�>��YܫW� ghb4�� 4*� ��j��".L��t��LP��+�8<��p9��Ta��6<2i�(�q��.�r�KK�N��{7�h��Z��ܴ_�ދÖ ��h�\�N|��l�zqC:��~o�>8�s>o�̣�|&�`�V�= ؁�h`;A��km��μF��A9��'v2j]$0y�;'��:$t8;�/%X9� ��6w��^��a��=�Db��5��X� �;��9�j��cm��Bǰ�(P2\�B&��_�Ɔ1ʭk�@��! �*��AWD�P��cV�t��hb��'�rU��!��<�FÌ��݄xY��π�� +FoyP�饦eXW��-)��[Z~]N.��0/o�j"��&OB�t�� FvNt�Ptt�Uǀ�g?��b�I^~^�f��_j�nv��g��q�~:�Ӥ��C!~8TZt'NF��^��\��aA�Y�m��9��k[ h��ޝ7x��Qq �[i��E�P�� 94�KAg��N�a��ûE��M��]XT��{��}r�;^"��%��:��Ұ��Bp��(JN�J��U��Y�9 ?&W�H=@U��b>��N� �Yȑ�`ߝ�1 �/��W^Js�l�B��A��q�3 #��Ytk��^��;ƕ�ؗ`�P�u'DK2��A��͂K�2KGԚ"d^Q�k�!ONck��Q��@�~�1�טA�W�JSs��u��׀]��[)�W��$��&X��Ih�Ց8�C�vԿ��/j��g��V6��S� �t�ˋ�?Z�`��9ꍢ<��WN�v,Zu�Q�!�{8e��\�� ǵ��b(�D��]�/�aP�6��,s��@۬o)޽g�FY��NB��n�D� u�:��h��_��C�@?]k� ��@rb��L��vv�X��8+��U�]gu!��sA��ō ��?��V֚��:��V񾱍M��5yP�lՔw�QD��,&�'7��E �,۴�ұF�>��G{�?�c�~q6U�\�*��|9pr��v�0�OQ�I��0 �[<|�q�6/[ �=�LC�� ڪ�/�'�E�R��c<K��|d�y��|�aݨ�Q�=��K�˪E5~�!lʞu��l"ɱx��"|��Gl|��=��=�h�#�e� ս#�i��p�P��A#d%`>-�_L%_"m� cQ�D^V��XU��tIf8�IM��fr��NV��`�Fn6��5��[�C�t~^��!Cf��DE%-��>B�p�W��ı��W��uvk�9�Inl��>� e��hbD�{P��"��&��y�+�D�@�t�K"��].�0�5��F��K��Jw�yp�w�@&��^~��C�V��T�2&�A2��7c`h��~X�~y��3��2ڜ��%��V��'Ь��ދ�

Sections

.text
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V0
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.V1
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5655b4c1a7c2bb9cecd52577c6cea0c2

Headers

DLL Characteristics

File Characteristics

Imports

az

login

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: - Virtual size: 1.2MB

.rdata Size: - Virtual size: 283KB

.data Size: - Virtual size: 61KB

.V0 Size: - Virtual size: 2.7MB

.tls Size: 512B - Virtual size: 24B

.V1 Size: 3.5MB - Virtual size: 3.5MB

.reloc Size: 512B - Virtual size: 308B

.rsrc Size: 198KB - Virtual size: 197KB

.text
Size: - Virtual size: 1.2MB

.rdata
Size: - Virtual size: 283KB

.data
Size: - Virtual size: 61KB

.V0
Size: - Virtual size: 2.7MB

.tls
Size: 512B - Virtual size: 24B

.V1
Size: 3.5MB - Virtual size: 3.5MB

.reloc
Size: 512B - Virtual size: 308B

.rsrc
Size: 198KB - Virtual size: 197KB