craxs[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

craxs.zip
Size

199.1MB
MD5

c38e56224b78af16d8028803bab8fedc
SHA1

d5095f9524defe57c7e3bf9926b2752d6a3f50f7
SHA256

977ce36a053ed9f0a1bbf031f81629e1c7c8bc864e8255e25ca15a7eb625930a
SHA512

9c3288a08c326f16300200bf4eb777a729736b6ea7793a34c8b42e1994933096cb618bf3a6db9f60c371880d034449d7acaa5a6e31efa8496344003deb3949f7
SSDEEP

6291456:SWD3joLK7XD9TkAm2/kdWYfg6Nw3Shp1KurkXH:SWD/7zSikdZUkp11ri

Score

7^/10

agilenet

Malware Config

Signatures

Obfuscated with Agile.Net obfuscator 1 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

Processes:

resource	yara_rule
static1/unpack001/craxs/AgileDotNet.VMRuntime.dll	agile_net

Files

craxs.zip
.zip
craxs/AgileDotNet.VMRuntime.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/ChangeLog.html
craxs/CraxsRat.exe.config
.xml
craxs/CraxsRat.pdb
craxs/CraxsRat.xml
craxs/CraxsRat3.7.1.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 66.6MB - Virtual size: 66.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/DrakeUI.Framework.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/GeoIPCitys.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/License.xml
craxs/LiveCharts.WinForms.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/LiveCharts.WinForms.pdb
craxs/LiveCharts.WinForms.xml
.xml
craxs/LiveCharts.Wpf.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/LiveCharts.Wpf.pdb
craxs/LiveCharts.Wpf.xml
.xml
craxs/LiveCharts.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/LiveCharts.pdb
craxs/LiveCharts.xml
.xml
craxs/MetroSet UI.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/NAudio.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/System.IO.Compression.ZipFile.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:cb:d9:52:06:53:bf:3e:2a:59:00:00:00:00:00:cb
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-09-2016 17:58

Not After

07-09-2018 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:5847-F761-4F70,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18-08-2016 20:17

Not After

02-11-2017 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31-08-2010 22:19

Not After

31-08-2020 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28-10-2015 20:31

Not After

28-01-2017 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77
Signer

Actual PE Digest

2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 18:59
Valid: false

14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94
Signer

Actual PE Digest

14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

05-11-2016 04:50
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/Vip.Notification.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/WinMM.Net.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
craxs/World.xml
craxs/mscorlib.dll
.dll windows x64

Code Sign

33:00:00:02:52:8b:33:aa:f8:95:f3:39:db:00:00:00:00:02:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-09-2021 18:32

Not After

01-09-2022 18:32

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e1:85:d2:f4:5f:6d:14:1a:d9:d8:04:a6:74:80:a4:59:3b:75:34:60:52:76:a9:42:33:a1:1f:62:16:94:5f:85
Signer

Actual PE Digest

e1:85:d2:f4:5f:6d:14:1a:d9:d8:04:a6:74:80:a4:59:3b:75:34:60:52:76:a9:42:33:a1:1f:62:16:94:5f:85

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 18:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
craxs/res/Audio/1.wav
craxs/res/Audio/2.wav
craxs/res/Audio/3.wav
craxs/res/Audio/4.wav
craxs/res/Audio/5.wav
craxs/res/Audio/notification.wav
craxs/res/Config/Pass.inf
craxs/res/Config/maps.inf
craxs/res/Config/supported_images.inf
craxs/res/Config/supported_text.inf
craxs/res/Config/supported_video.inf
craxs/res/Fonts/Hack-Bold.ttf
craxs/res/Fonts/Hack-BoldOblique.ttf
craxs/res/Fonts/Hack-Regular.ttf
craxs/res/Fonts/Hack-RegularOblique.ttf
craxs/res/GeoIP/Flags/-1.ico
craxs/res/GeoIP/Flags/AD.ico
craxs/res/GeoIP/Flags/AE.ico
craxs/res/GeoIP/Flags/AF.ico
craxs/res/GeoIP/Flags/AG.ico
craxs/res/GeoIP/Flags/AI.ico
craxs/res/GeoIP/Flags/AL.ico
craxs/res/GeoIP/Flags/AM.ico
craxs/res/GeoIP/Flags/AN.ico
craxs/res/GeoIP/Flags/AO.ico
craxs/res/GeoIP/Flags/AQ.ico
craxs/res/GeoIP/Flags/AR.ico
craxs/res/GeoIP/Flags/AS.ico
craxs/res/GeoIP/Flags/AT.ico
craxs/res/GeoIP/Flags/AU.ico
craxs/res/GeoIP/Flags/AW.ico
craxs/res/GeoIP/Flags/AX.ico
craxs/res/GeoIP/Flags/AZ.ico
craxs/res/GeoIP/Flags/BA.ico
craxs/res/GeoIP/Flags/BB.ico
craxs/res/GeoIP/Flags/BD.ico
craxs/res/GeoIP/Flags/BE.ico
craxs/res/GeoIP/Flags/BF.ico
craxs/res/GeoIP/Flags/BG.ico
craxs/res/GeoIP/Flags/BH.ico
craxs/res/GeoIP/Flags/BI.ico
craxs/res/GeoIP/Flags/BJ.ico
craxs/res/GeoIP/Flags/BL.ico
craxs/res/GeoIP/Flags/BM.ico
craxs/res/GeoIP/Flags/BN.ico
craxs/res/GeoIP/Flags/BO.ico
craxs/res/GeoIP/Flags/BR.ico
craxs/res/GeoIP/Flags/BS.ico
craxs/res/GeoIP/Flags/BT.ico
craxs/res/GeoIP/Flags/BW.ico
craxs/res/GeoIP/Flags/BY.ico
craxs/res/GeoIP/Flags/BZ.ico
craxs/res/GeoIP/Flags/CA.ico
craxs/res/GeoIP/Flags/CC.ico
craxs/res/GeoIP/Flags/CD.ico
craxs/res/GeoIP/Flags/CF.ico
craxs/res/GeoIP/Flags/CG.ico
craxs/res/GeoIP/Flags/CH.ico
craxs/res/GeoIP/Flags/CI.ico
craxs/res/GeoIP/Flags/CK.ico
craxs/res/GeoIP/Flags/CL.ico
craxs/res/GeoIP/Flags/CM.ico
craxs/res/GeoIP/Flags/CN.ico
craxs/res/GeoIP/Flags/CO.ico
craxs/res/GeoIP/Flags/CR.ico
craxs/res/GeoIP/Flags/CU.ico
craxs/res/GeoIP/Flags/CV.ico
craxs/res/GeoIP/Flags/CW.ico
craxs/res/GeoIP/Flags/CX.ico
craxs/res/GeoIP/Flags/CY.ico
craxs/res/GeoIP/Flags/CZ.ico
craxs/res/GeoIP/Flags/DE.ico
craxs/res/GeoIP/Flags/DJ.ico
craxs/res/GeoIP/Flags/DK.ico
craxs/res/GeoIP/Flags/DM.ico
craxs/res/GeoIP/Flags/DO.ico
craxs/res/GeoIP/Flags/DZ.ico
craxs/res/GeoIP/Flags/EC.ico
craxs/res/GeoIP/Flags/EE.ico
craxs/res/GeoIP/Flags/EG.ico
craxs/res/GeoIP/Flags/EH.ico
craxs/res/GeoIP/Flags/ER.ico
craxs/res/GeoIP/Flags/ES.ico
craxs/res/GeoIP/Flags/ET.ico
craxs/res/GeoIP/Flags/EU.ico
craxs/res/GeoIP/Flags/FI.ico
craxs/res/GeoIP/Flags/FJ.ico
craxs/res/GeoIP/Flags/FK.ico
craxs/res/GeoIP/Flags/FM.ico
craxs/res/GeoIP/Flags/FO.ico
craxs/res/GeoIP/Flags/FR.ico
craxs/res/GeoIP/Flags/GA.ico
craxs/res/GeoIP/Flags/GB.ico
craxs/res/GeoIP/Flags/GD.ico
craxs/res/GeoIP/Flags/GE.ico
craxs/res/GeoIP/Flags/GG.ico
craxs/res/GeoIP/Flags/GH.ico
craxs/res/GeoIP/Flags/GI.ico
craxs/res/GeoIP/Flags/GL.ico
craxs/res/GeoIP/Flags/GM.ico
craxs/res/GeoIP/Flags/GN.ico
craxs/res/GeoIP/Flags/GQ.ico
craxs/res/GeoIP/Flags/GR.ico
craxs/res/GeoIP/Flags/GS.ico
craxs/res/GeoIP/Flags/GT.ico
craxs/res/GeoIP/Flags/GU.ico
craxs/res/GeoIP/Flags/GW.ico
craxs/res/GeoIP/Flags/GY.ico
craxs/res/GeoIP/Flags/HK.ico
craxs/res/GeoIP/Flags/HN.ico
craxs/res/GeoIP/Flags/HR.ico
craxs/res/GeoIP/Flags/HT.ico
craxs/res/GeoIP/Flags/HU.ico
craxs/res/GeoIP/Flags/IC.ico
craxs/res/GeoIP/Flags/ID.ico
craxs/res/GeoIP/Flags/IE.ico
craxs/res/GeoIP/Flags/IL.ico
craxs/res/GeoIP/Flags/IM.ico
craxs/res/GeoIP/Flags/IN.ico
craxs/res/GeoIP/Flags/IQ.ico
craxs/res/GeoIP/Flags/IR.ico
craxs/res/GeoIP/Flags/IS.ico
craxs/res/GeoIP/Flags/IT.ico
craxs/res/GeoIP/Flags/JE.ico
craxs/res/GeoIP/Flags/JM.ico
craxs/res/GeoIP/Flags/JO.ico
craxs/res/GeoIP/Flags/JP.ico
craxs/res/GeoIP/Flags/KE.ico
craxs/res/GeoIP/Flags/KG.ico
craxs/res/GeoIP/Flags/KH.ico
craxs/res/GeoIP/Flags/KI.ico
craxs/res/GeoIP/Flags/KM.ico
craxs/res/GeoIP/Flags/KN.ico
craxs/res/GeoIP/Flags/KP.ico
craxs/res/GeoIP/Flags/KR.ico
craxs/res/GeoIP/Flags/KW.ico
craxs/res/GeoIP/Flags/KY.ico
craxs/res/GeoIP/Flags/KZ.ico
craxs/res/GeoIP/Flags/LA.ico
craxs/res/GeoIP/Flags/LB.ico
craxs/res/GeoIP/Flags/LC.ico
craxs/res/GeoIP/Flags/LI.ico
craxs/res/GeoIP/Flags/LK.ico
craxs/res/GeoIP/Flags/LR.ico
craxs/res/GeoIP/Flags/LS.ico
craxs/res/GeoIP/Flags/LT.ico
craxs/res/GeoIP/Flags/LU.ico
craxs/res/GeoIP/Flags/LV.ico
craxs/res/GeoIP/Flags/LY.ico
craxs/res/GeoIP/Flags/MA.ico
craxs/res/GeoIP/Flags/MC.ico
craxs/res/GeoIP/Flags/MD.ico
craxs/res/GeoIP/Flags/ME.ico
craxs/res/GeoIP/Flags/MF.ico
craxs/res/GeoIP/Flags/MG.ico
craxs/res/GeoIP/Flags/MH.ico
craxs/res/GeoIP/Flags/MK.ico
craxs/res/GeoIP/Flags/ML.ico
craxs/res/GeoIP/Flags/MM.ico
craxs/res/GeoIP/Flags/MN.ico
craxs/res/GeoIP/Flags/MO.ico
craxs/res/GeoIP/Flags/MP.ico
craxs/res/GeoIP/Flags/MQ.ico
craxs/res/GeoIP/Flags/MR.ico
craxs/res/GeoIP/Flags/MS.ico
craxs/res/GeoIP/Flags/MT.ico
craxs/res/GeoIP/Flags/MU.ico
craxs/res/GeoIP/Flags/MV.ico
craxs/res/GeoIP/Flags/MW.ico
craxs/res/GeoIP/Flags/MX.ico
craxs/res/GeoIP/Flags/MY.ico
craxs/res/GeoIP/Flags/MZ.ico
craxs/res/GeoIP/Flags/NA.ico
craxs/res/GeoIP/Flags/NC.ico
craxs/res/GeoIP/Flags/NE.ico
craxs/res/GeoIP/Flags/NF.ico
craxs/res/GeoIP/Flags/NG.ico
craxs/res/GeoIP/Flags/NI.ico
craxs/res/GeoIP/Flags/NL.ico
craxs/res/GeoIP/Flags/NO.ico
craxs/res/GeoIP/Flags/NP.ico
craxs/res/GeoIP/Flags/NR.ico
craxs/res/GeoIP/Flags/NU.ico
craxs/res/GeoIP/Flags/NZ.ico
craxs/res/GeoIP/Flags/OM.ico
craxs/res/GeoIP/Flags/PA.ico
craxs/res/GeoIP/Flags/PE.ico
craxs/res/GeoIP/Flags/PF.ico
craxs/res/GeoIP/Flags/PG.ico
craxs/res/GeoIP/Flags/PH.ico
craxs/res/GeoIP/Flags/PK.ico
craxs/res/GeoIP/Flags/PL.ico
craxs/res/GeoIP/Flags/PN.ico
craxs/res/GeoIP/Flags/PR.ico
craxs/res/GeoIP/Flags/PS.ico
craxs/res/GeoIP/Flags/PT.ico
craxs/res/GeoIP/Flags/PW.ico
craxs/res/GeoIP/Flags/PY.ico
craxs/res/GeoIP/Flags/QA.ico
craxs/res/GeoIP/Flags/RO.ico
craxs/res/GeoIP/Flags/RS.ico
craxs/res/GeoIP/Flags/RU.ico
craxs/res/GeoIP/Flags/RW.ico
craxs/res/GeoIP/Flags/SA.ico
craxs/res/GeoIP/Flags/SB.ico
craxs/res/GeoIP/Flags/SC.ico
craxs/res/GeoIP/Flags/SD.ico
craxs/res/GeoIP/Flags/SE.ico
craxs/res/GeoIP/Flags/SG.ico
craxs/res/GeoIP/Flags/SH.ico
craxs/res/GeoIP/Flags/SI.ico
craxs/res/GeoIP/Flags/SK.ico
craxs/res/GeoIP/Flags/SL.ico
craxs/res/GeoIP/Flags/SM.ico
craxs/res/GeoIP/Flags/SN.ico
craxs/res/GeoIP/Flags/SO.ico
craxs/res/GeoIP/Flags/SR.ico
craxs/res/GeoIP/Flags/SS.ico
craxs/res/GeoIP/Flags/ST.ico
craxs/res/GeoIP/Flags/SV.ico
craxs/res/GeoIP/Flags/SY.ico
craxs/res/GeoIP/Flags/SZ.ico
craxs/res/GeoIP/Flags/TC.ico
craxs/res/GeoIP/Flags/TD.ico
craxs/res/GeoIP/Flags/TF.ico
craxs/res/GeoIP/Flags/TG.ico
craxs/res/GeoIP/Flags/TH.ico
craxs/res/GeoIP/Flags/TJ.ico
craxs/res/GeoIP/Flags/TK.ico
craxs/res/GeoIP/Flags/TL.ico
craxs/res/GeoIP/Flags/TM.ico
craxs/res/GeoIP/Flags/TN.ico
craxs/res/GeoIP/Flags/TO.ico
craxs/res/GeoIP/Flags/TR.ico
craxs/res/GeoIP/Flags/TT.ico
craxs/res/GeoIP/Flags/TV.ico
craxs/res/GeoIP/Flags/TW.ico
craxs/res/GeoIP/Flags/TZ.ico
craxs/res/GeoIP/Flags/UA.ico
craxs/res/GeoIP/Flags/UG.ico
craxs/res/GeoIP/Flags/US.ico
craxs/res/GeoIP/Flags/UY.ico
craxs/res/GeoIP/Flags/UZ.ico
craxs/res/GeoIP/Flags/VA.ico
craxs/res/GeoIP/Flags/VC.ico
craxs/res/GeoIP/Flags/VE.ico
craxs/res/GeoIP/Flags/VG.ico
craxs/res/GeoIP/Flags/VI.ico
craxs/res/GeoIP/Flags/VN.ico
craxs/res/GeoIP/Flags/VU.ico
craxs/res/GeoIP/Flags/WF.ico
craxs/res/GeoIP/Flags/WS.ico
craxs/res/GeoIP/Flags/YE.ico
craxs/res/GeoIP/Flags/YT.ico
craxs/res/GeoIP/Flags/ZA.ico
craxs/res/GeoIP/Flags/ZM.ico
craxs/res/GeoIP/Flags/ZW.ico
craxs/res/GeoIP/Flags/_abkhazia.ico
craxs/res/GeoIP/Flags/_basque-country.ico
craxs/res/GeoIP/Flags/_british-antarctic-territory.ico
craxs/res/GeoIP/Flags/_commonwealth.ico
craxs/res/GeoIP/Flags/_england.ico
craxs/res/GeoIP/Flags/_gosquared.ico
craxs/res/GeoIP/Flags/_kosovo.ico
craxs/res/GeoIP/Flags/_mars.ico
craxs/res/GeoIP/Flags/_nagorno-karabakh.ico
craxs/res/GeoIP/Flags/_nato.ico
craxs/res/GeoIP/Flags/_northern-cyprus.ico
craxs/res/GeoIP/Flags/_olympics.ico
craxs/res/GeoIP/Flags/_red-cross.ico
craxs/res/GeoIP/Flags/_scotland.ico
craxs/res/GeoIP/Flags/_somaliland.ico
craxs/res/GeoIP/Flags/_south-ossetia.ico
craxs/res/GeoIP/Flags/_united-nations.ico
craxs/res/GeoIP/Flags/_wales.ico
craxs/res/GeoIP/GeoIP.dat
craxs/res/GeoIP/GeoIPCity.dat
craxs/res/Icons/Apps/air_translate.png
.png
craxs/res/Icons/Apps/alarm.png
.png
craxs/res/Icons/Apps/always_on_display.png
.png
craxs/res/Icons/Apps/artcanvas.png
.png
craxs/res/Icons/Apps/backup_and_restore.png
.png
craxs/res/Icons/Apps/billing.png
.png
craxs/res/Icons/Apps/bixby.png
.png
craxs/res/Icons/Apps/bixby_vision.png
.png
craxs/res/Icons/Apps/bookmark.png
.png
craxs/res/Icons/Apps/calculator.png
.png
craxs/res/Icons/Apps/calendar.png
.png
craxs/res/Icons/Apps/camera.png
.png
craxs/res/Icons/Apps/capture.png
.png
craxs/res/Icons/Apps/car_mode.png
.png
craxs/res/Icons/Apps/clock.png
.png
craxs/res/Icons/Apps/clock_bg.png
.png
craxs/res/Icons/Apps/connect.png
.png
craxs/res/Icons/Apps/contacts.png
.png
craxs/res/Icons/Apps/device_maintenance.png
.png
craxs/res/Icons/Apps/document.png
.png
craxs/res/Icons/Apps/edge_screen.png
.png
craxs/res/Icons/Apps/email.png
.png
craxs/res/Icons/Apps/enhanced_features.png
.png
craxs/res/Icons/Apps/flow.png
.png
craxs/res/Icons/Apps/galaxy_apps.png
.png
craxs/res/Icons/Apps/gallery.png
.png
craxs/res/Icons/Apps/game_launcher.png
.png
craxs/res/Icons/Apps/gear_360.png
.png
craxs/res/Icons/Apps/gear_manager.png
.png
craxs/res/Icons/Apps/health.png
.png
craxs/res/Icons/Apps/home.png
.png
craxs/res/Icons/Apps/ic_bg_container.png
.png
craxs/res/Icons/Apps/ic_bg_container_mask.png
.png
craxs/res/Icons/Apps/ic_launcher.png
.png
craxs/res/Icons/Apps/image.png
.png
craxs/res/Icons/Apps/internet.png
.png
craxs/res/Icons/Apps/keyboard.png
.png
craxs/res/Icons/Apps/knox.png
.png
craxs/res/Icons/Apps/knox_2.png
.png
craxs/res/Icons/Apps/launcher.png
.png
craxs/res/Icons/Apps/led_icon_editor.png
.png
craxs/res/Icons/Apps/link_sharing.png
.png
craxs/res/Icons/Apps/live_drawing.png
.png
craxs/res/Icons/Apps/lockscreen.png
.png
craxs/res/Icons/Apps/members.png
.png
craxs/res/Icons/Apps/memo.png
.png
craxs/res/Icons/Apps/messaging.png
.png
craxs/res/Icons/Apps/milk.png
.png
craxs/res/Icons/Apps/music.png
.png
craxs/res/Icons/Apps/my_files.png
.png
craxs/res/Icons/Apps/myfiles_list_amr.png
.png
craxs/res/Icons/Apps/myfiles_list_apk.png
.png
craxs/res/Icons/Apps/myfiles_list_contact.png
.png
craxs/res/Icons/Apps/myfiles_list_eml.png
.png
craxs/res/Icons/Apps/myfiles_list_etc.png
.png
craxs/res/Icons/Apps/myfiles_list_gallery.png
.png
craxs/res/Icons/Apps/myfiles_list_html.png
.png
craxs/res/Icons/Apps/myfiles_list_hwp.png
.png
craxs/res/Icons/Apps/myfiles_list_memo.png
.png
craxs/res/Icons/Apps/myfiles_list_music.png
.png
craxs/res/Icons/Apps/myfiles_list_pdf.png
.png
craxs/res/Icons/Apps/myfiles_list_ppt.png
.png
craxs/res/Icons/Apps/myfiles_list_raw.png
.png
craxs/res/Icons/Apps/myfiles_list_s_planner.png
.png
craxs/res/Icons/Apps/myfiles_list_scrapbook.png
.png
craxs/res/Icons/Apps/myfiles_list_sdoc.png
.png
craxs/res/Icons/Apps/myfiles_list_snb.png
.png
craxs/res/Icons/Apps/myfiles_list_spd.png
.png
craxs/res/Icons/Apps/myfiles_list_storyalbum.png
.png
craxs/res/Icons/Apps/myfiles_list_task.png
.png
craxs/res/Icons/Apps/myfiles_list_txt.png
.png
craxs/res/Icons/Apps/myfiles_list_video.png
.png
craxs/res/Icons/Apps/myfiles_list_vtext.png
.png
craxs/res/Icons/Apps/myfiles_list_word.png
.png
craxs/res/Icons/Apps/myfiles_list_xls.png
.png
craxs/res/Icons/Apps/myfiles_list_zip.png
.png
craxs/res/Icons/Apps/myfiles_thumb_folder_home.png
.png
craxs/res/Icons/Apps/notes.png
.png
craxs/res/Icons/Apps/optical_reader.png
.png
craxs/res/Icons/Apps/pass.png
.png
craxs/res/Icons/Apps/pay.png
.png
craxs/res/Icons/Apps/penup.png
.png
craxs/res/Icons/Apps/phone.png
.png
craxs/res/Icons/Apps/phone_log.png
.png
craxs/res/Icons/Apps/photo360_editor.png
.png
craxs/res/Icons/Apps/photo_editor.png
.png
craxs/res/Icons/Apps/protect.png
.png
craxs/res/Icons/Apps/recorder_audio.png
.png
craxs/res/Icons/Apps/reminder.png
.png
craxs/res/Icons/Apps/s_health.png
.png
craxs/res/Icons/Apps/s_protect.png
.png
craxs/res/Icons/Apps/s_translator.png
.png
craxs/res/Icons/Apps/samsung_pay.png
.png
craxs/res/Icons/Apps/secure_folder.png
.png
craxs/res/Icons/Apps/settings.png
.png
craxs/res/Icons/Apps/smart_switch.png
.png
craxs/res/Icons/Apps/smart_view.png
.png
craxs/res/Icons/Apps/soundcamp.png
.png
craxs/res/Icons/Apps/story_album.png
.png
craxs/res/Icons/Apps/svoice.png
.png
craxs/res/Icons/Apps/theme_store.png
.png
craxs/res/Icons/Apps/translator.png
.png
craxs/res/Icons/Apps/video_editor.png
.png
craxs/res/Icons/Apps/video_library.png
.png
craxs/res/Icons/FillEllipse/Account.png
.png
craxs/res/Icons/FillEllipse/CLICKED.png
.png
craxs/res/Icons/FillEllipse/FOCUSED.png
.png
craxs/res/Icons/FillEllipse/Incoming.png
.png
craxs/res/Icons/FillEllipse/LONG CLICKED.png
.png
craxs/res/Icons/FillEllipse/Missed.png
.png
craxs/res/Icons/FillEllipse/NA.png
.png
craxs/res/Icons/FillEllipse/NOTIFICATION.png
.png
craxs/res/Icons/FillEllipse/Outgoing.png
.png
craxs/res/Icons/FillEllipse/System.png
.png
craxs/res/Icons/FillEllipse/TEXT.png
.png
craxs/res/Icons/FillEllipse/User.png
.png
craxs/res/Icons/FillEllipse/WINDOW CHANGED.png
.png
craxs/res/Icons/FillEllipse/null.png
.png
craxs/res/Icons/Menu_Items/17/account.png
.png
craxs/res/Icons/Menu_Items/17/add.png
.png
craxs/res/Icons/Menu_Items/17/applications.png
.png
craxs/res/Icons/Menu_Items/17/callphone.png
.png
craxs/res/Icons/Menu_Items/17/calls.png
.png
craxs/res/Icons/Menu_Items/17/camera.png
.png
craxs/res/Icons/Menu_Items/17/clipboard.png
.png
craxs/res/Icons/Menu_Items/17/contacts.png
.png
craxs/res/Icons/Menu_Items/17/copy.png
.png
craxs/res/Icons/Menu_Items/17/cut.png
.png
craxs/res/Icons/Menu_Items/17/decode.png
.png
craxs/res/Icons/Menu_Items/17/delete.png
.png
craxs/res/Icons/Menu_Items/17/download.png
.png
craxs/res/Icons/Menu_Items/17/downloads.png
.png
craxs/res/Icons/Menu_Items/17/edit.png
.png
craxs/res/Icons/Menu_Items/17/encrypt.png
.png
craxs/res/Icons/Menu_Items/17/folder.png
.png
craxs/res/Icons/Menu_Items/17/hidden.png
.png
craxs/res/Icons/Menu_Items/17/info.png
.png
craxs/res/Icons/Menu_Items/17/keylogger.png
.png
craxs/res/Icons/Menu_Items/17/location.png
.png
craxs/res/Icons/Menu_Items/17/microphone.png
.png
craxs/res/Icons/Menu_Items/17/open.png
.png
craxs/res/Icons/Menu_Items/17/paste.png
.png
craxs/res/Icons/Menu_Items/17/paths.png
.png
craxs/res/Icons/Menu_Items/17/playsound.png
.png
craxs/res/Icons/Menu_Items/17/refresh.png
.png
craxs/res/Icons/Menu_Items/17/rename.png
.png
craxs/res/Icons/Menu_Items/17/server.png
.png
craxs/res/Icons/Menu_Items/17/show.png
.png
craxs/res/Icons/Menu_Items/17/sms.png
.png
craxs/res/Icons/Menu_Items/17/terminal.png
.png
craxs/res/Icons/Menu_Items/17/unzip.png
.png
craxs/res/Icons/Menu_Items/17/upload.png
.png
craxs/res/Icons/Menu_Items/17/viewfile.png
.png
craxs/res/Icons/Menu_Items/17/wallpaper.png
.png
craxs/res/Icons/Menu_Items/17/zip.png
.png
craxs/res/Icons/apk.ico
craxs/res/Icons/win/1.ico
craxs/res/Icons/win/10.ico
craxs/res/Icons/win/11.ico
craxs/res/Icons/win/12.ico
craxs/res/Icons/win/13.ico
craxs/res/Icons/win/14.ico
craxs/res/Icons/win/15.ico
craxs/res/Icons/win/16.ico
craxs/res/Icons/win/17.ico
craxs/res/Icons/win/18.ico
craxs/res/Icons/win/19.ico
craxs/res/Icons/win/2.ico
craxs/res/Icons/win/20.ico
craxs/res/Icons/win/3.ico
craxs/res/Icons/win/4.ico
craxs/res/Icons/win/5.ico
craxs/res/Icons/win/6.ico
craxs/res/Icons/win/7.ico
craxs/res/Icons/win/8.ico
craxs/res/Icons/win/9.ico
craxs/res/Lib/platformBinary.zip
.zip
craxs/res/Plugins/Android/gen-1.pl
.dex
craxs/res/Plugins/Android/gen-2.pl
craxs/res/Plugins/Android/gen-3.pl
craxs/res/Plugins/Android/gen-4.pl
.dex
craxs/res/Plugins/Android/gen-5.pl
.dex
craxs/res/Plugins/Android/gen-6.pl
craxs/res/Plugins/Android/gen-7.pl
craxs/res/Plugins/Android/gen-8.pl

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 48KB - Virtual size: 48KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 66.6MB - Virtual size: 66.6MB

.rsrc Size: 164KB - Virtual size: 163KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 189KB - Virtual size: 189KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 17KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 210KB - Virtual size: 210KB

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 146KB - Virtual size: 146KB

.rsrc Size: 1024B - Virtual size: 912B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

.text
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 66.6MB - Virtual size: 66.6MB

.rsrc
Size: 164KB - Virtual size: 163KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.6MB - Virtual size: 1.6MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 189KB - Virtual size: 189KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 210KB - Virtual size: 210KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 146KB - Virtual size: 146KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 433KB - Virtual size: 433KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 496KB - Virtual size: 495KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 512B - Virtual size: 12B

33:00:00:00:cb:d9:52:06:53:bf:3e:2a:59:00:00:00:00:00:cb
Certificate

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77
Signer

09-03-2023 18:59
Valid: false

14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94
Signer

05-11-2016 04:50
Valid: false

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 41KB - Virtual size: 41KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 12B

33:00:00:02:52:8b:33:aa:f8:95:f3:39:db:00:00:00:00:02:52
Certificate