e791944ed4787d54f1dd024afea24ce68014cadc60716113ab4fe40abd4875f5

Sharing

Copy URL Twitter E-mail

General

Target

e791944ed4787d54f1dd024afea24ce68014cadc60716113ab4fe40abd4875f5
Size

1.9MB
MD5

d302ce87f8810abb52f6fd9d475fba7f
SHA1

a3e75f43550a7c81ce3b3b1cfc85b80b3bf22983
SHA256

e791944ed4787d54f1dd024afea24ce68014cadc60716113ab4fe40abd4875f5
SHA512

80989d96503cfb538fc05fff9520d9e4483c45aebf8b2611987df0e10d695e64e00e6a7661d7e8cc9115c8ea1679fe1efa960dc87d9a0fea27d61c6870924ad2
SSDEEP

49152:hyPi81KPwXU4B+4MwDz1r1qiCeKE1fLqAcsPOk:JhU1paEfDcsP

Score

1^/10

Malware Config

Signatures

Files

e791944ed4787d54f1dd024afea24ce68014cadc60716113ab4fe40abd4875f5
.exe windows x86

78596c88cb42c3056483a6c099a9dfa1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
GetFileAttributesW
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
FlushInstructionCache
OpenProcess
GetLocalTime
GetVersion
GetVersionExW
lstrcmpiW
MoveFileExW
FreeConsole
AttachConsole
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetEvent
WaitForSingleObject
OpenMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ExitProcess
LocalFree
SystemTimeToTzSpecificLocalTime
LocalAlloc
WritePrivateProfileStringW
InitializeCriticalSection
GetPrivateProfileStringW
ResetEvent
GetPrivateProfileSectionNamesW
GetLongPathNameW
WaitNamedPipeW
CreateProcessW
GetStartupInfoW
GetModuleHandleA
GetFileSizeEx
GetTempPathA
GetExitCodeThread
GetSystemWindowsDirectoryA
GetFileAttributesExW
WaitForMultipleObjects
CreateThread
GetExitCodeProcess
VerSetConditionMask
VerifyVersionInfoW
DeviceIoControl
ResumeThread
CopyFileW
GetSystemWindowsDirectoryW
VirtualProtect
OutputDebugStringW
GlobalMemoryStatusEx
GlobalUnlock
GlobalLock
MulDiv
lstrcmpW
FindNextFileW
SetFilePointer
TlsAlloc
TlsFree
CreateTimerQueueTimer
DeleteTimerQueueTimer
SetCurrentDirectoryW
FreeResource
ReleaseMutex
GetDriveTypeW
ProcessIdToSessionId
FindFirstFileW
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
DuplicateHandle
FreeLibraryAndExitThread
GetCurrentThread
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
ChangeTimerQueueTimer
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OpenThread
HeapWalk
HeapUnlock
HeapLock
SetFilePointerEx
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateFileA
TryEnterCriticalSection
QueryPerformanceCounter
LCMapStringW
GetStringTypeW
FormatMessageW
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
IsDebuggerPresent
FindClose
SetEndOfFile
GetFileSize
GetFileInformationByHandle
GetFileTime
MoveFileW
lstrlenW
GetWindowsDirectoryW
GetSystemDirectoryW
CloseHandle
GetTempPathW
SetFileAttributesW
RemoveDirectoryW
GetTempFileNameW
GetFullPathNameW
DeleteFileW
CreateDirectoryW
WriteFile
ReadFile
MultiByteToWideChar
LoadLibraryW
GetModuleFileNameW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleW
FindResourceExW
TlsSetValue
TlsGetValue
GetCurrentProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapDestroy
RaiseException
SearchPathW
ExpandEnvironmentStringsW
WideCharToMultiByte
SetThreadAffinityMask
GlobalAlloc
LoadLibraryExW
GetProcAddress
FreeLibrary
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
GetThreadTimes
TerminateProcess
CreateSemaphoreW
Sleep
CreateEventW
CreateMutexW
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
HeapFree
HeapReAlloc
HeapAlloc
SetLastError
GetLastError
FileTimeToLocalFileTime
CreateFileW

user32

PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
MessageBoxW
GetActiveWindow
GetWindowTextLengthW
SetRectEmpty
OffsetRect
InflateRect
GetDC
IsWindowEnabled
GetWindowTextW
IsDlgButtonChecked
DialogBoxParamW
FindWindowExW
PrivateExtractIconsW
DestroyIcon
UpdateWindow
IsZoomed
EndDialog
GetWindowDC
ReleaseDC
CallWindowProcW
SetCursor
GetCursorPos
ClientToScreen
PtInRect
LoadCursorW
DrawTextW
GetSysColor
SendMessageTimeoutW
WaitForInputIdle
SetLayeredWindowAttributes
AttachThreadInput
DefWindowProcW
RegisterClassW
UnregisterClassW
GetClassInfoW
DestroyWindow
ShowWindow
ShowWindowAsync
CreateDialogParamW
CharNextW
SetFocus
GetKeyboardState
keybd_event
SetActiveWindow
GetForegroundWindow
LoadIconW
GetMessageTime
RegisterClassExW
GetClassInfoExW
ScrollWindow
DrawIconEx
SetCapture
ReleaseCapture
IsRectEmpty
UnionRect
EqualRect
GetFocus
GetKeyState
SetCursorPos
SystemParametersInfoW
RegisterWindowMessageW
IsChild
CreateAcceleratorTableW
DestroyAcceleratorTable
InvalidateRgn
RedrawWindow
FillRect
GetDesktopWindow
MoveWindow
SetRect
wsprintfW
KillTimer
SetTimer
EnableWindow
BringWindowToTop
IsWindow
GetClassNameW
GetIconInfo
SetForegroundWindow
AllowSetForegroundWindow
SetWindowLongW
FindWindowW
GetWindowThreadProcessId
SetWindowPos
CopyRect
GetWindowLongW
SendMessageW
CreateWindowExW
IsWindowVisible
PostQuitMessage
GetLastActivePopup
GetDlgItem
SetDlgItemTextW
CheckDlgButton
GetDlgItemTextW
GetMonitorInfoW
MonitorFromWindow
LoadImageW
IsDialogMessageW
ExitWindowsEx
GetDlgCtrlID
AdjustWindowRectEx
GetSystemMetrics
BeginPaint
EndPaint
InvalidateRect
SetWindowTextW
GetClientRect
GetWindowRect
ScreenToClient
MapWindowPoints
GetParent
GetWindow

gdi32

LineTo
SetViewportOrgEx
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetTextExtentPointW
DeleteDC
MoveToEx
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
GetStockObject
SelectObject
CreatePen
DeleteObject
Rectangle
GetBkColor
GetTextColor
CreateSolidBrush
RoundRect
CreateDCW
PatBlt
GetObjectW
CreateBitmap
GetDIBits
CreateFontW
GetTextExtentPointA
GetDeviceCaps
GetTextMetricsA
SetBkMode
GetTextMetricsW
SetTextColor

advapi32

RegQueryValueExA
LookupAccountSidW
RevertToSelf
ImpersonateLoggedOnUser
DuplicateTokenEx
CreateProcessAsUserW
GetTokenInformation
StartServiceW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid
RegCreateKeyW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
QueryServiceStatus
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
CloseServiceHandle
ChangeServiceConfigW
RegOpenKeyW
RegQueryInfoKeyW
RegEnumKeyExW
GetUserNameW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW

shell32

SHGetDesktopFolder
ord190
ord155
ord25
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW
CommandLineToArgvW
SHCreateDirectoryExW
SHChangeNotify
ord165
ExtractIconExW

ole32

OleUninitialize
StringFromGUID2
CoUninitialize
CLSIDFromString
CoGetClassObject
CreateStreamOnHGlobal
OleInitialize
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
OleLockRunning
CLSIDFromProgID

oleaut32

SysStringByteLen
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocString
SafeArrayCreate
SafeArrayPutElement
VariantChangeType
LoadTypeLi
LoadRegTypeLi
SysAllocStringLen
DispCallFunc
OleCreateFontIndirect
VarUI4FromStr
VariantInit

shlwapi

PathFileExistsW
PathIsDirectoryW
PathAppendW
SHGetValueW
StrChrW
StrStrIW
PathIsRelativeW
PathRemoveFileSpecW
SHDeleteValueW
SHSetValueW
PathAddBackslashW
SHSetValueA
PathRemoveBackslashA
PathIsFileSpecW
StrCmpIW
wnsprintfW
PathFindExtensionW
PathGetDriveNumberW
PathFindFileNameW
PathCombineW

ws2_32

WSAIoctl
WSASocketW
inet_addr
ntohl
htonl

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
EnumProcesses

comctl32

InitCommonControlsEx
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_Draw
_TrackMouseEvent

msimg32

AlphaBlend

ntdll

RtlDllShutdownInProgress

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateProcessesW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

urlmon

URLDownloadToFileW

setupapi

SetupIterateCabinetW

wininet

DeleteUrlCacheEntryW

iphlpapi

GetAdaptersInfo
GetFriendlyIfIndex
GetIpAddrTable
GetBestRoute

rasapi32

RasEnumConnectionsW
RasGetProjectionInfoW
RasGetEntryPropertiesW

gdiplus

GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipFree
GdipCreateBitmapFromHBITMAP
GdipGetImageEncoders
GdipCloneImage
GdipCreateFromHDC
GdipGetImageEncodersSize
GdipDeleteGraphics
GdipDrawImageRectI
GdipBitmapUnlockBits

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust

crypt32

CertGetNameStringW

msvcrt

abs
fabs
frexp
strcspn
exit
atoi
wcscpy
wcsncat
wcsncpy
_wfopen
_beginthreadex
towlower
wcsrchr
_itow
wcsftime
_mktime64
_wtol
strrchr
strstr
_wcslwr
strcat
strcpy
_localtime64
wcscat
isalpha
isdigit
tolower
_mbschr
_mbscmp
_mbsstr
fflush
fgetc
fgetpos
fread
fsetpos
setvbuf
ungetc
??0exception@@QAE@XZ
strchr
atof
_time64
fgets
wcsncmp
_resetstkoflw
srand
rand
isalnum
_wcsdup
labs
wcscspn
wcsspn
__uncaught_exception
setlocale
isspace
_wfsopen
fseek
realloc
abort
modf
malloc
localeconv
___lc_handle_func
_cexit
_amsg_exit
__wgetmainargs
atexit
__setusermatherr
_initterm
_exit
_c_exit
__p__commode
_stricmp
_strlwr
_strnicmp
_CIexp
_CIsqrt
__RTDynamicCast
memcmp
__DestructExceptionObject
memchr
_lseeki64
___lc_codepage_func
_lock
_unlock
_iob
__pctype_func
iswctype
___mb_cur_max_func
wcstol
strtol
_wcsupr
_control87
_XcptFilter
ldexp
_CxxThrowException
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBD@Z
fclose
__dllonexit
__set_app_type
_wcmdln
_fmode
_isatty
_fileno
mbtowc
strtod
_CIlog10
ceil
_clearfp
?terminate@@YAXXZ
time
_wcstoui64
_msize
strlen
free
??2@YAPAXI@Z
??3@YAXPAX@Z
_wcsnicmp
_wcsicmp
wcspbrk
wcslen
wcscmp
wcsstr
wcschr
memmove
iswspace
_wtoi
_errno
??_V@YAXPAX@Z
??_U@YAPAXI@Z
memset
memcpy
fputc
fwrite
calloc
__CxxFrameHandler
pow

msvcp60

_Getctype
_Tolower
_Wcrtomb
_Toupper
_Getcvt
_Mbrtowc

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

xvxct
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ossve
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jmgmk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvjkr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wvvlb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dmseh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uctvo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

econu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ruoid
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mweaj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bhtxq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xhmpx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gmslfk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

psjfmk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ouobtl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rerucm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fkuqim
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xvolpn
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsqgwo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ccfcfo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wcoxlp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvvqsq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hdambq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ajahhr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qifcos
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wqemwt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kbqugt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uvopnu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

quxluv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dhdhdv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bcmdjw
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rlfaqx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mimuxx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gpdaha
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wqqgpb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wtxewc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wqeaec
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cjuvld
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xvluse
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nnuqbe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xcrnif
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iikkpg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

djwlwh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pndmgh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

obhmni
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xvcfwj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

weam
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78596c88cb42c3056483a6c099a9dfa1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

version

psapi

comctl32

msimg32

ntdll

wtsapi32

userenv

urlmon

setupapi

wininet

iphlpapi

rasapi32

gdiplus

wintrust

crypt32

msvcrt

msvcp60

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 260KB - Virtual size: 260KB

.data Size: 40KB - Virtual size: 61KB

.rsrc Size: 155KB - Virtual size: 154KB

.reloc Size: 72KB - Virtual size: 71KB

xvxct Size: 4KB - Virtual size: 4KB

ossve Size: 4KB - Virtual size: 4KB

jmgmk Size: 4KB - Virtual size: 4KB

tvjkr Size: 4KB - Virtual size: 4KB

wvvlb Size: 4KB - Virtual size: 4KB

dmseh Size: 4KB - Virtual size: 4KB

uctvo Size: 4KB - Virtual size: 4KB

econu Size: 4KB - Virtual size: 4KB

ruoid Size: 4KB - Virtual size: 4KB

mweaj Size: 4KB - Virtual size: 4KB

bhtxq Size: 4KB - Virtual size: 4KB

xhmpx Size: 4KB - Virtual size: 4KB

gmslfk Size: 4KB - Virtual size: 4KB

psjfmk Size: 4KB - Virtual size: 4KB

ouobtl Size: 4KB - Virtual size: 4KB

rerucm Size: 4KB - Virtual size: 4KB

fkuqim Size: 4KB - Virtual size: 4KB

xvolpn Size: 4KB - Virtual size: 4KB

nsqgwo Size: 4KB - Virtual size: 4KB

ccfcfo Size: 4KB - Virtual size: 4KB

wcoxlp Size: 4KB - Virtual size: 4KB

tvvqsq Size: 4KB - Virtual size: 4KB

hdambq Size: 4KB - Virtual size: 4KB

ajahhr Size: 4KB - Virtual size: 4KB

qifcos Size: 4KB - Virtual size: 4KB

wqemwt Size: 4KB - Virtual size: 4KB

kbqugt Size: 4KB - Virtual size: 4KB

uvopnu Size: 4KB - Virtual size: 4KB

quxluv Size: 4KB - Virtual size: 4KB

dhdhdv Size: 4KB - Virtual size: 4KB

bcmdjw Size: 4KB - Virtual size: 4KB

rlfaqx Size: 4KB - Virtual size: 4KB

mimuxx Size: 4KB - Virtual size: 4KB

gpdaha Size: 4KB - Virtual size: 4KB

wqqgpb Size: 4KB - Virtual size: 4KB

wtxewc Size: 4KB - Virtual size: 4KB

wqeaec Size: 4KB - Virtual size: 4KB

cjuvld Size: 4KB - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 260KB - Virtual size: 260KB

.data
Size: 40KB - Virtual size: 61KB

.rsrc
Size: 155KB - Virtual size: 154KB

.reloc
Size: 72KB - Virtual size: 71KB

xvxct
Size: 4KB - Virtual size: 4KB

ossve
Size: 4KB - Virtual size: 4KB

jmgmk
Size: 4KB - Virtual size: 4KB

tvjkr
Size: 4KB - Virtual size: 4KB

wvvlb
Size: 4KB - Virtual size: 4KB

dmseh
Size: 4KB - Virtual size: 4KB

uctvo
Size: 4KB - Virtual size: 4KB

econu
Size: 4KB - Virtual size: 4KB

ruoid
Size: 4KB - Virtual size: 4KB

mweaj
Size: 4KB - Virtual size: 4KB

bhtxq
Size: 4KB - Virtual size: 4KB

xhmpx
Size: 4KB - Virtual size: 4KB

gmslfk
Size: 4KB - Virtual size: 4KB

psjfmk
Size: 4KB - Virtual size: 4KB

ouobtl
Size: 4KB - Virtual size: 4KB

rerucm
Size: 4KB - Virtual size: 4KB

fkuqim
Size: 4KB - Virtual size: 4KB

xvolpn
Size: 4KB - Virtual size: 4KB

nsqgwo
Size: 4KB - Virtual size: 4KB

ccfcfo
Size: 4KB - Virtual size: 4KB

wcoxlp
Size: 4KB - Virtual size: 4KB

tvvqsq
Size: 4KB - Virtual size: 4KB

hdambq
Size: 4KB - Virtual size: 4KB

ajahhr
Size: 4KB - Virtual size: 4KB

qifcos
Size: 4KB - Virtual size: 4KB

wqemwt
Size: 4KB - Virtual size: 4KB

kbqugt
Size: 4KB - Virtual size: 4KB

uvopnu
Size: 4KB - Virtual size: 4KB

quxluv
Size: 4KB - Virtual size: 4KB

dhdhdv
Size: 4KB - Virtual size: 4KB

bcmdjw
Size: 4KB - Virtual size: 4KB

rlfaqx
Size: 4KB - Virtual size: 4KB

mimuxx
Size: 4KB - Virtual size: 4KB

gpdaha
Size: 4KB - Virtual size: 4KB

wqqgpb
Size: 4KB - Virtual size: 4KB

wtxewc
Size: 4KB - Virtual size: 4KB

wqeaec
Size: 4KB - Virtual size: 4KB

cjuvld
Size: 4KB - Virtual size: 4KB

xvluse
Size: 4KB - Virtual size: 4KB

nnuqbe
Size: 4KB - Virtual size: 4KB

xcrnif
Size: 4KB - Virtual size: 4KB

iikkpg
Size: 4KB - Virtual size: 4KB

djwlwh
Size: 4KB - Virtual size: 4KB

pndmgh
Size: 4KB - Virtual size: 4KB

obhmni
Size: 4KB - Virtual size: 4KB

xvcfwj
Size: 4KB - Virtual size: 4KB

weam
Size: 4KB - Virtual size: 4KB