PEunion 4[.]0[.]0[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

PEunion 4.0.0.rar
Size

825KB
MD5

0786603532816404fce6f8815f17df4c
SHA1

ea05fec3b61617b931537b50cb10556cfb463149
SHA256

7b339d2c1649fd30901ef7a975c3ca7f4ba5a1a231d1739dcb191af4b096f229
SHA512

29d72fa8ffa096122a4914323238ce2ae1a6b84fd6701a7bf4f6642bbdeb95e4febfcacc6966efd240684e4f7b0ef2c7db56d486ebc358a6832ed15d812dc275
SSDEEP

24576:b6/gIVUkQKZKFA5AU84RgJjFpVpaF+cLoaZZ4O:bbkz1AU84MpylLo2

Score

3^/10

Malware Config

Signatures

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PEunion 4.0.0/FASM/FASM.EXE
unpack001/PEunion 4.0.0/PEunion.exe
unpack001/PEunion 4.0.0/lib/BytecodeApi.FileFormats.dll
unpack001/PEunion 4.0.0/lib/BytecodeApi.FileIcons.dll
unpack001/PEunion 4.0.0/lib/BytecodeApi.UI.dll
unpack001/PEunion 4.0.0/lib/BytecodeApi.dll
unpack001/PEunion 4.0.0/lib/HtmlRenderer.WPF.dll
unpack001/PEunion 4.0.0/lib/HtmlRenderer.dll
unpack001/PEunion 4.0.0/lib/MarkdownSharp.dll
unpack001/PEunion 4.0.0/lib/PEunion.Compiler.dll
unpack001/PEunion 4.0.0/peubuild.exe

Files

PEunion 4.0.0.rar
.rar
PEunion 4.0.0/Config/rtlo_extension_alternatives.ini
PEunion 4.0.0/FASM/FASM.EXE
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 335B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/FASM/INCLUDE/API/ADVAPI32.INC
PEunion 4.0.0/FASM/INCLUDE/API/COMCTL32.INC
PEunion 4.0.0/FASM/INCLUDE/API/COMDLG32.INC
PEunion 4.0.0/FASM/INCLUDE/API/GDI32.INC
PEunion 4.0.0/FASM/INCLUDE/API/KERNEL32.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/API/SHELL32.INC
PEunion 4.0.0/FASM/INCLUDE/API/USER32.INC
PEunion 4.0.0/FASM/INCLUDE/API/WSOCK32.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/UTF8.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1250.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1251.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1252.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1253.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1254.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1255.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1256.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1257.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN1258.INC
PEunion 4.0.0/FASM/INCLUDE/ENCODING/WIN874.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/COMCTL32.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/COMCTL64.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/COMDLG32.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/COMDLG64.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/GDI32.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/GDI64.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/KERNEL32.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/KERNEL64.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/SHELL32.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/SHELL64.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/USER32.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/USER64.INC
PEunion 4.0.0/FASM/INCLUDE/EQUATES/WSOCK32.INC
PEunion 4.0.0/FASM/INCLUDE/MACRO/COM32.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/COM64.INC
PEunion 4.0.0/FASM/INCLUDE/MACRO/EXPORT.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/IF.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/IMPORT32.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/IMPORT64.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/MASM.INC
PEunion 4.0.0/FASM/INCLUDE/MACRO/PROC32.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/PROC64.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/RESOURCE.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/MACRO/STRUCT.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/ADVAPI32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/COMCTL32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/COMDLG32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/GDI32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/KERNEL32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/SHELL32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/USER32.INC
PEunion 4.0.0/FASM/INCLUDE/PCOUNT/WSOCK32.INC
PEunion 4.0.0/FASM/INCLUDE/WIN32A.INC
PEunion 4.0.0/FASM/INCLUDE/WIN32AX.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN32AXP.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN32W.INC
PEunion 4.0.0/FASM/INCLUDE/WIN32WX.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN32WXP.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN64A.INC
PEunion 4.0.0/FASM/INCLUDE/WIN64AX.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN64AXP.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN64W.INC
PEunion 4.0.0/FASM/INCLUDE/WIN64WX.INC
.vbs
PEunion 4.0.0/FASM/INCLUDE/WIN64WXP.INC
.vbs
PEunion 4.0.0/Help/App/Changelog.md
PEunion 4.0.0/Help/Default.md
PEunion 4.0.0/Help/Project/Items/Drop.md
PEunion 4.0.0/Help/Project/Items/Invoke.md
PEunion 4.0.0/Help/Project/Items/MessageBox.md
PEunion 4.0.0/Help/Project/Items/RunPE.md
PEunion 4.0.0/Help/Project/Items/Source.md
PEunion 4.0.0/Help/Project/Manifest.md
PEunion 4.0.0/Help/Project/StartupMelt.md
PEunion 4.0.0/Help/Project/StubIcon.md
PEunion 4.0.0/Help/Project/StubPadding.md
PEunion 4.0.0/Help/Project/StubType.md
PEunion 4.0.0/Help/Project/VersionInfo.md
PEunion 4.0.0/Help/Rtlo/Icon.md
PEunion 4.0.0/Help/Rtlo/NewFilename.md
PEunion 4.0.0/Help/Rtlo/OriginalFile.md
PEunion 4.0.0/Help/Rtlo/Preview.md
PEunion 4.0.0/Help/Template.html
.html
PEunion 4.0.0/LICENSE-3RD-PARTY.md
PEunion 4.0.0/LICENSE.md
PEunion 4.0.0/PEunion.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/PEunion.exe.config
PEunion 4.0.0/Stub/dotnet/Api.cs
PEunion 4.0.0/Stub/dotnet/Compression.cs
PEunion 4.0.0/Stub/dotnet/Download.cs
PEunion 4.0.0/Stub/dotnet/Drop.cs
PEunion 4.0.0/Stub/dotnet/Emulator.cs
PEunion 4.0.0/Stub/dotnet/GetResource.cs
PEunion 4.0.0/Stub/dotnet/Invoke.cs
PEunion 4.0.0/Stub/dotnet/Resources/default.manifest
.xml
PEunion 4.0.0/Stub/dotnet/Resources/elevated.manifest
.xml
PEunion 4.0.0/Stub/dotnet/RunPE.cs
PEunion 4.0.0/Stub/dotnet/Stage2.cs
PEunion 4.0.0/Stub/dotnet/Stub.cs
PEunion 4.0.0/Stub/pe32/Api/kernel32.inc
PEunion 4.0.0/Stub/pe32/Api/msvcrt.inc
PEunion 4.0.0/Stub/pe32/Api/shlwapi.inc
PEunion 4.0.0/Stub/pe32/Compression.asm
PEunion 4.0.0/Stub/pe32/Download.asm
PEunion 4.0.0/Stub/pe32/Drop.asm
PEunion 4.0.0/Stub/pe32/Emulator.asm
PEunion 4.0.0/Stub/pe32/Melt.asm
PEunion 4.0.0/Stub/pe32/Obfuscator/nop.txt
PEunion 4.0.0/Stub/pe32/Obfuscator/nop_minimal.txt
PEunion 4.0.0/Stub/pe32/Obfuscator/register.txt
PEunion 4.0.0/Stub/pe32/PebApi.asm
PEunion 4.0.0/Stub/pe32/PebApi.inc
.vbs
PEunion 4.0.0/Stub/pe32/Resources/default.manifest
.xml
PEunion 4.0.0/Stub/pe32/Resources/elevated.manifest
.xml
PEunion 4.0.0/Stub/pe32/RunPE.asm
PEunion 4.0.0/Stub/pe32/Stage2.asm
PEunion 4.0.0/Stub/pe32/Stub.asm
PEunion 4.0.0/Stub/pe32/nt.inc
PEunion 4.0.0/lib/BytecodeApi.FileFormats.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/BytecodeApi.FileIcons.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/BytecodeApi.UI.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/BytecodeApi.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/HtmlRenderer.WPF.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/HtmlRenderer.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/MarkdownSharp.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/lib/PEunion.Compiler.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/peubuild.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PEunion 4.0.0/peubuild.exe.config

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 104KB - Virtual size: 104KB

.data Size: 512B - Virtual size: 29KB

.idata Size: 512B - Virtual size: 335B

.reloc Size: 8KB - Virtual size: 7KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 226KB - Virtual size: 225KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 65KB - Virtual size: 65KB

.rsrc Size: 1024B - Virtual size: 944B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 330KB - Virtual size: 329KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 73KB - Virtual size: 73KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 287KB - Virtual size: 287KB

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 45KB - Virtual size: 45KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text
Size: 104KB - Virtual size: 104KB

.data
Size: 512B - Virtual size: 29KB

.idata
Size: 512B - Virtual size: 335B

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 226KB - Virtual size: 225KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 65KB - Virtual size: 65KB

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 330KB - Virtual size: 329KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 287KB - Virtual size: 287KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 45KB - Virtual size: 45KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 214KB - Virtual size: 214KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 83KB - Virtual size: 83KB

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B