ba5b35ee145e029f9d861f23a7417de11f5c6ee48801dc676db6e0059a773341

Sharing

Copy URL Twitter E-mail

General

Target

ba5b35ee145e029f9d861f23a7417de11f5c6ee48801dc676db6e0059a773341
Size

4.9MB
MD5

f5853839386def33af18f6b4bba25ae1
SHA1

022cd14e3630ff71f8f66bf9c77421b29f28583f
SHA256

ba5b35ee145e029f9d861f23a7417de11f5c6ee48801dc676db6e0059a773341
SHA512

780bf0af25d16141225ef0302915adf66c3c95857cdd2372fd10a9f352ff155c982ed774e2ad846db60d744a26f1d0ed3949d56c8f4757690ba92bbcd8e1edee
SSDEEP

98304:6208j1D5LCxKRfz+3UZOEp4ftOvZz5ovmlKnxuSf+gbK3:6A1DLb+Sbp4f4mOEncSx

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba5b35ee145e029f9d861f23a7417de11f5c6ee48801dc676db6e0059a773341

Files

ba5b35ee145e029f9d861f23a7417de11f5c6ee48801dc676db6e0059a773341
.exe windows x86

5c0877886f2263751a0733f6d347d4e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
GetClassLongA
IsWindow
SetActiveWindow
GetSysColor
MapWindowPoints
UpdateWindow
LoadIconA
PostQuitMessage
PostMessageA
SendMessageA
SetCursor
EnableWindow
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
RegisterClipboardFormatA
UnhookWindowsHookEx
UnregisterClassA
GetClassNameA
PtInRect
GetWindowRect
SetPropA
IsIconic
CallWindowProcA
SetWindowPos
SetWindowLongA
RemovePropA
DefWindowProcA
GetMessageTime
GetDlgCtrlID
GetWindow
GetMessagePos
SetForegroundWindow
RegisterWindowMessageA
GetMenuItemCount
SystemParametersInfoA
GetPropA
wsprintfA
MessageBoxA
ReleaseDC
GetForegroundWindow
GetDlgItem
FindWindowA
GetDC
SetCursorPos
GetAncestor
EnumWindows
ShowWindow
SetFocus
GetSystemMetrics
GetWindowPlacement
EndDialog
CreateDialogIndirectParamA
DestroyMenu
PostThreadMessageA
LoadStringA
AdjustWindowRectEx
ClientToScreen
SetWindowTextA
GetWindowTextA
LoadCursorA
TabbedTextOutA
DrawTextA
GrayStringA
SendDlgItemMessageA
IsDialogMessageA
GetSysColorBrush
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
WaitForInputIdle
wsprintfA
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetSystemMetrics
GetCursorPos
MessageBoxA
MessageBeep
SetWindowPos
SendMessageA
DestroyCursor
SetParent
IsWindow
PostMessageA
GetTopWindow
GetParent
GetFocus
GetClientRect
InvalidateRect
ValidateRect
UpdateWindow
EqualRect
GetWindowRect
SetForegroundWindow
DestroyMenu
IsChild
ReleaseDC
IsRectEmpty
FillRect
GetDC
SetCursor
LoadCursorA
SetCursorPos
SetWindowsHookExA
GetSysColor
SetWindowLongA
GetWindowLongA
RedrawWindow
EnableWindow
IsWindowVisible
OffsetRect
PtInRect
DestroyIcon
IntersectRect
InflateRect
SetRect
SetScrollPos
SetScrollRange
GetScrollRange
SetCapture
GetCapture
ReleaseCapture
KillTimer
WinHelpA
LoadBitmapA
CopyRect
ChildWindowFromPointEx
ScreenToClient
UnregisterClassA
SetWindowRgn
DestroyAcceleratorTable
GetWindow
GetActiveWindow
SetFocus
IsIconic
PeekMessageA
SetMenu
GetMenu
DeleteMenu
GetSystemMenu
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
SetRectEmpty
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
GetDesktopWindow
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetDlgItem
GetWindowTextA
GetForegroundWindow
CallWindowProcA
CreateWindowExA
RegisterHotKey
UnregisterHotKey
SetWindowTextA
ScrollWindowEx
IsDialogMessageA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
CharNextA
SetWindowContextHelpId
MapDialogRect
LoadStringA
GetSysColorBrush
GetNextDlgGroupItem
PostThreadMessageA
SetTimer
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
SetActiveWindow
GetMessagePos

kernel32

CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
OpenProcess
VirtualQueryEx
CreateFileA
RtlMoveMemory
RtlFillMemory
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
GetTickCount
GetModuleFileNameA
ReadProcessMemory
Sleep
LCMapStringA
GetUserDefaultLCID
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
ResumeThread
GetWindowsDirectoryA
GetModuleHandleA
lstrcpyn
WritePrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
LocalSize
WriteFile
SetStdHandle
GetLocalTime
DeviceIoControl
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
lstrlenA
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
SetErrorMode
lstrcatA
lstrcpyA
WriteProcessMemory
lstrcpynA
GetVersion
MulDiv
GlobalFlags
InterlockedIncrement
SetLastError
GetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LockResource
LoadResource
FindResourceA
GetProcessVersion
GetCurrentProcess
FlushFileBuffers
GetCPInfo
GetOEMCP
GetCommandLineA
RtlUnwind
TerminateProcess
RaiseException
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
RaiseException
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetThreadLocale
GetStringTypeExA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FormatMessageA
LocalFree
HeapSize
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
lstrcmpiA
IsProcessorFeaturePresent
GetSystemInfo
InterlockedDecrement
InterlockedIncrement
SuspendThread
ReleaseMutex
CreateMutexA
FileTimeToSystemTime
GetTempFileNameA
GetVersion
GetTimeZoneInformation
QueryPerformanceCounter
QueryPerformanceFrequency
SetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
OpenProcess
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateToolhelp32Snapshot
Process32First
GetStringTypeA
GetStringTypeW
Process32Next
TerminateThread
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
VirtualProtect
VirtualQuery
InterlockedCompareExchange
WriteFile
WaitForMultipleObjects
CreateFileA
DeviceIoControl
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
lstrlenW
RemoveDirectoryA
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetUserDefaultLCID
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
GetPrivateProfileStringA
CloseHandle
WaitForSingleObject
CreateProcessA
GetTickCount
GetCommandLineA
SetLocalTime
MulDiv
GetProcAddress
GetModuleHandleA
GetVolumeInformationA
SetCurrentDirectoryA
CreateDirectoryA
DeleteFileA
GetFileAttributesA
SetFileAttributesA
FindClose
FindFirstFileA
GetTempPathA
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
CreateEventA
CreateThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
PtVisible
RectVisible
GetDeviceCaps
DeleteDC
SaveDC
GetStockObject
SetBkColor
Rectangle
CreateFontIndirectA
SelectObject
RestoreDC
SetBkMode
SetTextColor
TextOutA
DeleteObject
GetObjectA
Escape
ExtTextOutA
SetViewportExtEx
CreateBitmap
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
FillRgn
CreateSolidBrush
CreateFontIndirectA
GetStockObject
GetObjectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
RoundRect
GetTextExtentPoint32A
GetDeviceCaps
GetWindowOrgEx
GetViewportOrgEx
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
DeleteObject
SelectClipRgn
CreatePolygonRgn
GetClipRgn
SetStretchBltMode
CreateRectRgnIndirect
BeginPath
CreateFontA
TranslateCharsetInfo
MoveToEx
LineTo
ExtSelectClipRgn
GetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetMapMode
CreateRectRgn
CombineRgn
PatBlt
CreatePen
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
GetCurrentObject
SetBkColor

ws2_32

setsockopt
send
inet_addr
ntohs
select
recv
WSAAsyncSelect
closesocket
send
select
WSACleanup
WSAStartup
gethostbyname
inet_ntoa
recvfrom
ioctlsocket
recv
getpeername
accept
ntohl

atl

ord42

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegOpenKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegCloseKey
RegOpenKeyA

comctl32

ord17
ImageList_Add
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ord17

oledlg

ord8
ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoRevokeClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun
OleFlushClipboard
OleIsCurrentClipboard
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize
CLSIDFromString
CoCreateInstance
OleRun
CoGetClassObject

oleaut32

SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
VarR8FromBool
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy
VariantInit
VarR8FromCy
VariantChangeType
SafeArrayGetDim
VariantCopy
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SafeArrayGetElemsize
VariantClear
SysFreeString
UnRegisterTypeLi
OleCreateFontIndirect
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
SysAllocString
VariantInit
VariantCopyInd
SafeArrayGetElement
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
VariantChangeType
VariantTimeToSystemTime

iphlpapi

GetAdaptersInfo

winmm

waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty
midiOutPrepareHeader
midiStreamOut
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
waveOutRestart

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA

rasapi32

RasGetConnectStatusA
RasHangUpA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA

wininet

InternetConnectA
InternetSetOptionA
InternetOpenA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

Exports

Exports

��/��ԣ�E��Z� c�6#2O��I�a��4��.�<��ĔPK3�!W��{�5E˙(%�_x��~�F(��`A/�[� ��2R�*��BXmZ1��gM�g'��܍��D��MR�� e�Яɩ�`\��[=V�ޜ��d��d��`�<�f񑡑)��t��ɓYl|��^��7�<a�zX0��TF�tK�e�� H��!/?k6�uB=��4�(�!�B.8�z�.?=�t��g�#,&��.j�%~��)?shC6w�5�� x�zl��&8�p_W��Ow��y��v@��!�4"\�G�o^��sKXj��K��B�z]i8kCz<��TslZ��̯`S�� .�ށے�W�\��j�Oѕ�p��C&j ��ӯ'&�S��6��$�/rpu�¯?�*L�|��=��/�Թ �e� CLt'��`8��:��CᯈE_"�l;�Vh��!��wq��uWmFfb��obWO��%�i(u��u��e��X�[k{��D�ڱ�ł؂��h�(�;[�L��DķMΊ�=P>^" �Fʊ-��G(HX�h��`1�cg��7��H!�*��B��ՙ�c�cY�|/�F�? U��+c*e$�%��S�ߦL�-7�&aps�\HW�A�~�RzA��E�/h+z�1wFν$�<~ {��l��<�b~#0̏ �2+б��hq�n`b/�.q��?@��У��VW��T?쳏��4��EQ�ʗJz'��MW�2ݐb/%I��7�`��$ts�ͅ�J�.G��Ue��r5h�)�1ގ4b��i��Fo�I��3Ͻ��N� �劌s��\�O�M��3��qW��w��4 �� R��q��rr��'�6|kU� 0|��Fs��ӂC��B�=��%瞌��,��d-?si�I�y�˽kٹ�$�Q^;'&.P�!�A�%��wy��Ye��m��Έ�N�o��W$K�B�h梛*o�$��ʊ�"ŏ1��P=�[_U�@>��r��n�� Y�Zx�@�$�b�6"��J�01�V!%2u4��s�Wl��Ԥg4��r1�J�?�s�S�b��䪣i*;��S�F��[o��_��W<1�ݦ�v�jyq��a�quEwޭܾ��Ύ1r��o��j�J��@��J@/�m��OH�^.��)��bR��C 7v��g�S��)~l%�)J2c|X�� -�:'��ĝ��/��a��Y��Ӓ��|qk��g_��0��6 ��R݅��d��}Ŵ3-��M��P�͕͸D��w�� I��+��=&��/��]��@l3��ٝFN�i��La/VɈ⁢��V��YI'��*+�nV�k��jy.+��$�_��.��[5ב�Y�fC��+Z��n)�F�+ $��|� �!3�M�D�rEu�`�� I �� R��$�7J�ޖ~��g��U{�G��f�R�p|w�*�c�m�1�J:v?�4e�U&b�� 4N�*�s9W�ZJ�3ͧ��H�t�?�j��*[ �]��&��T'��맵԰��@sgt3Tg<\��!��Gz��T��Tf��s�t&� #]^G�h�_�އ�H�\n�H��T�͊X��f��{z�I��fh �v�y��y;�2��=��!�x�� s��D��$h޼r8��:B�W�.�J��Tʮ�K�Ƹ��0�7��8R[��o�]�Ϳ_��tc�n�m��^�b0�BOqSG�E�C�� B��]��9΍��Q�c�!�u$ ��ot��,2NA`Z�A��X��˱��7)(��/]�7�.�T�� JwJ�� M��LN��"X��A� �E��E\{E��5��2��D�G �bnc�e 9�UıݗI�Nms\��MXW��C�5lObMY��N+�+D�<k&�[�×��u^s��x��ͥF[��-��<�`��n^�� 0E�\>�� kq��XF" c�'��^ ��I��V�G]�Å�ʥ��NG@��"�'H��ݟ�-�zy��6,� ��v0r��7� "G��>��@�!�扸@{Vv1�W�g�!��]��i�r?�WA|��̋ٮ��X��zU�Pz~V_�\��"��ϊY��.z��O^&FUvM�)��RƘ�Z!{�I\I0�߉M�!�~�z��]��Av��4��Y�4�tyk�`��/ъJ��ꏫ�T��]Uξ��IA�y�{Y|M��g9yl_��X��Qb�"��k��o�k��-Ϛt��Pz�n��w�(��a��<�_�L�!}3��1�T+��ς`��2��@��y,��iV$�}��*m��B'f�|bv��1I+�L��db��DD5̿�׉��=q��pL:X�9��N�� 6�a�[��s��F(Qx��ox��A=>Um�<��8 ؑx�9΢-7�Rڡd�iv�:�u *�z1e��1rң�pE0$UI�iE��_��gD�o�5Ry[�'x��;MQ��|@7BlP@:e�� /�nOv�,�mґ�:��㇤�?��(�X%��j��1Qn��Ȏ��Hi�[�r�M�&;E��=��n7T�=>�]�"�(l��bI��^�}X�n��.��M��(��<��,�-��ц�s��$<'{�P�ҵ�wo��m|Ix��4A4� �n�^ۜ)�I��c��m��o$�i�v�~�.��Vmd�pS� g8ɄR®��^�`��^�}?,��i��\p$�nLEI��qP��@�St��vö�+�E�0G}��EFB�h*��gu@j��'ƅr��ԉ�ޘ��~%[�ZӲ��m�øk6M��

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 735KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c0877886f2263751a0733f6d347d4e9

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ws2_32

atl

winspool.drv

advapi32

comctl32

oledlg

ole32

oleaut32

iphlpapi

winmm

version

rasapi32

shell32

wininet

comdlg32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 324KB - Virtual size: 320KB

.data Size: 348KB - Virtual size: 735KB

.vmp0 Size: 2.5MB - Virtual size: 2.5MB

.tls Size: 4KB - Virtual size: 24B

.vmp1 Size: 84KB - Virtual size: 83KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 324KB - Virtual size: 320KB

.data
Size: 348KB - Virtual size: 735KB

.vmp0
Size: 2.5MB - Virtual size: 2.5MB

.tls
Size: 4KB - Virtual size: 24B

.vmp1
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 28KB - Virtual size: 24KB