Overview
overview
10Static
static
10Anarchy Panel.exe
windows7-x64
10Anarchy Panel.exe
windows10-2004-x64
10Anarchy Panel.exe.xml
windows7-x64
1Anarchy Panel.exe.xml
windows10-2004-x64
3Plugins/0g...oG.dll
windows7-x64
1Plugins/0g...oG.dll
windows10-2004-x64
1Plugins/59...uJ.dll
windows7-x64
1Plugins/59...uJ.dll
windows10-2004-x64
1Plugins/Cj...qM.dll
windows7-x64
1Plugins/Cj...qM.dll
windows10-2004-x64
1Plugins/EV...LC.dll
windows7-x64
1Plugins/EV...LC.dll
windows10-2004-x64
1Plugins/FBSyChwp.dll
windows7-x64
1Plugins/FBSyChwp.dll
windows10-2004-x64
1Plugins/G3...uZ.dll
windows7-x64
1Plugins/G3...uZ.dll
windows10-2004-x64
1Plugins/KNTmoSnG.dll
windows7-x64
1Plugins/KNTmoSnG.dll
windows10-2004-x64
1Plugins/PK...TS.dll
windows7-x64
1Plugins/PK...TS.dll
windows10-2004-x64
1Plugins/Rs...xj.dll
windows7-x64
1Plugins/Rs...xj.dll
windows10-2004-x64
1Plugins/Wk...pi.dll
windows7-x64
1Plugins/Wk...pi.dll
windows10-2004-x64
1Plugins/eM...s4.dll
windows7-x64
1Plugins/eM...s4.dll
windows10-2004-x64
1Plugins/fzAgyDYa.dll
windows7-x64
1Plugins/fzAgyDYa.dll
windows10-2004-x64
1Plugins/mGWHaG2Jn.dll
windows7-x64
1Plugins/mGWHaG2Jn.dll
windows10-2004-x64
1Plugins/mM...GA.dll
windows7-x64
1Plugins/mM...GA.dll
windows10-2004-x64
1Behavioral task
behavioral1
Sample
Anarchy Panel.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Anarchy Panel.exe
Resource
win10v2004-20230831-en
Behavioral task
behavioral3
Sample
Anarchy Panel.exe.xml
Resource
win7-20230831-en
Behavioral task
behavioral4
Sample
Anarchy Panel.exe.xml
Resource
win10v2004-20230831-en
Behavioral task
behavioral5
Sample
Plugins/0guo3zbo66fqoG.dll
Resource
win7-20230831-en
Behavioral task
behavioral6
Sample
Plugins/0guo3zbo66fqoG.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral7
Sample
Plugins/59Zp7paEHDF7luJ.dll
Resource
win7-20230831-en
Behavioral task
behavioral8
Sample
Plugins/59Zp7paEHDF7luJ.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral9
Sample
Plugins/CjETR6GpGXqM.dll
Resource
win7-20230831-en
Behavioral task
behavioral10
Sample
Plugins/CjETR6GpGXqM.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral11
Sample
Plugins/EVa7gBMKoaHmLC.dll
Resource
win7-20230831-en
Behavioral task
behavioral12
Sample
Plugins/EVa7gBMKoaHmLC.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral13
Sample
Plugins/FBSyChwp.dll
Resource
win7-20230831-en
Behavioral task
behavioral14
Sample
Plugins/FBSyChwp.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral15
Sample
Plugins/G3nl0mDcABnDuZ.dll
Resource
win7-20230831-en
Behavioral task
behavioral16
Sample
Plugins/G3nl0mDcABnDuZ.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral17
Sample
Plugins/KNTmoSnG.dll
Resource
win7-20230831-en
Behavioral task
behavioral18
Sample
Plugins/KNTmoSnG.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral19
Sample
Plugins/PK0TcnqTGFagQTS.dll
Resource
win7-20230831-en
Behavioral task
behavioral20
Sample
Plugins/PK0TcnqTGFagQTS.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral21
Sample
Plugins/RssCnLKcGRxj.dll
Resource
win7-20230831-en
Behavioral task
behavioral22
Sample
Plugins/RssCnLKcGRxj.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral23
Sample
Plugins/WkUP83aP9CABpi.dll
Resource
win7-20230831-en
Behavioral task
behavioral24
Sample
Plugins/WkUP83aP9CABpi.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral25
Sample
Plugins/eMTYbTz0gueNs4.dll
Resource
win7-20230831-en
Behavioral task
behavioral26
Sample
Plugins/eMTYbTz0gueNs4.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral27
Sample
Plugins/fzAgyDYa.dll
Resource
win7-20230831-en
Behavioral task
behavioral28
Sample
Plugins/fzAgyDYa.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral29
Sample
Plugins/mGWHaG2Jn.dll
Resource
win7-20230831-en
Behavioral task
behavioral30
Sample
Plugins/mGWHaG2Jn.dll
Resource
win10v2004-20230831-en
Behavioral task
behavioral31
Sample
Plugins/mML6WKMqdxjDGA.dll
Resource
win7-20230831-en
Behavioral task
behavioral32
Sample
Plugins/mML6WKMqdxjDGA.dll
Resource
win10v2004-20230831-en
General
-
Target
Anarchy Panel 4.7.7z
-
Size
52.2MB
-
MD5
fdda7f4220ef8412168665c3d8dbd81a
-
SHA1
d2f99cda791fbf10c5a7bf65d1926e3e96dea8c2
-
SHA256
f31297dbb9f3aa6a6331c0d70ccfa89bc89b6a5e0a0b6eefb8078204d9bdf94a
-
SHA512
b6b4418a0f5061b563a48fcceb6e40def3383aa6dfadd75f2580689d87c8f209274a6a462b9b3719dccd7f6eb63a430989338ed25892a2a1ff42f0be5b32cfdc
-
SSDEEP
1572864:e3asUmSw/ko2C+ZU5sAUyjkMfWWl0LATN/uROCmJ:e3aesnU5zUywMfWWlp2RKJ
Malware Config
Signatures
-
Async RAT payload 20 IoCs
Processes:
resource yara_rule static1/unpack001/Anarchy Panel.exe asyncrat static1/unpack001/Plugins/0guo3zbo66fqoG.dll asyncrat static1/unpack001/Plugins/59Zp7paEHDF7luJ.dll asyncrat static1/unpack001/Plugins/CjETR6GpGXqM.dll asyncrat static1/unpack001/Plugins/EVa7gBMKoaHmLC.dll asyncrat static1/unpack001/Plugins/FBSyChwp.dll asyncrat static1/unpack001/Plugins/G3nl0mDcABnDuZ.dll asyncrat static1/unpack001/Plugins/KNTmoSnG.dll asyncrat static1/unpack001/Plugins/PK0TcnqTGFagQTS.dll asyncrat static1/unpack001/Plugins/RssCnLKcGRxj.dll asyncrat static1/unpack001/Plugins/WkUP83aP9CABpi.dll asyncrat static1/unpack001/Plugins/fzAgyDYa.dll asyncrat static1/unpack001/Plugins/mGWHaG2Jn.dll asyncrat static1/unpack001/Plugins/mML6WKMqdxjDGA.dll asyncrat static1/unpack001/Plugins/oYsKwDG.dll asyncrat static1/unpack001/Plugins/rNXXgmX25s.dll asyncrat static1/unpack001/Plugins/sJ88z8tsg5XzK.dll asyncrat static1/unpack001/Plugins/yL9x34D8X3oO2P.dll asyncrat static1/unpack001/Plugins/zVvPGvK64uLS.dll asyncrat static1/unpack001/Plugins/zVvPGvK64uLS1.dll asyncrat -
Asyncrat family
-
Stealerium family
-
StormKitty payload 1 IoCs
Processes:
resource yara_rule static1/unpack001/Plugins/eMTYbTz0gueNs4.dll family_stormkitty -
Stormkitty family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
Processes:
resource yara_rule static1/unpack001/Anarchy Panel.exe net_reactor -
Unsigned PE 21 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Anarchy Panel.exe unpack001/Plugins/0guo3zbo66fqoG.dll unpack001/Plugins/59Zp7paEHDF7luJ.dll unpack001/Plugins/CjETR6GpGXqM.dll unpack001/Plugins/EVa7gBMKoaHmLC.dll unpack001/Plugins/FBSyChwp.dll unpack001/Plugins/G3nl0mDcABnDuZ.dll unpack001/Plugins/KNTmoSnG.dll unpack001/Plugins/PK0TcnqTGFagQTS.dll unpack001/Plugins/RssCnLKcGRxj.dll unpack001/Plugins/WkUP83aP9CABpi.dll unpack001/Plugins/eMTYbTz0gueNs4.dll unpack001/Plugins/fzAgyDYa.dll unpack001/Plugins/mGWHaG2Jn.dll unpack001/Plugins/mML6WKMqdxjDGA.dll unpack001/Plugins/oYsKwDG.dll unpack001/Plugins/rNXXgmX25s.dll unpack001/Plugins/sJ88z8tsg5XzK.dll unpack001/Plugins/yL9x34D8X3oO2P.dll unpack001/Plugins/zVvPGvK64uLS.dll unpack001/Plugins/zVvPGvK64uLS1.dll
Files
-
Anarchy Panel 4.7.7z.7z
-
Anarchy Panel.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 54.6MB - Virtual size: 54.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Anarchy Panel.exe.config.xml
-
Plugins/0guo3zbo66fqoG.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 692B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/59Zp7paEHDF7luJ.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 812B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/CjETR6GpGXqM.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 393KB - Virtual size: 393KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 836B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/EVa7gBMKoaHmLC.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 168KB - Virtual size: 167KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 844B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/FBSyChwp.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 168KB - Virtual size: 167KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/G3nl0mDcABnDuZ.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 175KB - Virtual size: 174KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 804B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/KNTmoSnG.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
-?~P} ;z Size: 208KB - Virtual size: 208KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 458KB - Virtual size: 458KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 816B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
Plugins/PK0TcnqTGFagQTS.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 820B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/RssCnLKcGRxj.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 179KB - Virtual size: 179KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 836B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/WkUP83aP9CABpi.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
>a[@&z Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 51KB - Virtual size: 51KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 832B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
Plugins/eMTYbTz0gueNs4.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 820B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/fzAgyDYa.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
>a[@&z Size: 30KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 832B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
Plugins/mGWHaG2Jn.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
>a[@&z Size: 31KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 47KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 816B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
Plugins/mML6WKMqdxjDGA.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 171KB - Virtual size: 171KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 812B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/oYsKwDG.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 4.8MB - Virtual size: 4.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 812B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/rNXXgmX25s.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 940B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/sJ88z8tsg5XzK.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 170KB - Virtual size: 169KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 844B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/yL9x34D8X3oO2P.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 178KB - Virtual size: 177KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 804B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Plugins/zVvPGvK64uLS.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
(8h@ Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 61KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 688B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
Plugins/zVvPGvK64uLS1.dll.dll windows x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 232KB - Virtual size: 231KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 684B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ