metasploit | 212c934d520c626c7acbff51df133d0d7d10fe0b164aca67d8be90e5a7388afc

Resubmissions

05/10/2023, 06:52

231005-hnd5dsbb27 10

Sharing

Copy URL

Twitter E-mail

General

Target

212c934d520c626c7acbff51df133d0d7d10fe0b164aca67d8be90e5a7388afc
Size

11.0MB
MD5

fa66d0e058dab59f3140b65e4a7228a5
SHA1

4d78a5d98ba1d97afd6ca8718cb7aedaa91ad488
SHA256

212c934d520c626c7acbff51df133d0d7d10fe0b164aca67d8be90e5a7388afc
SHA512

82351ab2c6e7687279a0bc3fbc229ad0807d288c3445c9675600fe1fbdf35c6593fab472c8d1432f62ca8b4dfdbd368ce261cdc0e8cc2bb7870ec2597a91fd69
SSDEEP

196608:ktR3iFP3JX+Qtuz4+jgLeC/LnScNNpB59aIZNgjL1D:WYPFFtupjeeC/bbKp

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

192.168.1.22:556

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
212c934d520c626c7acbff51df133d0d7d10fe0b164aca67d8be90e5a7388afc

Files

212c934d520c626c7acbff51df133d0d7d10fe0b164aca67d8be90e5a7388afc
.exe windows:4 windows x86

8b07e6b9ea13aaf5e187f0cf75e792b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcStringFreeW
UuidToStringW

kernel32

CreateToolhelp32Snapshot
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
DecodePointer
GetProcessHeap
GetLogicalDriveStringsW
QueryDosDeviceW
Module32FirstW
GlobalReAlloc
Module32NextW
DeviceIoControl
lstrcpyW
GetModuleFileNameW
ResumeThread
GetTickCount64
FlushViewOfFile
GetSystemDirectoryW
OutputDebugStringW
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
WritePrivateProfileStringW
GetPrivateProfileSectionW
InitializeConditionVariable
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
WakeConditionVariable
GetModuleHandleW
TryAcquireSRWLockExclusive
InitOnceBeginInitialize
Process32NextW
InitOnceComplete
ReleaseSRWLockShared
AcquireSRWLockShared
GetFileSize
WriteFile
ReadFile
CreateFileW
WaitForSingleObjectEx
LocalAlloc
SwitchToThread
MulDiv
GetLocaleInfoEx
FreeLibrary
CreateFileMappingA
TerminateThread
GetPrivateProfileStringW
GetFileAttributesW
QueryPerformanceCounter
QueryPerformanceFrequency
SystemTimeToFileTime
RemoveDirectoryW
SetProcessWorkingSetSize
GetTempPathW
CreateSemaphoreExW
AreFileApisANSI
FlushProcessWriteBuffers
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetFilePointer
CompareStringOrdinal
MoveFileW
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
TerminateProcess
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
lstrcpynW
GetCurrentProcess
FindClose
FindNextFileW
GetSystemTime
lstrcmpA
FileTimeToSystemTime
FindFirstFileW
VirtualAlloc
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
LCMapStringEx
CreateMutexW
Sleep
OpenMutexW
lstrcatW
lstrlenW
WinExec
SetWaitableTimer
CompareStringEx
CreateWaitableTimerW
GetCommandLineW
CancelWaitableTimer
LocalFree
GetCPInfo
SetLastError
CreateEventExW
WaitForMultipleObjects
FormatMessageA
GetStringTypeW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalFree
FreeLibraryAndExitThread
GlobalUnlock
GlobalLock
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
SignalObjectAndWait
GetThreadPriority
GlobalAlloc
GetCurrentProcessorNumberEx
CreateDirectoryW
SetFileAttributesW
CopyFileW
GetLogicalProcessorInformationEx
ReleaseMutex
GetNumaHighestNodeNumber
GetThreadGroupAffinity
SetThreadGroupAffinity
DeleteFileA
TlsAlloc
TlsGetValue
TlsSetValue
GetTempPathA
GetTempFileNameA
GetSystemInfo
ExitProcess
lstrlenA
CreateFileA
VirtualFree
ReleaseSemaphore
CreateSemaphoreA
GetProcessAffinityMask
FindFirstFileExW
ExitThread
GetDriveTypeW
CreateProcessW
GetFileInformationByHandle
K32GetProcessImageFileNameW
OpenProcess
GetFileType
PeekNamedPipe
GetTickCount
CloseThreadpoolWait
GetTimeZoneInformation
SetFilePointerEx
GetCommandLineA
SetStdHandle
SetUnhandledExceptionFilter
GlobalMemoryStatusEx
GetVolumeInformationW
RaiseException
VirtualProtect
VirtualQuery
LoadLibraryExA
GetCurrentThread
GetThreadTimes
GetComputerNameW
GlobalSize
FormatMessageW
FlushFileBuffers
GetFullPathNameW
LockFile
SetEndOfFile
UnlockFile
OutputDebugStringA
DuplicateHandle
GetModuleHandleA
LoadLibraryExW
LoadLibraryA
lstrcmpiW
GetThreadLocale
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
EncodePointer
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
GetProfileIntW
SetThreadPriority
SuspendThread
GetVersionExW
GetPrivateProfileIntW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
TlsFree
GlobalHandle
LocalReAlloc
GlobalGetAtomNameW
SetErrorMode
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
VerSetConditionMask
VerifyVersionInfoW
GetCurrentDirectoryW
FindResourceExW
GetWindowsDirectoryW
SearchPathW
GetDiskFreeSpaceW
GetTempFileNameW
GetUserDefaultLCID
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
GetStartupInfoW
HeapQueryInformation
GetStdHandle
GetLocalTime
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
IsValidLocale
EnumSystemLocalesW
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionEx
WriteConsoleW
GetLastError
DeleteCriticalSection
CloseHandle
CreateThread
WaitForSingleObject
CreateEventW
GetCurrentThreadId
SetEvent
SetCurrentDirectoryW
WideCharToMultiByte
GetDiskFreeSpaceA
GetFileAttributesA
SetEnvironmentVariableW
DeleteFileW
GetPrivateProfileSectionNamesW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetFullPathNameA
GetProcAddress
LoadLibraryW
LockFileEx
Process32FirstW

advapi32

CryptDestroyKey
CryptEncrypt
CryptReleaseContext
CryptAcquireContextW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
InitializeSecurityDescriptor
InitializeAcl
LookupAccountNameW
AddAccessAllowedAce
SetSecurityDescriptorDacl
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW

shlwapi

StrFormatKBSizeW
UrlUnescapeW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFileExistsW
PathIsDirectoryW

user32

InvalidateRgn
CopyAcceleratorTableW
CharNextW
UnionRect
EnableScrollBar
SetMenuDefaultItem
GetMenuDefaultItem
NotifyWinEvent
DeleteMenu
TrackMouseEvent
EnumDisplayMonitors
RealChildWindowFromPoint
SendDlgItemMessageA
CopyImage
GetSysColorBrush
GetMenuItemInfoW
DestroyMenu
LoadMenuW
GetKeyNameTextW
ShowOwnedPopups
WaitMessage
MapDialogRect
SetWindowContextHelpId
DrawStateW
GetDesktopWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
SetRectEmpty
GetWindowDC
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
CheckDlgButton
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
WinHelpW
SetScrollInfo
GetLastActivePopup
GetClassLongW
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
TrackPopupMenu
SetMenu
GetMenu
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
RegisterClassW
GetMessageTime
CharUpperW
RemoveMenu
AppendMenuW
GetSubMenu
GetMenuState
DestroyIcon
GetShellWindow
GetScrollBarInfo
EnumClipboardFormats
LoadBitmapW
GetScrollInfo
DestroyWindow
CreateWindowExW
RegisterClassExW
InsertMenuW
CreatePopupMenu
ShowScrollBar
MapVirtualKeyExW
IsCharLowerW
PeekMessageW
GetMessageW
BringWindowToTop
GetDoubleClickTime
PostMessageW
GetNextDlgGroupItem
MessageBoxA
DrawIcon
PostQuitMessage
DispatchMessageW
TranslateMessage
PostThreadMessageW
GetComboBoxInfo
WindowFromDC
EnableWindow
LoadCursorW
EnableMenuItem
GetMenuItemID
UnregisterClassW
DefWindowProcW
IsWindowVisible
GetClientRect
InvalidateRect
GetMenuItemCount
CallWindowProcW
GetTopWindow
GetSystemMenu
MapWindowPoints
GetParent
GetWindowRect
GetClassInfoW
GetSysColor
GetMessagePos
UpdateWindow
DestroyCursor
InvertRect
HideCaret
GetIconInfo
FrameRect
CopyIcon
ModifyMenuW
CharUpperBuffW
InsertMenuItemW
SetClassLongW
LockWindowUpdate
ClientToScreen
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
SendMessageW
MonitorFromWindow
SetForegroundWindow
IsWindow
MonitorFromPoint
ReleaseDC
GetDC
GetCursorPos
GetMonitorInfoW
GetWindowLongW
SetWindowLongW
PtInRect
WindowFromPoint
GetWindowThreadProcessId
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
IsZoomed
ScreenToClient
SetWindowRgn
LoadImageW
GetSystemMetrics
SetCursor
OffsetRect
IsIconic
MonitorFromRect
CopyRect
IntersectRect
IsRectEmpty
SetRect
GetMenuStringW
FindWindowW
MoveWindow
SetTimer
KillTimer
OpenClipboard
GetWindowRgn
GetFocus
CloseClipboard
EmptyClipboard
SetClipboardData
ShowWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
GetWindowTextW
MessageBoxW
GetKeyboardState
GetAsyncKeyState
SystemParametersInfoW
TranslateAcceleratorW
LoadAcceleratorsW
LoadIconW
GetForegroundWindow
GetActiveWindow
IsClipboardFormatAvailable
GetClipboardData
UnregisterHotKey
MessageBeep
ToUnicodeEx
SetWindowPos
GetKeyState
RegisterWindowMessageW
SendMessageTimeoutW
GetClassNameW
SetLayeredWindowAttributes
SetActiveWindow
SetCapture
ReleaseCapture
GetKeyboardLayout
VkKeyScanExW
keybd_event
MapVirtualKeyW
AttachThreadInput
EqualRect
ChangeClipboardChain
SetClipboardViewer
InflateRect
GetMenuBarInfo
GetAncestor
wsprintfW
GetUpdateRect
FillRect
DrawIconEx
UpdateLayeredWindow
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
WaitForInputIdle
SendInput
SetCursorPos
DrawFocusRect
DrawMenuBar
DrawFrameControl
GetWindow
DrawEdge
RegisterHotKey
ReuseDDElParam
SetParent
GetWindowTextLengthW
SetFocus
UnpackDDElParam
GetCapture
RegisterClipboardFormatW

oleaut32

VarBstrCmp
SysAllocStringLen
GetActiveObject
VariantCopy
LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
SysFreeString
SafeArrayDestroy
SysAllocString
SysStringLen
VariantClear
GetErrorInfo

gdi32

RoundRect
ExtFloodFill
CreateDCW
SelectObject
DeleteDC
SetPaletteEntries
FillRgn
BitBlt
FrameRgn
GetBoundsRect
CreateCompatibleBitmap
GetWindowOrgEx
GetViewportOrgEx
MoveToEx
CreateCompatibleDC
CreateSolidBrush
CreateRectRgn
SetPixelV
RealizePalette
GetDeviceCaps
Polyline
Polygon
GetStockObject
GetDIBits
DeleteObject
GetTextFaceW
PtInRegion
SetTextColor
CreatePolygonRgn
CreateEllipticRgn
LPtoDP
SetBkColor
EnumFontFamiliesExW
GetTextColor
GetBkColor
CreateRoundRectRgn
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
DPtoLP
SetRectRgn
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
SetTextAlign
SetStretchBltMode
SetROP2
SetPolyFillMode
GetLayout
OffsetRgn
SetLayout
SetMapMode
SetBkMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
GetTextExtentPoint32W
CreateFontIndirectW
GetTextMetricsW
GetMapMode
CreateRectRgnIndirect
CreateFontW
GetFontUnicodeRanges
GetGlyphIndicesW
PatBlt
ScaleWindowExtEx
GetViewportExtEx
GetWindowExtEx
SaveDC
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
PtVisible
RestoreDC
Rectangle
LineTo
IntersectClipRect
GetPixel
GetObjectType
SetDIBColorTable
Ellipse
SetWindowExtEx
SetPixel
SetViewportOrgEx
SetViewportExtEx
Escape
GetRgnBox
GetClipBox
ExcludeClipRect
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
ExtTextOutW
TextOutW
RectVisible
GetObjectW
GetBitmapBits
CopyMetaFileW
CreateBitmapIndirect
CombineRgn
CopyEnhMetaFileW
CreateDIBSection
DeleteEnhMetaFile
SetBitmapBits
StretchBlt

ole32

CoRegisterMessageFilter
CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
CoCreateInstance
OleUninitialize
OleInitialize
CoUninitialize
CoInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
CLSIDFromString
ReleaseStgMedium
OleDuplicateData
CoTaskMemAlloc
CLSIDFromProgID
PropVariantClear
CoTaskMemFree
CoInitializeEx
OleGetClipboard
CreateStreamOnHGlobal
CoSetProxyBlanket
StringFromGUID2
CoCreateGuid

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
DragQueryFileW
DragAcceptFiles
ShellExecuteW
CommandLineToArgvW
SHBrowseForFolderW
ShellExecuteExW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
SHGetFileInfoW
SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW
SHAppBarMessage

comctl32

ImageList_ReplaceIcon
ImageList_Create
_TrackMouseEvent

ws2_32

inet_ntoa
WSAAsyncGetHostByName
bind
gethostname
gethostbyname
ntohl
WSAGetLastError
WSACancelAsyncRequest
WSAAsyncSelect
WSASetLastError
WSACleanup
WSAStartup
socket
sendto
send
select
recvfrom
recv
ntohs
inet_addr
htons
htonl
connect
closesocket
accept

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

crypt32

CryptQueryObject
CryptMsgGetParam
CryptStringToBinaryA
CryptMsgClose
CryptDecodeObject
CertFindCertificateInStore
CertGetNameStringW
CertFreeCertificateContext
CryptDecodeObjectEx
CertCloseStore
CryptImportPublicKeyInfo

iphlpapi

GetAdaptersInfo

setupapi

SetupIterateCabinetW

winhttp

WinHttpReadData
WinHttpReceiveResponse
WinHttpConnect
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpSendRequest
WinHttpQueryOption
WinHttpOpen
WinHttpAddRequestHeaders
WinHttpWriteData
WinHttpQueryHeaders
WinHttpSetOption

psapi

GetProcessImageFileNameW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

uxtheme

DrawThemeParentBackground
OpenThemeData
GetThemePartSize
GetWindowTheme
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
GetThemeSysColor
CloseThemeData
IsAppThemed

oledlg

OleUIBusyW

gdiplus

GdipSetClipRectI
GdipSetPenColor
GdipDrawLine
GdipScaleMatrix
GdipRotateMatrix
GdipClonePath
GdipClosePathFigure
GdipAddPathPath
GdipTransformPath
GdipSetImageAttributesColorKeys
GdipSetPenLineCap197819
GdipDrawLineI
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipDrawImageI
GdipAlloc
GdipMultiplyWorldTransform
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipSetClipPath
GdipAddPathRectangleI
GdipSetStringFormatLineAlign
GdipGetFamilyName
GdipPrivateAddFontFile
GdipCloneFontFamily
GdipGetFontCollectionFamilyList
GdipGetFontCollectionFamilyCount
GdipAddPathRectangle
GdipAddPathArcI
GdipAddPathLineI
GdipDrawEllipseI
GdipAddPathEllipseI
GdipReversePath
GdipDrawPath
GdipGetDC
GdipResetPath
GdipSetPenDashArray
GdipSetPenDashStyle
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipDeleteBrush
GdipCloneBrush
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipDrawString
GdipAddPathString
GdipGetLogFontW
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipCreateFromHWND
GdipCreateFromHWNDICM
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCreateBitmapFromScan0
GdipDrawImagePointRectI
GdipSetWorldTransform
GdipGetImageGraphicsContext
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipCreateLineBrush
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneBitmapAreaI
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipGetImagePixelFormat
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipDrawImageRectRect
GdiplusShutdown
GdiplusStartup
GdipDeletePrivateFontCollection
GdipNewPrivateFontCollection
GdipSetInterpolationMode
GdipCloneImage
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipCreatePath
GdipDeletePath
GdipAddPathLine
GdipFree
GdipAddPathArc
GdipSetSmoothingMode
GdipFillRectangleI
GdipFillPath
GdipMeasureString
GdipDrawImageRectI
GdipDrawImageRectRectI
GdipSaveGraphics
GdipRestoreGraphics
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDisposeImage
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteFontFamily
GdipCreateFont
GdipDeleteFont

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

propsys

PropVariantToStringAlloc

imm32

ImmGetContext
ImmGetCompositionStringW
ImmReleaseContext
ImmGetOpenStatus

winmm

PlaySoundW

wininet

InternetCrackUrlW
InternetConnectW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetGetConnectedState
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetSetOptionW
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer

ntdll

RtlUnwind

Exports

Exports

?CheckData@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?Destroy@@YAXXZ
?Init@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0H@Z
?Init@@YA_NHQAPBD@Z
?TranslatorDebug@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?TranslatorPara@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@0@Z
?TranslatorPara@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?TranslatorParas@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@0@Z
?TranslatorParas@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?TranslatorParas@@YA?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@ABV12@@Z
?updatePatch@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 849KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 421KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

8b07e6b9ea13aaf5e187f0cf75e792b2

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

advapi32

shlwapi

user32

oleaut32

gdi32

ole32

shell32

comctl32

ws2_32

version

crypt32

iphlpapi

setupapi

winhttp

psapi

msimg32

winspool.drv

uxtheme

oledlg

gdiplus

oleacc

propsys

imm32

winmm

wininet

ntdll

Exports

Exports

Sections

.text Size: 7.1MB - Virtual size: 7.1MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 176KB - Virtual size: 849KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 421KB - Virtual size: 421KB

.reloc Size: 407KB - Virtual size: 407KB

.text Size: 2KB - Virtual size: 1KB

.idata Size: 22KB - Virtual size: 21KB

.rsrc Size: 421KB - Virtual size: 421KB

.reloc Size: 407KB - Virtual size: 407KB

.text
Size: 7.1MB - Virtual size: 7.1MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 176KB - Virtual size: 849KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 421KB - Virtual size: 421KB

.reloc
Size: 407KB - Virtual size: 407KB

.text
Size: 2KB - Virtual size: 1KB

.idata
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 421KB - Virtual size: 421KB

.reloc
Size: 407KB - Virtual size: 407KB