Extracted

• decoded.dll

  .dll windows:6 windows x64

  37af5cd8fc35f39f0815827f7b80b304

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  Imports

  kernel32

  CreateMutexA

  WaitForSingleObject

  ReleaseMutex

  Sleep

  GetLastError

  SetEvent

  lstrcpyA

  CloseHandle

  CreateThread

  ResetEvent

  GetCurrentProcessId

  GetComputerNameExA

  DeleteCriticalSection

  VirtualFree

  VirtualAlloc

  WaitForMultipleObjects

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  CreateIoCompletionPort

  HeapFree

  EnterCriticalSection

  HeapReAlloc

  InitializeCriticalSection

  LeaveCriticalSection

  HeapAlloc

  HeapDestroy

  HeapCreate

  lstrlenA

  CreateEventA

  user32

  wsprintfA

  advapi32

  GetUserNameA

  SystemFunction036

  ws2_32

  inet_addr

  select

  gethostbyname

  closesocket

  socket

  inet_ntoa

  recv

  htons

  WSACleanup

  WSAStartup

  send

  connect

  iphlpapi

  GetAdaptersInfo

  Exports

  Exports

  ReflectiveLoader

  Sections

  .text

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 856B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 360B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ