f4d34db44dcb270b989a07dc956c2c346ecce2edd4dff6221ded82c6e11dbb25

Sharing

Copy URL Twitter E-mail

General

Target

f4d34db44dcb270b989a07dc956c2c346ecce2edd4dff6221ded82c6e11dbb25
Size

8.3MB
MD5

e15fa26438ecc10d1ed1764994a10e96
SHA1

b47e72b855c1034f1fe53333e550cda4d9a381fa
SHA256

f4d34db44dcb270b989a07dc956c2c346ecce2edd4dff6221ded82c6e11dbb25
SHA512

443c0d38e8409511cdd43c1a732e4274c7a6fda4751e6ad8d136054a02266446a062f65639a689b945116b2c9428dcca013b7141367143606b60a34979c98530
SSDEEP

196608:Xoz3dARKMAMYEZGoptUMXISQqBDXFrZ2gaf5bfUkXCG:S3uRTAMYEsoDtISQqFFrZZ+54k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4d34db44dcb270b989a07dc956c2c346ecce2edd4dff6221ded82c6e11dbb25

Files

f4d34db44dcb270b989a07dc956c2c346ecce2edd4dff6221ded82c6e11dbb25
.exe windows:6 windows x64

6a64b159a7a1add4cc4603d41c3cfbe8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetTimeZoneInformation
GetDriveTypeW
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
ExitProcess
GetStdHandle
IsValidCodePage
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlPcToFileHeader
RtlUnwindEx
RaiseException
OutputDebugStringW
FindFirstFileExW
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
WriteConsoleW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTempFileNameW
Sleep
GetCPInfo
GetProfileIntW
GetTickCount64
SearchPathW
GetWindowsDirectoryW
GetTempPathW
FindResourceExW
VerifyVersionInfoW
VerSetConditionMask
VirtualProtect
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
SetErrorMode
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GlobalGetAtomNameW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
ResumeThread
SetThreadPriority
WaitForSingleObject
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcmpA
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
GetCurrentProcessId
GetVersionExW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
LoadLibraryExW
GetModuleHandleExW
DuplicateHandle
OutputDebugStringA
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
SetLastError
FormatMessageW
MulDiv
LocalFree
GlobalSize
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
HeapSize
HeapFree
InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
lstrcatW
lstrcpyW
lstrlenW
QueryDosDeviceW
lstrcmpiW
GetLogicalDriveStringsW
TerminateProcess
OpenProcess
FreeLibrary
GetProcAddress
LoadLibraryW
GlobalFree
GetCurrentDirectoryW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
DeleteFileW
IsDebuggerPresent
GetCurrentProcess
SizeofResource
FileTimeToSystemTime
CloseHandle
GetFileTime
CreateFileW
GetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
CopyFileW
MultiByteToWideChar
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
GetFileType
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
HeapReAlloc
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DecodePointer
HeapAlloc
RtlUnwindEx
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

TranslateMessage
GetMessageW
DrawIconEx
IsRectEmpty
InflateRect
DrawFocusRect
GetSysColorBrush
SetWindowRgn
DrawFrameControl
DrawEdge
PostQuitMessage
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DrawStateW
MapVirtualKeyW
GetKeyNameTextW
WindowFromPoint
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
ShowOwnedPopups
MapWindowPoints
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenuEx
SetParent
SetMenu
SetCursorPos
SetRect
UpdateLayeredWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EqualRect
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
SetCursor
DestroyMenu
GetMenuItemInfoW
SystemParametersInfoW
LoadCursorW
IntersectRect
RealChildWindowFromPoint
CopyImage
GetAsyncKeyState
MapDialogRect
SetLayeredWindowAttributes
EnumDisplayMonitors
TrackMouseEvent
DispatchMessageW
RegisterWindowMessageW
GetLastActivePopup
IsZoomed
SetCapture
ReleaseCapture
DeleteMenu
MessageBeep
NotifyWinEvent
CreatePopupMenu
GetMenuDefaultItem
CopyRect
EnableWindow
GetClientRect
GetParent
GetWindowRect
InvalidateRect
IsWindow
SendMessageW
InvertRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
LoadIconW
SetTimer
KillTimer
UnregisterClassW
GetSystemMenu
AppendMenuW
IsIconic
GetSystemMetrics
DrawIcon
LoadMenuW
GetCursorPos
GetSubMenu
GetDC
ReleaseDC
GetMenuStringW
GetMenuState
GetMenuItemID
GetMenuItemCount
InsertMenuW
RemoveMenu
CharUpperW
SetFocus
GetFocus
IsWindowEnabled
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
GetSysColor
FillRect
MessageBoxW
GetWindowLongW
GetWindowThreadProcessId
LockWindowUpdate
GetDoubleClickTime
GetIconInfo
CopyIcon
SetMenuDefaultItem
EnableScrollBar
UnionRect
MonitorFromPoint
DestroyIcon
LoadImageW
BringWindowToTop
WaitMessage
ModifyMenuW
DestroyAcceleratorTable
SetClassLongPtrW
GetUpdateRect
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
CopyAcceleratorTableW
RegisterClipboardFormatW
CharUpperBuffW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
FrameRect
PostThreadMessageW
GetNextDlgGroupItem
HideCaret
GetWindowRgn
DestroyCursor
CreateMenu
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
IsClipboardFormatAvailable
SubtractRect
TrackPopupMenu
CharUpperBuffW

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
PatBlt
CombineRgn
CreateEllipticRgn
Ellipse
GetBkColor
GetTextExtentPoint32W
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
CreateFontIndirectW
SetRectRgn
DPtoLP
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
CreateRoundRectRgn
RealizePalette
SetPixel
StretchBlt
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
EnumFontFamiliesExW
GetNearestPaletteIndex
GetSystemPaletteEntries
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetClipBox
ExcludeClipRect
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateBitmap
GetDeviceCaps
CopyMetaFileW
GetStockObject
CreateDIBSection
GetObjectW
SetDIBColorTable
SelectObject
DeleteDC
DeleteObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
BitBlt
CreateCompatibleBitmap
GetTextColor
CreateDCW
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueExW
RegEnumValueW
RegQueryValueW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW
PathFindExtensionW
SHDeleteKeyW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindFileNameW
PathIsUNCW

uxtheme

DrawThemeParentBackground
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeText
GetWindowTheme
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor

ole32

IsAccelerator
OleTranslateAccelerator
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CoCreateGuid
CoInitializeEx
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
OleDestroyMenuDescriptor

oleaut32

SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
VariantClear
LoadTypeLi
VariantCopy
VarBstrFromDate
SysFreeString
SysAllocStringLen
VariantChangeType
SysAllocString

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdiplusStartup
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCreateBitmapFromScan0
GdipFree
GdipDisposeImage
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageI
GdipGetImageWidth
GdipGetImageHeight
GdiplusShutdown
GdipGetImageGraphicsContext

psapi

EnumProcessModules
GetProcessImageFileNameW
GetModuleInformation
EnumProcesses

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

L#u��9٩��-g��Z՚5B�o毎5�^��K�+�<0bcʳ�L�_XwdM∤Z�� :��'��x"P؂�'��Ϡ��.��b�IM�_�̸��7��~��G#+B34{��ޛJ�2��1�+�� x�8�K��;��Â�T�M�:�!�`��B�Ź%��Yg�:;�1rV7`sk"�f�!�D/��&��j^��; 9�"A�{kT�n��^�l,3�^��H)Ck��g2%�x�ʴ��N�Je��J��KJ��s�$�� H��n�8�9XX��֧jB�WM��Y��N'�C��=B��n��*zܚr�M�6X��mn��Aɤ˶|f��!��A�>�y��-��л+eI��K؎��D�09<�4Y��ɪr�ߓh��uAr�q0"9E��]�ٝ_A�j��x0�׹�?��Q.��ы@�e@��Y��;��:�͕z�^�k�zwP��&��c�F�T�Qdl��q�I�U�y�@��ۚ)gl~��C�@��s��*żM5K��z_�o�y��}~ QH�_P�,2� �K:E� ��6�3j�C-�z4v�]�F��*D�{p`��Baq��I%O�e=��:Q � �#@��W=��S�j��y-�rk��k��C��T"C�Y�L��G�1z}�m ��&� Z+գ�� m��\TJC�KM<�g��S�|��zț�m��i��8^��ݹ�8�ڄ�.��?�:� ��d�8Z�X��k��q,'O|�9,m:G��{��Hi�Xw��^��6L�}G��eֱ�O�2%�Oa�|J��$��+��4 ?�G</�f��D$��1��%��^��Y�i�c~;!|Օ��茧=��>h�rvǽ�?��Kz��<�t��L��>�e}�Z��n��^L.��<"�M9 �,� <��i6��HִҞ)��׊Ɵ��ux_��W�4�n�� h��b�݆�X�r;7�٠�R `T�I�b[9�w��dn� ��eHk��;ian��<V&�'=��4�3�J��d��5��2�|�{��A�)-��uq"�kX�2�� b.h��qYz�q)�&PZ��ˤX?kd��x��,a��N��xp��=��"�x��Ɲ��ȊA�r6�D'�i��046��3�(�9�HӉ�;hI�� >M�(�.��QL�YT�Ѵ;��Wj�R�-w��=�tr*tߢt��$1�� A��~�w��I}"��Zi:�-Kj�6 AcZ>�ǩ�|�eF��cѣ_ Z�5WN;�i��fK0R�yZ��j��|V��Ů��g��?*��T�Re��j�+��b�2��V�/��X�Ɗ�8U�Zmh;�pc��0�(�z�z�'��B�3̹��t��+m��vgM�+؟��r��P֊P��֓�ŧ��`Rm`2 r��U=y�W� �S�W�ִ<� �.��xõ�1�j�I�4�EꟋr��D�YJ��R�3|�*Oܒb��`e7��v�-u�Aq��wE��,��_��5��rx��sv5L?[�U{�.(��]�� i��a� ��AD�7��-k��R�þ��e��h�D��t=Jt�W�j��=�2[��h��w�%gTXrF�4/L��d��۟7[,7|��u��x�^!J��ik��m�RdT}q��}��t�IU��;�⪯��DZa�%`��z��l��|��f��|Ħ��#�W�_ ��2�;t��EX��<��Ƈ0=xw�n�3B2O�{CG��g-��F|�5��԰�� S�M�]T&q[9�ۮNJ,�X^��̉*�.� ��''@ťJ��>h��$��H�X� �Q�]!5TF��m��W7 ��RIi��h7�+G�Z��^C��&�Rbe&�̵��|-�Z�D;.�&�p�A��5�f�{*~�JN�bW[��4�_7��ʷ��On��F�>�&��x9��z�f�y^�b��Ph&󭼊a�+M�+�q��KwB�.�#��n֘&�p�v8x��U��F��R�.FZǓ�$�«t��D.��H�4qg&S�s��ҫt &�D�3/ũ0ԍ%��W�� I�,8�]��&�:��ƃ��kINt ��܋��Pn�;�<�.>[�|_&��ph2�\�P�W��ǂ��V��gt�S.C�0acm��Y��bT�,�-�48�]��b1��đer��E��.kR*�ސ}�x5��\�!��*'*��?xK��KH#��Аҙ)ߔG\�^f�]�c�)��)۬m��N��/��>na�A��W�hA ^�c�<�:�ڟ ��$B .��Q *ي��vgfB�~��z+��}D� W��OZ;��0g_3~��)o_��%� _}��ooE��(��K]��k>b�M�2ĳf�CV�&��i�8�kdrN!��9!�^��ghe�U��0�}�GW�7s+��6��O��n;Bd�LQ7��y4�>y<Cxr�%I{�ƅ��zQ�sG�� d"��/.�4�G�`� �9\��f&ډfYC��7�#c�k9oyy|�V�o]!��+G�u��ޙ��gO�ù��f�Ĳì��M<1/�с[��^:>� ϴ�Wt��5��)`�[@uC��7�7��@@��(̦>��2)%��L��F�ō׍��P��^��[�O�@�a�W�􇂕�f�G%�<��0JE��̥:��FH*�y_�z/ɒ�o�ni}��s��B��0��4�Y=m��ظ@ ��ůB��HsG�Fp�w��j��MK�Z{s��

Sections

.text
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zaas0
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zaas1
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zaas2
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a64b159a7a1add4cc4603d41c3cfbe8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

psapi

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: - Virtual size: 1.8MB

.rdata Size: - Virtual size: 551KB

.data Size: - Virtual size: 58KB

.pdata Size: - Virtual size: 84KB

_RDATA Size: - Virtual size: 348B

.zaas0 Size: - Virtual size: 5.5MB

.zaas1 Size: 7KB - Virtual size: 6KB

.zaas2 Size: 8.2MB - Virtual size: 8.2MB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: - Virtual size: 1.8MB

.rdata
Size: - Virtual size: 551KB

.data
Size: - Virtual size: 58KB

.pdata
Size: - Virtual size: 84KB

_RDATA
Size: - Virtual size: 348B

.zaas0
Size: - Virtual size: 5.5MB

.zaas1
Size: 7KB - Virtual size: 6KB

.zaas2
Size: 8.2MB - Virtual size: 8.2MB

.rsrc
Size: 18KB - Virtual size: 18KB