228612f479e0b1f77b3e7109c36139e4dfbdd09edb44ebf379593b9d17c980cf

Sharing

Copy URL Twitter E-mail

General

Target

228612f479e0b1f77b3e7109c36139e4dfbdd09edb44ebf379593b9d17c980cf
Size

12.4MB
MD5

da5eae8b7e4bb99aee44ad790cd6b24e
SHA1

55133800106b8f9094b902510c93b0b92cc77a27
SHA256

228612f479e0b1f77b3e7109c36139e4dfbdd09edb44ebf379593b9d17c980cf
SHA512

820a8ab291fa2013094b6d6dd2d2934a5d018fbf0ea9fca476a4d469379f1aca066172d50096ae9daa92f147b295c58a9b895246f8e50a9e9905778529afbc5f
SSDEEP

196608:/hCHGB1guLqPVnFPUEsDcZD7qth5+Ul+22IbNVFXLMdh72aK0OsDof:JNBJG/sAZD7q0UY22oNPXoX2U/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
228612f479e0b1f77b3e7109c36139e4dfbdd09edb44ebf379593b9d17c980cf

Files

228612f479e0b1f77b3e7109c36139e4dfbdd09edb44ebf379593b9d17c980cf
.exe windows:5 windows x86

8b9a2c77985c16eea56e474a2838589c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamRelease
AVIFileRelease
AVIStreamWrite
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat
AVIFileExit
AVIFileInit

msvfw32

DrawDibOpen
DrawDibDraw
DrawDibClose

winmm

mciSendCommandA
PlaySoundA
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveOutWrite
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveOutReset
waveOutUnprepareHeader
waveOutClose

kernel32

HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalReAlloc
TlsSetValue
TlsGetValue
GetProcessVersion
GetFileType
GetOEMCP
LocalFileTimeToFileTime
SetErrorMode
RtlUnwind
HeapReAlloc
CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
Sleep
VirtualFree
VirtualAlloc
GetFileAttributesA
lstrcatA
GetModuleFileNameA
WriteFile
SetFilePointer
GetProfileIntA
GetProfileStringA
GetPrivateProfileSectionNamesA
EnumResourceLanguagesA
EnumResourceTypesA
GetExitCodeThread
GetCPInfo
SetStdHandle
GetDriveTypeA
ExitThread
RaiseException
GetTimeZoneInformation
GetSystemTime
TerminateProcess
GetACP
GlobalHandle
TlsAlloc
GlobalFlags
GetDiskFreeSpaceA
GetTempFileNameA
SetThreadPriority
GetCurrentThread
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
FormatMessageA
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
GetFileSize
CreateFileA
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
SetFileAttributesA
FindFirstFileA
lstrlenA
InterlockedDecrement
GetLastError
MultiByteToWideChar
GetTickCount
lstrcmpiA
CreateProcessA
lstrcpyA
GetTempPathA
ReadFile
CopyFileA
MoveFileA
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetVersion
WideCharToMultiByte
LocalFree
LocalAlloc
lstrcpynA
CreateDirectoryA
LoadLibraryA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LockResource
LoadLibraryExA
GlobalUnlock
GlobalLock
GlobalAlloc
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
InitializeCriticalSection
LeaveCriticalSection
PostQueuedCompletionStatus
EnterCriticalSection
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
InterlockedExchange
CancelIo
DeleteCriticalSection
ExitProcess
LocalLock
LocalSize
OutputDebugStringA
LocalReAlloc
GlobalMemoryStatus
EnumResourceNamesA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
MulDiv
ResetEvent
GetCurrentDirectoryA
SetFileTime
GetFileTime
SetCurrentDirectoryA
GlobalSize
GetStartupInfoA
GetCommandLineA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
lstrcmpA
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
lstrlenW
FileTimeToLocalFileTime
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
TlsFree
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

IsRectEmpty
SetRectEmpty
EndPaint
BeginPaint
GetWindowDC
CharUpperA
LoadStringA
wvsprintfA
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
MapWindowPoints
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemID
SetWindowPlacement
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
DispatchMessageA
TranslateMessage
GetMessageA
RegisterWindowMessageA
LoadIconA
EnableWindow
SendMessageA
InvalidateRect
SetForegroundWindow
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
PeekMessageA
IsWindow
CreateMenu
ValidateRect
GetMenuStringA
SetWindowContextHelpId
MapDialogRect
LoadAcceleratorsA
TranslateAcceleratorA
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
GetClassNameA
GetDialogBaseUnits
InsertMenuA
DeleteMenu
IntersectRect
GetIconInfo
GetScrollBarInfo
ShowScrollBar
DrawIconEx
GetKeyState
GetWindowLongA
SetWindowLongA
GetMenuState
CheckMenuRadioItem
SetClassLongA
SetRect
GetSysColorBrush
GetDCEx
LockWindowUpdate
DestroyIcon
LoadImageA
SetTimer
GetClientRect
GetSysColor
IsZoomed
ReleaseDC
GetDC
SetParent
MessageBoxA
UpdateWindow
RedrawWindow
TabbedTextOutA
DrawTextA
GrayStringA
UnregisterClassA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
ExcludeUpdateRgn
DefDlgProcA
GetTabbedTextExtentA
GetClipboardFormatNameA
GetAsyncKeyState
DrawEdge
GetDoubleClickTime
IsWindowUnicode
GetWindowLongW
CopyAcceleratorTableA
GetNextDlgGroupItem
InvertRect
DestroyCursor
SendDlgItemMessageA
CreatePopupMenu
AppendMenuA
TrackPopupMenu
DestroyMenu
CopyRect
FillRect
SetWindowRgn
GetFocus
KillTimer
GetDesktopWindow
SetMenu
ClipCursor
SystemParametersInfoA
FindWindowA
ShowWindow
IsIconic
DrawIcon
GetSystemMenu
MessageBeep
InflateRect
GetSystemMetrics
OffsetRect
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LookupIconIdFromDirectory
CreateIconFromResourceEx
CreateIconFromResource
GetWindowRect
PtInRect
PostMessageA
CharNextA
SetWindowLongW
SetCursorPos
UnionRect
GetWindowRgn
HideCaret
ShowCaret
IsMenu
GetMenuDefaultItem
GetCursor
GetMenuStringW
LookupIconIdFromDirectoryEx
GetKeyboardLayoutList
GetKeyboardState
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyExA
GetKeyNameTextA
IsCharLowerA
IsClipboardFormatAvailable
GetMenuItemInfoA
CopyIcon
CreateIconIndirect
DrawFrameControl
DrawAnimatedRects
EnumChildWindows
SetMenuDefaultItem
DrawFocusRect
WaitMessage
MapVirtualKeyA
DrawStateA
GetWindow
SetCapture
LoadCursorA
SetCursor
ScreenToClient
WindowFromPoint
ClientToScreen
ReleaseCapture
GetParent
IsWindowVisible
SendMessageTimeoutA
SetWindowPos
GetDlgCtrlID
CheckMenuItem
GetMenuItemCount
EnableMenuItem
GetCursorPos
GetSubMenu
LoadMenuA
PostQuitMessage
LoadBitmapA
ShowOwnedPopups
RegisterClipboardFormatA
PostThreadMessageA
wsprintfA
GetProcessWindowStation
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW

gdi32

SetPixel
GetWindowOrgEx
GetCurrentObject
Polygon
EnumFontFamiliesExA
GetDIBits
GetBitmapBits
ExtCreateRegion
PtInRegion
GetRgnBox
RoundRect
GetViewportOrgEx
ExtFloodFill
Ellipse
StrokePath
FillPath
CloseFigure
GetTextExtentPoint32W
ExtTextOutW
GetTextExtentPointA
CreateDIBitmap
GetTextAlign
Polyline
CopyMetaFileA
GetTextMetricsA
GetCharWidthA
CreateFontIndirectA
SetRectRgn
GetWindowExtEx
GetViewportExtEx
ExtSelectClipRgn
GetClipRgn
PolyBezierTo
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetPolyFillMode
RestoreDC
SaveDC
CreateRectRgnIndirect
PatBlt
CreateBitmap
GetClipBox
CreatePolygonRgn
FillRgn
FrameRgn
GetObjectA
SetBkMode
SetBkColor
SetTextColor
StretchDIBits
GetDeviceCaps
GetBitmapDimensionEx
CreatePatternBrush
GetBrushOrgEx
SetBrushOrgEx
GetTextColor
GetBkMode
CreateRectRgn
CreateRoundRectRgn
OffsetRgn
CombineRgn
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
LPtoDP
GetMapMode
DPtoLP
GetBkColor
BeginPath
EndPath
StrokeAndFillPath
GetStockObject
CreateDIBSection
SelectObject
SetStretchBltMode
StretchBlt
DeleteDC
DeleteObject
CreateFontA
GetTextExtentPoint32A
GetPixel
SetPixelV
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateSolidBrush

comdlg32

ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA

shell32

DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
DragAcceptFiles
SHAppBarMessage
ExtractIconA
SHGetFileInfoA
DragFinish
ShellExecuteA
SHGetMalloc

comctl32

ImageList_Remove
ImageList_GetImageInfo
ImageList_Add
ImageList_DrawEx
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Draw
_TrackMouseEvent
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA

oledlg

ord1
ord8

ole32

ReleaseStgMedium
CoGetClassObject
StgOpenStorageOnILockBytes
CoTaskMemAlloc
OleDuplicateData
CoDisconnectObject
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoUninitialize
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
CoCreateInstance
CLSIDFromString
OleIsCurrentClipboard
CoInitialize
OleRun
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoTaskMemFree

olepro32

ord253
ord251

oleaut32

SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
VariantCopy
SysAllocStringByteLen
VariantChangeType
SysStringByteLen
VarDateFromStr
VarBstrFromDate
SafeArrayUnaccessData
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
LoadTypeLi
SysAllocString
SysFreeString
VariantClear
GetErrorInfo
OleLoadPicturePath
VariantChangeTypeEx

urlmon

URLDownloadToFileA

ws2_32

inet_ntoa
recv
send
getpeername
closesocket
connect
htons
gethostbyname
socket
select
ioctlsocket
WSAStartup
inet_addr
WSACleanup
listen
bind
WSAEventSelect
WSACreateEvent
WSASocketA
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
WSARecv
setsockopt
WSACloseEvent
WSAIoctl
gethostname
WSASend
ntohs
getsockname
shutdown
__WSAFDIsSet
WSAGetLastError

wininet

HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetConnectA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

shlwapi

SHAutoComplete
PathRemoveFileSpecA

skinh

SkinH_SetAero
SkinH_AttachRes

imm32

ImmAssociateContext

wtsapi32

WTSSendMessageW

Exports

Exports

��cj��u��_y8��<��ě��ŏ 타�XwϽ�Ҧ��i�U�U�چ^��{��jRr,�ِZ�%󝛷�hB+�gul��z��?�v�`l�?��EZ��}��C鵬�f�s��)>�)��o��0񘳉�M��p�� w�� K��ⳣ�B^�2��k��Ԥ��v�ԣ��J ��N5�X5��Zh5̣6�>n�g�f�\r��|��b��6:�d�]��K7H�� =��<�'�@�̺H󶍖ĳ:�~@t�3��g��ER�sE�ғ�� J�i��;��H�()�n񷦾�7[�0�)~��o��3��x��cSڂt��F1��P�&��i�N��7�U�[9�/��W}�(s �k'�u��|�3x��mU.߻��C�̽�QK�!FG$�0O�ٍ^jR3Զ>F�z��=��?2�p��ɒ�+�#ü�n�hD�cA�f��܉E�}Zv�=�o��rY��N=��=��.��;�,�B��Ԋ��2*j��/�j5b=��ulP��dce��X[�[J#��h><d�Z�^ӗy�t�!y��P��<`��fK;q��cJ�~=��8�L��$�� P��S�qkq��p�UR�a<�e)6�r~��t��!�:�H;�Jjqn��^Co}�AG\S�[hΎj��d�+�@�� \��f��m]��x��΃�ֻ� �݊w� ~*�#|�b.��Ba�t57�Tϡ��SBC[�3��~P��o��bP`��w�S=��H}� ��Z��R��Nh��2�cCQ E�M��X��g�-T�m $�x��⨥f`T�I�̕�/�웷:��Y��'��svCf��T��`�ѓu�}�Y$��*��\�K��0`�X�L��E�� Վ4&]��-�m�Tv��|�x�C��.��&zvy#"��q��R��o��yt��;?��6�ʰ+/^��;4F�Hf�^�H� C)N[m��k1��l�S��خ��aH�5�p�pe��#塕�+n�� N~@�f�%��r��M�Ru�� j�1��6l��p��)�`<��?u��R��n�� o��m&��v %H��H��p��-[��O��՝E��w )^{P�\��$��/^1J!�~G�"�|��ʥ�z�Cq��7P�{a<��Kq��N��V��X 0a.��S��k�Ѩ��@��A�r��C��!��]3��+�`��a�"��Q��8�d�~� ��ǣ�[Cj��=��L�[��NҶ��j��@Ճ�4N.[r�D�~E�9'�<��t0��܆�7��xD�K��ӹqd�\�d�B�X�+g�=�NR�� T�@��8�-��X�� @FL��+�5]'S] �7��BJ��v��C��ɜy��2��,��$"�< ZC�;�I�o6�G�S��rz�� m��:a� ��u�Jt.�& ��*��|t�?6��u�B0� >��Kg<�ӝBv�e��W��l�v�?-ݑB�u��kj�)��Ŕ�j<��:��f�"nc�Oj[��'��5�F��=95��q� iME3t�sD<�H�Ä�B�u�3�({�X.*��F��T��W��ZX�صE~��~d� "��Z��^X�=�ŞW��D��3��)I��|�y�s�Z�Hg��ED��K��`B0ჽ��-e9�2�z��o��Z��-"+'$u�Bq�p��H��Xr|��s��*��C��l�>F��$�Y�`]�{>�ߋTwƈij�Wc2�5�� ,��/(�\��(�]7��(�xg�zI0� ��a� E�s��4ϼ��V��:�6ς�>�j6H�ݞ��3�7��_�)e'W��h�+O��Z��2&��o/O��/�-o��C͋�.%PT[r=��YVG.5x�}�!�1�Gw��n$/(G{��w��ѥųc��1[\#��UgO��$��7h~��U�.�ƕz�dچB��z��I9�%\��/��f�Sq1��J�2wux֢��xT��Z�qOm�+�5�� @�9��vؐX�c��H��m��O�-`s�H<o��A8��*��IƝ��93�i�k\w�x��+��4�X��i-L�Nb�h�ҕ�BL��c6(��)-��;��DB�mX� Ǳ��¦@�gv ߅��^�N.��ã��'e�B�� K�t��G�0o��7�D{d��@Ӯ|^ܨ��ϗ��1S��9%T�Y(��hv�-F�_ ��ʟ�dZ��&ģ��͸ҷ��f�� rY%��U��]n�L yM*��f��p��x�ZGk��T�/�}'��<�Aef��r��g�˱B&�R��z�&��d"(��/��)�l��RR�07?C�%��i郗�Uv��wΰh��z�3F_��e�?�d�9]��6�mF�k�F��w�Cv��+O��Sȷ⊍��Gh�&MÜ�6i%\,�s:�*�`,�e'e�0��M��_�8�ӱ:�2�t��9j�;��&�H��9��n}�왐��ٙN��<M+��1o;ɜ�P�%ϒ��dK䡔��&��3�qR�A`�op΢�|`{�V��ʊvQ��Nc� �}i!��i��^@&׵�F��҈��Lz覼�R��~M�!sV�3�)�($��(�bـT�ǂ�1��Sכ=��>�p��U]�hiq=\��1�z��+�xu��Y��d-�;ב��)��^��u-��Z��ז��El�l��q�%��t�g��3��r\�

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 433KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps0
Size: - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmps1
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b9a2c77985c16eea56e474a2838589c

Headers

File Characteristics

Imports

avifil32

msvfw32

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

ws2_32

wininet

shlwapi

skinh

imm32

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 2.3MB

.rodata Size: - Virtual size: 11KB

.rotext Size: - Virtual size: 108KB

.rdata Size: - Virtual size: 433KB

.data Size: - Virtual size: 1.3MB

.vmps0 Size: - Virtual size: 9.3MB

.vmps1 Size: 10.4MB - Virtual size: 10.4MB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.text
Size: - Virtual size: 2.3MB

.rodata
Size: - Virtual size: 11KB

.rotext
Size: - Virtual size: 108KB

.rdata
Size: - Virtual size: 433KB

.data
Size: - Virtual size: 1.3MB

.vmps0
Size: - Virtual size: 9.3MB

.vmps1
Size: 10.4MB - Virtual size: 10.4MB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB