28ade89b1d09d13581d3abe00d7658fb[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

28ade89b1d09d13581d3abe00d7658fb.bin
Size

640KB
MD5

99b7dc24f17ab2faef77b11a913c9c38
SHA1

12c89c8a4a0d45a5c090717f8482dddfe99a0c36
SHA256

f22e3881621948f54038703482dc81db34f3c12c518e8f70d67fee10e0660607
SHA512

fe88a8cfa47ebca896a2a9d86c696c98118051b6a662118ab6c39391688776a9d1989a9ada911a116b359cafb11044808d434da94ca37e019d280cb32266489f
SSDEEP

12288:zCfUnVulZNh5NgaQHpBTP1o/K51UP7wllPTo5vtgtZDNB1fr:zCtngaQH7dCeKzkRo51g35B1fr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ebe0924eedb62bb4bb919b354cb4566251f48effe00856916db08709ba1a4693.exe

Files

28ade89b1d09d13581d3abe00d7658fb.bin
.zip

Password: infected
ebe0924eedb62bb4bb919b354cb4566251f48effe00856916db08709ba1a4693.exe
.dll regsvr32 windows:5 windows x64

Password: infected

8c6e7a911375243da426f595cff94e29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

InitCommonControlsEx

kernel32

WideCharToMultiByte
lstrlenW
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
IsDBCSLeadByte
GlobalUnlock
GlobalLock
GlobalAlloc
SetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleFileNameA
ExitProcess
GetLocaleInfoA
GetUserDefaultLCID
LCMapStringW
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoW
GetFileType
SetHandleCount
Sleep
GetModuleHandleW
FlsAlloc
GetCurrentThread
FlsFree
FlsGetValue
HeapDestroy
HeapCreate
GetVersion
HeapSetInformation
HeapSize
HeapReAlloc
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
WriteFile
TerminateProcess
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
MultiByteToWideChar
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
InterlockedPopEntrySList
UnhandledExceptionFilter
VirtualFree
GetProcessHeap
InterlockedPushEntrySList
IsValidLocale
GetCommandLineA
FlsSetValue
VirtualQuery
RtlPcToFileHeader
DecodePointer
EncodePointer
HeapFree
RtlLookupFunctionEntry
RtlUnwindEx
HeapAlloc
VirtualProtect
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
EnumSystemLocalesA

user32

GetActiveWindow
CreateDialogParamA
DialogBoxParamA
GetSystemMetrics
LoadImageA
IsMenu
EndDialog
PostQuitMessage
DestroyMenu
AppendMenuA
EmptyClipboard
SetClipboardData
CloseClipboard
LoadStringA
wsprintfA
IsDialogMessageA
GetParent
GetWindow
UnregisterClassA
MonitorFromWindow
GetMonitorInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SendMessageA
OpenClipboard
MessageBoxA
SetDlgItemTextA
IsDlgButtonChecked
CheckRadioButton
GetSystemMenu
GetWindowLongA
SetWindowLongPtrA
DestroyWindow
CharNextA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
GetWindowRect

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyW
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoCreateGuid
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

VarUI4FromStr
SysFreeString

Exports

Exports

AAJYSIPbNoWBQcZTapOXPVudMm
AAKQbfKCiAJOikIaKcTdXteuGW
AAReQQxqO
AAUSsdzHGFbifTignAzzLf
AAUZdyNvTwvpEIVJjzvcQmImQK
AAbncggMmfk
AAdgfsbMYalgtKfChhPPEOj
AAjDxxPRgd
AAlmrlm
AAueIVEtWltP
ABLCEuyQDBNBGOqfGP
ABrhkZDZMKtcZkVFBBkdYhqhr
ABulGnnWpOIGT
ACEfHYSspBbpTE
ACFSYRnthRzrGVHthMse
ACMiXDFXAME
ACWQTIlJKSPve
ACZCQhlRXViVJE
ACaqNASThLQQpKzPpwPgKozAoh
ACfzAHdTQoiNP
ACikiumt
AClIEJkjSRXfhEfaCtWUOeo
ACyBeeBxo
ADKITbODuevES
ADYWgjl
ADmFAHycVHVhwyUoGfLqi
AELdExE
AEPogsKeRTpyrCM
AEYBBGDvzeQHrh
AEdJQCKFpWRVxqzOg
AEgNPAKuKRFDZmUYUAfDwP
AEhOAvQmTHoxYRHUkGtSxpOLLK
AEmanviDOSGFmyozUnhaoOO
AEvvFEttAejTkEnzp
AFDZDQkiDyajZhHATLoT
AFEgyRxQFcQRujToK
AFIoiybCCYx
AFQIfQ
AFqltwslJnZ
AFuIqQKCtdh
AFugTpGJdmxCizGOa
AGAlULSkseTbehvdOwwit
AGFHlqKF
AGGvefIaSdXFtyEcNnTco
AGfnrizzV
AGlKDjEqKSsO
AGmuHAufwaFuulWAADvyfkxUtG
AGndtwVSsDn
AHGSHuAHYUYHwqfwoF
AHIosVpysZojX
AHJGvyHAMz
AHatNOlcfmXMkdqOFhDpyVGldv
AHlMbAfRiDeEYjwc
AHngTdUgXdxXHoSewuBPLBu
AIHtWVIfOAWhjnJiIFfe
AIRwrQXRXFLTClKUpoVPoEM
AIaZor
AIcmtc
AJFAAytDTEFU
AJMNJiTlmVhgIZymcNq
AJMvWlcYkmxOkeLkgugcsmyWY
AJPnViaWKpLTYavjSEP
AJUYyTwBNh
AKULCqZuNUJOxMbIJyYAgJ
AKZeCwH
AKdrdkNXybhxrWIunQOtAD
AKnQZSPpqlQhhvGXZCFiYh
AKncYIZ
ALKXEnyKAf
ALPMfsEDtqgOMXpXEYwgCmw
ALvPAFJyCs
AMBMCsucQtSmXANPnhxnSIHyR
AMFLTmqfgTVZcxTObrDskcKKN
AMQBJLNozLuErQooF
AMToJCGixrVjaymCNJDSvp
AMZcZHcqqZ
AMpWfGNfOAnzKDYylImsgZiDVY
ANBJxvmIYdXtPSpiYqLWAS
ANBxsBkNxkFPIefppIZunMK
ANHbBwZd
ANKglApPvvGgmSh
ANRxwtzYSxhxB
ANVwYsmL
ANjYdniTJUBWZwBiJdx
ANpTzgXAxsGlBEEL
ANpjVHlydLTIfaab
ANscOS
ANuOuISCOXzqGeLyvBlaEpTnj
AOPwcgkvuKIgZTXbuFoSgIkduh
AOTCpsgkv
AObaFXU
AOcunAIqFisGGl
AOeqcBepkY
AOpgqSTDVPrvpTlMJmTlMtTgPX
AOtpvKlOLaOMQaBWLqji
AOuakhnuONzMTOxVugWmiogb
APAPuRrPruuUYLYEk
APEdUDoZmrDARcPAy
APJSiJKlMdsinMcuzMCdn
APQUnoCEXwfYVPvstkAYbZ
APSJFAnoZeudUeftlGWmSqe
APXqNVZUCgIbWBSXhCY
APZXYHqyUtpxqCxNUMkRbA
APfofNFYt
APqTwCBcnmeCgTuIuCUZAn
AQPHdKgZcxcQxztpq
AQSFaknna
AQWsKHAouTyumBNuMwEesTpeC
AQXjYOAeunZoOCJgeqTezTklM
AQgNbGoqilDpL
ARHQCzeEPCtJmLCDNhKzFPsB
ARLaCKXoe
ARdMGfarrPAukuTpdmhFpvMO
ARtWSWTdYoKbKMfkwA
ARxCLBbCfQAygmLh
ARznTVNC
ASBBAeWP
ASCPMMsckRP
ASSzhYjCMsaFMt
ASWjeKmXSA
ASpdiRygrDtsoeNQoxKpCkD
ASuFKQQFhARoWvsqqWhgDMtz
ASwwzbQspzaZyhWWQaZAWKSvIy
ATJJowoeWtSHW
ATJRzwexZwzDTW
ATWfqHzPFAXHznyJJPZrUF
AThaXABIgvF
AToTIrGbLF
ATrAiyEhgKvcuOQhkKlQAD
ATtrhlNXdrmPhBepXRtWJHvgo
AUiZTX
AUlrDVpFBMeHCgrqQTqEFtcFaM
AUrXmmZNYTNNyfbFumHvEDoJP
AUzeBWXDpYVUZUlDwA
AVISTinWGeYTqTXBx
AVJbGwUBOnxROQgoaSWHeaB
AVNohOelUxIIPCOz
AVOlwiezQjPByktRx
AVVYadVplSH
AVeWoO
AVjPxOHbLgXDohfHzhmTf
AVklyPHIaLMDiDpkunROS
AWPSpVDveoKWhiiY
AWRSQDLc
AWVFNC
AWVqvHpjAIOnBzVhNckxL
AWaJnmDqHVCDJNmn
AWgXkjGEWFPCIbcLmfkaS
AWpKXsGhlDI
AWqJWAWe
AXBsfInwtGrz
AXCsXRGvrPGDLDMQ
AXFnwquo
AXMPWzoR
AXOJOAtSTfhYryxzlPWTg
AXjXxyqhdWiUsOyFF
AYHAEfqsIutCTqvlIMHUEwW
AYKrRxXuyCUnUMXwUgrmmheii
AYPUDoaBYVOKhuHywZkXKu
AYbzWMSrLStNAWbTVCea
AYiAIqDiuMKuTlHbJAWgg
AYodKZnIvmBDtdyspVWkwYWZY
AYufkLboDEaYjMULa
AYvGBOFyufrqcyy
AZAYmxuMRxV
AZAopinghEZASFZTnZksvZ
AZCUwcWGqf
AZUJXZsAKfNjQsRIaRhTSXmB
AZUigqUFBuedUmYum
AZWfFnSyjPyVhOWXtZjCKvflcC
AZWtwcXtvtSwVWrR
AZfvmhYOwpArBHfIgXxWh
AZtVEL
AZwVhxFHMjYctpR
AaJcNHjMsHrFoByo
AaKdkfXjK
AaPgSHPkIwcXkqYyfHPqfMKnLr
AaaFhLYBrUmZqJccrjFlvBnpjz
AagxoslAMMaZXhnMeCjcb
AasVpgyJQbqgdYLZQAkHsGK
AawGckrVNziO
AbDiFCnBkmTBlZMqQoKKrAt
AbIOechAxWqyqS
AbLdiMxBHKGAN
AbUfbLJASElIdqvVAwkcLJeLPl
AbXJaFAJVEzzIgBSmoQiCAU
AbqqNMTerQgOJ
AcAptOQdg
AcDBddrk
AcIjNAMRcurnZYZLIt
AcLIVffYLIaOxz
AcVncjpRfWiOLjJ
AcYcdWRWKhIc
AcdYJqPGirLgdwkChhZJVLJtj
AcojeUghcPEQfWmQGvlvxxX
AdIOmfeyPLqrGoLImkyTdZBgL
AdOfnourCgTEvKj
AdcilOQJoTqxAfsZtVr
AdvhLzdpKbvyZZUlAFiOzU
AeRGcWWuDJqFSArXmIWqj
AehZknTiEKVtYNjODQPt
AelqsgBaYeignGr
AeoQenSnWxbvOhDpIjVlJrie
AfiGLsFmq
AfvnvttfUCfCWRultVe
AgRPjITkM
AgUMiFrgJDU
AhCiwlZTvRUEvBFZnQkiTxJQ
AhOYApPoebE
AhTfUAVEkBFvo
AhWeKwKhzfjKsOEpv
AhaZmdeVIUSZ
AhqsxPpYMBaSq
AiOWoBkHgCVUK
AiWulQHFxfciYomLWGuR
AicYpxrDEqmdDkQ
AimbAKHMQypzGVi
AjMFXbegiWkxjCloGSkliDTaK
AjafuvNODBabCynwDYft
AkBUZTbo
AkBfPAboAygOHnQQPXkJBIx
AkDTNjFoTGBxhKfSEQN
AkIIarrCurgvIADTbgAMG
AkMDOmPkQynbPjQH
AkMXRzIQmngTzhHyQRqhklz
AkXbWxQhVQALqivuBuKdWJU
AkbAzFHKZssCVtoV
AkksHYFVERFlCTqIrdzOj
AkvTLwUmMLmgdKqbOOX
AlCLoQOTHsG
AlNAatv
AlTjlqhTbH
AlUVteBuryXJXplitOivonTy
AlXtVmx
AlXzULQBq
AleWKhdeFkha
AljCXw
AlxUDOinZtYdiWFpwxhvsK
AmBnzLOhCPgZQjpNmmgPh
AmIscDrpfCXPdRlu
AmWyEUaWsxeoPlanz
AmmKtxnIuZMl
AmoZuykbZVlSYVoMdnFd
AmwIJTXJhlngJhazuyzgZirPT
AnBoimebYNYceTXXLfzzhr
AnEEdxbjyiDBFurrqDI
AnHhuillmzoSstLq
AnKrhqAKTwRPuOWHBl
AnRwfpbCXkibotzCzd
AnSPRutrfLoSeS
AnaRMQsHutqIuPDE
AnfEEQz
AnmlGIPttFolW
AoDwqihpZFcbsYHWSPfMDcNIne
AoMpLlryPERwgQNKayn
AoOZGzSlIUmchGxZqimf
AoQWYVFLjxVhqtrCHlU
ApCGgkpyhZt
ApILxhWLFIEdacgNpYzoliGx
ApINVrMNFRgqGRt
ApLFhYpNS
ApMMdOIaDwggrvDYRDTj
ApTaeDAbmHHhvbQBYToDYLKU
ApceLUweXvcwtDGBuLuUthl
ApisoFUGwfDyNQie
AprDiHQofLFj
ApvLfaqvSTyZWsQhJAAfbcHBVu
ApwyEWXmqSGtGH
ApywErP
AqEUIIbFYCCewn
AqLRQkXnXB
AqSMpzyV
AqUIuzBi
AqpBroMhCoSWbQBtqnPUjXXi
AqqtfeEdrLHRuMmZL
ArLdfjiM
ArYMRfMZXPWYSgcsX
ArZajRNXIHsKLbb
ArcLmfXolTogVMOa
ArlQnrqR
ArwNPDqwOZozzt
ArwoAfArK
ArydDmPteNaZ
AsURiTSiJQFBceOXy
AsiAeHBrtNUdubjxnSNgfNNy
AssJhSxwFyebSduIF
AszuWTXBFffETJcEEDzNOoL
AthTfQXeJd
AtmdGSoVObLPAxUzAAnzGxzGVU
AtratYtiN
AtrwwasQDxRkN
AttqDVNbs
AuDdelQJpYgVuSrHzdLYZe
AuoipoTluy
AuupIDPXeRqkfMLlnxcjhDBkIJ
AvGxTijVypralqHkYyUTEzSE
AvTJBZooSlibOKTlRkrYs
AvVyVdFtPZtrgrDHxJcITGC
AvWvNQdYJOMkuemQEhhUM
AvgOenKJhHLbHwTxSnqqE
AvgfEszcwGc
AvgycgfHBFDVDQOGCvals
AvvXzM
AwASxmiYtbcaMcfMNXlSfJoUD
AwCweqGpKS
AwPzsfasgRaACN
AwZpkhqiHawokQUdGVASpNFNuu
AwbYBGVeoTPxxZNvbiCZ
AwfoUXQYTmBsYArxYbS
AwgiLphfxyurORFKYgH
AwnfHnlCUNUSTPbT
AwnvwhiGVcXHulBghH
AwpbTHywBIr
AxHFEdSMI
AxJymUQIbqdlmMUGCtkNnEOhL
AxPACAdLhYweHDIysYoKodIp
AxPtcqLchl
AxQifdmasaQkWQHLI
AxTqrFCeHksuYfOmVg
AxZXDBbQS
AxcAqxoYuQSOQhjzaPxfpJSqs
AxezmkKo
AxfAyKptKIyavtUQVsox
AxlNKevQuxgMRoTtqNYfsPNlW
AyAObfKjXefQyYolJXrLQahZ
AyIObWlCod
AyLOcAEfoXKMZInjZeAuqV
AyOHwpiiQFvnWDQovSeTxxGH
AyPkDUykriJfVVoPFNSJPX
AyRSgLrxbUHOAkgW
AyVdQgJeJCJMzvAmkibJMiV
AycKQCBOtlepN
AycSyJbuZBokhFmO
AydPcyXopaxZEOuTCSqCF
AygfNmOLLMUFAABKHwjBc
AykuAMeQcglJCCnQvU
AykySkgWmcj
AymDvaQVA
AymWMmfE
AyoCQZEiU
AyrctNCaXCDduESzNhKNhBW
AyriFck
AzLgKHqA
AzSZLWZvAzAthtNBUsFfKvx
AzXSWqokjjbTQPdwtsAafrbfTd
AzvbudZV
BAmUFVdhQNVVchllB
BArWWid
BBLfyiqN
BBNuvZfDQGeZtIov
BBNxCKO
BBpbqvKCcskRaVYMyXNAs
BCXTeFF
BCcrmMxgXnwOSNdOnCrJbJc
BCoKEnFVcd
BCrugfLlFAnSZYkjg
BCuZGUWzyrqTgEgmPQfwZKEbcr
BDDbMZ
BDFucGRYpzIoFbiqYlXY
BDJJibAK
BDdbWAJFdmaOqVyoDDnoP
BEFNayDWJLK
BEIPmSmrbzngEYQSYGNnSswpp
BEcTOoOPrZOcnPjVxtofgewYxv
BEdRmqEmjglaAdq
BEksSMc
BEmbwprUVOhMNyFDm
BEqHrTwvTiLywYZwsVCDMxGyz
BEsIFPqYdAvkrjsrJL
BEwtCRLGFxVE
BFGCSFHKZTzOXpVPFs
BFOxaOFtJyvbToTOn
BFVFGKxeoPXry
BFgeFkgjybmd
BFoXZPaWzNQFYGY
BFzsXrmDwymJKlpcqD
BGDzclj
BGRXPohUydahDWv
BGoVzwVVfKPJUomfgd
BGqoOOLxGEqfYhrlEEV
BGsCISqq
BGxmfSmLIBuWbBQoAIlNIygGy
BHCexExwkGtRpTPMFc
BHEzRqoZUdUVaSnTFjmgVxJl
BHHOioExTxZfvmFhmIr
BHMIBRkjomoxWGVBM
BHdqemtAmQrIQhrpVJjYxWw
BHjiqWzcKq
BIBYJLXTuPUwUXWXhvKOEBsHyY
BIBbhl
BIHAJGzLZWFvFeRHNaepkwwWjx
BITDLxhwalzpokOwat
BIecdznImslgMclh
BIfZHyYr
BInVPRGHUZMxvqf
BJDFxcQGEW
BJNbTxXyravF
BJOjQnitSH
BJXEHdQz
BJemmyJk
BJfFcOn
BJlGandAkgOmRrbXUeVgCCHCFt
BJqJJsOPpMbbDrvZREIqtCKszb
BKKNimifJEBcc
BKSJooNtvCbj
BKcTLyUzDLnqOocoUnEgBSlWNR
BKgAGWSOyQsQhtvyRDnGFwdTsh
BKrlQe
BLCxerKqSqdaCUUOj
BLGYlPhcvXnEHOuCCtKqaJEhX
BLJaLerahbgS
BLKxcVEyxJpnqvaYFOH
BLfbusnPF
BLpkskDhRxtu
BLzljxkjXIbV
BMFEhuayEwAOlvlkmGH
BMNWqiAzpJXlAatXvpR
BMeGeJGvyXFHLVrPcDiY
BMnzOMiXcefX
BMobBQhJtCC
BMrHdQwtBPljReyNFzT
BNKqMtim
BNLpRlvOzDY
BNMrczAyd
BNNMFzyUqu
BNSJYTU
BNStvSNFCXs
BNUsPs
BNePMxOOpWSzyuHIRyZLy
BNioPJg
BNjcBz
BNlimsDosUvsdbt
BNwwBgMhNLeX
BOHHENDczqihuzgkqYGMH
BOJiRPANlauybQwQZWkFWdnoIW
BOXfYzHyOKYkFeESpzXO
BOfzwckoxlNZNGPTcpj
BOlxLmttUcicIEAkrHXZhp
BOnExqvCGP
BOsofzyrvKprD
BOtyzeRGmKvHXwKaRuAsuN
BPEoRHhNRBpqUohbK
BPJZXbkzRckQcUYtTMxro
BPktfmXhuKAwHMeueEagQMY
BPrBFDWJFomfQGvSWDAMRbIll
BPtqjisYvRquKDdICQwdmelev
BQctCGohgHhWaqwBC
BQkFsJepVgi
BQyWlTRrVZdpnSpApUBmnDY
BREokVbemumRVrXvxTluw
BRJBCo
BRJyKiTjkLbm
BRLfVyADJvBRUSwCuDWRit
BROzfN
BRTtqmmpPegzB
BRcULhW
BRjCBYr
BRjJtpRLNIxUiFHlSqQpm
BRkxRe
BRuVWnJVcggkfBLAtfmCOMy
BRxVXdJOSrd
BRzKavxpaYfnaH
BSKvNuuCwUtrs
BSLVJX
BSYFguUJbkz
BScrHFxG
BTMiiBLsHCnSzcJHoHrJKlvGM
BTRpvLcmGTWQKTPHJvO
BTTSDlvNwkMbzyivKdbgY
BTklufiWXKNoU
BTqhypkRMcZEQehczvNn
BUMhYGxErSiaWeEWFk
BUXUdyeKUhhQwWx
BUYeHogRy
BUdZorb
BUklNlvXFCPVcvzMDWQC
BUnWRIhhparyqTiXSwWwu
BUneWJayGvANr
BUtoKsIkFUuUqGz
BVAYJVqswChrUGGSCXlMyxeWW
BVJSPuNsBXZCgxmiIWDC
BVMVvgXWNGhKzveVjFUmp
BVYXpzSXdaZWFBz
BVcYoeAJpdHEzPIpmuph
BWLrEoEOyytzAQFjPdelTsJ
BWOtJeoZzumKlTcyvBalFfTWnd
BWQzkS
BWhXfegEVWeSdTNpxXmnEEAa
BWiNRgIpYga
BWltYroQMU
BWmBPrPVrtflRlbzUNwtm
BWnPGoReXJ
BWrfmCynRLYoxSpKLHWLRWGM
BXCoMmTzJbKOaMf
BXMforPsBSsQMglaHVCXUK
BXNIGIChWbyKcXSWVnTC
BXbFbMhZPZHptJpxJwYNvMMVR
BXgzfbXj
BXmGjNKXktTxXdAiacHKjh
BXpRnNEmXGFiWVsOErAACWqDX

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

8c6e7a911375243da426f595cff94e29

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 394KB - Virtual size: 393KB

.rdata Size: 488KB - Virtual size: 487KB

.data Size: 254KB - Virtual size: 259KB

.pdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 394KB - Virtual size: 393KB

.rdata
Size: 488KB - Virtual size: 487KB

.data
Size: 254KB - Virtual size: 259KB

.pdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB