30d3cd9472326b069ef68a42e1ea5c73f149c936ebd2b510442041c74c90b59f

Sharing

Copy URL Twitter E-mail

General

Target

30d3cd9472326b069ef68a42e1ea5c73f149c936ebd2b510442041c74c90b59f
Size

5.0MB
MD5

8566030c08da45981d378eab020b36b7
SHA1

ca4bd80f03a36b7d0d37baad37b5281f98d689b8
SHA256

30d3cd9472326b069ef68a42e1ea5c73f149c936ebd2b510442041c74c90b59f
SHA512

41d28063bad85c9e4eb202067ae0f2e36140f1b5fab84b62b11f5dab19707e2074f18a01b34e6ae3a297c6292c58deacd84e0f28aab452551369795aa775249f
SSDEEP

98304:nmwCRawxcXHX1+Nyf3O8Pr0OwH6CHk2N0+9raMK:mwYaZX31+Nyf+O7c3NP9r

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30d3cd9472326b069ef68a42e1ea5c73f149c936ebd2b510442041c74c90b59f

Files

30d3cd9472326b069ef68a42e1ea5c73f149c936ebd2b510442041c74c90b59f
.exe windows:6 windows x86 arch:x86

c44e29c64680dc4b40a0b211b54a4e1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetStdHandle
GetFileType
SetStdHandle
HeapQueryInformation
FreeLibraryAndExitThread
ExitThread
VirtualQuery
VirtualAlloc
GetSystemInfo
GetCommandLineW
GetCommandLineA
ExitProcess
RtlUnwind
GetStringTypeW
GetConsoleMode
QueryPerformanceFrequency
LCMapStringEx
InitOnceBeginInitialize
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitOnceComplete
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
OutputDebugStringW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
CreateFileW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
GetTimeZoneInformation
ResetEvent
FindResourceExW
GetUserDefaultLCID
GetTempFileNameA
GetWindowsDirectoryA
SearchPathA
GetProfileIntA
GetTickCount
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExA
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
VirtualProtect
lstrcmpiA
GetCurrentProcess
DuplicateHandle
GetVolumeInformationA
WriteFile
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
FindFirstFileA
FindClose
FileTimeToSystemTime
GetTempPathA
SetFilePointer
GetACP
GetFileSize
GetFileAttributesA
CreateFileA
GetThreadLocale
DeleteFileA
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GetCurrentDirectoryA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomA
ResumeThread
SetThreadPriority
SetEvent
CopyFileA
FormatMessageA
MulDiv
LocalFree
GlobalSize
GetCurrentProcessId
VerifyVersionInfoA
lstrcpyA
VerSetConditionMask
GlobalUnlock
GlobalFree
CompareStringA
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
GetVersionExA
GetCurrentThreadId
GetCurrentThread
SetLastError
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetProcessHeap
DeleteCriticalSection
LoadLibraryA
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
FindResourceA
GetModuleHandleA
CreateThread
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
OutputDebugStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
Sleep
GetProcAddress
WriteConsoleW
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
FreeLibrary
TerminateProcess
GetCurrentProcess
GetSystemInfo
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
GetTickCount
GlobalFree
GetProcAddress
LocalAlloc
LocalFree
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetNextDlgGroupItem
SetRect
InvalidateRgn
CopyAcceleratorTableA
CharNextA
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
IntersectRect
GetMenuItemInfoA
DestroyMenu
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetTopWindow
GetClassLongA
SetWindowLongA
EqualRect
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
MessageBeep
SetScrollPos
ScrollWindow
SetForegroundWindow
GetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
CallWindowProcA
GetMessageTime
GetIconInfo
CopyIcon
GetMenuDefaultItem
GetClientRect
ClientToScreen
MessageBoxA
EnableWindow
LoadIconW
GetMessagePos
GetClassNameA
InvalidateRect
UpdateWindow
SetCursor
ShowOwnedPopups
SetMenuDefaultItem
GetKeyState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageA
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
IsZoomed
CharUpperA
GetAsyncKeyState
LoadMenuW
EnableMenuItem
CheckMenuItem
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
EnableScrollBar
GetScrollPos
GetSystemMenu
AppendMenuA
SendMessageA
IsIconic
GetSystemMetrics
DrawIcon
PostMessageA
FindWindowA
GetWindowThreadProcessId
IsWindow
UnregisterClassA
PostQuitMessage
SetWindowPos
SetWindowContextHelpId
GetParent
GetWindow
MapDialogRect
RegisterWindowMessageA
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateA
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
DefWindowProcA
GetClassInfoA
SetLayeredWindowAttributes
SetRectEmpty
CopyRect
LoadCursorA
LoadCursorW
SystemParametersInfoA
GetMonitorInfoA
EnumDisplayMonitors
GetLastActivePopup
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
RemoveMenu
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ScreenToClient
GetCursorPos
PtInRect
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
ModifyMenuA
DestroyAcceleratorTable
SetClassLongA
GetUpdateRect
GetDoubleClickTime
GetKeyboardLayout
GetKeyboardState
ToAsciiEx
MapVirtualKeyA
LoadAcceleratorsW
CreateAcceleratorTableA
UpdateLayeredWindow
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
GetKeyNameTextA
SubtractRect
CharUpperBuffA
FrameRect
IsClipboardFormatAvailable
PostThreadMessageA
IsCharLowerA
MapVirtualKeyExA
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
HideCaret
InvertRect
DestroyCursor
GetWindowRgn
ValidateRect
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectA
CreatePen
CreatePatternBrush
DeleteObject
GetDeviceCaps
GetStockObject
GetTextCharsetInfo
GetObjectA
CopyMetaFileA
CreateDCA
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
GetTextMetricsA
TextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExA
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceA
Polyline
Polygon
CreatePolygonRgn
ExtTextOutA
PatBlt
GetTextExtentPoint32A
GetTextColor
GetBkColor
Ellipse
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
DeleteDC
CreateSolidBrush
MoveToEx
EnumFontFamiliesA
SelectObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileA
SHGetFileInfoA
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindFileNameA

uxtheme

GetThemePartSize
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsAppThemed
GetThemeSysColor
GetWindowTheme
DrawThemeText
IsThemeBackgroundPartiallyTransparent

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
StgCreateDocfileOnILockBytes
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
OleIsCurrentClipboard
IsAccelerator

oleaut32

LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SysAllocString
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantCopy
VarBstrFromDate
SystemTimeToVariantTime

oledlg

ord8

gdiplus

GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImagePalette
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat

hwd

ord16
ord3
ord5
ord26
ord1
ord23

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

wtsapi32

WTSSendMessageW

Exports

Exports

'�W��>��ͥm�W�� ^,�0�;�2��A=��T�c��kS�0��zi�#��h�b�j��1��e�b�"�%)�wo@��9��pt*n��ܴ�O�n?�d3�s��d��t\5�O5�/c��o�q�>�aHG�O��ʴ��h�o��FZ��\��ʢ�IC4�~�p�pk��́��r��E�h�M�]ƦV1��li��0�t$�iY��m�i��P�d��3��B��^ŮȜ�HL}da��{��g ��Jt5I 5��c�0�<�pF}6�ƻ�kT{�8��{��H-9��?��2�q2��^��I�8��ӷ��#�Gˠ��M��Z��T%�� s��ϣh3�#�(�E�`��%�q@��Nϊy�T.�Z��/ⅲ@�KIsx+�2��v�^�^R��bM.��(�9� ��E�e�$Ǯ�t􉦘��[z>�t��fGuZi��-�&��5��8+qO��d��4�w��Z*�,g�M��E�+��T ͻP~cx�<��#��dG��4'fzP?q$�nn�Ov<V-�~��9��uN�f���"�g��Xs�+�q[\R¿@s�fѠY~>f��P+�6K$R\��Q�3�6 ��˺�u�q��qg m!M�&��2xJ��f��E`��&��4A^��52�=D��m�П� K IRe4;�P��3џ�Np��B��TôZ�j�?R�إ��{�S�d��'��S#�\��ݨ�s3�b�0S��2]Km��Y �6��I7Ӱ�/��#�)��u(��j��O��=��M�8O e�e��]��<��C��+_B��QUY7ٔ��jA�a=��[�6o6'{�� J|�T��0� O�UI6`�Q�SIC��6�O�/c4�H�5��(�2��Uj��^�p&l�7d|3E(s��+�;0��Ll�aQ��Qϔ�傫�Np��8j��PÌ+��P��H �[�*N~֙��Z3 ��A y>,W��|�/�N�˪f��扱4p ��?��pD�t�=�3,7��4�?9 �� (PR(�T��.jM�� -�S (��i�F��sV�AQ��$��c[�4+��_�Kx?��Z�Qߓ��\�p��p��]��]j�z�S��"��^�J2y��$z|�G�$�s�9�n~$u�̎J��hL�; cR��3>�.�\jЩ��G<�10�h�+�։j��^��"ei �"k~��o��"U�<�)_;��VǗ�g�N߬^]E�ǳk�v�}�]V4ľ��0��r�_�9�VB1�uF�� 2�t^�h�gY�3!W዇�U�\�+��^�εy��L��}7]�ũ��R��^+��A��2�@0�b��%YFB��0v�.Vᮺ�4��,��]օ�-Q��<C�k�Uw��䮾lO��?`�RVqx:��'�v��CA]��F�v�>�P�Q� R^�dW��Y�,��⓵z�(�8��LP�i�]�Q��س�2>C8@��] @��v8cpA9WJ��^�.Aj��~��7��u��6^�?��JV��у��b՘0j�K��8g�!t7�c��Z~:��`1��b��x��M ��5��i;��nܗjsy��(�涏ߠ�y�f��<��p'bzȻ�On�k�9��. Q��H��7��ne�u<��BW�4��^x*y��Q�F��"��7Co.�)<c[�!4g'��//��S��C;o�L��ǃ�wU��d9��x��c� b��$��\��ߑ��wB�Y_B?&�x��VY��+� q� �z�Ć��m��Ʊ6��`��g}h�=��P[(�o�u�$�{7-a �pR��!��w��J��T�WM��W,�1�&�&+ۀɂ$��I!x�¶s-�]�So�bm3�E�$��㧻�u�A�K1�W��>��D��- ��T��<V;�g�n.��Ţ:>��G:��܍�j#�x�\$�ೇ��7�@ɲv�-�wl$��n�2M�q�[��ש\�K�`y�*�=��+.��y��[��:�(��W�P��h-�>��qU+�Hf�=��k^��;�� >rC�niJ1��7Ŧ�9��I��5�,��i��u�/��y_��p��u��z��?�t|MIT ��p�9�t��(�rL�!��# ��h�T�#�Tf\oΠ@5��5󶋶�&�.(��Y�l�Oj�(�� \W� �0�!y��P@��[ �x�p;��ljs��$?��}��n�s�Q5�y� ��h�r�4�K��T��JMxB ��??�%yV�G�ȡ3.��do�#{+��p�ƴs^��יHH�I��n%�v/UMT*��t�a�}��3W��M�z�n��v�ҳB��!qy�4�h�а�n�k>a9� �r�/��錏pD�a�.�,�@1X�C��{��\<JW�W�l��u��蒤|�3Fl��r��='�� 2��DVq4�ē�xM�%�u�ٿ�ẙ1Qߝ�նȑQ�ZxȄkE8"X��:�h+�i��1�Z��:��ٔM��{=xɋ(��1ddx��'�M��+,�Uiǡ��Z��h�H�V��zf�n�~�Jls��`=�.�ma�@y��U9n�!+�B*��@�X�M�a�i�Yg��>�7�]l�>��A' C8�hL��a�#4޻�0��6%;l�g�Ƕm�u*�Ň��[��/��/ǒ�t�N�@�C��O�-��Q��:�M��J~}�$��k�=�x��s�� -��Z��hBY��7s�C��a�L

Sections

.text
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c44e29c64680dc4b40a0b211b54a4e1c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

hwd

oleacc

imm32

winmm

wtsapi32

Exports

Exports

Sections

.text Size: - Virtual size: 1.6MB

.rdata Size: 364KB - Virtual size: 364KB

.data Size: - Virtual size: 47KB

.vmp0 Size: - Virtual size: 3.9MB

.vmp1 Size: 4.5MB - Virtual size: 4.5MB

.rsrc Size: 81KB - Virtual size: 81KB

.text
Size: - Virtual size: 1.6MB

.rdata
Size: 364KB - Virtual size: 364KB

.data
Size: - Virtual size: 47KB

.vmp0
Size: - Virtual size: 3.9MB

.vmp1
Size: 4.5MB - Virtual size: 4.5MB

.rsrc
Size: 81KB - Virtual size: 81KB