528a351fceffb986a5cde9cfb1e2b57eeb5a103b316b9d1ddfdcad21687d6d9e

Sharing

Copy URL Twitter E-mail

General

Target

528a351fceffb986a5cde9cfb1e2b57eeb5a103b316b9d1ddfdcad21687d6d9e
Size

12.5MB
MD5

67936b36035ec07f0362d7eb6cbde7d4
SHA1

9230af5f1c88607a4db5cd5016b829ab42700c1f
SHA256

528a351fceffb986a5cde9cfb1e2b57eeb5a103b316b9d1ddfdcad21687d6d9e
SHA512

f6dc5c24c82d76afd12d71e8a8aee1bf23f990830b7a3868a23b671edf50a9818a739f1542e3b6fe57e91d0454ea2432f7cd5a0b927eb358628c60776ff0d077
SSDEEP

393216:Ylav2Bij4wv1ENiPAetUsFSdVTVEwF71vJYT:ua34RNiYhJVv1vqT

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
528a351fceffb986a5cde9cfb1e2b57eeb5a103b316b9d1ddfdcad21687d6d9e

Files

528a351fceffb986a5cde9cfb1e2b57eeb5a103b316b9d1ddfdcad21687d6d9e
.exe windows:5 windows x86 arch:x86

a13adc4147a9663e139be0af6916af7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
CompareStringW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
CreateFileW
SetEnvironmentVariableA
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetStdHandle
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
IsBadReadPtr
HeapValidate
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DecodePointer
EncodePointer
VirtualQuery
GetSystemInfo
VirtualAlloc
GetNumberFormatA
GetWindowsDirectoryA
FindResourceExW
InitializeCriticalSectionAndSpinCount
GetTempPathA
SearchPathA
GetTickCount
GetFileAttributesExA
GetFileSizeEx
GetOEMCP
GetCPInfo
GetACP
GetProfileIntA
VirtualProtect
lstrcmpiA
GetVolumeInformationA
FindFirstFileA
IsDebuggerPresent
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetHandleInformation
FileTimeToSystemTime
GetAtomNameA
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
SetErrorMode
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
EnterCriticalSection
LeaveCriticalSection
GlobalReAlloc
GetFileSize
ReplaceFileA
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
LoadLibraryW
GetVersionExA
lstrcmpW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcpyA
MulDiv
lstrlenW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
ResumeThread
SetThreadPriority
GlobalUnlock
GlobalFree
FreeResource
SetEvent
WaitForSingleObject
GlobalAddAtomA
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
InterlockedExchange
GlobalLock
GlobalAlloc
GetModuleHandleW
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindClose
TerminateProcess
LocalFileTimeToFileTime
GetCurrentDirectoryA
ReadFile
GetFileAttributesA
SetFileTime
SystemTimeToFileTime
SetFilePointer
InterlockedIncrement
DeleteFileA
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
LockResource
Process32Next
LoadLibraryA
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
SizeofResource
Sleep
WideCharToMultiByte
OpenProcess
WriteFile
Process32First
InterlockedDecrement
LoadResource
FindResourceW
lstrlenA
FindResourceA
CreateFileA
ExitProcess
GetProcessHeap
VirtualQuery
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
LoadLibraryA
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
FreeLibrary
GetTickCount
GlobalFree
GetProcAddress
LocalAlloc
LocalFree
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetCommandLineA
RaiseException
RtlUnwind
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteFile
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CreateAcceleratorTableA
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
EnumChildWindows
SetClassLongA
PtInRect
CopyIcon
SetCursorPos
IsRectEmpty
CharUpperBuffA
IsClipboardFormatAvailable
DefFrameProcA
TranslateMDISysAccel
DefMDIChildProcA
UnregisterClassA
GetDoubleClickTime
IsCharLowerA
MapVirtualKeyExA
DestroyCursor
SetRect
InflateRect
IntersectRect
UnionRect
SubtractRect
MessageBeep
LoadMenuW
LoadMenuA
ModifyMenuA
InsertMenuItemA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
RemoveMenu
IsMenu
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
NotifyWinEvent
GetForegroundWindow
SetForegroundWindow
HideCaret
OpenClipboard
LoadAcceleratorsW
WindowFromPoint
SetParent
IsChild
GetWindow
GetTopWindow
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
GetCapture
KillTimer
WaitMessage
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
InvalidateRect
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetWindowRgn
SetWindowRgn
IsZoomed
IsIconic
GetSystemMenu
DrawMenuBar
EndDialog
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetSysColorBrush
FillRect
MonitorFromPoint
GetMonitorInfoA
SystemParametersInfoA
GetSystemMetrics
GetSysColor
GetKeyState
PeekMessageA
ValidateRect
GetMessageA
TranslateMessage
DispatchMessageA
TabbedTextOutA
PostMessageA
MapDialogRect
SetWindowsHookExA
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
IsWindow
MessageBoxA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowThreadProcessId
SendMessageA
SetCursor
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapW
SetMenuItemBitmaps
GetFocus
PostQuitMessage
SetLayeredWindowAttributes
EnumDisplayMonitors
RealChildWindowFromPoint
EmptyClipboard
CloseClipboard
SetClipboardData
LoadImageW
DestroyAcceleratorTable
CopyImage
GetIconInfo
UpdateLayeredWindow
CharUpperA
GetAsyncKeyState
LoadImageA
DestroyIcon
UnpackDDElParam
ReuseDDElParam
DestroyMenu
TranslateAcceleratorA
LoadAcceleratorsA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SendDlgItemMessageA
MonitorFromWindow
SetFocus
MapVirtualKeyA
GetKeyNameTextA
RegisterClipboardFormatA
DrawIconEx
GetClipboardFormatNameA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
SetTimer
SetRectEmpty
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
WinHelpA
TrackPopupMenu
SetWindowPlacement
OffsetRect
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
wsprintfA
ReleaseCapture
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetWindowPlacement
GetUserObjectInformationW
CharUpperBuffW
MessageBoxW
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

advapi32

RevertToSelf
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegEnumValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
SetThreadToken

shell32

SHGetSpecialFolderLocation
ShellExecuteA
DragFinish
DragQueryFileA
SHAppBarMessage
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder
SHBrowseForFolderA

ole32

OleGetClipboard
CoLockObjectExternal
RevokeDragDrop
OleTranslateAccelerator
IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
CoInitialize
OleLockRunning
DoDragDrop
CoInitializeEx
CreateStreamOnHGlobal
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
OleDuplicateData
CoCreateGuid
CoUninitialize
RegisterDragDrop
CoCreateInstance

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysAllocString
VariantClear
VariantInit
SysFreeString
VariantChangeType
SysStringLen
VarBstrFromDate

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_DrawEx

shlwapi

PathIsDirectoryA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
PathFindExtensionA

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipGetImagePixelFormat
GdiplusShutdown
GdipCreateBitmapFromStreamICM
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromHBITMAP
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipFree
GdipCreateBitmapFromStream

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundA

gdi32

CreatePalette
CreateCompatibleBitmap
CreateFontA
CreateFontIndirectA
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
GetDeviceCaps
CreateDCA
CopyMetaFileA
ExtTextOutA
GetStockObject
DeleteObject
CreateBitmap
GetSystemPaletteEntries
EnumFontFamiliesExA
CreateDIBitmap
GetTextCharsetInfo
EnumFontFamiliesA
SetDIBColorTable
GetDIBits
CreateDIBSection
ExtSelectClipRgn
SetLayout
GetLayout
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
OffsetViewportOrgEx
SetViewportOrgEx
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
CombineRgn
OffsetRgn
GetRgnBox
PtInRegion
CreateCompatibleDC
SelectObject
RealizePalette
GetBkColor
GetTextColor
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
PtVisible
RectVisible
Polyline
Ellipse
Polygon
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
Escape
GetBoundsRect
SetPixelV
GetObjectA
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comdlg32

GetFileTitleA

wtsapi32

WTSSendMessageW

Exports

Exports

��~�-��0��A��=".]~��y��T/r?72&_��2��BU�k-A��s��g�ln�W�a��9��n[�I��Ū}��A�`\(��T�2\/��5ƥ،UgZ��Ӝ��]��5t�k,��s��(�g�'�R�@Xs�OyN�`iJ6+t�E� �,0�ȕ�JE��Ǚ{+4B�ݫ�}EX� ��G�� C]��V��3��چJ�j�Y��n'W؋�-�Fq�*��n�C�ZEY I!��m-7��9Q]iۋE](�`�d��C��EO��2��F�6��?e� ��H8u��̹�1�c$(��yW �YG Mb�fs�,�!?��[6�vVw�zc4ې=+��iz/��w�:��A��|��O��)�,9�b�E-��p��ܿ6�[��Nn�*9�1�U�� n�Rך��q�t��6��r�E��JT��tJtz��ڧ�.��UeL�cz|�j:�P�(��h��l@��U�U��Gw$��gM��3��%�И#`��y��KB$v}��G(5 �H��Z�J��=0��\�5��@��<��8�L&�mʮ�v��3��Mݭ�Z89��]�� N��*'^uSY5�� 3��R[/(��{#Ԅ�+x��o��lVgc��J�DL��1f>��D��@r��9]��%�d��7�YA?�l��IYVؠi�8J��C��eϪ��"�=N��}�΄�G�L��Sx��BD�t~�cP��b��E��;�~gn� nS�<��+��Y5&xr�]��n?�}j�32�� P�n�1��F�_&�" q��X>�Qc�6�R�|��.[b��@��#c2T�l�Z L)� �� f�=q4��Q`ݾ4cZ �eb��|�H��;��|фK��{=cV)Ƿ��.R�@*��N;�Y��R��N�E�,�.��V��ѫ��Q��u�1�خ��U��)�}��{1a�,�4��!ҀJ[�`��xۢ�q.��\L¬W��q��Ɍ�=Փ�@]b�1�l�ez-S2�ڵ��+��r��1�ȷ�g�/w9�﬋��8SPQ��b)/d��p��֗�1U�i��3�%s<Y��(��M�yc��ǩ��5TJ'rZ�@a=T+YO��(�Wi��>.�5nk|gt��мߧ׮��$��q��B�d��:2�N�� 9��1\?K�v�"ɖ�*�V�,��3r�u��]��#�X󕬫�c��"�f��o`O;"7��#�R�F%^*��Ejx{�ER��I��Y�{v��w�4��.R�ѯ��Ґ��F7�$��(z+��J/��:"�]i�"�w��~q�c�Ñ�l�0�m��*a�.�� q��Ȩo��̃�R��.=�a �'%&�I-��(��B�-�B��y1�o��n<�G��&��#�"g`:++K�5��UٛM��0�dE#��Q<��=�b��Z�lL̍W)r6�?ٴ�1��%��n��=E鿒)˰��c? �9�Q�1��Ί��y`VtZ�� n��˛��Jb5��<��TA�b��ˡ�/��=)N��@��Bܺ�C�#QRVlZ��nª�O=��|H'��HX�#̖��2��pz ��h�Q-��d��EʥuƗz9�c�&�7n�愔��O /�v��Hp1@S�3��gƒ�6��]�0��k@��"JH�D��p�r��rBc��\��$�[��T��U�'�=�a�#h�DUGF� ��}�;��9O�v�-'W^�e��B&�g̛�{�Vq"w��6p_�ut��$E�YW &��D��!_��6��"G4��Xu��Z9��OQ �s�ɎN�K��$��Y�ܾ��F�ş�<��wx��E˞`��/�XL��r�p�/��$��C�,�$��#�|��y��}jfu��)��a��AJ&�J��5��4?[s�q�2r�NI+>��4��QwKfR��DT!�?�X��v@��`�;�� B��6ߙG��1��: ˵�H�ȡ4�X��K�a�P��/Qxw�n�7#`��gR+lƓ�&ݨ��O��u��t��)3}�=t��1��\aM99�3��>��VE&Xc<�_�o��xru3��W��"��o�C�uٸ�,�v;M��PH�3/�[K��"d��tCE��݂cᑌho7��4q#��N��N�aU��d3��(�.��9g��i�z=��y-��B��ȝǰ˖OXoHK�w� z��N ��'5A�Ko��xX�羷.��tU鼾|��\hYP�uJ�RW3�Y`��k��H��H�T"T��Zr�y��:36��A�< �=43��ު9�tH�(v4��0�{��(Js�#��1�'��U__꥗�cC�]@B��(��ª��Ⳟ��Q2�|lnXQi��Aʧ��4��/��n4k�YK��:'m%la��)��MU�䮰3ϕ%��%~E��KE��o�B1�ԣhh�ߌV��)?GE�N��J�:��3;��Pp��ux\o��"p"��ث�(�HT5�5\�f`��O��9�Jiχ��ނ��c_��*a �؁��mN��yؑ��k_�Z�n�-5zH��M��$�'+xZ*�Ϟ��Z@Nt�~p��c�N=N^��|�Yh��<�u�͌2�*Sy9n">f@��K��Mm&1�8Qm,�<��e�I]Z5��[M��D�lz�ޯ�m��YS8Ė: �a?R�h��:�w1�� = u'ۻ��b.܄h��~FNf�͵H ��%^+��P�e�o{��9or��#�J�~��:�Rc�u�~hrN+��2�6�g�p��/�A�I��O��tN�

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a13adc4147a9663e139be0af6916af7b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

msimg32

comctl32

shlwapi

gdiplus

oleacc

imm32

winmm

gdi32

winspool.drv

comdlg32

wtsapi32

Exports

Exports

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 380KB - Virtual size: 380KB

.data Size: 22KB - Virtual size: 53KB

.vmp0 Size: 6.6MB - Virtual size: 6.6MB

.vmp1 Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 144KB - Virtual size: 144KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 380KB - Virtual size: 380KB

.data
Size: 22KB - Virtual size: 53KB

.vmp0
Size: 6.6MB - Virtual size: 6.6MB

.vmp1
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 12KB - Virtual size: 11KB