1f65183934002869390a390cd1b6abfb

Sharing

Copy URL

Twitter E-mail

General

Target

1f65183934002869390a390cd1b6abfb
Size

642KB
MD5

1f65183934002869390a390cd1b6abfb
SHA1

7f8e9077df612cbbdc54fd7fb788a7e36ca8c628
SHA256

2c6d21e0b76459bdb95cafe2eda4f0890f9f56ba6e5f902b252ef0bfe073f80f
SHA512

ea2b6f552cabb601e67bcf88690d61eb872c5b1249febae17157541fe5d103a96fef8c9fef7085093ed9c60fc42fecb238da63c68924d87b1bfd6020beba5f09
SSDEEP

12288:Nq2QnkzDxeIiGD1EWh1KFxBPuH+3AS58O7A6xIjh2gUva:NzQnkBnT5EWh1KFfuHWAS58O7AQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f65183934002869390a390cd1b6abfb

Files

1f65183934002869390a390cd1b6abfb
.dll regsvr32 windows:4 windows x86 arch:x86

46a65cd2888dc6d5d202bb0b524d6a87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegDeleteKeyW
RegCloseKey
RegEnumValueW
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueW

avifil32

AVIFileOpenW

comctl32

ImageList_Add
_TrackMouseEvent
DestroyPropertySheetPage
ImageList_DrawIndirect
ImageList_LoadImageW
CreatePropertySheetPageW
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
CreateStatusWindowW
ImageList_Draw
ImageList_Destroy
InitCommonControlsEx
ImageList_Create
ImageList_Remove
ImageList_AddMasked
ImageList_GetIconSize

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseColorW

crypt32

CryptUnprotectData
CryptProtectData

gdi32

SetBkMode
RestoreDC
SetTextColor
GetLayout
SetViewportOrgEx
StretchBlt
ExcludeClipRect
SetRectRgn
DeleteDC
GetCurrentObject
SelectObject
CreateRectRgn
ExtTextOutW
SetMapMode
Polygon
DeleteObject
CreateDIBSection
CreateCompatibleDC
Rectangle
CreateSolidBrush
BitBlt
TextOutW
GetTextMetricsW
GetObjectW
GetClipBox
PatBlt
GetStockObject
MoveToEx
CreateCompatibleBitmap
CreateDCW
CreateBitmap
SaveDC
LPtoDP
CombineRgn
SelectClipRgn
CreateFontIndirectW
CreatePatternBrush
SetBrushOrgEx
CreatePen
GetNearestColor
GetObjectA
GetDIBits
CreateRectRgnIndirect
GetDeviceCaps
SetBkColor
LineTo
SetWindowOrgEx
GetTextExtentPoint32W
DPtoLP
SetROP2

kernel32

CompareStringW
DeleteCriticalSection
EnterCriticalSection
SetThreadExecutionState
VirtualAlloc
EnumResourceLanguagesW
GetDiskFreeSpaceExW
VirtualProtect
SetFileAttributesW
CreateIoCompletionPort
SetThreadPriority
GlobalUnlock
CompareFileTime
GlobalLock
SetEndOfFile
GetPrivateProfileIntW
CloseHandle
SetFilePointer
IsBadWritePtr
GetThreadLocale
lstrlenW
CreateDirectoryW
IsBadReadPtr
GlobalFree
GetNumberFormatW
SetEvent
CopyFileW
GetCurrentProcess
Sleep
GetTickCount
GetLongPathNameW
GetExitCodeThread
WideCharToMultiByte
InitializeCriticalSection
InterlockedDecrement
PostQueuedCompletionStatus
GetOverlappedResult
FreeResource
HeapAlloc
SetEnvironmentVariableW
ReadFile
FormatMessageW
WaitForSingleObject
LocalFree
lstrcmpiW
FlushInstructionCache
ExpandEnvironmentStringsW
GetCommandLineW
GetVersion
DeleteFileW
GetTempFileNameW
FindClose
GetFileSize
OpenFileMappingA
FindNextFileW
GetLastError
GetProfileIntW
lstrcpynW
LocalAlloc
GetPrivateProfileStringW
CreateFileW
WriteFile
CreateThread
QueryPerformanceCounter
FreeLibrary
GetModuleHandleA
RemoveDirectoryW
ReleaseMutex
GetProcessHeap
GetCurrentThreadId
GlobalSize
UnhandledExceptionFilter
SetFilePointerEx
MapViewOfFile
GetShortPathNameW
LockResource
GetUserDefaultLCID
MoveFileW
MultiByteToWideChar
GetVolumeInformationW
GetDateFormatW
FindFirstFileW
MulDiv
GetProcAddress
OutputDebugStringW
GetFileAttributesExW
SleepEx
GetDriveTypeW
GetCurrentProcessId
SetUnhandledExceptionFilter
FileTimeToSystemTime
lstrcmpW
CreateEventW
WaitForMultipleObjects
lstrcatW
lstrlenA
UnmapViewOfFile
GetVersionExW
GetVolumeNameForVolumeMountPointW
GetDiskFreeSpaceW
SetErrorMode
DebugBreak
WinExec
SystemTimeToTzSpecificLocalTime
SetLastError
HeapDestroy
ReadDirectoryChangesW
CreateFileMappingW
GetACP
MapViewOfFileEx
GetTempPathW
LoadLibraryW
ResetEvent
LeaveCriticalSection
GetQueuedCompletionStatus
SizeofResource
GetFileSizeEx
GlobalHandle
CreateFileMappingA
lstrcpynA
IsValidCodePage
VirtualFree
LoadLibraryExW
HeapFree
DeviceIoControl
GetUserDefaultUILanguage
GetFileAttributesW
GetStartupInfoA
lstrcpyW
VirtualQuery
LoadLibraryA
GetTimeFormatW
FindResourceW
GetFullPathNameW
InterlockedIncrement
EnumUILanguagesW
GlobalAlloc
GetLocaleInfoW
GetModuleHandleW
GetModuleFileNameW
CreateMutexW
TerminateProcess
LoadResource

msimg32

GradientFill
AlphaBlend

msvcrt

rand
tolower
wcscmp
wcscat
swscanf
_stricmp
qsort
_wfullpath
ctime
wcsncmp
_c_exit
_snwprintf
wcschr
_exit
malloc
_strnicmp
wcsncpy
?terminate@@YAXXZ
__set_app_type
__dllonexit
realloc
wcsncat
iswctype
swprintf
wcscpy
_wcsicmp
calloc
_onexit
fgetc
_beginthreadex
_wcsnicmp
fseek
free
memmove
ceil
fread
_initterm
time
wcslen
_XcptFilter
_cexit
_vsnwprintf
wcsrchr
_purecall
__getmainargs
_endthreadex
_controlfp
fclose
wcsstr
isprint
iswspace
vswprintf
srand
iswdigit
exit
ftell
_wtol
_wtoi
isdigit
sprintf
__setusermatherr
__CxxFrameHandler
wcspbrk
_acmdln
_wfopen
strncpy
_wcsrev

ole32

WriteClassStm
ReleaseStgMedium
OleRegEnumVerbs
CoCreateInstance
OleGetClipboard
OleRegGetUserType
CoInitialize
OleFlushClipboard
FreePropVariantArray
CoRevokeClassObject
PropVariantClear
OleSaveToStream
CLSIDFromString
StringFromCLSID
CoRegisterClassObject
RevokeDragDrop
OleLockRunning
CoGetInterfaceAndReleaseStream
StringFromGUID2
StgCreateDocfile
CoUninitialize
OleLoadFromStream
CoFreeUnusedLibraries
DoDragDrop
StgCreatePropStg
StgIsStorageFile
OleUninitialize
CLSIDFromProgID
CoResumeClassObjects
RegisterDragDrop
GetRunningObjectTable
OleSetClipboard
StgOpenStorage
CoMarshalInterThreadInterfaceInStream
OleInitialize
CreateOleAdviseHolder
CreateStreamOnHGlobal
StgOpenPropStg
CoTaskMemFree
CoCreateGuid
CoTaskMemAlloc
OleIsCurrentClipboard

rpcrt4

RpcStringFreeA
UuidFromStringW
UuidCreate
RpcStringFreeW
UuidEqual
UuidToStringA
UuidToStringW

secur32

GetUserNameExW

shell32

SHGetFolderPathAndSubDirW
DragQueryFileW
SHGetFolderPathW
SHGetFolderLocation
SHGetSettings
SHGetMalloc
SHAddToRecentDocs
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
CommandLineToArgvW
ShellExecuteW
ShellAboutW
SHGetSpecialFolderPathW
SHPathPrepareForWriteW
SHGetDiskFreeSpaceExW
SHGetDesktopFolder
SHCreateQueryCancelAutoPlayMoniker
SHFileOperationW
ShellExecuteExW
SHParseDisplayName

shlwapi

StrRetToStrW
PathCompactPathExW
PathAddBackslashW
UrlIsW
PathCanonicalizeW
PathStripToRootW
PathIsRelativeW
PathFindExtensionW
PathIsURLW
PathFindNextComponentW
PathRemoveFileSpecW
PathSkipRootW
StrCmpLogicalW
PathFindFileNameW
SHAutoComplete
UrlGetPartW

urlmon

CreateAsyncBindCtx
CoGetClassObjectFromURL
CreateFormatEnumerator

user32

RegisterWindowMessageW
CharLowerW
CharUpperBuffW
DestroyMenu
GetNextDlgTabItem
GetDoubleClickTime
LoadCursorW
DispatchMessageW
SetMenuDefaultItem
GetMessageW
GetDC
LoadBitmapW
MsgWaitForMultipleObjects
GetWindowLongA
SetWindowLongW
GetScrollInfo
IsIconic
UpdateLayeredWindow
DrawIcon
LoadAcceleratorsW
GetMessageTime
SetWindowPlacement
DialogBoxParamW
GetTopWindow
IsDlgButtonChecked
IsWindow
GetMenuItemID
GetDesktopWindow
InvalidateRect
GetMessagePos
GetActiveWindow
IsRectEmpty
SetActiveWindow
GetWindowLongW
ReleaseDC
FindWindowExW
UpdateWindow
PostMessageW
TrackPopupMenuEx
SetWindowRgn
DestroyCursor
MessageBeep
GetAncestor
DestroyAcceleratorTable
EnableWindow
TrackMouseEvent
GetWindowDC
WindowFromPoint
EndDialog
SetCursor
SetWindowsHookExW
GetCursorPos
GetLastActivePopup
ModifyMenuW
BringWindowToTop
CallNextHookEx
TranslateMessage
DeleteMenu
GetWindowThreadProcessId
BeginPaint
SetDlgItemInt
DragDetect
SetMenu
GetDlgCtrlID
RegisterClassExW
SetRect
SystemParametersInfoW
GetMonitorInfoW
IntersectRect
IsDialogMessageW
SetForegroundWindow
CopyRect
GetParent
GetAsyncKeyState
IsWindowVisible
ScrollWindowEx
RedrawWindow
CharNextW
CopyIcon
IsWindowUnicode
CreateDialogIndirectParamW
FindWindowW
GetForegroundWindow
GetWindow
GetMenuItemInfoW
DrawEdge
SetProcessDefaultLayout
SetDlgItemTextW
GetMenuItemCount
RemoveMenu
TrackPopupMenu
GetIconInfo
SetRectEmpty
CharUpperW
MapWindowPoints
SetMenuItemInfoW
DrawTextA
GetClientRect
SetWindowPos
EqualRect
InvalidateRgn
DrawFocusRect
ScreenToClient
FrameRect
InflateRect
DrawFrameControl
GetWindowRect
IsChild
GetWindowTextLengthW
GetClassNameA
GetClassLongW
GetWindowPlacement
ClipCursor
LoadIconW
DestroyIcon
SetScrollInfo
SetTimer
IsMenu
CreateAcceleratorTableW
MoveWindow
GetSystemMenu
SendMessageA
RegisterClipboardFormatW
PtInRect
SetFocus
OffsetRect
UnhookWindowsHookEx
GetKeyState
EnableMenuItem
DrawTextExW
TranslateAcceleratorW
UnregisterClassW
AdjustWindowRectEx
GetClassNameW
PostQuitMessage
AppendMenuW
SetWindowTextW
SetCapture
GetMenuStringW
GetSysColor
wsprintfW
GetFocus
LoadStringA
GetCapture
EndPaint
MonitorFromWindow
DrawTextW
SendMessageW
EndMenu
ShowWindow
GetSystemMetrics
CreateDialogParamW
GetProcessDefaultLayout
GetClassInfoExW
PostThreadMessageW
LoadStringW
CheckDlgButton
SetScrollPos
GetWindowTextW
FillRect
NotifyWinEvent
UnionRect
GetSubMenu
GetDlgItemInt
MessageBoxW
CopyImage
CreateWindowExW
LoadImageW
LoadMenuW
IsWindowEnabled
ClientToScreen
DefWindowProcW
ReleaseCapture
DestroyWindow
SetClassLongW
CreatePopupMenu
KillTimer

uxtheme

DrawThemeBackground
OpenThemeData
GetThemeInt
IsAppThemed
CloseThemeData

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wininet

InternetAttemptConnect
HttpAddRequestHeadersW
InternetCheckConnectionW
InternetReadFile
InternetOpenW
FtpCreateDirectoryW
HttpSendRequestExW
InternetGoOnlineW
InternetCloseHandle
InternetGetConnectedState
HttpEndRequestW
InternetConnectW
InternetOpenUrlW
InternetAutodial
HttpSendRequestW
InternetGetLastResponseInfoW
InternetWriteFile
FtpSetCurrentDirectoryW
HttpOpenRequestW

winmm

waveOutGetNumDevs
mixerGetNumDevs
waveOutOpen
mixerSetControlDetails
mixerGetLineInfoW
mixerClose
mixerGetID
mixerGetDevCapsW
mixerOpen
timeGetTime
waveOutClose
mixerGetLineControlsW
mixerGetControlDetailsW

Exports

Exports

DllGetClassObject
DllRegisterServer
DllCanUnloadNow
DllUnregisterServer

Sections

.text
Size: 286KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.increas
Size: 3KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cicuta
Size: 1024B - Virtual size: 678B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fib
Size: 1024B - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.quadrat
Size: 6KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bondle
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.scaphoi
Size: 3KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.neuroma
Size: 512B - Virtual size: 458B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dielect
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.excited
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stumbli
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nottowa
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.audiolo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vitular
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.overstr
Size: 3KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sluig
Size: 3KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dipsey
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.swishin
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.traheen
Size: 5KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aescula
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trifero
Size: 1024B - Virtual size: 545B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.realist
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.carvyl
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pectino
Size: 5KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fibro
Size: 3KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enclave
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.overapp
Size: 5KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.squilli
Size: 5KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erosion
Size: 5KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mono
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pir
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wamblin
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.depilit
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cinerar
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cere
Size: 6KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.supposi
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.retirin
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unsouli
Size: 4KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.andromo
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.digesti
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.columbo
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46a65cd2888dc6d5d202bb0b524d6a87

Headers

File Characteristics

Imports

advapi32

avifil32

comctl32

comdlg32

crypt32

gdi32

kernel32

msimg32

msvcrt

ole32

rpcrt4

secur32

shell32

shlwapi

urlmon

user32

uxtheme

version

wininet

winmm

Exports

Exports

Sections

.text Size: 286KB - Virtual size: 324KB

.increas Size: 3KB - Virtual size: 40KB

.cicuta Size: 1024B - Virtual size: 678B

.fib Size: 1024B - Virtual size: 39KB

.quadrat Size: 6KB - Virtual size: 44KB

.bondle Size: 4KB - Virtual size: 42KB

.scaphoi Size: 3KB - Virtual size: 41KB

.neuroma Size: 512B - Virtual size: 458B

.dielect Size: 4KB - Virtual size: 42KB

.excited Size: 4KB - Virtual size: 42KB

.stumbli Size: 1KB - Virtual size: 1KB

.nottowa Size: 6KB - Virtual size: 5KB

.audiolo Size: 4KB - Virtual size: 4KB

.vitular Size: 2KB - Virtual size: 40KB

.overstr Size: 3KB - Virtual size: 41KB

.sluig Size: 3KB - Virtual size: 41KB

.dipsey Size: 3KB - Virtual size: 3KB

.swishin Size: 2KB - Virtual size: 2KB

.traheen Size: 5KB - Virtual size: 42KB

.aescula Size: 5KB - Virtual size: 5KB

.trifero Size: 1024B - Virtual size: 545B

.realist Size: 6KB - Virtual size: 6KB

.carvyl Size: 6KB - Virtual size: 6KB

.pectino Size: 5KB - Virtual size: 43KB

.fibro Size: 3KB - Virtual size: 41KB

.enclave Size: 4KB - Virtual size: 42KB

.overapp Size: 5KB - Virtual size: 43KB

.squilli Size: 5KB - Virtual size: 42KB

.erosion Size: 5KB - Virtual size: 43KB

.mono Size: 6KB - Virtual size: 6KB

.pir Size: 4KB - Virtual size: 3KB

.wamblin Size: 6KB - Virtual size: 5KB

.depilit Size: 5KB - Virtual size: 4KB

.cinerar Size: 6KB - Virtual size: 5KB

.cere Size: 6KB - Virtual size: 44KB

.supposi Size: 4KB - Virtual size: 4KB

.retirin Size: 4KB - Virtual size: 4KB

.unsouli Size: 4KB - Virtual size: 41KB

.andromo Size: 4KB - Virtual size: 3KB

.digesti Size: 4KB - Virtual size: 3KB

.columbo Size: 5KB - Virtual size: 5KB

.rsrc Size: 177KB - Virtual size: 176KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 286KB - Virtual size: 324KB

.increas
Size: 3KB - Virtual size: 40KB

.cicuta
Size: 1024B - Virtual size: 678B

.fib
Size: 1024B - Virtual size: 39KB

.quadrat
Size: 6KB - Virtual size: 44KB

.bondle
Size: 4KB - Virtual size: 42KB

.scaphoi
Size: 3KB - Virtual size: 41KB

.neuroma
Size: 512B - Virtual size: 458B

.dielect
Size: 4KB - Virtual size: 42KB

.excited
Size: 4KB - Virtual size: 42KB

.stumbli
Size: 1KB - Virtual size: 1KB

.nottowa
Size: 6KB - Virtual size: 5KB

.audiolo
Size: 4KB - Virtual size: 4KB

.vitular
Size: 2KB - Virtual size: 40KB

.overstr
Size: 3KB - Virtual size: 41KB

.sluig
Size: 3KB - Virtual size: 41KB

.dipsey
Size: 3KB - Virtual size: 3KB

.swishin
Size: 2KB - Virtual size: 2KB

.traheen
Size: 5KB - Virtual size: 42KB

.aescula
Size: 5KB - Virtual size: 5KB

.trifero
Size: 1024B - Virtual size: 545B

.realist
Size: 6KB - Virtual size: 6KB

.carvyl
Size: 6KB - Virtual size: 6KB

.pectino
Size: 5KB - Virtual size: 43KB

.fibro
Size: 3KB - Virtual size: 41KB

.enclave
Size: 4KB - Virtual size: 42KB

.overapp
Size: 5KB - Virtual size: 43KB

.squilli
Size: 5KB - Virtual size: 42KB

.erosion
Size: 5KB - Virtual size: 43KB

.mono
Size: 6KB - Virtual size: 6KB

.pir
Size: 4KB - Virtual size: 3KB

.wamblin
Size: 6KB - Virtual size: 5KB

.depilit
Size: 5KB - Virtual size: 4KB

.cinerar
Size: 6KB - Virtual size: 5KB

.cere
Size: 6KB - Virtual size: 44KB

.supposi
Size: 4KB - Virtual size: 4KB

.retirin
Size: 4KB - Virtual size: 4KB

.unsouli
Size: 4KB - Virtual size: 41KB

.andromo
Size: 4KB - Virtual size: 3KB

.digesti
Size: 4KB - Virtual size: 3KB

.columbo
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 177KB - Virtual size: 176KB

.reloc
Size: 5KB - Virtual size: 5KB