04889414d8aa1a2cb102111a3bf22ea6

Sharing

Copy URL Twitter E-mail

General

Target

04889414d8aa1a2cb102111a3bf22ea6
Size

834KB
MD5

04889414d8aa1a2cb102111a3bf22ea6
SHA1

300e3557f9d55641f7454fe1d314fd884ab8c21f
SHA256

56efed806bc8d688ddb580d9d9981712ef193c28846c9cdddf0eebc1fc51963a
SHA512

d8e8b776cc5504d573b8299b6686629344d2352719167600bccf19d3aef2198fe265e223c9c772a870c74ad0515285ae7e9129e7929b0cf02616553e601ef17b
SSDEEP

24576:8VFUZzeLhzYwkpTapd8V6gWALixhguD0W8SkLR5QWpjoA7dccRv1w:ieS9zYwkpC8VtWUixxQWXkV5QwcAecXw

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack002/X.exe
unpack001/FM20.DLL
unpack001/FM20ENU.DLL
unpack003/Server #2.exe
unpack003/server.exe

Files

04889414d8aa1a2cb102111a3bf22ea6
.zip
Client.zip
.zip
Sound/connected.WAV
Sound/disconnected.wav
X.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.petite
Size: 33KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
FM20.DLL
.dll regsvr32 windows:4 windows x86 arch:x86

53c6722b6270f41aab956e1671f43d3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

oleaut32

SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetDim
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayCreate
VarBoolFromStr
VarR8FromStr
VarI2FromStr
VarDateFromBool
VarCyFromBool
VarCyFromStr
VarDateFromStr
VarBoolFromDate
VarBstrFromDate
VarCyFromDate
VarR8FromDate
VarI4FromDate
VarR4FromDate
VarI2FromDate
VarBstrFromCy
VarBoolFromCy
VarDateFromCy
VarR8FromCy
VarI4FromCy
VarI2FromCy
VarR4FromCy
SafeArrayCopy
VarDateFromR8
VarBoolFromR8
VarBstrFromR8
VarR4FromR8
VarCyFromR8
VarI4FromR8
VarDateFromR4
VarI2FromR8
VarBoolFromR4
VarI2FromR4
VarCyFromR4
VarI4FromR4
VarCyFromI4
VarBoolFromI4
VarDateFromI4
VarBstrFromI2
VarR4FromI4
VarI2FromI4
VarCyFromI2
VarBoolFromI2
VarDateFromI2
SafeArrayPutElement
LoadTypeLi
VariantInit
SysAllocStringLen
SysFreeString
SetErrorInfo
GetErrorInfo
CreateErrorInfo
VariantChangeTypeEx
SysAllocStringByteLen
VarR4FromStr
VarBstrFromR4
VariantClear
SysReAllocString
SysReAllocStringLen
SysAllocString
VariantCopy
SysStringLen
VariantChangeType
VarBstrFromBool
VarI4FromStr
VarBstrFromI4

kernel32

SetEndOfFile
LeaveCriticalSection
FreeLibrary
TlsGetValue
GetCurrentThreadId
TlsSetValue
EnterCriticalSection
GetProcessHeap
TlsFree
DeleteCriticalSection
InterlockedDecrement
InitializeCriticalSection
TlsAlloc
GetUserDefaultLCID
GetSystemDefaultLCID
IsValidLocale
GetModuleHandleA
GetProcAddress
LoadLibraryA
GetVersion
SetFilePointer
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
GetModuleFileNameA
HeapAlloc
HeapFree
HeapDestroy
GetStdHandle
WriteFile
GetLastError
HeapCreate
GetCurrentProcess
SetLastError
GetEnvironmentVariableW
GetLocaleInfoW
_llseek
GetFullPathNameW
_lread
_lclose
_lwrite
GetModuleHandleW
GetTickCount
OpenFile
LockResource
SizeofResource
LoadResource
FreeResource
GetCPInfo
GetStringTypeW
IsValidCodePage
LCMapStringW
LCMapStringA
GetStringTypeA
GetUserDefaultLangID
GetProfileIntA
Sleep
CreateFileW
CloseHandle
DeleteFileW
MulDiv
IsDBCSLeadByte
GlobalSize
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
VirtualFree
GetSystemInfo
VirtualAlloc
GetCurrentProcessId
InterlockedIncrement
InterlockedExchange
SetCurrentDirectoryA
OutputDebugStringA
lstrlenA
CompareStringA
GetWindowsDirectoryA
GetSystemDirectoryA
GetLocaleInfoA
GetFileAttributesA
GetCurrentDirectoryA
FormatMessageA
FindResourceA
FindFirstFileA
LoadLibraryExA
SearchPathA
GetFullPathNameA
SetCurrentDirectoryW
OutputDebugStringW
lstrlenW
LoadLibraryExW
GetWindowsDirectoryW
SearchPathW
GetSystemDirectoryW
GetModuleFileNameW
FindFirstFileW
CreateDirectoryW
GetFileAttributesW
GetCurrentDirectoryW
FormatMessageW
FindResourceW
MultiByteToWideChar
CompareStringW
GetVersionExA
WideCharToMultiByte
CreateDirectoryA

advapi32

RegCreateKeyA
RegCloseKey
RegSetValueExW
RegSetValueW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyW
RegQueryValueA
RegDeleteKeyA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueA
RegSetValueExA
RegFlushKey

ole32

OleCreateStaticFromData
OleCreateFromData
OleQueryCreateFromData
OleCreateLinkFromData
CLSIDFromString
OleSave
OleRun
CreateItemMoniker
CoGetClassObject
OleQueryLinkFromData
CoCreateGuid
StgOpenStorage
WriteFmtUserTypeStg
OleDraw
CLSIDFromProgID
CreateStreamOnHGlobal
WriteClassStm
StgCreateDocfile
CreateOleAdviseHolder
DoDragDrop
OleGetClipboard
OleSetClipboard
StringFromGUID2
StringFromCLSID
ReleaseStgMedium
ProgIDFromCLSID
CoTaskMemFree
CoTaskMemAlloc
OleIsCurrentClipboard
OleFlushClipboard
CoCreateInstance
CreateDataCache
RegisterDragDrop
RevokeDragDrop
OleGetIconOfClass
CreateDataAdviseHolder
WriteClassStg
CreateBindCtx
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
GetRunningObjectTable
IIDFromString
OleSaveToStream
ReadClassStg
ReadClassStm

gdi32

StretchBlt
GetPixel
SelectClipRgn
CreateHatchBrush
CreateCompatibleDC
GetPaletteEntries
DeleteDC
RealizePalette
GetDeviceCaps
SelectPalette
CreateSolidBrush
GetStockObject
CreatePalette
DeleteObject
ExtTextOutA
CreatePatternBrush
GetTextFaceA
GetTextExtentPoint32A
GetTextMetricsA
EnumFontFamiliesA
CreateFontIndirectA
GetObjectA
CreateDCA
CreateDCW
CreateICA
CreateICW
EnumFontFamiliesW
SetStretchBltMode
PolylineTo
CreateRectRgn
ExcludeClipRect
RectVisible
GetTextExtentPoint32W
GetTextFaceW
GetObjectW
ExtTextOutW
SetTextColor
GetTextMetricsW
GetClipBox
DeleteMetaFile
SetBkMode
SetWindowExtEx
SetWindowOrgEx
CloseMetaFile
CreateMetaFileA
SetMapMode
GetROP2
SetROP2
CreatePen
MoveToEx
LineTo
SelectObject
CreateBitmap
SetPixel
SetPixelV
Rectangle
UnrealizeObject
SetBrushOrgEx
OffsetRgn
CombineRgn
GetRegionData
GetClipRgn
CreateRectRgnIndirect
CreateFontIndirectW
RestoreDC
BitBlt
CreateCompatibleBitmap
GetNearestColor
GetBkColor
GetCurrentObject
PatBlt
IntersectClipRect
LPtoDP
SetBkColor
PlayMetaFile
GetMapMode
SaveDC
GetWindowOrgEx
SetViewportOrgEx
GetWindowExtEx
SetViewportExtEx
GetObjectType

user32

RegisterClipboardFormatW
RegisterClassW
RegisterWindowMessageW
PeekMessageW
RemovePropW
PostMessageW
ModifyMenuW
MessageBoxIndirectW
LoadStringW
OemToCharW
LoadIconW
LoadCursorW
LoadBitmapW
LoadMenuW
IsDialogMessageW
InsertMenuW
GetWindowTextLengthW
GetWindowTextW
GetWindowLongW
GetPropW
LoadAcceleratorsW
GetMenuStringW
GetDlgItemTextW
GetClipboardFormatNameW
GetClassNameW
GetClassInfoW
FindWindowW
DrawTextW
DispatchMessageW
GetMessageW
DialogBoxIndirectParamW
DefWindowProcW
CreateWindowExW
CreateDialogParamW
CreateAcceleratorTableW
CopyAcceleratorTableW
CharUpperW
CharToOemW
CharPrevW
CharNextW
CharLowerW
CallWindowProcW
AppendMenuW
AppendMenuA
CharLowerA
CharUpperA
CharToOemA
CreateWindowExA
DrawTextA
FindWindowA
GetClassInfoA
GetClassNameA
GetClipboardFormatNameA
GetDlgItemTextA
GetMenuStringA
GetPropA
GetWindowTextA
GetWindowTextLengthA
InsertMenuA
LoadStringA
MessageBoxIndirectA
ModifyMenuA
OemToCharA
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
RemovePropA
GetDlgItem
SendMessageA
SetDlgItemTextA
SetPropA
SetWindowTextA
SystemParametersInfoA
UnregisterClassA
WinHelpA
wvsprintfA
GetSysColor
GetKeyboardLayout
GetKeyboardLayoutList
GetSystemMetrics
GetWindow
VkKeyScanW
VkKeyScanA
SetTimer
KillTimer
TrackPopupMenu
SetDlgItemTextW
SendDlgItemMessageW
ReleaseCapture
UnhookWindowsHookEx
CallNextHookEx
GetMessageA
DialogBoxParamA
RedrawWindow
GetWindowThreadProcessId
IsWindow
DestroyWindow
EndPaint
GetClientRect
BeginPaint
FillRect
WindowFromPoint
ReleaseDC
InvalidateRect
SetWindowPos
GetDC
PtInRect
GetCursorPos
GetKeyState
DestroyCursor
SetFocus
GetFocus
SetCursor
CreateIconIndirect
GetIconInfo
EnableWindow
OffsetRect
ShowWindow
SetWindowRgn
EqualRect
IntersectRect
EnumChildWindows
GetUpdateRect
InflateRect
GetWindowDC
ClientToScreen
LockWindowUpdate
GetDCEx
GetDoubleClickTime
GetMessageTime
InvalidateRgn
ScrollWindowEx
GetAsyncKeyState
CreateCaret
HideCaret
ShowCaret
SetCaretPos
SetRectEmpty
InvertRect
DrawFocusRect
ValidateRect
IsRectEmpty
SubtractRect
ScrollDC
DestroyAcceleratorTable
MapWindowPoints
DestroyMenu
EnableMenuItem
GetSubMenu
EndDialog
GetWindowRect
IsChild
IsIconic
GetParent
DeleteMenu
GetMessagePos
GetUpdateRgn
GetForegroundWindow
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
BringWindowToTop
GetMenuItemCount
CheckMenuItem
GetMenuItemID
GetActiveWindow
MessageBoxW
UpdateWindow
CopyImage
ChildWindowFromPointEx
CheckDlgButton
IsDlgButtonChecked
ClipCursor
SendMessageW
SetWindowsHookExW
SetPropW
SetWindowLongW
TranslateAcceleratorW
SetWindowTextW
SystemParametersInfoW
wvsprintfW
UnregisterClassW
WinHelpW
CreateAcceleratorTableA
CallWindowProcA
CopyAcceleratorTableA
DialogBoxIndirectParamA
CreateDialogParamA
GetCapture
SetCapture
DispatchMessageA
IsDialogMessageA
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadMenuA
PeekMessageA
PostMessageA
SetWindowLongA
SetWindowsHookExA
TranslateAcceleratorA
ScreenToClient
GetWindowLongA
EnumWindows
DialogBoxParamW
DefWindowProcA
GetDialogBaseUnits
DrawFrameControl
MoveWindow
ActivateKeyboardLayout
AdjustWindowRect
GetCursor

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllRegisterServerSetup
DllUnregisterServer
FormsCheckUFIControls
FormsCloseParentUnit
FormsOpenParentUnit
FormsSetLCID

Sections

.text
Size: 686KB - Virtual size: 686KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FM20ENU.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mswinsck.ocx
.dll regsvr32 windows:4 windows x86 arch:x86

cb0275eec9ac31b6d4d44320e576fadb

Code Sign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

wsock32

accept
listen
inet_ntoa
recv
WSAGetLastError
WSASetLastError
select
__WSAFDIsSet
shutdown
ntohs
sendto
recvfrom
connect
getsockopt
setsockopt
getsockname
getpeername
closesocket
WSACancelAsyncRequest
gethostbyaddr
bind
WSAAsyncSelect
socket
WSAStartup
WSACleanup
inet_addr
WSAAsyncGetHostByName
WSAAsyncGetHostByAddr
gethostbyname
htons
gethostname
ioctlsocket
send

kernel32

lstrlenW
GetFileAttributesA
GetModuleFileNameA
InitializeCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
lstrcpynA
lstrcpyA
lstrlenA
lstrcatA
IsBadWritePtr
WideCharToMultiByte
GetVersion
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
LocalFree
FormatMessageA
GetTickCount
MultiByteToWideChar
SetLastError
GetProcAddress
GetLocaleInfoA
DeleteCriticalSection
FreeLibrary
DisableThreadLibraryCalls
lstrcmpA
InterlockedDecrement
GetWindowsDirectoryA
LoadLibraryA
HeapReAlloc
InterlockedIncrement
lstrcmpiA
GetLastError
LockResource
LoadResource
FindResourceA

user32

EndDialog
DialogBoxParamA
GetActiveWindow
MessageBoxA
DrawEdge
GetDC
CharNextA
LoadCursorA
wsprintfA
GetWindowRect
SetWindowPos
ShowWindow
IsDialogMessageA
GetWindow
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
IsChild
GetKeyState
SetParent
WinHelpA
IsWindowVisible
EndPaint
GetClientRect
BeginPaint
SendDlgItemMessageA
LoadStringA
ClientToScreen
OffsetRect
EqualRect
IntersectRect
SetWindowRgn
PtInRect
MessageBeep
LoadBitmapA
GetSystemMetrics
GetParent
CreateDialogIndirectParamA
GetDlgItemTextA
SetDlgItemInt
SendMessageA
DefWindowProcA
GetWindowLongA
DestroyWindow
KillTimer
SetTimer
UnregisterClassA
RegisterClassA
PeekMessageA
PostMessageA
SetDlgItemTextA
SetFocus
GetDlgItemInt
MoveWindow
SetWindowLongA
CreateWindowExA
ReleaseDC

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CreateOleAdviseHolder

advapi32

RegDeleteValueA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysAllocString
VariantChangeType
SysAllocStringLen
SysStringLen
SafeArrayRedim
RegisterTypeLi
LoadTypeLi
UnRegisterTypeLi
LoadTypeLibEx
OleCreatePropertyFrame
LoadRegTypeLi
SafeArrayDestroy
SafeArrayUnaccessData
SetErrorInfo
CreateErrorInfo
GetErrorInfo
SysFreeString
SysAllocStringByteLen
SafeArrayCreate
VariantClear
SafeArrayGetUBound
SafeArrayGetLBound
SysStringByteLen
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
VariantInit

gdi32

GetDeviceCaps
CreateCompatibleDC
CreateRectRgnIndirect
GetWindowExtEx
GetViewportExtEx
DeleteDC
DeleteObject
GetObjectA
LPtoDP
SetMapMode
SetViewportExtEx
SetWindowExtEx
SetViewportOrgEx
SetWindowOrgEx
CreateDCA
BitBlt
SelectObject

Exports

Exports

DLLGetDocumentation
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Readme.txt
Server.zip
.zip
Server #2.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 21KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
server.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 15KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.petite Size: 33KB - Virtual size: 184KB

Size: 2KB - Virtual size: 4KB

Size: 1024B - Virtual size: 741B

53c6722b6270f41aab956e1671f43d3b

Headers

File Characteristics

Imports

oleaut32

kernel32

advapi32

ole32

gdi32

user32

Exports

Exports

Sections

.text Size: 686KB - Virtual size: 686KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 33KB - Virtual size: 43KB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 240KB - Virtual size: 239KB

.reloc Size: 53KB - Virtual size: 52KB

Headers

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 112B

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 512B - Virtual size: 12B

cb0275eec9ac31b6d4d44320e576fadb

Code Sign

Signer

Headers

File Characteristics

Imports

wsock32

kernel32

user32

ole32

advapi32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 5KB - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: 21KB - Virtual size: 68KB

.petite Size: 2KB - Virtual size: 4KB

Size: 1024B - Virtual size: 741B

Headers

File Characteristics

Sections

Size: 15KB - Virtual size: 56KB

.petite Size: 2KB - Virtual size: 4KB

Size: 1024B - Virtual size: 741B

.petite
Size: 33KB - Virtual size: 184KB

.text
Size: 686KB - Virtual size: 686KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 33KB - Virtual size: 43KB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 240KB - Virtual size: 239KB

.reloc
Size: 53KB - Virtual size: 52KB

.rdata
Size: 512B - Virtual size: 112B

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 66KB - Virtual size: 65KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 5KB - Virtual size: 4KB

.petite
Size: 2KB - Virtual size: 4KB

.petite
Size: 2KB - Virtual size: 4KB