311c891238f2b5c65f9e68d1e7e4d280

Sharing

Copy URL

Twitter E-mail

General

Target

311c891238f2b5c65f9e68d1e7e4d280
Size

373KB
MD5

311c891238f2b5c65f9e68d1e7e4d280
SHA1

1915eac52fbdaadf42f532c23141ea84162cf2c5
SHA256

15fde5e639310c9041661c2d70d59defb4a3b23c6d6c91ef72aedf95e23da857
SHA512

13e2ed49cdc0075241c627019a59981b298156216f261560c0c0ed5cce352dcca9b3bf9753c6215f6f2dbdf36a003d74d26c78daaf79a7b56daa7b87ce9fe8c3
SSDEEP

6144:hTkdi29mBwLx9cUYGSf/k5yzEKTzj9J15hjNqnL7Kp+TDaQayZVfZhkFifyCRCCm:Ui29mBgSX8yzEKj9J15V6+p+TDtaumiK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

311c891238f2b5c65f9e68d1e7e4d280
.exe windows:4 windows x86 arch:x86

Code Sign

64:70:32:31:fa:ce:31:c6:13:56:30:fc:41:d1:23:c6
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

16-06-2015 00:00

Not After

15-06-2016 23:59

Subject

CN=Installmatic\, LLC,OU=Installmatic\, LLC,O=Installmatic\, LLC,POSTALCODE=33130,STREET=80 SW 8th St #2000,L=Miami,ST=Florida,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:3c:4d:79:5d:32:72:1c:b8:40:49:50:33:55:6a:16:93:9d:81:22
Signer

Actual PE Digest

6d:3c:4d:79:5d:32:72:1c:b8:40:49:50:33:55:6a:16:93:9d:81:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$26Shdocvw_tlb@TCppWebBrowser
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$28Shdocvw_tlb@TCppShellWindows
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppShellUIHelper
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$29Shdocvw_tlb@TCppWebBrowser_V1
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppCScriptErrorList
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$32Shdocvw_tlb@TCppInternetExplorer
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$33Shdocvw_tlb@TCppSearchAssistantOC
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$34Shdocvw_tlb@TCppShellBrowserWindow
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@$xp$36Shdocvw_tlb@TShellFavoritesNameSpace
@@Shdocvw_ocx@Finalize
@@Shdocvw_ocx@Initialize
@@Unit1@Finalize
@@Unit1@Initialize
@@Unit2@Finalize
@@Unit2@Initialize
@@Unit3@Finalize
@@Unit3@Initialize
@@Unit5@Finalize
@@Unit5@Initialize
@Shdocvw_ocx@Register$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppCScriptErrorList@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@Connect$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@ConnectTo$qqr91%TComInterface$28Shdocvw_tlb@IScriptErrorListpx5_GUID$e&@Shdocvw_tlb@IID_IScriptErrorList$%
@Shdocvw_tlb@TCppCScriptErrorList@Disconnect$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@GetDefaultInterface$qv
@Shdocvw_tlb@TCppCScriptErrorList@GetDunk$qqrv
@Shdocvw_tlb@TCppCScriptErrorList@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppInternetExplorer@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppInternetExplorer@Connect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@ConnectTo$qqr83%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$e&@Shdocvw_tlb@IID_IWebBrowser2$%
@Shdocvw_tlb@TCppInternetExplorer@Disconnect$qqrv
@Shdocvw_tlb@TCppInternetExplorer@GetDefaultInterface$qv
@Shdocvw_tlb@TCppInternetExplorer@GetDunk$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InitServerData$qqrv
@Shdocvw_tlb@TCppInternetExplorer@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppSearchAssistantOC@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@Connect$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@ConnectTo$qqr97%TComInterface$31Shdocvw_tlb@ISearchAssistantOC3px5_GUID$e&@Shdocvw_tlb@IID_ISearchAssistantOC3$%
@Shdocvw_tlb@TCppSearchAssistantOC@Disconnect$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@GetDefaultInterface$qv
@Shdocvw_tlb@TCppSearchAssistantOC@GetDunk$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@InitServerData$qqrv
@Shdocvw_tlb@TCppSearchAssistantOC@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellBrowserWindow@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@Connect$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@ConnectTo$qqr83%TComInterface$24Shdocvw_tlb@IWebBrowser2px5_GUID$e&@Shdocvw_tlb@IID_IWebBrowser2$%
@Shdocvw_tlb@TCppShellBrowserWindow@Disconnect$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellBrowserWindow@GetDunk$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@InitServerData$qqrv
@Shdocvw_tlb@TCppShellBrowserWindow@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellUIHelper@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellUIHelper@Connect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@ConnectTo$qqr87%TComInterface$26Shdocvw_tlb@IShellUIHelperpx5_GUID$e&@Shdocvw_tlb@IID_IShellUIHelper$%
@Shdocvw_tlb@TCppShellUIHelper@Disconnect$qqrv
@Shdocvw_tlb@TCppShellUIHelper@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellUIHelper@GetDunk$qqrv
@Shdocvw_tlb@TCppShellUIHelper@InitServerData$qqrv
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppShellWindows@BeforeDestruction$qqrv
@Shdocvw_tlb@TCppShellWindows@Connect$qqrv
@Shdocvw_tlb@TCppShellWindows@ConnectTo$qqr85%TComInterface$25Shdocvw_tlb@IShellWindowspx5_GUID$e&@Shdocvw_tlb@IID_IShellWindows$%
@Shdocvw_tlb@TCppShellWindows@Disconnect$qqrv
@Shdocvw_tlb@TCppShellWindows@GetDefaultInterface$qv
@Shdocvw_tlb@TCppShellWindows@GetDunk$qqrv
@Shdocvw_tlb@TCppShellWindows@InitServerData$qqrv
@Shdocvw_tlb@TCppShellWindows@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrp6HWND__
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser@CControlData
@Shdocvw_tlb@TCppWebBrowser@ClientToWindow$qqrpit1
@Shdocvw_tlb@TCppWebBrowser@CreateControl$qqrv
@Shdocvw_tlb@TCppWebBrowser@DEF_CTL_INTF
@Shdocvw_tlb@TCppWebBrowser@EventDispIDs
@Shdocvw_tlb@TCppWebBrowser@ExecWB$qqr20Shdocvw_tlb@OLECMDID25Shdocvw_tlb@OLECMDEXECOPTp10tagVARIANTt3
@Shdocvw_tlb@TCppWebBrowser@GetDefaultInterface$qqrv
@Shdocvw_tlb@TCppWebBrowser@GetProperty$qqrpb
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GetWordBoolProp$qqri
@Shdocvw_tlb@TCppWebBrowser@GoBack$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoForward$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoHome$qqrv
@Shdocvw_tlb@TCppWebBrowser@GoSearch$qqrv
@Shdocvw_tlb@TCppWebBrowser@InitControlData$qqrv
@Shdocvw_tlb@TCppWebBrowser@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppWebBrowser@Navigate2$qqrp10tagVARIANTt1t1t1t1
@Shdocvw_tlb@TCppWebBrowser@OptParam
@Shdocvw_tlb@TCppWebBrowser@PutProperty$qqrpb10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@QueryStatusWB$qqr20Shdocvw_tlb@OLECMDID
@Shdocvw_tlb@TCppWebBrowser@Quit$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh$qqrv
@Shdocvw_tlb@TCppWebBrowser@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@SetWordBoolProp$qqrio
@Shdocvw_tlb@TCppWebBrowser@ShowBrowserBar$qqrp10tagVARIANTt1t1
@Shdocvw_tlb@TCppWebBrowser@Stop$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Application$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Container$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Document$qqrv
@Shdocvw_tlb@TCppWebBrowser@get_Parent$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrp6HWND__
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@$bctr$qqrpv
@Shdocvw_tlb@TCppWebBrowser_V1@CControlData
@Shdocvw_tlb@TCppWebBrowser_V1@CreateControl$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@DEF_CTL_INTF
@Shdocvw_tlb@TCppWebBrowser_V1@EventDispIDs
@Shdocvw_tlb@TCppWebBrowser_V1@GetDefaultInterface$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoBack$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoForward$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoHome$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@GoSearch$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@InitControlData$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@Navigate$qqrpbp10tagVARIANTt2t2t2
@Shdocvw_tlb@TCppWebBrowser_V1@OptParam
@Shdocvw_tlb@TCppWebBrowser_V1@Refresh$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@Refresh2$qqrp10tagVARIANT
@Shdocvw_tlb@TCppWebBrowser_V1@Stop$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Application$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Container$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Document$qqrv
@Shdocvw_tlb@TCppWebBrowser_V1@get_Parent$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@$bctr$qqrp18Classes@TComponent
@Shdocvw_tlb@TShellFavoritesNameSpace@BeforeDestruction$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@Connect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@ConnectTo$qqr89%TComInterface$27Shdocvw_tlb@IShellNameSpacepx5_GUID$e&@Shdocvw_tlb@IID_IShellNameSpace$%
@Shdocvw_tlb@TShellFavoritesNameSpace@Disconnect$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDefaultInterface$qv
@Shdocvw_tlb@TShellFavoritesNameSpace@GetDunk$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@InitServerData$qqrv
@Shdocvw_tlb@TShellFavoritesNameSpace@InvokeEvent$qqrir42System@%DynamicArray$t17System@OleVariant%
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 673KB - Virtual size: 676KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 233KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

64:70:32:31:fa:ce:31:c6:13:56:30:fc:41:d1:23:c6Certificate

Extended Key Usages

Key Usages

6d:3c:4d:79:5d:32:72:1c:b8:40:49:50:33:55:6a:16:93:9d:81:22Signer

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 712KB

UPX1 Size: 351KB - Virtual size: 352KB

.rsrc Size: 19KB - Virtual size: 20KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 673KB - Virtual size: 676KB

.data Size: 233KB - Virtual size: 252KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 12KB

.edata Size: 17KB - Virtual size: 20KB

.rsrc Size: 33KB - Virtual size: 36KB

.reloc Size: 45KB - Virtual size: 48KB

64:70:32:31:fa:ce:31:c6:13:56:30:fc:41:d1:23:c6
Certificate

6d:3c:4d:79:5d:32:72:1c:b8:40:49:50:33:55:6a:16:93:9d:81:22
Signer

UPX0
Size: - Virtual size: 712KB

UPX1
Size: 351KB - Virtual size: 352KB

.rsrc
Size: 19KB - Virtual size: 20KB

.text
Size: 673KB - Virtual size: 676KB

.data
Size: 233KB - Virtual size: 252KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 12KB

.edata
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 33KB - Virtual size: 36KB

.reloc
Size: 45KB - Virtual size: 48KB