3a7b9963c311b4add3fd22198d87fa7da18faa12ba0e686029b2b0871ea08275

Sharing

Copy URL Twitter E-mail

General

Target

3a7b9963c311b4add3fd22198d87fa7da18faa12ba0e686029b2b0871ea08275
Size

1.2MB
MD5

b2241226b5d81ee4083bae0f6286a074
SHA1

1fecfe6bc27e4ab4fc01ca49916fcfc685e7b65a
SHA256

3a7b9963c311b4add3fd22198d87fa7da18faa12ba0e686029b2b0871ea08275
SHA512

889b4d8ac7449df705fcd57a94762491060e4fc9ca91a3024e58dcac137e53c068e36f83892f3d6f3de716ecd80c009a4aec457afbfada319bb3b9257e37d278
SSDEEP

24576:xT2l4ZZTTEmrm3yGS0jUtcFEiB+NMuSponClibIDcvFmLzCLs:V2sjmwGUtcN+NMuQoClmIDcoLz

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3a7b9963c311b4add3fd22198d87fa7da18faa12ba0e686029b2b0871ea08275
unpack001/out.upx

Files

3a7b9963c311b4add3fd22198d87fa7da18faa12ba0e686029b2b0871ea08275
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

??0CharReader@Json@@QAE@ABV01@@Z
??0CharReader@Json@@QAE@XZ
??0CharReaderBuilder@Json@@QAE@ABV01@@Z
??0CharReaderBuilder@Json@@QAE@XZ
??0Exception@Json@@QAE@ABV01@@Z
??0Exception@Json@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Factory@CharReader@Json@@QAE@ABV012@@Z
??0Factory@CharReader@Json@@QAE@XZ
??0Factory@StreamWriter@Json@@QAE@ABV012@@Z
??0Factory@StreamWriter@Json@@QAE@XZ
??0FastWriter@Json@@QAE@ABV01@@Z
??0FastWriter@Json@@QAE@XZ
??0Features@Json@@QAE@XZ
??0LogicError@Json@@QAE@$$QAV01@@Z
??0LogicError@Json@@QAE@ABV01@@Z
??0LogicError@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Path@Json@@QAE@$$QAV01@@Z
??0Path@Json@@QAE@ABV01@@Z
??0Path@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVPathArgument@1@1111@Z
??0PathArgument@Json@@QAE@$$QAV01@@Z
??0PathArgument@Json@@QAE@ABV01@@Z
??0PathArgument@Json@@QAE@I@Z
??0PathArgument@Json@@QAE@PBD@Z
??0PathArgument@Json@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0PathArgument@Json@@QAE@XZ
??0Reader@Json@@QAE@$$QAV01@@Z
??0Reader@Json@@QAE@ABV01@@Z
??0Reader@Json@@QAE@ABVFeatures@1@@Z
??0Reader@Json@@QAE@XZ
??0RuntimeError@Json@@QAE@$$QAV01@@Z
??0RuntimeError@Json@@QAE@ABV01@@Z
??0RuntimeError@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StaticString@Json@@QAE@PBD@Z
??0StreamWriter@Json@@QAE@ABV01@@Z
??0StreamWriter@Json@@QAE@XZ
??0StreamWriterBuilder@Json@@QAE@ABV01@@Z
??0StreamWriterBuilder@Json@@QAE@XZ
??0StyledStreamWriter@Json@@QAE@ABV01@@Z
??0StyledStreamWriter@Json@@QAE@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0StyledWriter@Json@@QAE@ABV01@@Z
??0StyledWriter@Json@@QAE@XZ
??0Value@Json@@QAE@$$QAV01@@Z
??0Value@Json@@QAE@ABV01@@Z
??0Value@Json@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0Value@Json@@QAE@ABVStaticString@1@@Z
??0Value@Json@@QAE@H@Z
??0Value@Json@@QAE@I@Z
??0Value@Json@@QAE@N@Z
??0Value@Json@@QAE@PBD0@Z
??0Value@Json@@QAE@PBD@Z
??0Value@Json@@QAE@W4ValueType@1@@Z
??0Value@Json@@QAE@_J@Z
??0Value@Json@@QAE@_K@Z
??0Value@Json@@QAE@_N@Z
??0ValueConstIterator@Json@@AAE@ABV?$_Tree_iterator@V?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBVCZString@Value@Json@@V23@@std@@@std@@@std@@@std@@@Z
??0ValueConstIterator@Json@@QAE@ABVValueIterator@1@@Z
??0ValueConstIterator@Json@@QAE@XZ
??0ValueIterator@Json@@AAE@ABV?$_Tree_iterator@V?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBVCZString@Value@Json@@V23@@std@@@std@@@std@@@std@@@Z
??0ValueIterator@Json@@QAE@ABV01@@Z
??0ValueIterator@Json@@QAE@ABVValueConstIterator@1@@Z
??0ValueIterator@Json@@QAE@XZ
??0ValueIteratorBase@Json@@QAE@ABV?$_Tree_iterator@V?$_Tree_val@U?$_Tree_simple_types@U?$pair@$$CBVCZString@Value@Json@@V23@@std@@@std@@@std@@@std@@@Z
??0ValueIteratorBase@Json@@QAE@XZ
??0Writer@Json@@QAE@ABV01@@Z
??0Writer@Json@@QAE@XZ
??1CharReader@Json@@UAE@XZ
??1CharReaderBuilder@Json@@UAE@XZ
??1Exception@Json@@UAE@XZ
??1Factory@CharReader@Json@@UAE@XZ
??1Factory@StreamWriter@Json@@UAE@XZ
??1FastWriter@Json@@UAE@XZ
??1LogicError@Json@@UAE@XZ
??1Path@Json@@QAE@XZ
??1PathArgument@Json@@QAE@XZ
??1Reader@Json@@QAE@XZ
??1RuntimeError@Json@@UAE@XZ
??1StreamWriter@Json@@UAE@XZ
??1StreamWriterBuilder@Json@@UAE@XZ
??1StyledStreamWriter@Json@@QAE@XZ
??1StyledWriter@Json@@UAE@XZ
??1Value@Json@@QAE@XZ
??1Writer@Json@@UAE@XZ
??4CharReader@Json@@QAEAAV01@ABV01@@Z
??4CharReaderBuilder@Json@@QAEAAV01@ABV01@@Z
??4Exception@Json@@QAEAAV01@ABV01@@Z
??4Factory@CharReader@Json@@QAEAAV012@ABV012@@Z
??4Factory@StreamWriter@Json@@QAEAAV012@ABV012@@Z
??4FastWriter@Json@@QAEAAV01@ABV01@@Z
??4Features@Json@@QAEAAV01@$$QAV01@@Z
??4Features@Json@@QAEAAV01@ABV01@@Z
??4LogicError@Json@@QAEAAV01@$$QAV01@@Z
??4LogicError@Json@@QAEAAV01@ABV01@@Z
??4Path@Json@@QAEAAV01@$$QAV01@@Z
??4Path@Json@@QAEAAV01@ABV01@@Z
??4PathArgument@Json@@QAEAAV01@$$QAV01@@Z
??4PathArgument@Json@@QAEAAV01@ABV01@@Z
??4Reader@Json@@QAEAAV01@$$QAV01@@Z
??4Reader@Json@@QAEAAV01@ABV01@@Z
??4RuntimeError@Json@@QAEAAV01@$$QAV01@@Z
??4RuntimeError@Json@@QAEAAV01@ABV01@@Z
??4StaticString@Json@@QAEAAV01@$$QAV01@@Z
??4StaticString@Json@@QAEAAV01@ABV01@@Z
??4StreamWriter@Json@@QAEAAV01@ABV01@@Z
??4StreamWriterBuilder@Json@@QAEAAV01@ABV01@@Z
??4StyledStreamWriter@Json@@QAEAAV01@ABV01@@Z
??4StyledWriter@Json@@QAEAAV01@ABV01@@Z
??4Value@Json@@QAEAAV01@$$QAV01@@Z
??4Value@Json@@QAEAAV01@ABV01@@Z
??4ValueConstIterator@Json@@QAEAAV01@$$QAV01@@Z
??4ValueConstIterator@Json@@QAEAAV01@ABV01@@Z
??4ValueConstIterator@Json@@QAEAAV01@ABVValueIteratorBase@1@@Z
??4ValueIterator@Json@@QAEAAV01@ABV01@@Z
??4ValueIteratorBase@Json@@QAEAAV01@$$QAV01@@Z
??4ValueIteratorBase@Json@@QAEAAV01@ABV01@@Z
??4Writer@Json@@QAEAAV01@ABV01@@Z
??5Json@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@std@@AAV12@AAVValue@0@@Z
??6Json@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@AAV12@ABVValue@0@@Z
??8Value@Json@@QBE_NABV01@@Z
??8ValueIteratorBase@Json@@QBE_NABV01@@Z
??9Value@Json@@QBE_NABV01@@Z
??9ValueIteratorBase@Json@@QBE_NABV01@@Z
??ACharReaderBuilder@Json@@QAEAAVValue@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??AStreamWriterBuilder@Json@@QAEAAVValue@1@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??AValue@Json@@QAEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??AValue@Json@@QAEAAV01@ABVStaticString@1@@Z
??AValue@Json@@QAEAAV01@H@Z
??AValue@Json@@QAEAAV01@I@Z
??AValue@Json@@QAEAAV01@PBD@Z
??AValue@Json@@QBEABV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??AValue@Json@@QBEABV01@H@Z
??AValue@Json@@QBEABV01@I@Z
??AValue@Json@@QBEABV01@PBD@Z
??BStaticString@Json@@QBEPBDXZ
??BValue@Json@@QBE_NXZ
??CValueConstIterator@Json@@QBEPBVValue@1@XZ
??CValueIterator@Json@@QBEPAVValue@1@XZ
??DValueConstIterator@Json@@QBEABVValue@1@XZ
??DValueIterator@Json@@QBEAAVValue@1@XZ
??EValueConstIterator@Json@@QAE?AV01@H@Z
??EValueConstIterator@Json@@QAEAAV01@XZ
??EValueIterator@Json@@QAE?AV01@H@Z
??EValueIterator@Json@@QAEAAV01@XZ
??FValueConstIterator@Json@@QAE?AV01@H@Z
??FValueConstIterator@Json@@QAEAAV01@XZ
??FValueIterator@Json@@QAE?AV01@H@Z
??FValueIterator@Json@@QAEAAV01@XZ
??GValueIteratorBase@Json@@QBEHABV01@@Z
??MValue@Json@@QBE_NABV01@@Z
??NValue@Json@@QBE_NABV01@@Z
??OValue@Json@@QBE_NABV01@@Z
??PValue@Json@@QBE_NABV01@@Z
??_7CharReader@Json@@6B@
??_7CharReaderBuilder@Json@@6B@
??_7Exception@Json@@6B@
??_7Factory@CharReader@Json@@6B@
??_7Factory@StreamWriter@Json@@6B@
??_7FastWriter@Json@@6B@
??_7LogicError@Json@@6B@
??_7RuntimeError@Json@@6B@
??_7StreamWriter@Json@@6B@
??_7StreamWriterBuilder@Json@@6B@
??_7StyledWriter@Json@@6B@
??_7Writer@Json@@6B@
??_FStyledStreamWriter@Json@@QAEXXZ
??_FValue@Json@@QAEXXZ
?addComment@Reader@Json@@AAEXPBD0W4CommentPlacement@2@@Z
?addError@Reader@Json@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVToken@12@PBD@Z
?addErrorAndRecover@Reader@Json@@AAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVToken@12@W4TokenType@12@@Z
?addPathInArg@Path@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@PBVPathArgument@Json@@V?$allocator@PBVPathArgument@Json@@@std@@@4@AAV?$_Vector_const_iterator@V?$_Vector_val@U?$_Simple_types@PBVPathArgument@Json@@@std@@@std@@@4@W4Kind@PathArgument@2@@Z
?all@Features@Json@@SA?AV12@XZ
?append@Value@Json@@QAEAAV12@$$QAV12@@Z
?append@Value@Json@@QAEAAV12@ABV12@@Z
?asBool@Value@Json@@QBE_NXZ
?asCString@Value@Json@@QBEPBDXZ
?asDouble@Value@Json@@QBENXZ
?asFloat@Value@Json@@QBEMXZ
?asInt64@Value@Json@@QBE_JXZ
?asInt@Value@Json@@QBEHXZ
?asLargestInt@Value@Json@@QBE_JXZ
?asLargestUInt@Value@Json@@QBE_KXZ
?asString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?asUInt64@Value@Json@@QBE_KXZ
?asUInt@Value@Json@@QBEIXZ
?back@Value@Json@@QAEAAV12@XZ
?back@Value@Json@@QBEABV12@XZ
?begin@Value@Json@@QAE?AVValueIterator@2@XZ
?begin@Value@Json@@QBE?AVValueConstIterator@2@XZ
?c_str@StaticString@Json@@QBEPBDXZ
?clear@Value@Json@@QAEXXZ
?compare@Value@Json@@QBEHABV12@@Z
?computeDistance@ValueIteratorBase@Json@@IBEHABV12@@Z
?containsNewLine@Reader@Json@@CA_NPBD0@Z
?copy@Value@Json@@QAEXABV12@@Z
?copy@ValueIteratorBase@Json@@IAEXABV12@@Z
?copyPayload@Value@Json@@QAEXABV12@@Z
?currentValue@Reader@Json@@AAEAAVValue@2@XZ
?decodeDouble@Reader@Json@@AAE_NAAVToken@12@@Z
?decodeDouble@Reader@Json@@AAE_NAAVToken@12@AAVValue@2@@Z
?decodeNumber@Reader@Json@@AAE_NAAVToken@12@@Z
?decodeNumber@Reader@Json@@AAE_NAAVToken@12@AAVValue@2@@Z
?decodeString@Reader@Json@@AAE_NAAVToken@12@@Z
?decodeString@Reader@Json@@AAE_NAAVToken@12@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?decodeUnicodeCodePoint@Reader@Json@@AAE_NAAVToken@12@AAPBDPBDAAI@Z
?decodeUnicodeEscapeSequence@Reader@Json@@AAE_NAAVToken@12@AAPBDPBDAAI@Z
?decrement@ValueIteratorBase@Json@@IAEXXZ
?defaultRealPrecision@Value@Json@@2IB
?demand@Value@Json@@QAEPAV12@PBD0@Z
?deref@ValueIteratorBase@Json@@IAEAAVValue@2@XZ
?deref@ValueIteratorBase@Json@@IBEABVValue@2@XZ
?dropNullPlaceholders@FastWriter@Json@@QAEXXZ
?dupMeta@Value@Json@@AAEXABV12@@Z
?dupPayload@Value@Json@@AAEXABV12@@Z
?empty@Value@Json@@QBE_NXZ
?enableYAMLCompatibility@FastWriter@Json@@QAEXXZ
?end@Value@Json@@QAE?AVValueIterator@2@XZ
?end@Value@Json@@QBE?AVValueConstIterator@2@XZ
?find@Value@Json@@QBEPBV12@PBD0@Z
?front@Value@Json@@QAEAAV12@XZ
?front@Value@Json@@QBEABV12@XZ
?get@Value@Json@@QBE?AV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV12@@Z
?get@Value@Json@@QBE?AV12@IABV12@@Z
?get@Value@Json@@QBE?AV12@PBD0ABV12@@Z
?get@Value@Json@@QBE?AV12@PBDABV12@@Z
?getComment@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4CommentPlacement@2@@Z
?getFormatedErrorMessages@Reader@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getFormattedErrorMessages@Reader@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getLocationLineAndColumn@Reader@Json@@ABE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?getLocationLineAndColumn@Reader@Json@@ABEXPBDAAH1@Z
?getMemberNames@Value@Json@@QBE?AV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@std@@XZ
?getNextChar@Reader@Json@@AAEDXZ
?getOffsetLimit@Value@Json@@QBEHXZ
?getOffsetStart@Value@Json@@QBEHXZ
?getString@Value@Json@@QBE_NPAPBD0@Z
?getStructuredErrors@Reader@Json@@QBE?AV?$vector@UStructuredError@Reader@Json@@V?$allocator@UStructuredError@Reader@Json@@@std@@@std@@XZ
?good@Reader@Json@@QBE_NXZ
?hasComment@Value@Json@@QBE_NW4CommentPlacement@2@@Z
?hasCommentForValue@StyledStreamWriter@Json@@CA_NABVValue@2@@Z
?hasCommentForValue@StyledWriter@Json@@CA_NABVValue@2@@Z
?increment@ValueIteratorBase@Json@@IAEXXZ
?indent@StyledStreamWriter@Json@@AAEXXZ
?indent@StyledWriter@Json@@AAEXXZ
?index@ValueIteratorBase@Json@@QBEIXZ
?initBasic@Value@Json@@AAEXW4ValueType@2@_N@Z
?insert@Value@Json@@QAE_NI$$QAV12@@Z
?insert@Value@Json@@QAE_NIABV12@@Z
?invalidPath@Path@Json@@CAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?isAllocated@Value@Json@@ABE_NXZ
?isArray@Value@Json@@QBE_NXZ
?isBool@Value@Json@@QBE_NXZ
?isConvertibleTo@Value@Json@@QBE_NW4ValueType@2@@Z
?isDouble@Value@Json@@QBE_NXZ
?isEqual@ValueIteratorBase@Json@@IBE_NABV12@@Z
?isInt64@Value@Json@@QBE_NXZ
?isInt@Value@Json@@QBE_NXZ
?isIntegral@Value@Json@@QBE_NXZ
?isMember@Value@Json@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?isMember@Value@Json@@QBE_NPBD0@Z
?isMember@Value@Json@@QBE_NPBD@Z
?isMultilineArray@StyledStreamWriter@Json@@AAE_NABVValue@2@@Z
?isMultilineArray@StyledWriter@Json@@AAE_NABVValue@2@@Z
?isNull@Value@Json@@QBE_NXZ
?isNumeric@Value@Json@@QBE_NXZ
?isObject@Value@Json@@QBE_NXZ
?isString@Value@Json@@QBE_NXZ
?isUInt64@Value@Json@@QBE_NXZ
?isUInt@Value@Json@@QBE_NXZ
?isValidIndex@Value@Json@@QBE_NI@Z
?key@ValueIteratorBase@Json@@QBE?AVValue@2@XZ
?make@Path@Json@@QBEAAVValue@2@AAV32@@Z
?makePath@Path@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@PBVPathArgument@Json@@V?$allocator@PBVPathArgument@Json@@@std@@@4@@Z
?match@Reader@Json@@AAE_NPBDH@Z
?maxInt64@Value@Json@@2_JB
?maxInt@Value@Json@@2HB
?maxLargestInt@Value@Json@@2_JB
?maxLargestUInt@Value@Json@@2_KB
?maxUInt64@Value@Json@@2_KB
?maxUInt64AsDouble@Value@Json@@2NB
?maxUInt@Value@Json@@2IB
?memberName@ValueIteratorBase@Json@@QBEPBDPAPBD@Z
?memberName@ValueIteratorBase@Json@@QBEPBDXZ
?minInt64@Value@Json@@2_JB
?minInt@Value@Json@@2HB
?minLargestInt@Value@Json@@2_JB
?name@ValueIteratorBase@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?newCharReader@CharReaderBuilder@Json@@UBEPAVCharReader@2@XZ
?newStreamWriter@StreamWriterBuilder@Json@@UBEPAVStreamWriter@2@XZ
?normalizeEOL@Reader@Json@@CA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD0@Z
?null@Value@Json@@2ABV12@B
?nullRef@Value@Json@@2ABV12@B
?nullSingleton@Value@Json@@SAABV12@XZ
?omitEndingLineFeed@FastWriter@Json@@QAEXXZ
?parse@Reader@Json@@QAE_NAAV?$basic_istream@DU?$char_traits@D@std@@@std@@AAVValue@2@_N@Z
?parse@Reader@Json@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAVValue@2@_N@Z
?parse@Reader@Json@@QAE_NPBD0AAVValue@2@_N@Z
?parseFromStream@Json@@YA_NABVFactory@CharReader@1@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PAVValue@1@PAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@5@@Z
?pushError@Reader@Json@@QAE_NABVValue@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?pushError@Reader@Json@@QAE_NABVValue@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?pushValue@StyledStreamWriter@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?pushValue@StyledWriter@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?readArray@Reader@Json@@AAE_NAAVToken@12@@Z
?readCStyleComment@Reader@Json@@AAE_NXZ
?readComment@Reader@Json@@AAE_NXZ
?readCppStyleComment@Reader@Json@@AAE_NXZ
?readNumber@Reader@Json@@AAEXXZ
?readObject@Reader@Json@@AAE_NAAVToken@12@@Z
?readString@Reader@Json@@AAE_NXZ
?readToken@Reader@Json@@AAE_NAAVToken@12@@Z
?readValue@Reader@Json@@AAE_NXZ
?recoverFromError@Reader@Json@@AAE_NW4TokenType@12@@Z
?releasePayload@Value@Json@@AAEXXZ
?removeIndex@Value@Json@@QAE_NIPAV12@@Z
?removeMember@Value@Json@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?removeMember@Value@Json@@QAEXPBD@Z
?removeMember@Value@Json@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAV12@@Z
?removeMember@Value@Json@@QAE_NPBD0PAV12@@Z
?removeMember@Value@Json@@QAE_NPBDPAV12@@Z
?resize@Value@Json@@QAEXI@Z
?resolve@Path@Json@@QBE?AVValue@2@ABV32@0@Z
?resolve@Path@Json@@QBEABVValue@2@ABV32@@Z
?resolveReference@Value@Json@@AAEAAV12@PBD0@Z
?resolveReference@Value@Json@@AAEAAV12@PBD@Z
?setComment@Value@Json@@QAEXPBDIW4CommentPlacement@2@@Z
?setComment@Value@Json@@QAEXPBDW4CommentPlacement@2@@Z
?setComment@Value@Json@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4CommentPlacement@2@@Z
?setDefaults@CharReaderBuilder@Json@@SAXPAVValue@2@@Z
?setDefaults@StreamWriterBuilder@Json@@SAXPAVValue@2@@Z
?setIsAllocated@Value@Json@@AAEX_N@Z
?setOffsetLimit@Value@Json@@QAEXH@Z
?setOffsetStart@Value@Json@@QAEXH@Z
?setType@Value@Json@@AAEXW4ValueType@2@@Z
?size@Value@Json@@QBEIXZ
?skipCommentTokens@Reader@Json@@AAEXAAVToken@12@@Z
?skipSpaces@Reader@Json@@AAEXXZ
?strictMode@CharReaderBuilder@Json@@SAXPAVValue@2@@Z
?strictMode@Features@Json@@SA?AV12@XZ
?swap@Value@Json@@QAEXAAV12@@Z
?swapPayload@Value@Json@@QAEXAAV12@@Z
?toStyledString@Value@Json@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?type@Value@Json@@QBE?AW4ValueType@2@XZ
?unindent@StyledStreamWriter@Json@@AAEXXZ
?unindent@StyledWriter@Json@@AAEXXZ
?validate@CharReaderBuilder@Json@@QBE_NPAVValue@2@@Z
?validate@StreamWriterBuilder@Json@@QBE_NPAVValue@2@@Z
?valueToQuotedString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
?valueToString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?valueToString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?valueToString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@NIW4PrecisionType@1@@Z
?valueToString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_J@Z
?valueToString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_K@Z
?valueToString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z
?what@Exception@Json@@UBEPBDXZ
?write@FastWriter@Json@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVValue@2@@Z
?write@StyledStreamWriter@Json@@QAEXAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@ABVValue@2@@Z
?write@StyledWriter@Json@@UAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVValue@2@@Z
?writeArrayValue@StyledStreamWriter@Json@@AAEXABVValue@2@@Z
?writeArrayValue@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeCommentAfterValueOnSameLine@StyledStreamWriter@Json@@AAEXABVValue@2@@Z
?writeCommentAfterValueOnSameLine@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeCommentBeforeValue@StyledStreamWriter@Json@@AAEXABVValue@2@@Z
?writeCommentBeforeValue@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeIndent@StyledStreamWriter@Json@@AAEXXZ
?writeIndent@StyledWriter@Json@@AAEXXZ
?writeString@Json@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVFactory@StreamWriter@1@ABVValue@1@@Z
?writeValue@FastWriter@Json@@AAEXABVValue@2@@Z
?writeValue@StyledStreamWriter@Json@@AAEXABVValue@2@@Z
?writeValue@StyledWriter@Json@@AAEXABVValue@2@@Z
?writeWithIndent@StyledStreamWriter@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?writeWithIndent@StyledWriter@Json@@AAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
CreateTrayClient

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 23KB - Virtual size: 24KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 319KB - Virtual size: 318KB

.data Size: 35KB - Virtual size: 63KB

.rsrc Size: 547KB - Virtual size: 546KB

.reloc Size: 87KB - Virtual size: 87KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 23KB - Virtual size: 24KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 319KB - Virtual size: 318KB

.data
Size: 35KB - Virtual size: 63KB

.rsrc
Size: 547KB - Virtual size: 546KB

.reloc
Size: 87KB - Virtual size: 87KB