43d63d90839c554e9fece78eac103de6

Sharing

Copy URL Twitter E-mail

General

Target

43d63d90839c554e9fece78eac103de6
Size

5.9MB
MD5

43d63d90839c554e9fece78eac103de6
SHA1

373001c25043234530bfac4f959070ef98979492
SHA256

a9408a6508c61bfa12b0a893d668868f784e8adeea06a7067293c89727597dfc
SHA512

a2f0f1855a6fb20ab2a5316bc12adf8e79d3beb728a490b33142695204fa521c3dd01f2b913b681253d13e0605e1f35846bf8ff2a7207c4b9e789ff44ef298fa
SSDEEP

98304:9ElXHBviDLBcnH67ZQ/qeG+BICcSOcK7XejC0jIx3NXRH8Nn5patDr:9svixc6y1Nq1Xee0j23NXqV5Ihr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/XZM.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bin/main.dll
unpack001/XZM.exe
unpack002/out.upx

Files

43d63d90839c554e9fece78eac103de6
.rar
Bin/main.dll
.dll regsvr32 windows:5 windows x86 arch:x86

5d25b3b8af3631bcf34661761ad3f86b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadPriority
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalAddAtomA
GlobalSize
CopyFileA
EncodePointer
FreeResource
LoadLibraryA
lstrcmpW
FindResourceA
GlobalFindAtomA
GlobalGetAtomNameA
GetUserDefaultLCID
IsDBCSLeadByte
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
GetSystemDefaultUILanguage
GlobalFlags
SetLastError
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
VirtualProtect
GetOEMCP
GetCPInfo
FindResourceExW
GetFileAttributesExA
GetProfileIntA
lstrcpyA
GetWindowsDirectoryA
VerifyVersionInfoA
GetTempPathA
SearchPathA
GetTempFileNameA
WaitForSingleObjectEx
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
GetStringTypeW
SwitchToThread
CompareStringW
LCMapStringW
RtlUnwind
InterlockedFlushSList
SetEnvironmentVariableA
SetCurrentDirectoryA
ExitProcess
GetModuleHandleExW
GetFileType
SetConsoleCtrlHandler
PeekNamedPipe
SetFilePointerEx
GetCommandLineA
GetCommandLineW
ExitThread
FreeLibraryAndExitThread
VirtualAlloc
HeapQueryInformation
SetStdHandle
GetConsoleMode
ReadConsoleW
GetConsoleCP
CreateProcessA
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
FindFirstFileExA
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
FileTimeToDosDateTime
FileTimeToLocalFileTime
ReadDirectoryChangesW
QueueUserAPC
WaitForMultipleObjectsEx
CompareFileTime
CancelIo
OpenThread
VirtualQuery
GetThreadContext
GetCurrentThread
GetModuleHandleA
lstrcmpA
SuspendThread
Thread32First
Thread32Next
GetProcAddress
LoadLibraryW
AllocConsole
FormatMessageA
VerifyVersionInfoW
CreateProcessW
VerSetConditionMask
SetCurrentDirectoryW
GetCurrentDirectoryW
GetLocaleInfoW
GetStdHandle
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetFileTime
GetDriveTypeW
GetTempFileNameW
DeleteFileW
GetFileAttributesExW
GetFileInformationByHandle
CreateFileW
GetVolumePathNameW
GetTempPathW
GetPrivateProfileIntW
GetShortPathNameW
WriteFile
GetLongPathNameW
WritePrivateProfileStringW
GetFileSizeEx
GetUserDefaultUILanguage
GetSystemDirectoryW
GetDateFormatW
GetTimeFormatW
MulDiv
OutputDebugStringW
GlobalFree
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalAddAtomW
GlobalDeleteAtom
SetThreadExecutionState
SystemTimeToFileTime
SetUnhandledExceptionFilter
Module32NextW
GlobalMemoryStatusEx
Module32FirstW
CreateThread
GetSystemInfo
CreateEventW
CreateToolhelp32Snapshot
GetLocaleInfoA
GetVersionExW
GetEnvironmentVariableA
OutputDebugStringA
GetCurrentProcess
HeapCreate
GetWindowsDirectoryW
lstrcpynW
GetTickCount
DeleteFileA
GetFileAttributesA
GetFullPathNameA
FindNextFileA
FindFirstFileA
GetModuleFileNameA
CreateEventA
InterlockedIncrement
ResetEvent
SetEvent
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
QueryPerformanceCounter
QueryPerformanceFrequency
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
CreateDirectoryW
GetExitCodeProcess
GetEnvironmentVariableW
TerminateProcess
GetSystemTime
GetACP
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
GetSystemTimeAsFileTime
CopyFileW
MoveFileExW
LocalFree
FormatMessageW
SetFileAttributesW
GetFileAttributesW
WaitForSingleObject
MapViewOfFile
CreateFileMappingW
GetModuleHandleW
GetCurrentProcessId
Sleep
UnmapViewOfFile
SetErrorMode
GetModuleFileNameW
GetFullPathNameW
CompareStringA
LoadLibraryExW
FreeLibrary
ResumeThread
GetVersionExA
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
MultiByteToWideChar
GetCurrentThreadId
GetCurrentDirectoryA
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
ReadFile
GetFileSize
CloseHandle
FlushFileBuffers
CreateFileA

user32

UpdateLayeredWindow
MonitorFromPoint
LoadMenuA
InsertMenuItemA
GetComboBoxInfo
PostThreadMessageA
WaitMessage
GetKeyboardLayout
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
GetWindowRgn
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
IsDialogMessageA
SetWindowTextA
SendDlgItemMessageA
GetMonitorInfoA
WinHelpA
LoadIconA
GetTopWindow
GetClassNameA
GetClassLongA
PtInRect
EqualRect
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
SetScrollPos
ScrollWindow
GetDlgCtrlID
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetMessageTime
RegisterWindowMessageA
IntersectRect
SetWindowLongA
InflateRect
CopyRect
CallWindowProcA
DefWindowProcA
AppendMenuA
InsertMenuA
GetSubMenu
GetMenuState
GetMenuStringA
GetLastActivePopup
GetWindowLongA
IsWindowEnabled
ShowOwnedPopups
GetActiveWindow
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
SendMessageA
PostMessageA
GetPropW
RemovePropW
SetPropW
SetRect
SetLayeredWindowAttributes
DispatchMessageW
PeekMessageW
DeferWindowPos
AdjustWindowRectEx
GetKeyState
MonitorFromRect
MonitorFromWindow
EnumDisplayMonitors
DestroyCursor
BeginDeferWindowPos
DdeCreateStringHandleW
DdeConnect
GetWindowInfo
GetMonitorInfoW
ClientToScreen
TrackMouseEvent
DdeInitializeW
DdeClientTransaction
DdeFreeDataHandle
UnionRect
SetClipboardData
CheckMenuItem
GetDesktopWindow
DdeDisconnect
DdeFreeStringHandle
SetForegroundWindow
ModifyMenuW
CheckMenuRadioItem
GetMenuItemID
SetMenuItemInfoW
InsertMenuW
CreateMenu
GetMessagePos
CopyImage
HideCaret
SetClassLongW
ShowCaret
LoadImageW
CheckRadioButton
EndDialog
SetDlgItemTextW
SendDlgItemMessageW
DialogBoxIndirectParamW
IsDlgButtonChecked
GetDlgItem
CheckDlgButton
DialogBoxParamW
SetActiveWindow
DrawTextW
OpenClipboard
CloseClipboard
EmptyClipboard
GetCursor
GetScrollInfo
GetMenuItemInfoW
GetSystemMenu
CallWindowProcW
GetMenuItemCount
CreatePopupMenu
TrackPopupMenu
OffsetRect
RedrawWindow
MapWindowPoints
SetMenuDefaultItem
GetWindowDC
RemoveMenu
AppendMenuW
EnableMenuItem
DrawEdge
DrawFrameControl
IsCharAlphaNumericW
GetWindowTextLengthW
ReuseDDElParam
ShowWindowAsync
MessageBeep
DrawIcon
IsWindowUnicode
UnpackDDElParam
GetSysColor
CharLowerW
GetWindow
FillRect
InvalidateRgn
GetCapture
ValidateRect
GetUpdateRect
SetCapture
ReleaseCapture
wsprintfA
PostMessageW
SystemParametersInfoW
SetCursor
GetCursorPos
BeginPaint
EndPaint
InvalidateRect
ReleaseDC
SetScrollInfo
DefWindowProcW
ShowScrollBar
MapVirtualKeyW
GetWindowRect
GetMenu
GetFocus
DestroyWindow
IsWindowVisible
SetWindowPos
CreateWindowExW
ScreenToClient
GetSystemMetrics
GetScrollPos
SetTimer
MessageBoxA
GetForegroundWindow
MoveWindow
SetMenu
DestroyMenu
IsZoomed
KillTimer
PostQuitMessage
CharLowerBuffW
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
LoadMenuW
DrawStateA
SetClassLongA
GetKeyNameTextA
MapVirtualKeyA
NotifyWinEvent
InvertRect
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
WindowFromPoint
GetNextDlgGroupItem
GetMenuDefaultItem
GetDCEx
GetDialogBaseUnits
MapDialogRect
GetParent
GetAncestor
IsIconic
IsCharUpperW
GetWindowLongW
GetWindowThreadProcessId
AllowSetForegroundWindow
FindWindowExW
SendMessageW
RegisterClassExW
ShowWindow
IsWindow
LoadBitmapW
SetFocus
LoadIconW
FindWindowW
LoadCursorW
SetParent
SetWindowLongW
UpdateWindow
GetAsyncKeyState
GetTabbedTextExtentW
GetMenuItemInfoA
GetSysColorBrush
CharUpperA
DestroyIcon
RealChildWindowFromPoint
DeleteMenu
SystemParametersInfoA
GetNextDlgTabItem
CreateDialogIndirectParamA
EnumChildWindows
LockWindowUpdate
RegisterClipboardFormatA
IsRectEmpty
SetWindowRgn
LoadCursorA
EndDeferWindowPos
SetRectEmpty
UnregisterClassA
EnableWindow
UnhookWindowsHookEx
TranslateAcceleratorA
SetWindowsHookExA
LoadAcceleratorsA
CallNextHookEx
MessageBoxW
GetDC
GetClientRect
DdeUninitialize

gdi32

SetMapMode
SetStretchBltMode
GetDeviceCaps
CreateDCW
EndDoc
AbortDoc
StretchBlt
StartPage
ExtSelectClipRgn
ExcludeClipRect
SetViewportOrgEx
CreateRectRgn
GetClipBox
CreatePen
MoveToEx
LineTo
TextOutW
SetTextAlign
SetLayout
SetDIBits
SetRectRgn
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetTextExtentPoint32A
GetTextAlign
BitBlt
EnumFontFamiliesExA
StartDocW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
GetRgnBox
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetTextFaceA
CreateRectRgnIndirect
CreateFontIndirectA
CombineRgn
EndPage
CreateCompatibleBitmap
SelectObject
DeleteObject
CreateCompatibleDC
GetObjectA
IntersectClipRect
SetWorldTransform
UnrealizeObject
SetPolyFillMode
CreateFontIndirectW
GetTextExtentPoint32W
SetTextColor
SetBkMode
SelectClipRgn
SetBkColor
ExtTextOutW
DeleteDC
GetDIBits
CreateDIBSection
GetStockObject
Rectangle
GetLayout
SelectPalette
SaveDC
RestoreDC
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetCurrentPositionEx
CreateHatchBrush
TextOutA
RectVisible
PtVisible
OffsetRgn
GetViewportOrgEx
Escape
DPtoLP
GetTextMetricsA
CreateSolidBrush
LPtoDP
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
CreateDCA
CopyMetaFileA
SetBrushOrgEx
PatBlt
CreatePatternBrush
CreateBitmap
SetROP2
GetDIBColorTable
SetDIBColorTable
SetGraphicsMode
GetObjectW
ExtTextOutA

oleaut32

VarBstrFromDate
OleCreatePictureIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
OleLoadPicture
OleCreateFontIndirect
VariantCopy
VariantChangeType
SysAllocStringByteLen
SysAllocStringLen
LoadRegTypeLi
OleCreatePropertyFrame
SysStringByteLen
SysStringLen
RegisterTypeLi
LoadTypeLi
SysFreeString
VariantClear
VariantInit
SafeArrayPutElement
SafeArrayCreateVector
SysAllocString

uxtheme

GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundA

winspool.drv

DeviceCapabilitiesW
ClosePrinter
DocumentPropertiesW
GetPrinterW
OpenPrinterW
OpenPrinterA
DocumentPropertiesA
ord203

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
PrintDlgExW

advapi32

RegEnumKeyW
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegSetValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
CryptAcquireContextW
RegOpenKeyExW
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
SetSecurityDescriptorDacl
RegSetKeySecurity
InitializeSecurityDescriptor
RegQueryValueExW

shell32

SHGetFileInfoW
SHChangeNotify
DragAcceptFiles
SHAddToRecentDocs
DragQueryFileW
DragFinish
SHFileOperationW
SHGetFolderPathW
SHBindToParent
ShellExecuteExW
SHGetDesktopFolder
ExtractIconA
SHGetFileInfoA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SHBrowseForFolderA
SHAppBarMessage
DragQueryFileA

ole32

OleInitialize
CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium
CoGetMalloc
CoCreateGuid
StringFromGUID2
CoRegisterClassObject
CoRevokeClassObject
StringFromCLSID
ReadFmtUserTypeStg
OleDuplicateData
CreateDataCache
CreateOleAdviseHolder
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleSaveToStream
CreateDataAdviseHolder
CoDisconnectObject
ReadClassStm
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleLoadFromStream
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
OleUninitialize
RevokeDragDrop
OleLockRunning
OleTranslateAccelerator
IsAccelerator

comctl32

ord412
ord410
ImageList_Destroy
CreatePropertySheetPageW
ImageList_AddMasked
ImageList_Create
ImageList_GetIconSize
InitCommonControlsEx
ord413

gdiplus

GdipGetImagePalette
GdipGetImagePixelFormat
GdiplusShutdown
GdipBitmapUnlockBits
GdipRotateMatrix
GdipScaleMatrix
GdipGetRegionBounds
GdipMeasureCharacterRanges
GdipGetStringFormatFlags
GdipBitmapSetResolution
GdipBitmapLockBits
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipSetStringFormatMeasurableCharacterRanges
GdipScaleWorldTransform
GdipFillEllipseI
GdipSetInterpolationMode
GdipWindingModeOutline
GdipSetPathMarker
GdipPathIterNextMarkerPath
GdipCreateFontFromLogfontA
GdipResetClip
GdipAddPathRectangleI
GdipSetPenColor
GdipAddPathEllipseI
GdipGetPathPointsI
GdipSetStringFormatLineAlign
GdipGetPathData
GdipCreatePathIter
GdipPathIterRewind
GdipDeletePathIter
GdipTransformPointsI
GdipSetStringFormatTrimming
GdipIsVisibleRectI
GdipCreateFromHWND
GdipAddPathLineI
GdipCreateRegionPath
GdipGetImagePaletteSize
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipSetPropertyItem
GdiplusStartup
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipGetFamilyName
GdipDeleteMatrix
GdipCreatePen1
GdipDeletePen
GdipDeleteGraphics
GdipFillRectangleI
GdipSetPenDashOffset
GdipCloneBrush
GdipCreateFromHDC
GdipTranslateMatrix
GdipFree
GdipFillRectangle
GdipDrawLine
GdipSetPenDashArray
GdipInvertMatrix
GdipCreateSolidFill
GdipSetWorldTransform
GdipCreateMatrix
GdipAlloc
GdipDeleteBrush
GdipTransformMatrixPoints
GdipGetFamily
GdipDeleteFontFamily
GdipGetPropertyItemSize
GdipDrawImageRectRectI
GdipImageGetFrameCount
GdipSetImageAttributesWrapMode
GdipImageSelectActiveFrame
GdipCreateImageAttributes
GdipSetPageUnit
GdipCloneBitmapAreaI
GdipSetSmoothingMode
GdipDisposeImage
GdipDisposeImageAttributes
GdipCreateBitmapFromStream
GdipGetPropertyItem
GdipCloneImage
GdipSetCompositingQuality
GdipDrawRectangle
GdipDrawImageRectRect
GdipGetFontHeight
GdipSetStringFormatFlags
GdipDrawImageI
GdipDeleteStringFormat
GdipDeleteRegion
GdipGetClip
GdipDrawString
GdipCreateBitmapFromGdiDib
GdipCreateRegion
GdipGetDC
GdipReleaseDC
GdipGetRegionHRgn
GdipCreateStringFormat
GdipDrawLineI
GdipCreatePen2
GdipCreateBitmapFromScan0
GdipDeleteFont
GdipGetImageGraphicsContext
GdipSetTextRenderingHint
GdipGetGenericFontFamilySansSerif
GdipGetLogFontW
GdipCreateFont
GdipCreateFontFamilyFromName
GdipCreateLineBrushFromRect
GdipSetPenMode
GdipGetPathWorldBoundsI
GdipClonePath
GdipDrawPath
GdipFillPath
GdipSetPenMiterLimit
GdipDeletePath
GdipTransformPath
GdipStartPathFigure
GdipClosePathFigure
GdipCreatePath
GdipAddPathLine
GdipCreateBitmapFromGraphics
GdipSetClipRegion
GdipDrawRectangleI
GdipTranslateWorldTransform
GdipSetCompositingMode
GdipStringFormatGetGenericDefault
GdipCloneStringFormat
GdipResetWorldTransform
GdipCreateFontFromDC
GdipCreatePath2
GdipSetClipRectI
GdipSetSolidFillColor
GdipGetPointCount
GdipIsVisiblePathPointI

msimg32

GradientFill
AlphaBlend
TransparentBlt

shlwapi

PathIsRelativeW
StrRStrIW
StrStrIW
StrStrW
ord219
PathIsNetworkPathW
SHGetValueW
SHSetValueW
SHDeleteKeyW
PathAppendW
PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA
PathRemoveFileSpecW
StrFormatKBSizeA
SHDeleteValueW

urlmon

CoInternetGetSession

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetCloseHandle
InternetOpenW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data:
Size: 733KB - Virtual size: 733KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 406KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 234KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XZM.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 847B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
language/en-us.xml
language/zh-cn.xml
upgrade.txt

Sharing

General

Malware Config

Signatures

Files

5d25b3b8af3631bcf34661761ad3f86b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

uxtheme

oleacc

imm32

winmm

winspool.drv

comdlg32

advapi32

shell32

ole32

comctl32

gdiplus

msimg32

shlwapi

urlmon

version

wininet

Exports

Exports

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data: Size: 733KB - Virtual size: 733KB

.rdata Size: 3.8MB - Virtual size: 3.8MB

.data Size: 150KB - Virtual size: 213KB

.rsrc Size: 406KB - Virtual size: 406KB

.reloc Size: 234KB - Virtual size: 233KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.3MB

UPX1 Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 48KB - Virtual size: 48KB

Headers

File Characteristics

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 108KB - Virtual size: 475KB

.rsrc Size: 80KB - Virtual size: 76KB

.text Size: 4KB - Virtual size: 847B

.text
Size: 4.0MB - Virtual size: 4.0MB

.data:
Size: 733KB - Virtual size: 733KB

.rdata
Size: 3.8MB - Virtual size: 3.8MB

.data
Size: 150KB - Virtual size: 213KB

.rsrc
Size: 406KB - Virtual size: 406KB

.reloc
Size: 234KB - Virtual size: 233KB

UPX0
Size: - Virtual size: 2.3MB

UPX1
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 48KB - Virtual size: 48KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 108KB - Virtual size: 475KB

.rsrc
Size: 80KB - Virtual size: 76KB

.text
Size: 4KB - Virtual size: 847B