__dbk_fcall_wrapper
dbkFCallWrapperAddr
Static task
static1
Target
Remcos-v4.9.3-Light.zip
Size
38.8MB
MD5
00534b114c5a7aebf2d70f551ef7b40f
SHA1
263eefd82c1993ac8b848418dd791728dc53faff
SHA256
b3220278991e82d522b8b6319a1730a29e213f142312b5b3fc0a307d0201bb1b
SHA512
8154d397aa329ecd57006806af38703d3cca7c97677644d361ef7c48e17098339c023067e586863c0c7cb49afb56591e7b4c71ce83825bf9dea166549dc00938
SSDEEP
786432:MM4OewGmQ2R3JTBSZtp+k6y+U46ltj5KEBYnqgac1iNgejyHnt:MKeHmQA3Mp+SJbltj5KEBYMc1iNTjk
Checks for missing Authenticode signature.
resource |
---|
unpack001/Remcos v4.9.3 Light.exe |
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PlaySoundW
InternetCloseHandle
DocumentPropertiesW
GetSaveFileNameW
ImageList_GetImageInfo
htons
SHGetFileInfoW
MoveWindow
GetFileVersionInfoSizeW
SysFreeString
RegSetValueExW
memcpy
GetVersion
GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress
htons
IsEqualGUID
Pie
__dbk_fcall_wrapper
dbkFCallWrapperAddr
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ