a9d1cdd8915863b3079977b911120b33

Sharing

Copy URL Twitter E-mail

General

Target

a9d1cdd8915863b3079977b911120b33
Size

454KB
MD5

a9d1cdd8915863b3079977b911120b33
SHA1

15c5691ceb5d3992639edc1dcf9aebf97824d101
SHA256

d3a02ec2a53d1d2aaef4638790d0a60dd3d21d898c38011b1669545b9bb6bc9a
SHA512

56eb94637d5c1c4a8884aeb533c3a989a0e38b8f9165adba8ded165d3e44e8e2c924868a78009327023ecca0caf0267a18240d288022f94935929169a6f550da
SSDEEP

12288:0Cj7zp3ltpFryhkK2DKtMpXghFZG6OgHAid+j:9XzlltzyhkK2FpXgIW/+j

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
a9d1cdd8915863b3079977b911120b33
unpack001/$PLUGINSDIR/System.dll
unpack001/$TEMP/NSISHLP/WFDLL.dll
unpack001/INSTALLER.exe
unpack001/emp.exe
unpack001/empmod.mod
unpack001/empsvc.svc
unpack001/uninst.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

a9d1cdd8915863b3079977b911120b33
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
GetLastError
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/NSISHLP/WFDLL.dll
.dll windows:4 windows x86 arch:x86

62941a8d0a0d0e5dc4ea3692634a0807

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapSize
HeapReAlloc
GetACP
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
WriteFile
GetCurrentProcess
GetProcessVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
GetModuleHandleA
SetLastError
WritePrivateProfileStringA
GlobalFlags
GetVersion
lstrcpynA
lstrcpyA
lstrcatA
FreeLibrary
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetWindowsDirectoryA
WideCharToMultiByte
GetModuleFileNameA
CreateDirectoryA
GetVersionExA
LoadLibraryA
GetProcAddress
GetStartupInfoA

user32

SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
RegisterWindowMessageA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SystemParametersInfoA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostMessageA
PostQuitMessage
GetClassNameA

gdi32

SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
GetUserNameA

shell32

SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoTaskMemFree

Exports

Exports

GetWritableFolder
IsSystemUser
IsVista

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
INSTALLER.exe
.exe windows:4 windows x86 arch:x86

a2126e98cfbf87683373df8f86c0bb62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
SetStdHandle
GetFileType
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
VirtualFree
FileTimeToSystemTime
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetCurrentDirectoryA
lstrcatA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
lstrcpynA
lstrcpyA
SetLastError
FormatMessageA
WaitForSingleObject
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
FreeLibrary
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FindFirstFileA
FindNextFileA
FindClose
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
Process32Next
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
LocalAlloc
LocalFree
GetVersionExA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
OutputDebugStringA
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
CopyFileA
GetFileAttributesA
Sleep
LoadLibraryA
GetProcAddress
VirtualAlloc

user32

GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetTopWindow
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
CharUpperA
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
ShowWindow
SetWindowPos
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
GetClassLongA
wsprintfA
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
PtInRect
GetClassNameA
ClientToScreen
LoadCursorA
LoadStringA
UnhookWindowsHookEx
SetFocus
GetSystemMetrics
DestroyWindow
GetDlgItem
CopyRect
GetClientRect
GetDC
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
CreateWindowExA
EnableWindow
SetCursor
PostQuitMessage
PostMessageA
RegisterWindowMessageA
GetWindowRect
SendMessageA
PeekMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetMenuItemCount
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetCapture
UnregisterClassA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetMapMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor
SetBkColor
GetStockObject
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SelectObject
DeleteObject
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegGetKeySecurity
RegSetKeySecurity
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoTaskMemFree
CoInitialize

url

InetIsOffline

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
config.dat
configver.dat
emp.exe
.exe windows:4 windows x86 arch:x86

9da36511d8ff96aeae2a5c01f1638947

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcatA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
SetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FormatMessageA
lstrcpyA
lstrcpynA
EnterCriticalSection
WaitForSingleObject
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetLastError
LocalAlloc
LocalFree
GetVersionExA
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetFileAttributesA
SetFileAttributesA
CopyFileA
SetProcessWorkingSetSize
GetCurrentProcess
OutputDebugStringA
WinExec
DeleteFileA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
GetEnvironmentVariableA
Process32Next

user32

RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
GetClassInfoA
WinHelpA
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
GetSysColorBrush
DestroyMenu
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
ClientToScreen
LoadStringA
GetSystemMetrics
CharUpperA
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostQuitMessage
PostMessageA
PeekMessageA
LoadCursorA
LoadIconA
RegisterClassA
CreateWindowExA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
DefWindowProcA
GetCapture
UnregisterClassA

gdi32

RestoreDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
GetDeviceCaps
SaveDC
DeleteDC
DeleteObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
CreateBitmap
SelectObject

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

AllocateAndInitializeSid
FreeSid
RegDeleteKeyA
RegGetKeySecurity
RegSetKeySecurity
LookupAccountNameA
GetLengthSid
InitializeSecurityDescriptor
InitializeAcl
GetAce
SetSecurityDescriptorDacl
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoTaskMemFree
CoInitialize

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
empmod.mod
.dll regsvr32 windows:4 windows x86 arch:x86

6b669369aae2d12805435c92af485464

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
CreateFileA
ReadFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileTime
WritePrivateProfileStringA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
RaiseException
SetStdHandle
GetFileType
ExitProcess
FileTimeToLocalFileTime
HeapSize
GetTimeZoneInformation
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
MulDiv
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
WaitForSingleObject
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
FormatMessageA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
Sleep
LocalAlloc
LocalFree
lstrcatA
lstrcpyA
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
GetShortPathNameA
lstrlenW
InterlockedDecrement
InterlockedIncrement
lstrlenA
TerminateThread
CreateDirectoryA
LoadLibraryA
FreeLibrary
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
SetFileAttributesA
DeleteFileA
GetModuleHandleA
GetProcAddress
GetFileAttributesA
CopyFileA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetFileSize
SetFilePointer
WriteFile
CloseHandle
IsBadReadPtr
OutputDebugStringA
CreateThread
SetThreadPriority
GetVersionExA
GetModuleFileNameA
SetLastError
VirtualAlloc
GetCurrentThread
SuspendThread
SetThreadContext
GetThreadContext
GetCurrentProcess
FlushInstructionCache
VirtualProtect
GetCurrentThreadId
InterlockedCompareExchange
VirtualQuery
ResumeThread
TerminateProcess
GetLastError

user32

CharUpperA
LoadStringA
UnregisterClassA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
LoadIconA
UpdateWindow
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
CreateWindowExA
GetClassLongA
UnhookWindowsHookEx
GetPropA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetKeyState
ValidateRect
SetWindowsHookExA
GetLastActivePopup
MessageBoxA
PostMessageA
PostQuitMessage
SetFocus
ShowWindow
SetWindowPos
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyMenu
SetPropA
GetSysColorBrush
DestroyWindow
GetParent
GetDlgItem
IsWindowEnabled
EnableWindow
GetCursorPos
ScreenToClient
SetCursor
PtInRect
IsWindowVisible
GetWindowRect
GetWindowLongA
LoadImageA
LoadCursorA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
SendMessageA
EnumChildWindows
GetClassNameA
FindWindowExA
SetWindowLongA
CallWindowProcA
IsWindow
GetFocus
GetDlgCtrlID
CallNextHookEx

gdi32

ExtTextOutA
Escape
TextOutA
RectVisible
PtVisible
GetDeviceCaps
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

GetAce
RegGetKeySecurity
RegSetKeySecurity
LookupAccountNameA
GetLengthSid
InitializeSecurityDescriptor
InitializeAcl
RegSetValueExA
SetSecurityDescriptorDacl
RegCreateKeyA
RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey

comctl32

ord17

ole32

CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

SysFreeString
VariantClear
VarUI4FromStr
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen
VariantInit
SysAllocStringLen

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHDATA
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
empsvc.svc
.exe windows:4 windows x86 arch:x86

e7b74375e735590a84a71150696ca83e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
ExitProcess
RaiseException
SetStdHandle
GetFileType
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
GetProcessVersion
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetCurrentThreadId
GetVersion
lstrcatA
lstrcmpA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
lstrcmpiA
GetFullPathNameA
CloseHandle
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
SetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
lstrcpynA
EnterCriticalSection
FormatMessageA
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetLastError
LocalAlloc
LocalFree
GetVersionExA
GetCurrentProcess
WinExec
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
TerminateProcess
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
GetCurrentProcessId
OpenProcess
GetFileAttributesA
SetFileAttributesA
DeleteFileA
CopyFileA
SetProcessWorkingSetSize
Sleep
SetEvent
CreateThread
CreateEventA
WaitForSingleObject
HeapCreate

user32

SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
PostMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
LoadIconA
GetNextDlgTabItem
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
UnhookWindowsHookEx
LoadStringA
GetSystemMetrics
CharUpperA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

AllocateAndInitializeSid
FreeSid
RegDeleteKeyA
RegGetKeySecurity
RegSetKeySecurity
LookupAccountNameA
GetLengthSid
InitializeSecurityDescriptor
InitializeAcl
GetAce
SetSecurityDescriptorDacl
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

shell32

SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoTaskMemFree
CoInitialize

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
except.dat
ignore.dat
reword.dat
uninst.exe
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
version.dat

Sharing

General

Malware Config

Signatures

Files

7fa974366048f9c551ef45714595665e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 3KB

4ec328f99bdd944fc98d8a5cf11f7a62

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 92B

.reloc Size: 512B - Virtual size: 496B

62941a8d0a0d0e5dc4ea3692634a0807

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 9KB

a2126e98cfbf87683373df8f86c0bb62

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

url

wininet

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 12KB - Virtual size: 8KB

9da36511d8ff96aeae2a5c01f1638947

Headers

File Characteristics

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 92B

.reloc
Size: 512B - Virtual size: 496B

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 12KB - Virtual size: 8KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 12KB - Virtual size: 8KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 20KB - Virtual size: 35KB

.SHDATA
Size: 4KB - Virtual size: 16B

.rsrc
Size: 36KB - Virtual size: 34KB

.reloc
Size: 24KB - Virtual size: 21KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 30KB