General

Malware Config

Signatures

Files

• 5327aaa8ae666d71d5e05932d348b7c78a2cc5abb927a1036f90a444d06ab509

  .dll windows:6 windows x86 arch:x86

  de2872d71a84c81deab0a4c4335a3ec7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  PDB Paths

  E:\工具\免杀\免杀思路\libcurl\Release\libcurl.pdb

  Imports

  kernel32

  WriteProcessMemory

  GetCurrentProcess

  VirtualAlloc

  TerminateProcess

  ResumeThread

  CloseHandle

  GetThreadContext

  VirtualAllocEx

  CreateProcessA

  SetThreadContext

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  vcruntime140

  memset

  _except_handler4_common

  __std_type_info_destroy_list

  api-ms-win-crt-runtime-l1-1-0

  _initterm

  _cexit

  _execute_onexit_table

  _initialize_onexit_table

  _configure_narrow_argv

  _initialize_narrow_environment

  _seh_filter_dll

  _initterm_e

  Exports

  Exports

  curl_easy_cleanup

  curl_easy_duphandle

  curl_easy_escape

  curl_easy_getinfo

  curl_easy_init

  curl_easy_option_by_id

  curl_easy_option_by_name

  curl_easy_option_next

  curl_easy_pause

  curl_easy_perform

  curl_easy_recv

  curl_easy_reset

  curl_easy_send

  curl_easy_setopt

  curl_easy_strerror

  curl_easy_unescape

  curl_easy_upkeep

  curl_escape

  curl_formadd

  curl_formfree

  curl_formget

  curl_free

  curl_getdate

  curl_getenv

  curl_global_cleanup

  curl_global_init

  curl_global_init_mem

  curl_global_sslset

  curl_maprintf

  curl_mfprintf

  curl_mime_addpart

  curl_mime_data

  curl_mime_data_cb

  curl_mime_encoder

  curl_mime_filedata

  curl_mime_filename

  curl_mime_free

  curl_mime_headers

  curl_mime_init

  curl_mime_name

  curl_mime_subparts

  curl_mime_type

  curl_mprintf

  curl_msnprintf

  curl_msprintf

  curl_multi_add_handle

  curl_multi_assign

  curl_multi_cleanup

  curl_multi_fdset

  curl_multi_info_read

  curl_multi_init

  curl_multi_perform

  curl_multi_poll

  curl_multi_remove_handle

  curl_multi_setopt

  curl_multi_socket

  curl_multi_socket_action

  curl_multi_socket_all

  curl_multi_strerror

  curl_multi_timeout

  curl_multi_wait

  curl_multi_wakeup

  curl_mvaprintf

  curl_mvfprintf

  curl_mvprintf

  curl_mvsnprintf

  curl_mvsprintf

  curl_pushheader_byname

  curl_pushheader_bynum

  curl_share_cleanup

  curl_share_init

  curl_share_setopt

  curl_share_strerror

  curl_slist_append

  curl_slist_free_all

  curl_strequal

  curl_strnequal

  curl_unescape

  curl_url

  curl_url_cleanup

  curl_url_dup

  curl_url_get

  curl_url_set

  curl_version

  curl_version_info

  Sections

  .text

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 912B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 248B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 344B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ