modiloader | 7fcb9f250b9910bab4e7081bd95426f2bb3300a3e954424076164a101a51e4c7

Sharing

Copy URL Twitter E-mail

General

Target

7fcb9f250b9910bab4e7081bd95426f2bb3300a3e954424076164a101a51e4c7
Size

3.5MB
MD5

2653742b53507817610451e4e6b3329a
SHA1

7302bd522ccb655819d307a4848a032a9edea944
SHA256

7fcb9f250b9910bab4e7081bd95426f2bb3300a3e954424076164a101a51e4c7
SHA512

29c1a9fcb915f165d6fe5c7750d0913fcf426501e2774965d3337c40ce2cbbb83caa01eca17dcfbf435c5e53fb4eb7f52a997138846646a4eabfe9181572d865
SSDEEP

98304:kKgc5yu6tulo5WzOEpw2EWd7TGBFyU/mBDVj6ko:hb5v6tuUWzT/Em7HDY

Score

10^/10

upx modiloader

Malware Config

Signatures

ModiLoader First Stage 1 IoCs

resource	yara_rule
static1/unpack002/out.upx	modiloader_stage1

Modiloader family
modiloader

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Modular_ioAdmin.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Modular_ioAdmin.exe
unpack002/out.upx

Files

7fcb9f250b9910bab4e7081bd95426f2bb3300a3e954424076164a101a51e4c7
.zip
Modular_ioAdmin.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

@$xp$10Iled@TiLed
@$xp$10TCCalendar
@$xp$14Jclbase@PFloat
@$xp$15Jclmath@TNaNTag
@$xp$15Pngimage@TChunk
@$xp$16Cebutton@THAlign
@$xp$16Cebutton@TVAlign
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Cspin@TCSpinEdit
@$xp$16Itypes@TiNetData
@$xp$16Jclbase@PPointer
@$xp$16Jclmath@TJclASet
@$xp$16Pngimage@TFilter
@$xp$17Iclasses@TiButton
@$xp$17Itypes@TiTextFlag
@$xp$17Jclbase@EJclError
@$xp$17Jclbase@PCardinal
@$xp$17Jvtypes@PJvAniTag
@$xp$17Jvtypes@TInputKey
@$xp$17Jvtypes@TJvAniTag
@$xp$17Jvtypes@TJvFourCC
@$xp$17Jvtypes@TJvLayout
@$xp$17Jvtypes@TJvRegKey
@$xp$17Pngimage@TFilters
@$xp$17Pngimage@TPNGList
@$xp$17Pngimage@TRGBLine
@$xp$17Pngimage@pRGBLine
@$xp$17TPerformanceGraph
@$xp$17Tntforms@TTntForm
@$xp$18Cecheckbox@TVAlign
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18Cspin@TCSpinButton
@$xp$18IMPORT_OBJECT_TYPE
@$xp$18Iclasses@TiGotoURL
@$xp$18Iopcitem@TiOPCItem
@$xp$18Itypes@TiDirection
@$xp$18Itypes@TiTextFlags
@$xp$18Jclmath@PDelphiSet
@$xp$18Jclmath@TDelphiSet
@$xp$18Jclshell@TAnsiPath
@$xp$18Jclsynch@TJclEvent
@$xp$18Jclsynch@TJclMutex
@$xp$18Jclsynch@TJclOptex
@$xp$18Jvjclutils@TdtKind
@$xp$18Jvtypes@JvTypes__4
@$xp$18Jvtypes@JvTypes__5
@$xp$18Jvtypes@JvTypes__6
@$xp$18Jvtypes@TColorType
@$xp$18Jvtypes@TDateOrder
@$xp$18Jvtypes@TInputKeys
@$xp$18Jvtypes@TJvDiskRes
@$xp$18Jvtypes@TJvRegKeys
@$xp$18Netlabel@TNetLabel
@$xp$18Pngimage@EPngError
@$xp$18Pngimage@TIHDRData
@$xp$18Pngimage@TRGBPixel
@$xp$18Pngimage@pCardinal
@$xp$18Pngimage@pIHDRData
@$xp$18Pngimage@pRGBPixel
@$xp$18Tntforms@TFormProc
@$xp$18Tntforms@TTntFrame
@$xp$19Cebutton@TAlignMode
@$xp$19Imath@TRoundToRange
@$xp$19Itypes@TPointDouble
@$xp$19Itypes@TiBevelStyle
@$xp$19Itypes@TiBrowseType
@$xp$19Itypes@TiRectDouble
@$xp$19Itypes@TiServerData
@$xp$19Jclmath@TJclFlatSet
@$xp$19Jclshell@PShellLink
@$xp$19Jclshell@TShellLink
@$xp$19Jclsynch@TEventInfo
@$xp$19Jclsynch@TMutexInfo
@$xp$19Jclsynch@TTimerInfo
@$xp$19Jvcomponent@TJvForm
@$xp$19Jvexforms@TJvExForm
@$xp$19Jvjvclutils@TJvRect
@$xp$19Jvjvclutils@TJvSize
@$xp$19Jvtypes@PJvRGBArray
@$xp$19Jvtypes@PRGBPalette
@$xp$19Jvtypes@TDaysOfWeek
@$xp$19Jvtypes@TJvRGBArray
@$xp$19Jvtypes@TRGBPalette
@$xp$19Jvxpcore@TJvXPStyle
@$xp$19Jvxpcore@TJvXPTheme
@$xp$19Pngimage@TByteArray
@$xp$19Pngimage@TChunkIDAT
@$xp$19Pngimage@TChunkIEND
@$xp$19Pngimage@TChunkIHDR
@$xp$19Pngimage@TChunkName
@$xp$19Pngimage@TChunkPLTE
@$xp$19Pngimage@TChunkgAMA
@$xp$19Pngimage@TChunktEXt
@$xp$19Pngimage@TChunktIME
@$xp$19Pngimage@TChunktRNS
@$xp$19Pngimage@TChunkzTXt
@$xp$19Pngimage@TPNGObject
@$xp$19Pngimage@pByteArray
@$xp$20Iclasses@TiLimitData
@$xp$20Igradient@TiGradient
@$xp$20Iledround@TiLedRound
@$xp$20Itypes@TiDrawSection
@$xp$20Itypes@TiOrientation
@$xp$20Itypes@TiRepaintType
@$xp$20Jclmath@TJclRational
@$xp$20Jclmath@TRectComplex
@$xp$20Jclrtti@IJclBaseInfo
@$xp$20Jclrtti@IJclPropInfo
@$xp$20Jclrtti@IJclTypeInfo
@$xp$20Jclstrings@IToString
@$xp$20Jclsysinfo@TFreqInfo
@$xp$20Jclsysutils@IAutoPtr
@$xp$20Jclwin32@PLSA_HANDLE
@$xp$20Jvexforms@TJvExFrame
@$xp$20Jvjvclutils@TJvPoint
@$xp$20Jvjvclutils@TProcObj
@$xp$20Jvthemes@JvThemes__1
@$xp$20Jvtypes@TCMForceSize
@$xp$20Jvtypes@TJvAniHeader
@$xp$20Jvtypes@TJvAnimation
@$xp$20Jvtypes@TJvDiskStyle
@$xp$20Jvtypes@TJvDriveType
@$xp$20Jvtypes@TJvImageSize
@$xp$20Jvtypes@TJvRGBTriple
@$xp$20Jvxpcore@JvXPCore__1
@$xp$20Jvxpcore@JvXPCore__2
@$xp$20Jvxpcore@JvXPCore__3
@$xp$20Netlabel@TWindowSize
@$xp$20Pngimage@TChunkClass
@$xp$20Pngimage@pngimage__1
@$xp$20Tntstdctrls@TTntEdit
@$xp$20Tntstdctrls@TTntMemo
@$xp$21Iclasses@TiDrawObject
@$xp$21Itypes@TOPCDLLNewData
@$xp$21Itypes@TiLeadingStyle
@$xp$21Jcl8087@T8087Infinity
@$xp$21Jcl8087@T8087Rounding
@$xp$21Jclbase@PJclByteArray
@$xp$21Jclbase@PLargeInteger
@$xp$21Jclbase@TDynByteArray
@$xp$21Jclbase@TDynWordArray
@$xp$21Jclbase@TJclByteArray
@$xp$21Jclmath@EJclMathError
@$xp$21Jclmath@EJclNaNSignal
@$xp$21Jclmath@PPointerArray
@$xp$21Jclmath@TPointerArray
@$xp$21Jclmath@TPolarComplex
@$xp$21Jclregistry@TExecKind
@$xp$21Jclrtti@EJclRTTIError
@$xp$21Jclshell@TUnicodePath
@$xp$21Jclsysinfo@TCacheInfo
@$xp$21Jvexcontrols@TDlgCode
@$xp$21Jvtypes@PRGBQuadArray
@$xp$21Jvtypes@TDefColorItem
@$xp$21Jvtypes@TJvAnimations
@$xp$21Jvtypes@TJvBevelStyle
@$xp$21Jvtypes@TJvDiskStyles
@$xp$21Jvtypes@TJvDriveTypes
@$xp$21Jvtypes@TJvErrorEvent
@$xp$21Jvtypes@TJvImageAlign
@$xp$21Jvtypes@TJvOutputMode
@$xp$21Jvtypes@TJvPersistent
@$xp$21Jvtypes@TJvSortMethod
@$xp$21Jvtypes@TRGBQuadArray
@$xp$21Netlabel@TAddressType
@$xp$21Pngimage@TZStreamRec2
@$xp$21Tntextctrls@TTntBevel
@$xp$21Tntextctrls@TTntImage
@$xp$21Tntextctrls@TTntPanel
@$xp$21Tntextctrls@TTntShape
@$xp$21Tntmenus@TTntMainMenu
@$xp$21Tntmenus@TTntMenuItem
@$xp$21Tntstdctrls@TTntLabel
@$xp$21Xstringgrid@TSwapProc
@$xp$22Iclasses@TiLimitObject
@$xp$22Iclasses@TiMinMaxPoint
@$xp$22Icomponent@TiComponent
@$xp$22Itypes@TiDrawEdgeStyle
@$xp$22Itypes@TiFillDirection
@$xp$22Itypes@TiLogLabelStyle
@$xp$22Itypes@TiNameSpaceType
@$xp$22Itypes@TiPlotLineStyle
@$xp$22Itypes@TiRotationAngle
@$xp$22Itypes@TiSideAlignment
@$xp$22Jcl8087@T8087Exception
@$xp$22Jcl8087@T8087Precision
@$xp$22Jclbase@EJclWin32Error
@$xp$22Jclbase@PULargeInteger
@$xp$22Jclbase@TDynFloatArray
@$xp$22Jclbase@TDynInt64Array
@$xp$22Jclbase@TSetOfAnsiChar
@$xp$22Jclbase@TULargeInteger
@$xp$22Jclconsole@TJclConsole
@$xp$22Jclfileutils@TFileFlag
@$xp$22Jcllogic@TBooleanArray
@$xp$22Jclrtti@IJclInfoWriter
@$xp$22Jclrtti@TJclInfoWriter
@$xp$22Jclshell@TSHCopyOption
@$xp$22Jclshell@TSHMoveOption
@$xp$22Jclsynch@TJclSemaphore
@$xp$22Jclsysutils@ISafeGuard
@$xp$22Jvclver@TJVCLAboutInfo
@$xp$22Jvexcontrols@TDlgCodes
@$xp$22Jvjvclutils@TJvPicture
@$xp$22Jvthemes@TJvThemeStyle
@$xp$22Jvtypes@EJVCLException
@$xp$22Jvtypes@TDayOfWeekName
@$xp$22Jvtypes@TJvBitmapStyle
@$xp$22Jvtypes@TJvDeleteStyle
@$xp$22Jvtypes@TJvFileInfoRec
@$xp$22Jvtypes@TJvParentEvent
@$xp$22Jvtypes@TJvTriggerKind
@$xp$22Jvxpcore@TJvXPGradient
@$xp$22Pngimage@EPNGNotExists
@$xp$22Pngimage@EPNGOutMemory
@$xp$22Pngimage@EPNGZLIBError
@$xp$22Pngimage@TPointerArray
@$xp$22Pngimage@pPointerArray
@$xp$22Tntactnlist@ITntAction
@$xp$22Tntactnlist@TTntAction
@$xp$22Tntclasses@TTntStrings
@$xp$22Tntcomctrls@TTntUpDown
@$xp$22Tntforms@TTntScrollBox
@$xp$22Tntmenus@TTntPopupList
@$xp$22Tntmenus@TTntPopupMenu
@$xp$22Tntstdctrls@TTntButton
@$xp$23Cebutton@TButtonInplace
@$xp$23Cspin@TTimerSpeedButton
@$xp$23IMPORT_OBJECT_NAME_TYPE
@$xp$23Iclasses@TiMemoryStream
@$xp$23Icomponent@TiPaintEvent
@$xp$23Imath@PointDynamicArray
@$xp$23Itypes@TOnPositionLimit
@$xp$23Itypes@TiAutoScaleStyle
@$xp$23Itypes@TiClockHourStyle
@$xp$23Itypes@TiCountDirection
@$xp$23Itypes@TiDrawObjectType
@$xp$23Itypes@TiLabelAlignment
@$xp$23Itypes@TiPrecisionStyle
@$xp$23Jcl8087@T8087Exceptions
@$xp$23Jclbase@TDynDoubleArray
@$xp$23Jclbase@TDynObjectArray
@$xp$23Jclbase@TDynSingleArray
@$xp$23Jclbase@TDynStringArray
@$xp$23Jclfileutils@PLangIdRec
@$xp$23Jclfileutils@TFileFlags
@$xp$23Jclfileutils@TLangIdRec
@$xp$23Jclrtti@IJclSetTypeInfo
@$xp$23Jclshell@TEnumFolderRec
@$xp$23Jclshell@TSHCopyOptions
@$xp$23Jclshell@TSHMoveOptions
@$xp$23Jclsynch@EJclEventError
@$xp$23Jclsynch@EJclMutexError
@$xp$23Jclsynch@TJclWaitResult
@$xp$23Jclsynch@TMrewPreferred
@$xp$23Jclsysinfo@TAMDSpecific
@$xp$23Jclsysinfo@TCacheFamily
@$xp$23Jclsysinfo@TVIASpecific
@$xp$23Jclsysutils@PFieldEntry
@$xp$23Jclsysutils@PFieldTable
@$xp$23Jclsysutils@TDigitCount
@$xp$23Jclsysutils@TDigitValue
@$xp$23Jclsysutils@TFieldEntry
@$xp$23Jclsysutils@TFieldTable
@$xp$23Jvexstdctrls@TJvExLabel
@$xp$23Jvjclutils@TIntegerList
@$xp$23Jvtypes@TJvDeleteStyles
@$xp$23Jvtypes@TJvWaveLocation
@$xp$23Jvxpbuttons@TJvXPButton
@$xp$23Jvxpbuttons@TJvXPLayout
@$xp$23Jvxpcore@TJvXPDrawState
@$xp$23Pngimage@EPngInvalidCRC
@$xp$23Pngimage@TMAXBITMAPINFO
@$xp$23Tntclasses@TAnsiStrings
@$xp$23Tntcomctrls@TTntToolBar
@$xp$23Tntgraphics@TTntPicture
@$xp$23Tntstdactns@TTntEditCut
@$xp$23Tntstdctrls@TTntListBox
@$xp$23Tntsysutils@TSearchRecW
@$xp$23Xstringgrid@TCellEditor
@$xp$24Activeimm_tlb@IActiveIME
@$xp$24Cecheckbox@TSetTextEvent
@$xp$24Iclasses@TiLimitDataList
@$xp$24Idoublelist@TiDoubleList
@$xp$24Imath@DoubleDynamicArray
@$xp$24Itypes@TIndexObjectEvent
@$xp$24Itypes@TRequestEditEvent
@$xp$24Itypes@TiOrientationSide
@$xp$24Itypes@TiPlotMarkerStyle
@$xp$24Itypes@TiScaleAlignStyle
@$xp$24Jclbase@TDynIntegerArray
@$xp$24Jclbase@TDynLongIntArray
@$xp$24Jclbase@TDynPointerArray
@$xp$24Jclfileutils@PPCharArray
@$xp$24Jclfileutils@TPCharArray
@$xp$24Jclrtti@TJclPropSpecKind
@$xp$24Jclshell@TEnumFolderFlag
@$xp$24Jclshell@TJclFileExeType
@$xp$24Jclshell@TSHDeleteOption
@$xp$24Jclshell@TSHRenameOption
@$xp$24Jclstrings@TCharDynArray
@$xp$24Jclsynch@PMeteredSection
@$xp$24Jclsynch@TMeteredSection
@$xp$24Jclsynch@TMrewThreadInfo
@$xp$24Jclsysinfo@JclSysInfo__1
@$xp$24Jclsysutils@EJclVMTError
@$xp$24Jclsysutils@PMethodEntry
@$xp$24Jclsysutils@PMethodTable
@$xp$24Jclsysutils@TMethodEntry
@$xp$24Jclsysutils@TMethodTable
@$xp$24Jclsysutils@TTextHandler
@$xp$24Jclwidestrings@TWStrings
@$xp$24Jvexcontrols@IJvHotTrack
@$xp$24Jvexforms@TJvExScrollBox
@$xp$24Jvexstdctrls@TJvExButton
@$xp$24Jvtypes@TJvDoneFileEvent
@$xp$24Jvtypes@TJvGradientStyle
@$xp$24Jvtypes@TJvNextPageEvent
@$xp$24Jvtypes@TJvPopupPosition
@$xp$24Jvtypes@TJvProgressEvent
@$xp$24Jvxpcore@TJvXPBoundLines
@$xp$24Jvxpcore@TJvXPWinControl
@$xp$24Pngimage@EPNGNoImageData
@$xp$24Pngimage@EPNGSizeExceeds
@$xp$24Pngimage@EPngInvalidIHDR
@$xp$24Pngimage@TPNGPointerList
@$xp$24Tntclipbrd@TTntClipboard
@$xp$24Tntcomctrls@TTntListItem
@$xp$24Tntcomctrls@TTntListView
@$xp$24Tntcomctrls@TTntRichEdit
@$xp$24Tntcomctrls@TTntTabSheet
@$xp$24Tntcomctrls@TTntTrackBar
@$xp$24Tntcomctrls@TTntTreeNode
@$xp$24Tntcomctrls@TTntTreeView
@$xp$24Tntcontrols@TWideCaption
@$xp$24Tntextctrls@TTntPaintBox
@$xp$24Tntextctrls@TTntSplitter
@$xp$24Tntforms@TTntApplication
@$xp$24Tntforms@TTntCustomFrame
@$xp$24Tntstdactns@TTntEditCopy
@$xp$24Tntstdactns@TTntEditUndo
@$xp$24Tntstdactns@TTntFileExit
@$xp$24Tntstdactns@TTntFileOpen
@$xp$24Tntstdactns@TTntFontEdit
@$xp$24Tntstdactns@TTntPrintDlg
@$xp$24Tntstdctrls@TTntCheckBox
@$xp$24Tntstdctrls@TTntComboBox
@$xp$24Tntstdctrls@TTntGroupBox
@$xp$24Xstringgrid@TCompareProc
@$xp$24Xstringgrid@TEditInplace
@$xp$24Xstringgrid@TXStringGrid
@$xp$25Activeimm_tlb@IActiveIME2
@$xp$25Activeimm_tlb@TCActiveIMM
@$xp$25Cecheckbox@TSetStateEvent
@$xp$25Iclasses@PiLimitDataArray
@$xp$25Iclasses@TiLimitDataArray
@$xp$25Iclasses@TiURLShowCommand
@$xp$25Iclasses@TiUserSchemeList
@$xp$25Iopcitem@TiOPCItemManager
@$xp$25Itypes@TGetDesigningEvent
@$xp$25Itypes@TiChannelDataSatus
@$xp$25Itypes@TiChannelLineStyle
@$xp$25Itypes@TiFilterInputStyle
@$xp$25Itypes@TiPlotExportFormat
@$xp$25Itypes@TiSliderTrackStyle
@$xp$25Jclbase@EJclInternalError
@$xp$25Jclbase@TDynCardinalArray
@$xp$25Jclbase@TDynExtendedArray
@$xp$25Jclbase@TDynShortIntArray
@$xp$25Jclbase@TDynSmallIntArray
@$xp$25Jclconsole@TJclScreenFont
@$xp$25Jclfileutils@TCompactPath
@$xp$25Jclfileutils@TFileHandler
@$xp$25Jclmath@TJclSparseFlatSet
@$xp$25Jclrtti@IJclClassTypeInfo
@$xp$25Jclrtti@IJclEventTypeInfo
@$xp$25Jclrtti@IJclFloatTypeInfo
@$xp$25Jclrtti@IJclInt64TypeInfo
@$xp$25Jclshell@TEnumFolderFlags
@$xp$25Jclshell@TSHDeleteOptions
@$xp$25Jclshell@TSHRenameOptions
@$xp$25Jclstrings@TStringBuilder
@$xp$25Jclsynch@POptexSharedInfo
@$xp$25Jclsynch@TOptexSharedInfo
@$xp$25Jclsynch@TSemaphoreCounts
@$xp$25Jclsysinfo@TAPMLineStatus
@$xp$25Jclsysinfo@TCyrixSpecific
@$xp$25Jclsysinfo@TIntelSpecific
@$xp$25Jclsysinfo@TNtProductType
@$xp$25Jclsysutils@TJclSimpleLog
@$xp$25Jvexcontrols@IJvExControl
@$xp$25Jvexcontrols@TJvExControl
@$xp$25Jvexforms@TJvExCustomForm
@$xp$25Jvexforms@TJvExToolWindow
@$xp$25Jvtypes@TJvClickColorType
@$xp$25Jvtypes@TJvLinkClickEvent
@$xp$25Jvxpbuttons@TJvXPToolType
@$xp$25Jvxpcore@TJvXPGlyphLayout
@$xp$25PPOLICY_INFORMATION_CLASS
@$xp$25Pngimage@EPNGIHDRNotFirst
@$xp$25Pngimage@TInterlaceMethod
@$xp$25Tntclasses@TTntFileStream
@$xp$25Tntclasses@TTntStringList
@$xp$25Tntclasses@TntClasses__11
@$xp$25Tntcomctrls@TTntListItems
@$xp$25Tntcomctrls@TTntStatusBar
@$xp$25Tntcomctrls@TTntTreeNodes
@$xp$25Tntdialogs@TTntOpenDialog
@$xp$25Tntdialogs@TTntSaveDialog
@$xp$25Tntstdactns@TTntEditPaste
@$xp$25Tntstdctrls@TTntScrollBar
@$xp$25Tntsysutils@ETntUserError
@$xp$25Tntsysutils@TWideFileName
@$xp$25Xstringgrid@TComboInplace
@$xp$25_POLICY_INFORMATION_CLASS
@$xp$26Activeimm_tlb@CoCActiveIMM
@$xp$26Cebutton@TButtonCellEditor
@$xp$26Iclasses@TiPlotMinMaxPoint
@$xp$26Iclasses@TiSchemeListClass
@$xp$26Iclasses@TiXMLMemoryStream
@$xp$26Iscaleobject@TiScaleObject
@$xp$26Itypes@TOPCDLLObjectUpdate
@$xp$26Itypes@TiAlignmentVertical
@$xp$26Itypes@TiMouseControlStyle
@$xp$26Jclconsole@TJclInputBuffer
@$xp$26Jclfileutils@EJclPathError
@$xp$26Jclrtti@IJclEventParamInfo
@$xp$26Jclrtti@IJclStringTypeInfo
@$xp$26Jclstrings@FormatException
@$xp$26Jclsynch@TJclWaitableTimer
@$xp$26Jclsysinfo@TAPMBatteryFlag
@$xp$26Jclsysinfo@TFileSystemFlag
@$xp$26Jclsysinfo@TFreeSysResKind
@$xp$26Jclsysinfo@TTLBInformation
@$xp$26Jclsysinfo@TWindowsVersion
@$xp$26Jclwidestrings@TSearchFlag
@$xp$26Jvappstorage@TFileLocation
@$xp$26Jvappstorage@TJvAppStorage
@$xp$26Jvexforms@TJvExCustomFrame
@$xp$26Jvexstdctrls@TJvExCheckBox
@$xp$26Jvexstdctrls@TJvExGroupBox
@$xp$26Jvjvclutils@TFillDirection
@$xp$26Jvjvclutils@TMappingMethod
@$xp$26Jvjvclutils@TMenuAnimation
@$xp$26Jvjvclutils@TVertAlignment
@$xp$26Jvtypes@TJvColorQuadLayOut
@$xp$26Jvtypes@TJvDoneStreamEvent
@$xp$26Jvtypes@TJvTrackFontOption
@$xp$26Jvxpcore@TJvXPControlStyle
@$xp$26Jvxpcore@TJvXPStyleManager
@$xp$26Pngimage@EPngUnexpectedEnd
@$xp$26Pngimage@TCompressionLevel

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 553KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 783KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 317KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
help/ioLogik4kPowerConsumptionEstimation.xls
help/ioLogikE4200.HLP
help/sthelp.ico
image/Bar.jpg
.jpg
image/E4200-1.jpg
.jpg
image/E4200-2.jpg
.jpg
image/M-1400.jpg
.jpg
image/M-1401.jpg
.jpg
image/M-1410.jpg
.jpg
image/M-1411.jpg
.jpg
image/M-1450.jpg
.jpg
image/M-1451.jpg
.jpg
image/M-1600.jpg
.jpg
image/M-1601.jpg
.jpg
image/M-1800.jpg
.jpg
image/M-1801.jpg
.jpg
image/M-2250.jpg
.jpg
image/M-2254.jpg
.jpg
image/M-2400.jpg
.jpg
image/M-2401.jpg
.jpg
image/M-2402.jpg
.jpg
image/M-2403.jpg
.jpg
image/M-2404.jpg
.jpg
image/M-2405.jpg
.jpg
image/M-2450.jpg
.jpg
image/M-2600.jpg
.jpg
image/M-2601.jpg
.jpg
image/M-2800.jpg
.jpg
image/M-2801.jpg
.jpg
image/M-2852.jpg
.jpg
image/M-3400.jpg
.jpg
image/M-3401.jpg
.jpg
image/M-3402.jpg
.jpg
image/M-3403.jpg
.jpg
image/M-3410.jpg
.jpg
image/M-3411.jpg
.jpg
image/M-3412.jpg
.jpg
image/M-3413.jpg
.jpg
image/M-3414.jpg
.jpg
image/M-3415.jpg
.jpg
image/M-3802.jpg
.jpg
image/M-3810.jpg
.jpg
image/M-4201.jpg
.jpg
image/M-4202.jpg
.jpg
image/M-4210.jpg
.jpg
image/M-4211.jpg
.jpg
image/M-4212.jpg
.jpg
image/M-4402.jpg
.jpg
image/M-4410.jpg
.jpg
image/M-5101.jpg
.jpg
image/M-5102.jpg
.jpg
image/M-6200.jpg
.jpg
image/M-6201.jpg
.jpg
image/M-7001.jpg
.jpg
image/M-7002.jpg
.jpg
image/M-7803.jpg
.jpg
image/M-7804.jpg
.jpg
image/M-7805.jpg
.jpg
image/M-7806.jpg
.jpg
image/M-Common.jpg
.jpg
image/dinrail.jpg
.jpg

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 5.4MB

UPX1 Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 33KB - Virtual size: 36KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.data Size: 553KB - Virtual size: 588KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 20KB - Virtual size: 20KB

.edata Size: 783KB - Virtual size: 784KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 317KB - Virtual size: 320KB

UPX0
Size: - Virtual size: 5.4MB

UPX1
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 33KB - Virtual size: 36KB

.text
Size: 3.6MB - Virtual size: 3.6MB

.data
Size: 553KB - Virtual size: 588KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 20KB - Virtual size: 20KB

.edata
Size: 783KB - Virtual size: 784KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 317KB - Virtual size: 320KB