D:\BUILD\work\01\eaa9c8f89d885193\bin\CCleaner\Release\CCleaner.pdb
Static task
static1
3 signatures
Behavioral task
behavioral1
Sample
2024-04-22_3a1aa8715822220df233c9864d439464_magniber_revil.exe
Resource
win7-20240221-en
windows7-x64
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-04-22_3a1aa8715822220df233c9864d439464_magniber_revil.exe
Resource
win10v2004-20240412-en
windows10-2004-x64
10 signatures
150 seconds
General
-
Target
2024-04-22_3a1aa8715822220df233c9864d439464_magniber_revil
-
Size
18.1MB
-
MD5
3a1aa8715822220df233c9864d439464
-
SHA1
938ae6c16743c3cb0d8350424a88f0f5c090acb5
-
SHA256
fc1739cf09c569c1f5378ceef68f3d78a252cee0a3fec92a480cae7c05620d2b
-
SHA512
e997ecd341253d1ce32a7bbe8bef9dfaf8e79dde6d59f642dadfb3475345486c0accaae48067e11f4d04c9794e889bbac83fb9df2d9dafdba3f0daadba1c21b8
-
SSDEEP
196608:nGDZ9hB+JsVSeYmvvsqirsYmDwwzuhK+IAsrZuurqN+ElcA9ORd3Mu:SZ9vjVXPsqPtz3jduurqNjG3
Score
10/10
Malware Config
Signatures
-
Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 1 IoCs
resource yara_rule sample INDICATOR_SUSPICIOUS_Binary_References_Browsers -
Detects executables containing SQL queries to confidential data stores. Observed in infostealers 1 IoCs
resource yara_rule sample INDICATOR_SUSPICIOUS_EXE_SQLQuery_ConfidentialDataStore -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-04-22_3a1aa8715822220df233c9864d439464_magniber_revil
Files
-
2024-04-22_3a1aa8715822220df233c9864d439464_magniber_revil.exe windows:5 windows x86 arch:x86
292c64029d423bccb2d2d3ced6c81343
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntdll
RtlUnwind
VerSetConditionMask
RtlCaptureContext
rpcrt4
RpcStringFreeW
UuidCreate
UuidFromStringW
UuidToStringW
UuidFromStringA
kernel32
GetFullPathNameW
WritePrivateProfileStringW
lstrcpyW
GetEnvironmentVariableW
GetShortPathNameW
FileTimeToLocalFileTime
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
GetUserDefaultLangID
SetFileAttributesW
IsBadStringPtrW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SetProcessWorkingSetSize
GetFileSizeEx
QueueUserWorkItem
FlushViewOfFile
CreateFileMappingA
GetComputerNameW
LocalAlloc
LocalLock
LocalUnlock
GetNativeSystemInfo
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
GlobalMemoryStatusEx
GetSystemTimes
GetUserDefaultLCID
GetSystemDefaultUILanguage
GetSystemDefaultLCID
WTSGetActiveConsoleSessionId
GetLogicalDriveStringsW
QueryDosDeviceW
SetConsoleTextAttribute
GetTempPathW
lstrcmpA
BackupSeek
BackupRead
GetCompressedFileSizeW
GetDriveTypeW
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
GetVolumeInformationW
GetDiskFreeSpaceW
MoveFileW
FindFirstFileW
DeviceIoControl
GetFileInformationByHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CopyFileW
OutputDebugStringA
GetModuleFileNameA
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
GetLocaleInfoW
VerifyVersionInfoW
GetVersionExA
VirtualQuery
FlushInstructionCache
VirtualProtectEx
GetSystemInfo
GetThreadPriority
SetThreadPriority
VirtualAlloc
VirtualFree
GetThreadTimes
FlushConsoleInputBuffer
GlobalMemoryStatus
LoadLibraryA
GetModuleHandleA
GetFileType
GetStdHandle
WaitNamedPipeW
TransactNamedPipe
GetCurrentProcessId
DuplicateHandle
SetNamedPipeHandleState
SetUnhandledExceptionFilter
VirtualQueryEx
HeapCompact
DeleteFileA
GetFileAttributesA
GetDiskFreeSpaceA
HeapValidate
LockFile
InterlockedExchangeAdd
UnlockFileEx
HeapCreate
LockFileEx
UnlockFile
LocalSize
GetTempFileNameA
GetTempPathA
ReadDirectoryChangesW
SetConsoleCursorPosition
FillConsoleOutputAttribute
WriteConsoleInputW
CreateFileA
ReadConsoleInputW
FillConsoleOutputCharacterW
SetConsoleCursorInfo
GetConsoleCursorInfo
GetConsoleScreenBufferInfo
DebugBreak
CreateHardLinkW
ConnectNamedPipe
GetNamedPipeHandleStateA
CreateNamedPipeW
CreateNamedPipeA
SetHandleInformation
CancelIo
PostQueuedCompletionStatus
CreateSemaphoreA
InterlockedCompareExchange
GetCurrencyFormatW
CompareStringA
GlobalSize
AllocConsole
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
SetStdHandle
GetFullPathNameA
EnumSystemLocalesW
IsValidLocale
GetConsoleCP
ReadConsoleW
GetLogicalDrives
GetACP
WriteConsoleW
SetConsoleMode
ReadConsoleInputA
SetFileTime
GetNumberOfConsoleInputEvents
GetConsoleMode
SetConsoleCtrlHandler
PeekNamedPipe
ExitProcess
ExitThread
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
SignalObjectAndWait
CreateTimerQueue
UnhandledExceptionFilter
AreFileApisANSI
CreateWaitableTimerA
GetLogicalProcessorInformation
SetWaitableTimer
WaitForMultipleObjectsEx
OpenEventA
GetCPInfo
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleHandleExW
TryEnterCriticalSection
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
GetStringTypeW
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualProtect
OpenThread
CreateSemaphoreW
GetThreadContext
CreateThread
TerminateThread
SuspendThread
ReleaseSemaphore
GetSystemTime
GetCurrentThread
ExpandEnvironmentStringsA
GetTickCount
InitializeCriticalSection
SleepEx
VerifyVersionInfoA
FormatMessageA
ExpandEnvironmentStringsW
FindNextFileW
FindFirstFileExW
FindClose
GetBinaryTypeW
GetBinaryTypeA
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
SetInformationJobObject
TerminateJobObject
AssignProcessToJobObject
CreateJobObjectW
MoveFileExW
CreateDirectoryW
WaitForMultipleObjects
ResumeThread
GetQueuedCompletionStatus
CreateIoCompletionPort
GetExitCodeProcess
GetWindowsDirectoryW
GetProcessTimes
GetCurrentProcess
FileTimeToSystemTime
GetLongPathNameW
SetFilePointer
ReadFile
GetFileSize
CompareFileTime
SystemTimeToFileTime
GetLocalTime
GetVersion
GetPrivateProfileStringW
DeleteFileW
LocalFree
FormatMessageW
GetDiskFreeSpaceExW
SetCurrentDirectoryW
GetCurrentDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetCommandLineW
CreateProcessW
GetStartupInfoW
GetSystemDirectoryW
SetErrorMode
LoadLibraryExW
WriteFile
FlushFileBuffers
GetFileAttributesW
CreateMutexW
lstrcmpiW
CompareStringW
GetVersionExW
GetFileAttributesExW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcmpW
MulDiv
InterlockedIncrement
InterlockedDecrement
GlobalHandle
WideCharToMultiByte
GetModuleFileNameW
FreeResource
GetCurrentThreadId
SetLastError
GetModuleHandleW
MultiByteToWideChar
CreateEventA
CloseHandle
HeapAlloc
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
GlobalAlloc
GlobalLock
InitializeCriticalSectionAndSpinCount
GlobalUnlock
GlobalFree
InterlockedExchange
CreateFileW
CreateEventW
ResetEvent
SetEvent
Sleep
GetLastError
OpenProcess
TerminateProcess
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
RaiseException
DeleteCriticalSection
HeapReAlloc
HeapSize
HeapDestroy
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetTempFileNameW
user32
BeginPaint
InvalidateRect
UnregisterClassW
DefWindowProcW
DrawTextW
IsWindow
SetWindowTextW
GetWindowTextW
ReleaseDC
GetDC
MoveWindow
ScreenToClient
GetDlgItem
SendMessageW
SetWindowLongW
MapWindowPoints
GetClientRect
GetDesktopWindow
GetWindow
GetParent
EndPaint
InflateRect
SetWindowPos
GetWindowRect
GetActiveWindow
PostMessageW
GetSysColorBrush
EndDialog
WaitMessage
WinHelpW
LoadStringW
GetDialogBaseUnits
DrawIcon
MessageBeep
GetLastActivePopup
MonitorFromPoint
GetIconInfo
GetDlgCtrlID
PtInRect
IsZoomed
GetSystemMenu
TrackPopupMenu
SetForegroundWindow
RedrawWindow
TrackMouseEvent
SystemParametersInfoW
LoadImageW
IsWindowVisible
FillRect
LoadCursorW
CallWindowProcW
DestroyWindow
ShowWindow
UpdateWindow
CreateWindowExW
IsWindowEnabled
ChildWindowFromPoint
IsChild
GetSysColor
RegisterClassExW
PostThreadMessageW
GetQueueStatus
SetActiveWindow
DrawIconEx
CreateIconIndirect
LoadCursorFromFileA
GetClipboardSequenceNumber
EnumClipboardFormats
CountClipboardFormats
RegisterClipboardFormatW
MapVirtualKeyW
SetWinEventHook
SetCaretPos
CreateCaret
GetKeyboardLayout
DestroyCaret
EnumDisplayMonitors
EnumDisplayDevicesW
DeferWindowPos
GetMessageExtraInfo
NotifyWinEvent
SetClassLongW
BeginDeferWindowPos
CallMsgFilterW
GetDoubleClickTime
GetMessageTime
IsRectEmpty
GetUpdateRect
EndDeferWindowPos
EnumThreadWindows
GetClassInfoExW
CreateDialogParamW
FrameRect
RegisterWindowMessageW
DialogBoxParamW
EnableWindow
DialogBoxIndirectParamW
DestroyAcceleratorTable
InvalidateRgn
ReleaseCapture
SetCapture
ClientToScreen
DestroyCursor
GetNextDlgGroupItem
GetAsyncKeyState
CreateAcceleratorTableW
CharNextW
GetClassNameW
SetFocus
GetFocus
GetWindowTextLengthW
SendMessageTimeoutW
GetLastInputInfo
EnumDisplaySettingsW
WaitForInputIdle
ExitWindowsEx
GetWindowThreadProcessId
SetClipboardData
EmptyClipboard
GetDlgItemTextW
CharLowerA
CharLowerW
GetMenuItemID
DrawTextExW
SystemParametersInfoA
GetSystemMetrics
DrawFrameControl
ShowScrollBar
GetPropW
RemovePropW
GetScrollRange
SetScrollRange
EnableScrollBar
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
LoadBitmapW
MonitorFromWindow
GetMonitorInfoW
AnimateWindow
GetWindowPlacement
wsprintfW
SetParent
GetForegroundWindow
GetDlgItemInt
GetNextDlgTabItem
SetDlgItemTextW
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
GetShellWindow
GetWindowInfo
SetMenuDefaultItem
LockWindowUpdate
PostQuitMessage
IsDialogMessageW
FindWindowExW
LoadIconW
GetComboBoxInfo
AdjustWindowRectEx
GetMenu
DrawEdge
SendDlgItemMessageW
MapDialogRect
DeleteMenu
SetLayeredWindowAttributes
SetWindowContextHelpId
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
AppendMenuW
GetScrollPos
GetMessagePos
InsertMenuW
SetCursorPos
CreatePopupMenu
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageA
DispatchMessageA
EnableMenuItem
BringWindowToTop
MessageBoxW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
RegisterClassW
GetClassInfoW
WindowFromPoint
SetRect
IsIconic
EnumWindows
FindWindowW
OpenIcon
IsDlgButtonChecked
CheckDlgButton
GetClassLongW
SetScrollPos
GetScrollInfo
GetCapture
GetCursorPos
ScrollWindowEx
SetRectEmpty
SetScrollInfo
SetCursor
UpdateLayeredWindow
DestroyMenu
DrawFocusRect
DestroyIcon
DrawStateW
OffsetRect
GetWindowDC
SetPropW
CopyRect
GetKeyState
CreateDialogIndirectParamW
SetTimer
KillTimer
GetWindowLongW
gdi32
BitBlt
SetBkMode
SetTextColor
GetObjectW
CreateFontIndirectW
GetDeviceCaps
CreateSolidBrush
SetBkColor
ExtTextOutW
DeleteDC
StretchBlt
GetDIBColorTable
CreateDIBSection
SetDIBColorTable
GetStockObject
SaveDC
GetClipBox
SetLayout
EndPage
StartDocW
SetMapMode
EndDoc
StartPage
AddFontMemResourceEx
GetGlyphIndicesW
CreateFontW
EnumFontFamiliesExW
GetFontUnicodeRanges
SelectObject
SetViewportOrgEx
CreateRectRgnIndirect
CombineRgn
SelectClipRgn
GetTextExtentPoint32W
GetTextMetricsW
ExcludeClipRect
TextOutW
PatBlt
CreateBitmap
CreatePatternBrush
GetTextColor
GetBkColor
Rectangle
CreatePen
MoveToEx
LineTo
Ellipse
GetCurrentObject
PolylineTo
GetDIBits
GetObjectA
UnrealizeObject
StrokeAndFillPath
EndPath
BeginPath
GetClipRgn
CreateRectRgn
CreateDCW
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
RestoreDC
comdlg32
GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW
PrintDlgW
advapi32
LsaClose
LsaFreeMemory
LsaQueryInformationPolicy
DuplicateToken
MapGenericMask
LsaOpenPolicy
GetUserNameW
LookupAccountNameW
CopySid
GetLengthSid
EqualSid
OpenThreadToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountSidW
SetNamedSecurityInfoW
SetEntriesInAclW
AllocateAndInitializeSid
FreeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
RegEnumValueW
CryptGenRandom
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
GetTokenInformation
OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
AccessCheck
RegNotifyChangeKeyValue
OpenSCManagerW
OpenServiceW
StartServiceW
QueryServiceStatus
CryptGetHashParam
CryptHashData
CryptAcquireContextW
ConvertSidToStringSidW
CloseEventLog
ClearEventLogW
OpenEventLogW
LookupPrivilegeNameW
RegUnLoadKeyW
RegLoadKeyW
CloseServiceHandle
QueryServiceConfig2W
QueryServiceConfigW
QueryServiceStatusEx
EnumServicesStatusExW
ChangeServiceConfigW
GetFileSecurityW
shell32
Shell_NotifyIconW
DragFinish
DragQueryFileW
ExtractIconExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW
ord74
ord727
CommandLineToArgvW
SHGetSpecialFolderPathW
SHGetFileInfoW
SHEmptyRecycleBinW
SHAddToRecentDocs
SHGetFolderPathW
ShellExecuteExW
ole32
CoCreateGuid
CoFreeUnusedLibraries
StgOpenStorageEx
IIDFromString
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoTaskMemRealloc
ReleaseStgMedium
OleDuplicateData
RevokeDragDrop
RegisterDragDrop
DoDragDrop
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
PropVariantClear
StgIsStorageFile
oleaut32
LoadTypeLi
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
VariantClear
VariantInit
VarUI4FromStr
SysStringLen
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
LoadRegTypeLi
VarBstrCmp
DispCallFunc
VarBstrFromR8
VariantChangeType
VarBstrFromI4
VariantTimeToSystemTime
SysFreeString
shlwapi
PathAddBackslashW
StrRetToStrW
ord487
PathIsRelativeW
PathIsUNCW
PathStripPathA
PathFindFileNameW
PathCreateFromUrlW
PathIsURLW
SHStrDupW
PathFindExtensionW
PathCombineW
PathIsDirectoryEmptyW
PathRemoveExtensionA
PathAddExtensionW
PathRemoveExtensionW
PathStripToRootW
PathSkipRootW
PathRemoveBackslashW
PathGetDriveNumberW
PathCompactPathW
PathMatchSpecW
PathFileExistsW
PathCanonicalizeW
PathStripPathW
PathAppendW
PathUnquoteSpacesW
PathRemoveArgsW
PathRemoveFileSpecW
PathIsDirectoryW
comctl32
ImageList_GetIconSize
ImageList_GetIcon
ImageList_SetIconSize
ImageList_Duplicate
ImageList_Draw
ImageList_Destroy
ImageList_DrawEx
ImageList_LoadImageW
ImageList_Replace
ImageList_Add
ImageList_Create
ImageList_Remove
ImageList_GetImageCount
ImageList_ReplaceIcon
InitCommonControlsEx
_TrackMouseEvent
gdiplus
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdiplusShutdown
GdipFree
GdipCreatePath
GdipDeletePath
GdipCreatePathGradientFromPath
GdipDeleteBrush
GdipCloneBrush
GdipAlloc
GdipAddPathArcI
GdipAddPathLineI
GdipFillPath
GdipGetClipBoundsI
GdipCreateLineBrush
GdipMultiplyLineTransform
GdipCreateMatrix2
GdipSetLinePresetBlend
GdiplusStartup
GdipAddPathEllipse
GdipSetPathGradientPresetBlend
GdipSetPathGradientWrapMode
GdipSetPathGradientCenterPoint
GdipSetPathGradientTransform
GdipDrawPath
GdipFillRectanglesI
GdipSetClipRectI
GdipTranslateWorldTransform
GdipGetSmoothingMode
GdipSaveGraphics
GdipRestoreGraphics
GdipBeginContainer2
GdipGetPathWorldBounds
GdipClonePath
GdipSetClipRect
GdipAddPathRectangleI
GdipEndContainer
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRect
GdipTransformPoints
GdipMultiplyWorldTransform
GdipCreateMatrix
GdipDeleteMatrix
GdipGetWorldTransform
GdipGetMatrixElements
GdipTranslateMatrix
GdipRotateMatrix
GdipScaleMatrix
GdipShearMatrix
GdipCreateTexture
GdipFillEllipse
GdipDrawEllipse
GdipFillPie
GdipDrawPie
GdipDrawArc
GdipDrawRectangle
GdipResetPath
GdipIsVisiblePathPoint
GdipStartPathFigure
GdipAddPathLine
GdipClosePathFigure
GdipSetPathFillMode
ord1
GdipAddPathBezier
GdipSetPageUnit
GdipSetCompositingQuality
GdipSetPixelOffsetMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipCreateFromHWND
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipGetFontHeightGivenDPI
GdipMeasureString
GdipDeleteFontFamily
GdipGetFamily
GdipGetCellAscent
GdipGetFontSize
GdipGetEmHeight
GdipGetCellDescent
GdipDrawString
GdipAddPathString
GdipGetFontStyle
GdipCreatePen2
GdipSetPenEndCap
GdipSetPenStartCap
GdipSetPenLineJoin
GdipSetPenMiterLimit
GdipSetPenDashStyle
GdipSetPenDashArray
GdipSetPenDashOffset
GdipDeleteFont
GdipCreateFontFromDC
GdipGetLineSpacing
GdipCreateFontFromLogfontA
GdipCreateBitmapFromGraphics
GdipCreateHBITMAPFromBitmap
GdipDrawDriverString
GdipCreateSolidFill
GdipFillRectangleI
GdipCreateFromHDC
GdipSetSmoothingMode
GdipCreatePen1
GdipDeletePen
GdipDrawRectangleI
GdipCreateHatchBrush
GdipFillRectangle
GdipDrawLine
GdipCreateBitmapFromFile
GdipCloneImage
GdipGraphicsClear
GdipSetLineWrapMode
ws2_32
listen
WSASocketW
WSARecv
FreeAddrInfoW
GetAddrInfoW
send
WSAStartup
WSACleanup
WSAGetLastError
WSASend
shutdown
gethostname
getaddrinfo
freeaddrinfo
ioctlsocket
__WSAFDIsSet
select
bind
WSAIoctl
closesocket
WSASetLastError
getpeername
getsockname
socket
recv
WSARecvFrom
ntohs
connect
getsockopt
htons
setsockopt
psapi
GetProcessImageFileNameW
dbghelp
MakeSureDirectoryPathExists
urlmon
FindMimeFromData
winspool.drv
ord203
winmm
PlaySoundW
timeKillEvent
timeBeginPeriod
timeEndPeriod
timeGetTime
timeSetEvent
oleacc
AccessibleObjectFromWindow
LresultFromObject
imm32
ImmGetContext
ImmGetCompositionStringW
ImmIsIME
ImmNotifyIME
ImmAssociateContextEx
ImmSetCandidateWindow
ImmReleaseContext
usp10
ScriptApplyDigitSubstitution
ScriptItemize
ScriptBreak
ScriptShape
ScriptPlace
ScriptFreeCache
winhttp
WinHttpReadData
WinHttpSetTimeouts
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpWriteData
WinHttpQueryOption
WinHttpSendRequest
WinHttpOpenRequest
WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpSetOption
WinHttpSetCredentials
Exports
Exports
on_avast_dll_unload
Sections
.text Size: 8.5MB - Virtual size: 8.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 604KB - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5.4MB - Virtual size: 5.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ