2024-05-05_76d6c2813fe2466041e70ac6b6879b4f_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-05_76d6c2813fe2466041e70ac6b6879b4f_ryuk
Size

20.6MB
MD5

76d6c2813fe2466041e70ac6b6879b4f
SHA1

0a49f3f334148a370f1cc823db6a32f2a9f88f4e
SHA256

e4f8bd5e166b77f47a4936d8d4bc4f8ac63850ebad98ed175b957630c918e0df
SHA512

9cee78f1223b6f21d7f9432b49cbd1dc941a72fef124fd0d1fc0e89d0ea340eacae11e5705d2724319e2fac72182be85d9aa0c0badeaae1f9bf2f7c3cd624814
SSDEEP

393216:23/y0ajA+QeZX6twGsukrlTM7rZMa3fnsHXV:2vy4d3wV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-05_76d6c2813fe2466041e70ac6b6879b4f_ryuk

Files

2024-05-05_76d6c2813fe2466041e70ac6b6879b4f_ryuk
.exe windows:5 windows x64 arch:x64

f4c8ed734c19b3f543135b9361072243

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\PandoraTV\Project\KMP\KMPX\SRC\bin\KMPlayer_x64\KMPlayer64.pdb

Imports

dwmapi

DwmExtendFrameIntoClientArea

gdiplus

GdiplusShutdown
GdipDisposeImage
GdipFree
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImageEncoders
GdipGetImageEncodersSize
GdiplusStartup
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipSaveImageToFile
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC

uxtheme

EndBufferedPaint
GetCurrentThemeName
OpenThemeData
IsThemeBackgroundPartiallyTransparent
ord61
GetThemeSysColor
CloseThemeData
DrawThemeBackground
DrawThemeText
BeginBufferedPaint
BufferedPaintSetAlpha
GetWindowTheme
GetThemeColor
SetWindowTheme
GetThemePartSize
IsAppThemed
DrawThemeParentBackground

winmm

waveOutGetVolume
timeGetTime
timeSetEvent
timeKillEvent
timeBeginPeriod
timeEndPeriod
PlaySoundW
timeGetDevCaps
mixerSetControlDetails
waveOutSetVolume

kernel32

GetFileSize
LockFile
UnlockFile
lstrcmpiW
GetStringTypeExW
GetThreadLocale
lstrcmpA
GetProfileIntW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
VerifyVersionInfoW
FindResourceExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetSystemDefaultUILanguage
GlobalFlags
SetErrorMode
GetWindowsDirectoryW
SearchPathW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
QueryActCtxW
QueryDepthSList
InterlockedPopEntrySList
GetModuleHandleA
GetThreadTimes
CreateActCtxW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FindFirstFileExW
GetConsoleCP
GetOEMCP
IsValidCodePage
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
HeapQueryInformation
SetStdHandle
ExitProcess
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
RtlUnwindEx
InterlockedFlushSList
InterlockedPushEntrySList
LCMapStringW
SizeofResource
LockResource
LoadResource
FindActCtxSectionStringW
DeactivateActCtx
UnregisterWaitEx
ActivateActCtx
GlobalFindAtomW
GetModuleHandleExW
EncodePointer
GlobalSize
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
OutputDebugStringW
GetStringTypeW
TryEnterCriticalSection
Thread32First
Thread32Next
HeapCreate
LoadLibraryA
GetTimeZoneInformation
SuspendThread
GetProcessAffinityMask
GetShortPathNameW
GetLongPathNameW
RemoveDirectoryW
CreateHardLinkW
MoveFileW
SetFileAttributesW
GetSystemDirectoryW
GetConsoleMode
TzSpecificLocalTimeToSystemTime
GetFileType
GetFileTime
SetFileTime
FlushFileBuffers
SetEndOfFile
SetFilePointer
IsDBCSLeadByte
GetCPInfo
CompareStringW
FoldStringW
AreFileApisANSI
DebugBreak
IsDBCSLeadByteEx
LocalAlloc
IsBadWritePtr
IsBadReadPtr
GlobalGetAtomNameW
FormatMessageW
FlushInstructionCache
QueryPerformanceCounter
QueryPerformanceFrequency
lstrlenW
SetThreadPriority
GetCurrentThread
GetThreadPriority
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
GetNumberFormatW
SetLastError
GetVersionExW
GetFileAttributesW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
OutputDebugStringA
GetSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FormatMessageA
FreeEnvironmentStringsW
GetEnvironmentStringsW
DuplicateHandle
CreateThread
GetVolumeInformationW
RtlPcToFileHeader
QueueUserWorkItem
GetExitCodeThread
FindResourceW
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
GetTempFileNameW
DecodePointer
RaiseException
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetUserDefaultUILanguage
ReadDirectoryChangesW
GetOverlappedResult
CancelIo
GetACP
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesExW
GlobalDeleteAtom
GlobalAddAtomW
ResumeThread
ReleaseMutex
CreateMutexW
SetCurrentDirectoryW
HeapSetInformation
SetDllDirectoryW
DeviceIoControl
CreateFileA
WriteProcessMemory
ReadProcessMemory
IsDebuggerPresent
CopyFileW
SleepEx
FreeResource
lstrcmpW
GetModuleFileNameW
ResetEvent
GetDriveTypeW
GlobalAlloc
GetLocaleInfoA
LocalFree
GetCurrentDirectoryW
FindNextFileW
GetDiskFreeSpaceExW
FindClose
FindFirstFileW
SetSystemPowerState
SetThreadExecutionState
GetLocaleInfoW
TerminateThread
WriteFile
GetTickCount
SetEvent
CreateEventW
CreateDirectoryW
GetLocalTime
GetCurrentProcessId
CreateFileW
SetFilePointerEx
GetFileSizeEx
InitializeCriticalSection
LoadLibraryExW
GetCurrentThreadId
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
WideCharToMultiByte
GetUserDefaultLCID
GetTempPathW
MulDiv
lstrcpyW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
GetLastError
GetFullPathNameW
GetCurrentProcess
SetPriorityClass
DeleteCriticalSection
Sleep
DeleteFileW
CloseHandle
TerminateProcess
GetExitCodeProcess
ReadFile
PeekNamedPipe
CreateProcessW
GetStdHandle
CreatePipe
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GlobalFree
GlobalUnlock
GlobalLock

user32

IsDialogMessageW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
IsWindowEnabled
GetNextDlgTabItem
WinHelpW
SetScrollInfo
GetLastActivePopup
GetWindowTextLengthW
GetWindowTextW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
SetMenu
SetFocus
IsChild
GetClassInfoExW
GetClassInfoW
GetMenuState
GetMenuStringW
GetIconInfo
GetDCEx
SetWindowRgn
GetScrollInfo
GetClassLongPtrW
GetWindowRgn
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InvertRect
CreateDialogIndirectParamW
EndDialog
DialogBoxParamW
CharUpperW
CharLowerW
CharToOemBuffW
CharToOemA
OemToCharBuffA
CharLowerBuffW
DestroyWindow
RegisterClassW
GetAsyncKeyState
GetQueueStatus
DestroyMenu
TrackPopupMenu
GetMessageW
GetMessagePos
UnregisterClassW
SendNotifyMessageW
EnumDisplayDevicesW
SetWindowTextW
GetMenu
SetLayeredWindowAttributes
GetDlgCtrlID
TranslateMessage
GrayStringW
DrawTextExW
TabbedTextOutW
GetDlgItemTextW
MoveWindow
FindWindowExW
CreateWindowExW
IntersectRect
UnregisterHotKey
RegisterHotKey
RegisterRawInputDevices
SetMenuItemBitmaps
GetRawInputDeviceList
GetRawInputData
SetWindowPlacement
GetWindowPlacement
ShowWindow
AllowSetForegroundWindow
DefWindowProcW
LockWindowUpdate
ChangeDisplaySettingsExA
MsgWaitForMultipleObjectsEx
SetClassLongPtrW
GetDoubleClickTime
TrackMouseEvent
EnumDisplayMonitors
RedrawWindow
SetPropW
GetWindowLongPtrW
GetClassNameW
GetWindowDC
CallWindowProcW
GetMenuInfo
RemovePropW
SetWindowLongPtrW
GetPropW
CallNextHookEx
DispatchMessageW
GetMessageTime
GetWindowThreadProcessId
SetWindowsHookExW
UnhookWindowsHookEx
EndPaint
BeginPaint
GetClipboardData
GetPriorityClipboardFormat
SetParent
MonitorFromRect
DestroyIcon
FindWindowW
MsgWaitForMultipleObjects
DrawMenuBar
CheckMenuItem
AppendMenuW
RemoveMenu
CreatePopupMenu
ChangeDisplaySettingsExW
EnumDisplaySettingsW
IsMenu
MessageBeep
CheckMenuRadioItem
SetWindowLongW
SetRectEmpty
InsertMenuW
DeleteMenu
EnableMenuItem
SetMenuInfo
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
LockWorkStation
ExitWindowsEx
SystemParametersInfoW
GetMenuCheckMarkDimensions
LoadBitmapW
SendDlgItemMessageA
WaitMessage
MapDialogRect
CharNextW
IsClipboardFormatAvailable
BringWindowToTop
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetSystemMenu
SetWindowContextHelpId
ShowOwnedPopups
CopyImage
RealChildWindowFromPoint
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
GetActiveWindow
GetTopWindow
GetForegroundWindow
MonitorFromPoint
GetMonitorInfoW
GetWindowLongW
AdjustWindowRectEx
GetMenuItemRect
GetSubMenu
SetForegroundWindow
IsIconic
PostThreadMessageW
ChangeWindowMessageFilter
EqualRect
LoadMenuW
RegisterWindowMessageW
PostQuitMessage
GetFocus
GetAncestor
DrawStateW
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetKeyboardState
NotifyWinEvent
SetCursorPos
GetMenuDefaultItem
EnableScrollBar
HideCaret
CopyIcon
DrawIcon
SetMenuDefaultItem
ModifyMenuW
CharUpperBuffW
UpdateLayeredWindow
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
GetComboBoxInfo
DestroyCursor
GetRawInputDeviceInfoW
IsZoomed
IsCharLowerW
GetKeyboardLayout
MapVirtualKeyExW
GetKeyNameTextW
MapVirtualKeyW
RegisterClipboardFormatW
GetKeyState
GetSysColorBrush
GetCursorPos
DrawFrameControl
OffsetRect
WindowFromPoint
FrameRect
FillRect
CopyRect
MonitorFromWindow
SetTimer
KillTimer
PeekMessageW
UpdateWindow
SetActiveWindow
GetDesktopWindow
SetRect
UnionRect
GetSysColor
GetDlgItem
LoadIconW
GetSystemMetrics
InflateRect
GetWindowRect
SetWindowPos
DrawTextW
IsRectEmpty
DrawEdge
ReleaseCapture
SetCapture
GetCapture
ScreenToClient
ClientToScreen
SetCursor
ReleaseDC
GetDC
InvalidateRect
PtInRect
MessageBoxW
IsWindow
PostMessageW
MapWindowPoints
GetClientRect
IsWindowVisible
GetWindow
LoadCursorW
wsprintfW
CreateAcceleratorTableW
DestroyAcceleratorTable
CloseClipboard
SetClipboardData
EmptyClipboard
GetParent
OpenClipboard
LoadImageW
SendMessageW
EnableWindow
OemToCharA

gdi32

CreatePatternBrush
GetClipBox
GetObjectType
IntersectClipRect
RestoreDC
SaveDC
SelectPalette
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
SetWindowExtEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
AddFontResourceW
GetTextCharsetInfo
GetRgnBox
CreateEllipticRgn
Ellipse
Polygon
Polyline
CreateRoundRectRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
SetPixel
RoundRect
ExtFloodFill
SetPaletteEntries
GetBoundsRect
PtInRegion
GetViewportOrgEx
CreateHatchBrush
SetPixelV
GetTextFaceW
GetICMProfileW
GetCurrentObject
TranslateCharsetInfo
EnumFontFamiliesExW
AddFontMemResourceEx
CreateFontW
RemoveFontMemResourceEx
CombineRgn
CreateRectRgn
EnumFontFamiliesW
GetTextMetricsW
GetTextColor
ExtSelectClipRgn
CreateBitmapIndirect
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetBkColor
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
SetViewportExtEx
SetViewportOrgEx
CreateDCW
ExcludeClipRect
SetBkColor
FrameRgn
CreateRectRgnIndirect
CreateCompatibleBitmap
CreateBitmap
LineTo
MoveToEx
CreateSolidBrush
GetDeviceCaps
DeleteObject
GetObjectW
CreateCompatibleDC
StretchBlt
BitBlt
GetStockObject
CreateFontIndirectW
SelectObject
CreateDIBSection
CopyMetaFileW
PatBlt
CreatePolygonRgn
GetPixel
GetWindowOrgEx
FillRgn
SetRectRgn
OffsetRgn
GdiFlush
OffsetViewportOrgEx
SelectClipRgn
AbortPath
GetPath
EndPath
CloseFigure
BeginPath
SetMapMode
DeleteDC
SetStretchBltMode
Rectangle
SetBkMode
SetTextColor
GetTextExtentPoint32W
CreateDIBitmap
SetDIBColorTable
CreatePen

msimg32

GradientFill
AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyW
SetFileSecurityW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegCloseKey
RegSetValueW
RegQueryValueW
RegQueryValueA
RegOpenKeyW
RegOpenKeyA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA

shell32

ShellExecuteW
ExtractIconW
SHChangeNotify
DragQueryFileW
DragFinish
DragAcceptFiles
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHAddToRecentDocs
ExtractIconExW
SHGetFolderPathW
SHParseDisplayName
SHOpenFolderAndSelectItems
SHFileOperationW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetDesktopFolder
SHAppBarMessage
ShellExecuteExW

comctl32

ImageList_Remove
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
FlatSB_ShowScrollBar
FlatSB_EnableScrollBar
InitializeFlatSB
ImageList_AddMasked
ImageList_Draw
ImageList_Add
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
_TrackMouseEvent
ImageList_GetImageInfo

shlwapi

PathStripToRootW
StrFormatByteSizeW
PathSkipRootW
PathStripPathW
PathFindExtensionW
PathFileExistsW
PathCombineW
PathRenameExtensionW
PathRemoveFileSpecW
PathRemoveExtensionW
PathMakePrettyW
PathIsDirectoryW
PathAddExtensionW
PathAddBackslashW
StrCmpLogicalW
SHCopyKeyW
StrRetToStrW
PathRelativePathToW
PathCanonicalizeW
PathAppendW
PathRemoveBackslashW
PathIsRelativeW
PathIsPrefixW
PathFindFileNameW
PathIsUNCW
UrlUnescapeW
PathIsURLW
StrFormatKBSizeW

ole32

OleSaveToStream
CoUninitialize
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
OleLoadFromStream
CreateStreamOnHGlobal
OleInitialize
DoDragDrop
OleLockRunning
CoWaitForMultipleHandles
CreateItemMoniker
GetRunningObjectTable
CLSIDFromString
MkParseDisplayName
CreateBindCtx
CoCreateInstance
StringFromGUID2
OleUninitialize
OleDestroyMenuDescriptor
CoTaskMemAlloc
CoTaskMemFree
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter
PropVariantClear
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromProgID
OleGetClipboard
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleDuplicateData
CoFreeUnusedLibraries
CoInitializeEx
StringFromCLSID
OleCreateMenuDescriptor
CoCreateGuid

oleaut32

VariantTimeToSystemTime
VariantCopy
SafeArrayDestroy
LoadTypeLi
OleCreateFontIndirect
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
OleCreatePropertyFrame
VariantChangeType
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SysAllocString
VarBstrCmp
SysFreeString
VarBstrFromDate
SystemTimeToVariantTime
SysStringLen

oledlg

OleUIBusyW

ws2_32

WSACleanup
WSASetLastError
WSAGetLastError
WSAAsyncSelect
select
WSAStartup
accept
listen
shutdown
recvfrom
recv
ntohs
gethostbyname
socket
sendto
bind
send
inet_ntoa
inet_addr
htons
htonl
getsockname
getpeername
connect
closesocket

wininet

HttpQueryInfoW
InternetSetStatusCallbackW
InternetQueryDataAvailable
InternetGetConnectedState
InternetReadFile
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetErrorDlg
InternetReadFileExW
InternetCrackUrlW
InternetSetFilePointer
HttpEndRequestW
HttpSendRequestExW
HttpAddRequestHeadersW
InternetGetLastResponseInfoW
InternetWriteFile
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetSetOptionW
InternetQueryOptionW
InternetCanonicalizeUrlW

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 700KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f4c8ed734c19b3f543135b9361072243

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dwmapi

gdiplus

uxtheme

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

wininet

oleacc

imm32

version

Sections

.text Size: 8.8MB - Virtual size: 8.8MB

.rdata Size: 2.9MB - Virtual size: 2.9MB

.data Size: 124KB - Virtual size: 496KB

.pdata Size: 356KB - Virtual size: 356KB

.gfids Size: 113KB - Virtual size: 112KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 5KB - Virtual size: 4KB

.rsrc Size: 7.6MB - Virtual size: 7.6MB

.reloc Size: 700KB - Virtual size: 704KB

.text
Size: 8.8MB - Virtual size: 8.8MB

.rdata
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 124KB - Virtual size: 496KB

.pdata
Size: 356KB - Virtual size: 356KB

.gfids
Size: 113KB - Virtual size: 112KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 7.6MB - Virtual size: 7.6MB

.reloc
Size: 700KB - Virtual size: 704KB