Extracted

• 30d47d020cda264fedd137364884d3ae7bb4591bfedc69bbef0bbf12dd2f4e94

  .exe windows:4 windows x86 arch:x86

  58c7590e5ad2a60c8dbd39f88fab6ec1

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  RegCreateKeyW

  RegQueryValueExW

  RegCloseKey

  CryptGenRandom

  OpenProcessToken

  DuplicateTokenEx

  CryptCreateHash

  CryptReleaseContext

  CryptHashData

  CryptDestroyHash

  CryptEncrypt

  CryptDestroyKey

  CryptGetHashParam

  CryptImportKey

  CryptAcquireContextA

  ws2_32

  sendto

  recvfrom

  freeaddrinfo

  getaddrinfo

  WSAIoctl

  setsockopt

  ntohs

  htons

  getsockopt

  WSAGetLastError

  WSACleanup

  accept

  listen

  getpeername

  connect

  ioctlsocket

  gethostname

  WSAStartup

  htonl

  ntohl

  closesocket

  bind

  send

  recv

  WSASetLastError

  select

  socket

  __WSAFDIsSet

  getsockname

  crypt32

  CertFreeCertificateContext

  wldap32

  ord41

  ord301

  ord200

  ord30

  ord79

  ord35

  ord33

  ord32

  ord27

  ord26

  ord22

  ord50

  ord143

  ord46

  ord211

  ord45

  normaliz

  IdnToAscii

  kernel32

  InitializeCriticalSection

  CreateEventW

  SetEvent

  EnterCriticalSection

  LeaveCriticalSection

  GlobalAlloc

  GlobalFree

  GetVersionExW

  Sleep

  RaiseException

  InitializeCriticalSectionEx

  LoadResource

  LockResource

  SizeofResource

  FindResourceW

  FindResourceExW

  GetProcAddress

  DecodePointer

  LoadLibraryW

  HeapDestroy

  HeapAlloc

  HeapFree

  HeapReAlloc

  HeapSize

  GetProcessHeap

  SetLastError

  GetLogicalDriveStringsW

  GetDriveTypeW

  DeviceIoControl

  GetDiskFreeSpaceExW

  GetVolumeInformationW

  GetCurrentProcess

  OpenProcess

  DuplicateHandle

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  K32EnumProcessModules

  K32GetModuleFileNameExW

  GetWindowsDirectoryW

  GetExitCodeProcess

  GetModuleHandleW

  FreeLibrary

  FindFirstFileW

  FindNextFileW

  DeleteFileW

  FindClose

  RemoveDirectoryW

  GetLastError

  FreeResource

  CreateSemaphoreW

  ReleaseSemaphore

  CreateThread

  GetCurrentThreadId

  CreateMutexW

  GetLocalTime

  GlobalLock

  GlobalUnlock

  ReadFile

  DeleteCriticalSection

  TerminateThread

  GetFileSizeEx

  GetFileSize

  MoveFileExW

  MultiByteToWideChar

  WideCharToMultiByte

  GetStdHandle

  TerminateProcess

  GetStartupInfoW

  GetCurrentDirectoryW

  GetACP

  ExitProcess

  MulDiv

  InitializeCriticalSectionAndSpinCount

  FormatMessageA

  GetTickCount64

  SleepEx

  VerSetConditionMask

  GetSystemDirectoryA

  GetModuleHandleA

  LoadLibraryA

  VerifyVersionInfoA

  WaitForSingleObjectEx

  GetFileType

  PeekNamedPipe

  WaitForMultipleObjects

  ExpandEnvironmentStringsA

  GetCPInfo

  UnregisterWait

  RegisterWaitForSingleObject

  SetThreadAffinityMask

  GetProcessAffinityMask

  GetNumaHighestNodeNumber

  DeleteTimerQueueTimer

  ChangeTimerQueueTimer

  CreateTimerQueueTimer

  GetLogicalProcessorInformation

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  GetThreadPriority

  SetThreadPriority

  SwitchToThread

  SignalObjectAndWait

  QueryDepthSList

  InterlockedFlushSList

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  IsProcessorFeaturePresent

  CreateTimerQueue

  RtlUnwind

  GetStringTypeW

  EncodePointer

  AreFileApisANSI

  GetFileInformationByHandle

  GetFileAttributesExW

  FindFirstFileExW

  GetCurrentThread

  GetSystemTimeAsFileTime

  CreateFileW

  WriteFile

  GetUserDefaultUILanguage

  WaitForSingleObject

  CloseHandle

  CreateProcessW

  GetModuleFileNameW

  GetCommandLineW

  IsDebuggerPresent

  GetTickCount

  ExitThread

  LoadLibraryExW

  SetFilePointerEx

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  GetCurrentProcessId

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetFullPathNameW

  SetEnvironmentVariableA

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  IsValidLocale

  SetEndOfFile

  GetUserDefaultLCID

  EnumSystemLocalesW

  GetModuleHandleExW

  OutputDebugStringW

  GetThreadTimes

  FreeLibraryAndExitThread

  VirtualAlloc

  VirtualFree

  VirtualProtect

  InitializeSListHead

  UnregisterWaitEx

  IsValidCodePage

  GetOEMCP

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetTimeZoneInformation

  ReadConsoleW

  SetStdHandle

  SystemTimeToTzSpecificLocalTime

  WriteConsoleW

  CreateDirectoryW

  user32

  OffsetRect

  SetCursor

  wvsprintfW

  GetWindow

  IsRectEmpty

  UnionRect

  IntersectRect

  MapWindowPoints

  InvalidateRect

  GetUpdateRect

  ReleaseCapture

  SetCapture

  GetKeyState

  GetFocus

  GetActiveWindow

  SetFocus

  CharNextW

  IsWindowVisible

  DispatchMessageW

  TranslateMessage

  GetMessageW

  PtInRect

  GetCursorPos

  LoadImageW

  IsZoomed

  SetWindowRgn

  MessageBoxW

  GetWindowTextW

  GetWindowTextLengthW

  GetCaretBlinkTime

  GetCaretPos

  CharPrevW

  FillRect

  SetRect

  CreateCaret

  HideCaret

  BringWindowToTop

  EnableWindow

  ShowWindow

  PostQuitMessage

  SetWindowTextW

  SendMessageW

  GetMonitorInfoW

  GetGUIThreadInfo

  InvalidateRgn

  CreateAcceleratorTableW

  GetSysColor

  ClientToScreen

  CallWindowProcW

  RegisterClassExW

  GetClassInfoExW

  MonitorFromWindow

  MoveWindow

  GetWindowRect

  SetTimer

  KillTimer

  GetClientRect

  DrawTextW

  DestroyWindow

  GetParent

  BeginPaint

  EndPaint

  DefWindowProcW

  GetDC

  LoadCursorW

  RegisterClassW

  CreateWindowExW

  LoadBitmapW

  SetWindowLongW

  GetWindowLongW

  IsWindow

  FindWindowExW

  PostMessageW

  SetPropW

  GetPropW

  GetSystemMetrics

  IsIconic

  SetForegroundWindow

  SetWindowPos

  ScreenToClient

  ReleaseDC

  SetCaretPos

  ShowCaret

  gdi32

  CreateCompatibleBitmap

  DeleteObject

  CreateFontIndirectW

  GetStockObject

  Rectangle

  RestoreDC

  SaveDC

  GetTextMetricsW

  SetBkMode

  SetTextColor

  CreatePen

  CreateFontW

  SetWindowOrgEx

  CreateRoundRectRgn

  GetObjectA

  CreatePatternBrush

  GetDeviceCaps

  CreatePenIndirect

  CreateRectRgnIndirect

  GetCharABCWidthsW

  GetClipBox

  GetTextExtentPoint32W

  LineTo

  RoundRect

  SelectClipRgn

  ExtSelectClipRgn

  SetBkColor

  StretchBlt

  SetStretchBltMode

  CreateDIBSection

  MoveToEx

  TextOutW

  ExtTextOutW

  GdiFlush

  BitBlt

  DeleteDC

  CombineRgn

  CreateSolidBrush

  GetObjectW

  SelectObject

  CreateCompatibleDC

  shell32

  SHGetFolderPathW

  ord165

  ShellExecuteW

  ShellExecuteExW

  SHGetMalloc

  SHGetPathFromIDListW

  SHBrowseForFolderW

  ole32

  CLSIDFromString

  CoCreateInstance

  OleLockRunning

  CreateStreamOnHGlobal

  CoCreateGuid

  CoUninitialize

  CLSIDFromProgID

  CoInitialize

  oleaut32

  SysFreeString

  SysAllocString

  VariantInit

  VariantClear

  shlwapi

  PathFileExistsW

  PathIsRootW

  wininet

  InternetReadFile

  InternetCloseHandle

  InternetCrackUrlW

  InternetOpenW

  HttpSendRequestW

  HttpOpenRequestW

  HttpQueryInfoW

  InternetConnectW

  gdiplus

  GdipLoadImageFromStream

  GdipSetStringFormatAlign

  GdipGetImageWidth

  GdipGetImageHeight

  GdipImageGetFrameDimensionsCount

  GdipImageGetFrameDimensionsList

  GdipImageGetFrameCount

  GdipImageSelectActiveFrame

  GdipGetPropertyItemSize

  GdipGetPropertyItem

  GdipDeleteStringFormat

  GdipCreateStringFormat

  GdipAlloc

  GdipFree

  GdiplusStartup

  GdiplusShutdown

  GdipCloneBrush

  GdipDeleteBrush

  GdipCreateLineBrushI

  GdipCloneImage

  GdipDisposeImage

  GdipGetImageGraphicsContext

  GdipCreateBitmapFromScan0

  GdipCreateFromHDC

  GdipDeleteGraphics

  GdipSetCompositingQuality

  GdipSetSmoothingMode

  GdipSetPixelOffsetMode

  GdipSetTextRenderingHint

  GdipSetInterpolationMode

  GdipGraphicsClear

  GdipDrawImage

  GdipDrawImageRectI

  GdipDeleteFontFamily

  GdipCreateFontFromDC

  GdipDeleteFont

  GdipGetFamily

  GdipDrawString

  GdipSetStringFormatLineAlign

  GdipCreateFontFromLogfontA

  iphlpapi

  GetAdaptersInfo

  comctl32

  _TrackMouseEvent

  ord17

  imm32

  ImmGetVirtualKey

  ImmGetContext

  ImmReleaseContext

  ImmSetCompositionFontW

  ImmSetCompositionWindow

  Sections

  .text

  Size: 1.0MB - Virtual size: 1.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 237KB - Virtual size: 236KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 27KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1.9MB - Virtual size: 1.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 56KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .text

  Size: 176KB - Virtual size: 176KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1.9MB - Virtual size: 1.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 56KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .text

  Size: 176KB - Virtual size: 176KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1.9MB - Virtual size: 1.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 56KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ