2024-06-04_f4d1cefc1b98ba6318aa8f331ff93f3e_ryuk

Sharing

Copy URL Twitter E-mail

General

Target

2024-06-04_f4d1cefc1b98ba6318aa8f331ff93f3e_ryuk
Size

12.1MB
MD5

f4d1cefc1b98ba6318aa8f331ff93f3e
SHA1

cf31de0ff2c4eaab881d546543f998336740590f
SHA256

ca416796e04795876048157d11a4e03b1e8d8e69f29dacfe9d1fcd90e3aaf0d4
SHA512

f39c86c31ae961147805652aff736d370c30b43fdc75c87d8802cc4251530270258f7c2e83d5cee6bf7cce23c903e88fec692bafd9fb390927fd2a519ba67252
SSDEEP

196608:IVrDJlt+vpZriEP06gYKtdw28MMLMKgBvILZQLAu:UrDJltspZriEP06gYKtdw28wFwNQLAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-06-04_f4d1cefc1b98ba6318aa8f331ff93f3e_ryuk

Files

2024-06-04_f4d1cefc1b98ba6318aa8f331ff93f3e_ryuk
.exe windows:5 windows x64 arch:x64

e4bde433b5fefbe80e357c474989ce92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

H:\progs\Compiling\mpc-hc\bin\mpc-hc_x64\mpc-hc64.pdb

Imports

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipSaveImageToStream
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipGetImagePalette
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipDrawImageI
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdiplusStartup
GdipDrawImageRectI

uxtheme

DrawThemeBackground
IsThemeBackgroundPartiallyTransparent
ord61
SetWindowTheme
GetThemePartSize
IsAppThemed
DrawThemeParentBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
DrawThemeText
GetThemeSysColor
CloseThemeData
OpenThemeData

winmm

timeBeginPeriod
timeGetTime
timeSetEvent
timeKillEvent
timeEndPeriod
PlaySoundW
timeGetDevCaps
waveOutGetVolume
waveOutSetVolume
mixerSetControlDetails

kernel32

GetThreadLocale
lstrcmpA
GetProfileIntW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
VerSetConditionMask
lstrcpyW
VerifyVersionInfoW
FindResourceExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetSystemDefaultUILanguage
GlobalFlags
SetErrorMode
GetWindowsDirectoryW
SearchPathW
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
UnregisterWaitEx
GetStringTypeExW
InterlockedPopEntrySList
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetNumaHighestNodeNumber
GetFileSize
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEnvironmentVariableA
FindFirstFileExW
GetConsoleCP
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
GetOEMCP
IsValidCodePage
HeapQueryInformation
SetStdHandle
ExitProcess
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
SizeofResource
LockResource
LoadResource
FindResourceW
GetProcAddress
GetModuleHandleW
MultiByteToWideChar
lstrcmpiW
UnlockFile
QueryDepthSList
LockFile
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GetModuleHandleExW
EncodePointer
OutputDebugStringW
TryEnterCriticalSection
GetExitCodeThread
RtlPcToFileHeader
QueueUserWorkItem
GetStringTypeW
OutputDebugStringA
GlobalSize
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
Thread32First
Thread32Next
HeapCreate
LoadLibraryA
GetTimeZoneInformation
SuspendThread
ResumeThread
GetProcessAffinityMask
GetShortPathNameW
GetLongPathNameW
RemoveDirectoryW
CreateHardLinkW
MoveFileW
SetFileAttributesW
GetSystemDirectoryW
GetConsoleMode
GetSystemTime
TzSpecificLocalTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetFileType
GetFileTime
SetFileTime
FlushFileBuffers
SetEndOfFile
SetFilePointer
GetStdHandle
IsDBCSLeadByte
GetCPInfo
CompareStringW
FoldStringW
AreFileApisANSI
DebugBreak
IsDBCSLeadByteEx
LocalAlloc
IsBadWritePtr
IsBadReadPtr
GlobalGetAtomNameW
FormatMessageW
FlushInstructionCache
QueryPerformanceCounter
QueryPerformanceFrequency
lstrlenW
SetThreadPriority
GetCurrentThread
GetThreadPriority
VirtualFree
VirtualAlloc
ReleaseSemaphore
CreateSemaphoreW
WaitForMultipleObjects
lstrcmpW
GetNumberFormatW
SetLastError
GetVersionExW
LCMapStringW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwindEx
ExitThread
GlobalAlloc
GlobalLock
GlobalUnlock
GetFileAttributesW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
FormatMessageA
CreateProcessW
FreeEnvironmentStringsW
GetEnvironmentStringsW
DuplicateHandle
CreatePipe
TerminateProcess
CreateThread
GetVolumeInformationW
GetModuleFileNameW
GetTempFileNameW
DecodePointer
RaiseException
GetUserDefaultUILanguage
ReadDirectoryChangesW
GetOverlappedResult
CancelIo
GetACP
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesExW
GlobalDeleteAtom
GlobalAddAtomW
ReleaseMutex
CreateMutexW
SetCurrentDirectoryW
HeapSetInformation
SetDllDirectoryW
GlobalFree
DeviceIoControl
GetTempPathW
CreateFileA
WriteProcessMemory
ReadProcessMemory
IsDebuggerPresent
DeleteFileW
CopyFileW
SleepEx
HeapReAlloc
HeapSize
HeapDestroy
HeapFree
GetProcessHeap
HeapAlloc
FreeResource
GetDriveTypeW
LocalFree
GetLocaleInfoA
GetCurrentDirectoryW
FindNextFileW
GetDiskFreeSpaceExW
FindClose
FindFirstFileW
SetSystemPowerState
SetThreadExecutionState
GetLocaleInfoW
TerminateThread
WaitForSingleObject
WriteFile
GetTickCount
MulDiv
ResetEvent
SetEvent
CreateEventW
CreateDirectoryW
GetLocalTime
GetCurrentProcessId
CreateFileW
ReadFile
SetFilePointerEx
GetFileSizeEx
InitializeCriticalSection
CloseHandle
LoadLibraryExW
GetCurrentThreadId
WideCharToMultiByte
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
Sleep
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
FreeLibrary
GetLastError
GetFullPathNameW
GetCurrentProcess
SetPriorityClass
DeleteCriticalSection

user32

BringWindowToTop
IsClipboardFormatAvailable
MapVirtualKeyW
GetKeyNameTextW
CharNextW
MapDialogRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextW
WaitMessage
SendDlgItemMessageA
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsDialogMessageW
SetWindowTextW
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
IsWindowEnabled
GetNextDlgTabItem
WinHelpW
SetScrollInfo
GetLastActivePopup
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetMenu
SetFocus
IsChild
GetClassInfoExW
GetMenuState
GetMenuStringW
GetIconInfo
wsprintfW
GetDCEx
SetWindowRgn
GetScrollInfo
GetClassLongPtrW
GetWindowRgn
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InvertRect
DrawTextExW
GetMenu
CreateDialogIndirectParamW
EndDialog
DialogBoxParamW
CharUpperW
CharLowerW
CharToOemBuffW
OemToCharA
CharToOemA
OemToCharBuffA
CharLowerBuffW
DestroyWindow
RegisterClassW
LoadAcceleratorsW
GetQueueStatus
DestroyMenu
TrackPopupMenu
GetMessageW
SetParent
GetMessagePos
UnregisterClassW
SetProcessDefaultLayout
SendNotifyMessageW
EnumDisplayDevicesW
RedrawWindow
SetPropW
GetDlgCtrlID
GetWindowLongPtrW
TranslateMessage
GetDlgItemTextW
SetWindowLongPtrW
SetWindowPos
MoveWindow
FindWindowExW
CreateWindowExW
CallWindowProcW
IntersectRect
UnregisterHotKey
RegisterHotKey
RegisterRawInputDevices
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetRawInputData
SetWindowPlacement
GetWindowPlacement
ShowWindow
AllowSetForegroundWindow
DefWindowProcW
LockWindowUpdate
ChangeDisplaySettingsExA
MsgWaitForMultipleObjectsEx
SetClassLongPtrW
GetDoubleClickTime
TrackMouseEvent
GetClassNameW
EnumDisplayMonitors
CallNextHookEx
DispatchMessageW
GetMessageTime
GetWindowThreadProcessId
SetWindowsHookExW
UnhookWindowsHookEx
EqualRect
MonitorFromRect
DestroyIcon
FindWindowW
MsgWaitForMultipleObjects
CheckMenuItem
AppendMenuW
RemoveMenu
CreatePopupMenu
ChangeDisplaySettingsExW
EnumDisplaySettingsW
IsMenu
MessageBeep
CheckMenuRadioItem
TranslateAcceleratorW
InsertMenuItemW
GetMenuBarInfo
UnpackDDElParam
ReuseDDElParam
GetSystemMenu
SetWindowContextHelpId
ShowOwnedPopups
SetLayeredWindowAttributes
CopyImage
RealChildWindowFromPoint
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
DrawEdge
DrawStateW
DrawFocusRect
DrawIconEx
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
SetWindowLongW
SetRectEmpty
InsertMenuW
DeleteMenu
EnableMenuItem
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
LockWorkStation
ExitWindowsEx
SystemParametersInfoW
GetActiveWindow
GetTopWindow
GetForegroundWindow
MonitorFromPoint
NotifyWinEvent
SetCursorPos
GetMenuDefaultItem
EnableScrollBar
HideCaret
CopyIcon
DrawIcon
SetMenuDefaultItem
ModifyMenuW
IsCharLowerW
MapVirtualKeyExW
CharUpperBuffW
UpdateLayeredWindow
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetUpdateRect
SubtractRect
CreateMenu
GetComboBoxInfo
DestroyCursor
GetAsyncKeyState
GetMonitorInfoW
GetWindowLongW
AdjustWindowRectEx
GetMenuItemRect
GetSubMenu
SetForegroundWindow
IsIconic
PostThreadMessageW
LoadMenuW
RegisterWindowMessageW
PostQuitMessage
GetFocus
GetAncestor
GetCapture
IsZoomed
RegisterClipboardFormatW
MessageBoxW
GetKeyState
GetSysColorBrush
GetCursorPos
DrawFrameControl
OffsetRect
ReleaseCapture
WindowFromPoint
ScreenToClient
ClientToScreen
SetCapture
FrameRect
FillRect
CopyRect
MonitorFromWindow
ReleaseDC
GetDC
SetTimer
KillTimer
PeekMessageW
UpdateWindow
SetActiveWindow
GetDesktopWindow
SetRect
UnionRect
SetCursor
GetSysColor
GetDlgItem
LoadIconW
PtInRect
GetSystemMetrics
InflateRect
GetWindowRect
IsRectEmpty
InvalidateRect
IsWindow
PostMessageW
MapWindowPoints
GetClientRect
IsWindowVisible
GetWindow
LoadCursorW
CreateAcceleratorTableW
DestroyAcceleratorTable
CloseClipboard
SetClipboardData
EmptyClipboard
GetParent
OpenClipboard
LoadImageW
SendMessageW
EnableWindow
GetClassInfoW

gdi32

PtVisible
RectVisible
RestoreDC
SaveDC
SelectPalette
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
ExtTextOutW
SetWindowExtEx
SetWindowOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
DPtoLP
GetBkColor
GetCharWidthW
GetPixel
CreateDIBitmap
GetTextCharsetInfo
GetRgnBox
CreateEllipticRgn
Ellipse
Polygon
Polyline
CreateRoundRectRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
LPtoDP
RoundRect
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
SetPixelV
GetTextFaceW
GetWindowOrgEx
FillRgn
SetRectRgn
OffsetRgn
GdiFlush
OffsetViewportOrgEx
SelectClipRgn
AbortPath
GetPath
EndPath
CloseFigure
BeginPath
SetMapMode
AddFontResourceW
GetICMProfileW
TextOutW
SetTextColor
SetBkColor
GetCurrentObject
TranslateCharsetInfo
EnumFontFamiliesExW
CreateFontW
CombineRgn
CreateRectRgn
EnumFontFamiliesW
GetTextMetricsW
GetTextColor
GetStockObject
ExtSelectClipRgn
CreateRectRgnIndirect
SetPixel
SetBkMode
CreateFontIndirectW
SetViewportExtEx
SetViewportOrgEx
CreateDCW
DeleteObject
GetObjectW
CreateDIBSection
SelectObject
DeleteDC
CreateCompatibleDC
SetStretchBltMode
StretchBlt
BitBlt
CreatePen
Rectangle
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreateHatchBrush
CopyMetaFileW
PatBlt
CreatePolygonRgn
GetDeviceCaps
SetDIBColorTable
CreateSolidBrush
MoveToEx
LineTo
CreateBitmap
StretchDIBits
GetTextExtentPoint32W
CreateCompatibleBitmap

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueA
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegEnumKeyW
SetFileSecurityW
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptDecrypt
CryptDestroyKey
CryptEncrypt
CryptDeriveKey
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegCloseKey
RegSetValueW
RegQueryValueW
RegQueryValueA
RegOpenKeyW
RegOpenKeyA
RegCreateKeyW
RegCreateKeyA
RegFlushKey
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA

shell32

ShellExecuteW
ord680
SHChangeNotify
DragQueryFileW
DragFinish
Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHAddToRecentDocs
ExtractIconExW
SHGetFolderPathW
ShellExecuteExW
SHParseDisplayName
SHOpenFolderAndSelectItems
SHFileOperationW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHGetDesktopFolder
SHAppBarMessage
ExtractIconW

comctl32

ImageList_Remove
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_AddMasked
ImageList_Draw
ImageList_Add
_TrackMouseEvent
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetImageInfo

shlwapi

PathRenameExtensionW
PathStripPathW
PathRemoveFileSpecW
StrFormatByteSizeW
PathFindExtensionW
PathSkipRootW
PathRemoveExtensionW
PathMakePrettyW
PathIsDirectoryW
PathCombineW
PathAddExtensionW
PathAddBackslashW
StrCmpLogicalW
SHCopyKeyW
PathFileExistsW
StrRetToStrW
PathAppendW
PathCompactPathW
PathRelativePathToW
PathCanonicalizeW
PathRemoveBackslashW
PathIsRelativeW
PathIsPrefixW
PathIsUNCW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
StrFormatKBSizeW

ole32

StringFromCLSID
PropVariantClear
StringFromGUID2
CoInitializeEx
CoFreeUnusedLibraries
OleDuplicateData
ReleaseStgMedium
CoLockObjectExternal
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLoadFromStream
OleSaveToStream
CoUninitialize
CoInitialize
CoWaitForMultipleHandles
RegisterDragDrop
RevokeDragDrop
CreateItemMoniker
GetRunningObjectTable
CLSIDFromString
MkParseDisplayName
CreateBindCtx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleGetClipboard
CoCreateGuid
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

SysFreeString
VarBstrFromDate
VariantCopy
SafeArrayDestroy
LoadTypeLi
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
OleCreatePropertyFrame
VariantChangeType
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
VariantClear
VariantInit
SysAllocString
VarBstrCmp
SysAllocStringLen

oledlg

OleUIBusyW

ws2_32

WSASetLastError
WSAGetLastError
WSAAsyncSelect
select
closesocket
WSACleanup
accept
listen
shutdown
recvfrom
recv
ntohs
inet_ntoa
WSAStartup
gethostbyname
socket
sendto
bind
inet_addr
getpeername
connect
htonl
getsockname
send
htons

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

wininet

InternetGetLastResponseInfoW
InternetWriteFile
InternetSetFilePointer
InternetOpenUrlW
InternetConnectW
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetReadFile
InternetSetOptionW
InternetConnectA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
HttpAddRequestHeadersA
HttpQueryInfoW
InternetSetOptionA
InternetSetStatusCallbackW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestExW
HttpEndRequestW
HttpOpenRequestA
InternetQueryDataAvailable
InternetQueryOptionW
InternetGetConnectedState

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 590KB - Virtual size: 589KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4bde433b5fefbe80e357c474989ce92

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gdiplus

uxtheme

winmm

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

wininet

imm32

version

Sections

.text Size: 8.1MB - Virtual size: 8.1MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 116KB - Virtual size: 476KB

.pdata Size: 327KB - Virtual size: 326KB

.gfids Size: 113KB - Virtual size: 112KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 5KB - Virtual size: 4KB

.rsrc Size: 590KB - Virtual size: 589KB

.reloc Size: 128KB - Virtual size: 128KB

.text
Size: 8.1MB - Virtual size: 8.1MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 116KB - Virtual size: 476KB

.pdata
Size: 327KB - Virtual size: 326KB

.gfids
Size: 113KB - Virtual size: 112KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 590KB - Virtual size: 589KB

.reloc
Size: 128KB - Virtual size: 128KB