Extracted

• ad4c8f361869628bef6c455058796705eee92aacc4ca07629b3cb486900d7bfb

  .exe windows:5 windows x86 arch:x86

  4511896d043677e4ab4578dc5bcab5a0

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  Imports

  kernel32

  GetCurrentThread

  VirtualFree

  ExpandEnvironmentStringsA

  WriteFile

  OpenProcess

  WideCharToMultiByte

  GetVolumeInformationA

  Sleep

  SizeofResource

  CreateProcessA

  TerminateProcess

  ReadFile

  GetSystemDirectoryA

  MultiByteToWideChar

  GetTickCount

  CreateDirectoryA

  GetStartupInfoA

  FindFirstFileA

  GetLastError

  VirtualAlloc

  FindClose

  LockResource

  CreatePipe

  GetModuleFileNameA

  GetVersionExA

  WinExec

  CloseHandle

  GetCurrentProcessId

  GetTempPathA

  GetCurrentProcess

  LoadResource

  PeekNamedPipe

  SetFilePointer

  SetPriorityClass

  FindResourceA

  GetFileSize

  CreateFileA

  GetComputerNameA

  SetThreadPriority

  ExitProcess

  GetProcessHeap

  SetEndOfFile

  GetStringTypeW

  GetStringTypeA

  GetModuleHandleW

  GetProcAddress

  HeapFree

  HeapAlloc

  GetSystemTimeAsFileTime

  GetCommandLineA

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  SetLastError

  GetCurrentThreadId

  InterlockedDecrement

  GetStdHandle

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  HeapCreate

  HeapReAlloc

  RtlUnwind

  GetConsoleCP

  GetConsoleMode

  SetHandleCount

  GetFileType

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  HeapSize

  GetLocaleInfoA

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  FlushFileBuffers

  LCMapStringA

  LCMapStringW

  advapi32

  RegOpenKeyA

  GetUserNameA

  FreeSid

  AllocateAndInitializeSid

  RegDeleteKeyA

  EqualSid

  RegSetValueExA

  GetTokenInformation

  OpenProcessToken

  RegCloseKey

  shell32

  SHChangeNotify

  ord680

  ShellExecuteA

  wininet

  HttpOpenRequestA

  InternetOpenUrlA

  HttpSendRequestA

  InternetOpenA

  InternetCloseHandle

  InternetConnectA

  InternetReadFile

  Sections

  .text

  Size: 55KB - Virtual size: 54KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ