ead7d6bae3b9fbe0ec827790cd9161db07a9eecab90bfc31fc2f82849b5a8a75

Sharing

Copy URL Twitter E-mail

General

Target

ead7d6bae3b9fbe0ec827790cd9161db07a9eecab90bfc31fc2f82849b5a8a75
Size

4.8MB
MD5

75f770e4789fb9d31675aea83c58745e
SHA1

ec1f2790031ca7c1d69465c1aaa790f5455cff8b
SHA256

ead7d6bae3b9fbe0ec827790cd9161db07a9eecab90bfc31fc2f82849b5a8a75
SHA512

452f29a54f047ddf86aea08e5cdf640533557b4dd53de0e511261c7555163f9b3dd97cda23093f202f331bca862f87e0e87c59c041f27d78d7947717d9d2e0c4
SSDEEP

98304:tTfBy4on+IcUdGenC+p4+l3fkV4WOTY853p4EbyijN1UqQw:K4W+I5dGeH4+lsViH53p4QyiR9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/???????/????????????/7z.dll
unpack001/???????/????????????/????????????.exe
unpack001/???????/Zip2Dir_chn/Zip2Dir.dll
unpack001/???????/Zip2Dir_chn/Zip2Dir.exe
unpack001/???????/Zip2Dir_chn/Zip2Dir_x64.dll

Files

ead7d6bae3b9fbe0ec827790cd9161db07a9eecab90bfc31fc2f82849b5a8a75
.zip
???????/????????????/7z.dll
.dll windows:6 windows x86 arch:x86

c59cbccfb73f15391cfea8f0ddce09a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantCopy
VariantClear

user32

CharPrevExA
CharUpperW

kernel32

WaitForSingleObject
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapSize
GetStringTypeW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CreateDirectoryW
CreateFileW
DeleteFileW
SetFileAttributesW
GetTempPathW
CloseHandle
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetModuleHandleW
GetProcAddress
FindClose
FindFirstFileW
GetFileAttributesW
GetModuleHandleA
ReadFile
WriteFile
CompareFileTime
GetCurrentProcess
GetSystemInfo
GlobalMemoryStatus
GetProcessAffinityMask
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
LocalFileTimeToFileTime
GetVersionExW
DeleteCriticalSection
FileTimeToLocalFileTime
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
VirtualAlloc
VirtualFree
InitializeCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
DecodePointer
CreateEventW
CreateSemaphoreW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
TerminateProcess
RaiseException
RtlUnwind
EncodePointer
InterlockedFlushSList
VirtualQuery
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
HeapReAlloc
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 909KB - Virtual size: 909KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
???????/????????????/????????????.exe
.exe windows:6 windows x86 arch:x86

8c6b5a1595ef4ddda555dcb0ead74215

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\drag3\Release\drag3.pdb

Imports

kernel32

FindFirstFileExW
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetACP
ExitProcess
SetStdHandle
QueryPerformanceFrequency
FreeEnvironmentStringsW
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
PeekNamedPipe
GetFileType
GetDriveTypeW
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringW
OutputDebugStringW
IsValidCodePage
GetOEMCP
VirtualQuery
GetEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetUserDefaultLCID
FindResourceExW
SearchPathW
GetProfileIntW
Sleep
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameW
lstrcmpiW
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
GetTempFileNameW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CopyFileW
FormatMessageW
LocalFree
GlobalSize
MulDiv
GlobalFindAtomW
EncodePointer
GlobalAddAtomW
ResumeThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
VerifyVersionInfoW
VerSetConditionMask
GlobalFree
GlobalUnlock
FreeResource
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
LoadLibraryA
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
lstrcpyW
MultiByteToWideChar
FindResourceW
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
LoadLibraryExW
GetModuleFileNameW
GetVersionExW
GetCurrentThread
VirtualFree
VirtualAlloc
GetModuleHandleA
FindNextFileW
FindFirstFileW
FindClose
GetModuleHandleW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
SetLastError
GetTempPathW
SetFileAttributesW
DeleteFileW
GetCurrentDirectoryW
GetFileInformationByHandle
GetStdHandle
CloseHandle
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
ReadFile
GetFileSize
CreateFileW
GetFileAttributesW
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FreeLibrary
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
CreateDirectoryW
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
GetSystemInfo
WriteConsoleW

user32

InvalidateRect
KillTimer
SetTimer
RealChildWindowFromPoint
DeleteMenu
CopyImage
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
WindowFromPoint
ReleaseCapture
SetCapture
WaitMessage
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
GetWindow
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
ScreenToClient
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
SetFocus
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetWindowThreadProcessId
MessageBoxW
SetCursor
ShowOwnedPopups
CallNextHookEx
SetWindowsHookExW
GetCursorPos
ValidateRect
GetKeyState
PeekMessageW
IntersectRect
SetParent
MonitorFromPoint
EnableWindow
LoadIconW
SendMessageW
IsIconic
GetSystemMetrics
DispatchMessageW
TranslateMessage
GetMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
ReleaseDC
GetDC
MapVirtualKeyW
GetKeyNameTextW
GetSubMenu
LoadMenuW
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
TrackMouseEvent
IsZoomed
GetAsyncKeyState
GetSystemMenu
MessageBeep
NotifyWinEvent
SetCursorPos
SetRect
EnumDisplayMonitors
GetMonitorInfoW
UnionRect
BringWindowToTop
CreatePopupMenu
LockWindowUpdate
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CopyIcon
GetMenuItemInfoW
GetClientRect
DrawIcon
UnregisterClassW
CharUpperW
PostMessageW
PostQuitMessage
RegisterWindowMessageW
DrawEdge
DrawFrameControl
IsWindowVisible
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
GetWindowRect
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
GetParent
DrawIconEx
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
InsertMenuItemW
GetWindowLongW
GetDesktopWindow
DefWindowProcW
GetClassInfoW
SetLayeredWindowAttributes
SetRectEmpty
CopyRect
LoadCursorW
SystemParametersInfoW
UnpackDDElParam
ReuseDDElParam
SubtractRect
RegisterClipboardFormatW
CharUpperBuffW
UpdateLayeredWindow
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
GetNextDlgGroupItem
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
HideCaret
InvertRect
DestroyCursor
GetWindowRgn
TranslateAcceleratorW
MapDialogRect
CopyAcceleratorTableW
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetUpdateRect
SetClassLongW
DestroyAcceleratorTable
ModifyMenuW
SetMenuDefaultItem
GetMenuDefaultItem

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesW
GetDeviceCaps
GetStockObject
GetTextCharsetInfo
GetObjectW
CreateBitmap
SetBkColor
SetTextColor
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
BitBlt
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CopyMetaFileW
CreateDCW
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
LPtoDP
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
GetTextFaceW
GetTextMetricsW
Polyline
Polygon
CreatePolygonRgn
ExtTextOutW
PatBlt
GetTextExtentPoint32W
GetTextColor
GetBkColor
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreateHatchBrush
CreateEllipticRgn
CombineRgn
TextOutW
Ellipse
DeleteDC

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW

shell32

DragQueryFileW
DragFinish
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
SHGetFileInfoW
SHAppBarMessage

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

DrawThemeText
IsAppThemed
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
GetThemePartSize
GetThemeSysColor

ole32

OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoInitializeEx
OleLockRunning
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CoDisconnectObject
CreateStreamOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoCreateGuid
CoUninitialize

oleaut32

VarBstrFromDate
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
LoadTypeLi

gdiplus

GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageRectI
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipBitmapUnlockBits

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
???????/????????????/password.txt
???????/Zip2Dir_chn/ZIP2DIR.pwd
???????/Zip2Dir_chn/Zip2Dir.dll
.dll windows:4 windows x86 arch:x86

3967b42a6c725b15f33f09621649d94f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement
Sleep
GetStringTypeW
GetStringTypeA
LCMapStringW
lstrlenW
lstrcpyA
lstrcpyW
FindFirstFileW
FindClose
lstrcmpiW
lstrcmpW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
LoadLibraryW
GetProcAddress
InterlockedDecrement
CloseHandle
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr

user32

LoadImageW
InsertMenuW
DestroyIcon
GetSysColor
DrawIconEx
SetMenuItemBitmaps
MessageBoxW
SendMessageW
GetWindowThreadProcessId
GetWindowTextW
WaitForInputIdle
EnumWindows
GetSystemMetrics

gdi32

CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
SetBrushOrgEx
SetBkColor
ExtTextOutW
DeleteDC
DeleteObject

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathFileExistsW

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

DragQueryFileW
ShellExecuteExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 4KB - Virtual size: 72B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
???????/Zip2Dir_chn/Zip2Dir.exe
.exe windows:6 windows x64 arch:x64

69e70a468ab941fdb9038b8e4e220683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\NewSoft\Zip2Dir\x64\Release_Unicode\Zip2Dir.pdb

Imports

shlwapi

PathIsRootW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathIsDirectoryW
PathFindFileNameW
StrRChrW
PathFileExistsW
PathFindExtensionW
PathRenameExtensionW
StrFormatKBSizeW
PathStripToRootW
PathAddBackslashW

kernel32

WaitForSingleObjectEx
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
ReadConsoleW
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
GetConsoleMode
GetConsoleOutputCP
ExitProcess
GetStdHandle
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
IsProcessorFeaturePresent
HeapQueryInformation
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
TzSpecificLocalTimeToSystemTime
InterlockedFlushSList
InterlockedPushEntrySList
RtlPcToFileHeader
RtlUnwindEx
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SetFilePointerEx
GetACP
GetFileType
MoveFileExW
OutputDebugStringW
ResetEvent
TerminateProcess
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LocalUnlock
LocalLock
GetUserDefaultLCID
ReplaceFileW
GetTempFileNameW
GetDiskFreeSpaceW
Sleep
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
SetErrorMode
SystemTimeToFileTime
UnhandledExceptionFilter
SetFileTime
SetFileAttributesW
LocalFileTimeToFileTime
GetFileTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetAtomNameW
GlobalGetAtomNameW
InitializeCriticalSection
GlobalFlags
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
CompareStringA
GetCurrentThread
lstrcmpA
ResumeThread
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GetCurrentProcessId
GetThreadLocale
GetStringTypeExW
MoveFileW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetShortPathNameW
GetFullPathNameW
FlushFileBuffers
DeleteFileW
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
CompareStringW
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
LoadLibraryExW
GetModuleHandleExW
GetSystemDirectoryW
SetLastError
EncodePointer
OutputDebugStringA
GetModuleHandleW
GetSystemInfo
GetFileAttributesW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
lstrcpynW
FindNextFileW
FindFirstFileW
FindClose
lstrcmpiW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateDirectoryW
GetCurrentDirectoryW
GetModuleFileNameW
lstrcatW
SizeofResource
SetThreadUILanguage
SetThreadLocale
FindResourceW
LockResource
LoadResource
GetVersionExW
GetCurrentThreadId
WideCharToMultiByte
lstrcpyW
IsDBCSLeadByte
GetCPInfo
MultiByteToWideChar
lstrlenW
lstrlenA
lstrcmpW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CloseHandle
GetFileSize
CreateFileW
GlobalFree
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
SetConsoleCtrlHandler
WriteConsoleW
RtlUnwind
VirtualAlloc

user32

DestroyMenu
GetSysColorBrush
RealChildWindowFromPoint
MapVirtualKeyW
GetKeyNameTextW
RegisterClipboardFormatW
ShowOwnedPopups
IntersectRect
WindowFromPoint
GetMessageW
OffsetRect
SetRectEmpty
SendDlgItemMessageA
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
CreateDialogIndirectParamW
FillRect
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextW
GetWindowThreadProcessId
CharUpperW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
IsClipboardFormatAvailable
LoadMenuW
IsDialogMessageW
ScrollWindowEx
IsWindowEnabled
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItemTextW
SetDlgItemTextW
GetDlgItemInt
SetDlgItemInt
MoveWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
GetLastActivePopup
GetTopWindow
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
TrackPopupMenuEx
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SystemParametersInfoW
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetFocus
LoadImageW
DestroyIcon
CopyImage
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
TrackMouseEvent
DeleteMenu
SetTimer
KillTimer
LoadIconW
GetCursorPos
LockWindowUpdate
DrawIcon
GetSystemMetrics
IsIconic
CharNextW
UnregisterClassW
DrawTextExW
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
FindWindowExW
AdjustWindowRect
PostMessageW
WaitMessage
PostThreadMessageW
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
DrawFocusRect
IsRectEmpty
DrawIconEx
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
SetLayeredWindowAttributes
EnumDisplayMonitors
OpenClipboard
ScreenToClient
ClientToScreen
CloseClipboard
SetClipboardData
IsZoomed
EmptyClipboard
GetMenuItemInfoW
DrawStateW
SendMessageW
GetKeyState
EnableWindow
GetWindowLongW
SetWindowLongW
GetParent
GetClientRect
GetWindowRect
MessageBeep
GetDlgItem
SendDlgItemMessageW
GetDlgCtrlID
GetDC
ReleaseDC
SetWindowTextW
GetClassNameW
GetWindow
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
IsWindow
SetCapture
ReleaseCapture
InvalidateRect
RedrawWindow
SetCursor
GetSysColor
InflateRect
PtInRect
LoadCursorW
DestroyCursor
UpdateWindow
CreateWindowExW
ShowWindow
SetClassLongPtrW
SetWindowRgn
SetParent
SetWindowPos
EndDialog
SetFocus
GetWindowTextW
DrawEdge
DrawFrameControl
GetTabbedTextExtentW
GetDCEx
GetWindowRgn
WindowFromDC
CreateMenu
InSendMessage
MonitorFromRect
SendNotifyMessageW
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
EnumChildWindows
GetUpdateRect
CharUpperBuffW
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
SetRect
CopyAcceleratorTableW
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
UnionRect
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsWindowVisible

gdi32

DeleteDC
DeleteObject
Escape
ExcludeClipRect
GetClipBox
GetClipRgn
GetCurrentPositionEx
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
OffsetClipRgn
PlayMetaFile
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetMapperFlags
SetGraphicsMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextCharacterExtra
SetTextAlign
SetTextJustification
PlayMetaFileRecord
EnumMetaFile
SetWorldTransform
ModifyWorldTransform
SetColorAdjustment
StartDocW
ArcTo
PolyDraw
SelectClipPath
SetArcDirection
ExtCreatePen
MoveToEx
TextOutW
ExtTextOutW
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateSolidBrush
GetMapMode
PatBlt
SetRectRgn
DPtoLP
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetDIBits
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
Rectangle
GetRgnBox
OffsetRgn
GetCurrentObject
CreateFontW
GetCharWidthW
StretchDIBits
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
CloseMetaFile
CreateMetaFileW
DeleteMetaFile
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetROP2
GetBkMode
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetTextFaceW
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
CreateDIBPatternBrushPt
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateDCW
CopyMetaFileW
SetTextColor
SetBkColor
CreateBitmap
GetObjectW
GetTextExtentPoint32W
GetStockObject
CreateRectRgnIndirect
CreateFontIndirectW
GetTextExtentPointW

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter
GetJobW

advapi32

RegQueryValueExW
GetSecurityInfo
RegCloseKey
SetFileSecurityW
GetFileSecurityW
RegEnumKeyExW
RegEnumValueW
RegSetValueW
RegSetValueExW
IsTextUnicode
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyExW

shell32

DragQueryFileW
DragFinish
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteExW
SHAppBarMessage
SHGetSpecialFolderLocation
ExtractIconW
SHAddToRecentDocs
SHGetFileInfoW
SHChangeNotify
SHFileOperationW
SHGetDesktopFolder
SHBrowseForFolderW

comctl32

InitCommonControlsEx

uxtheme

GetThemePartSize
GetThemeSysColor
DrawThemeText
DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
IsAppThemed
OpenThemeData

ole32

RevokeDragDrop
PropVariantCopy
OleSetMenuDescriptor
OleLockRunning
StgCreateDocfile
CreateItemMoniker
OleCreate
RegisterDragDrop
OleCreateFromData
DoDragDrop
OleRun
CLSIDFromProgID
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleCreateLinkFromData
StgOpenStorageOnILockBytes
StgIsStorageFile
CreateGenericComposite
CreateILockBytesOnHGlobal
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
StgCreateDocfileOnILockBytes
WriteClassStm
GetHGlobalFromILockBytes
StgOpenStorage
OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
CLSIDFromString
StringFromGUID2
CreateStreamOnHGlobal
CoDisconnectObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoInitialize
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
SetConvertStg
OleRegGetUserType
OleDuplicateData
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CreateBindCtx
CoTreatAsClass
WriteClassStg
ReadClassStg
CoTaskMemAlloc
StringFromCLSID
ReleaseStgMedium
OleGetClipboard
CoTaskMemFree
OleCreateLinkToFile
OleCreateFromFile
OleLoad
OleSave
OleSaveToStream
OleSetContainedObject
OleGetIconOfClass
CreateDataAdviseHolder
CreateOleAdviseHolder
GetRunningObjectTable
OleIsRunning
CoGetMalloc
OleCreateStaticFromData
OleQueryLinkFromData
OleQueryCreateFromData
CoLockObjectExternal

oleaut32

LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysReAllocStringLen
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCreate
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayRedim
SafeArrayGetDim
SafeArrayGetElemsize
SysAllocString
SafeArrayGetLBound
SafeArrayLock
SafeArrayUnlock
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElement
SafeArrayPutElement
SafeArrayCopy
SafeArrayPtrOfIndex
VariantCopy
VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromDec
VarDecFromStr
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantClear
VariantChangeType
SafeArrayGetUBound
VariantInit

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

bcrypt

BCryptGenerateSymmetricKey
BCryptCreateHash
BCryptSetProperty
BCryptHashData
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptFinishHash
BCryptGenRandom
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptDestroyKey
BCryptDeriveKeyPBKDF2
BCryptEncrypt

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
???????/Zip2Dir_chn/Zip2Dir.htm
.html
???????/Zip2Dir_chn/Zip2Dir.ini
???????/Zip2Dir_chn/Zip2Dir_x64.dll
.dll windows:5 windows x64 arch:x64

80477f821f7100665079aac89ae5aaf6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
lstrcpyA
lstrcmpiW
lstrcpyW
lstrlenW
FindFirstFileW
FindClose
Sleep
GetProcessId
CloseHandle
lstrcmpW
RaiseException
HeapReAlloc
GetCurrentThreadId
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetLastError
HeapFree
HeapAlloc
RtlPcToFileHeader
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetModuleHandleW
GetProcAddress
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
HeapCreate
HeapDestroy
RtlUnwindEx
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
HeapSize
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

user32

SetMenuItemBitmaps
MessageBoxW
SendMessageW
InsertMenuW
EnumWindows
GetWindowThreadProcessId
GetWindowTextW
GetSystemMetrics
GetSysColor
DrawIconEx
DestroyIcon
LoadImageW
WaitForInputIdle

gdi32

CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
SetBrushOrgEx
SetBkColor
ExtTextOutW
DeleteDC
DeleteObject

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

DragQueryFileW
ShellExecuteExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c59cbccfb73f15391cfea8f0ddce09a1

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

kernel32

Exports

Exports

Sections

.text Size: 909KB - Virtual size: 909KB

.rdata Size: 145KB - Virtual size: 145KB

.data Size: 3KB - Virtual size: 37KB

.gfids Size: 512B - Virtual size: 232B

.rsrc Size: 95KB - Virtual size: 94KB

.reloc Size: 36KB - Virtual size: 35KB

8c6b5a1595ef4ddda555dcb0ead74215

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 349KB - Virtual size: 348KB

.data Size: 22KB - Virtual size: 48KB

.gfids Size: 106KB - Virtual size: 105KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 123KB - Virtual size: 123KB

3967b42a6c725b15f33f09621649d94f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.text1 Size: 4KB - Virtual size: 72B

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 12KB

.data1 Size: 4KB - Virtual size: 668B

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 4KB - Virtual size: 3KB

69e70a468ab941fdb9038b8e4e220683

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

.text
Size: 909KB - Virtual size: 909KB

.rdata
Size: 145KB - Virtual size: 145KB

.data
Size: 3KB - Virtual size: 37KB

.gfids
Size: 512B - Virtual size: 232B

.rsrc
Size: 95KB - Virtual size: 94KB

.reloc
Size: 36KB - Virtual size: 35KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 349KB - Virtual size: 348KB

.data
Size: 22KB - Virtual size: 48KB

.gfids
Size: 106KB - Virtual size: 105KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 123KB - Virtual size: 123KB

.text
Size: 24KB - Virtual size: 23KB

.text1
Size: 4KB - Virtual size: 72B

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 12KB

.data1
Size: 4KB - Virtual size: 668B

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 42KB - Virtual size: 1.1MB

.pdata
Size: 193KB - Virtual size: 192KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 80KB - Virtual size: 79KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 954B