1b3db33cc3dd3ccd657db61f4a516cd36bb7a1463fcfb3f9a7be01f74c03a4b6

Sharing

Copy URL Twitter E-mail

General

Target

1b3db33cc3dd3ccd657db61f4a516cd36bb7a1463fcfb3f9a7be01f74c03a4b6
Size

11.9MB
MD5

643b110cf9fddf3a77154b1a14c01998
SHA1

41b35bc670f079e8e92620f625fcc03f8f87c546
SHA256

1b3db33cc3dd3ccd657db61f4a516cd36bb7a1463fcfb3f9a7be01f74c03a4b6
SHA512

d716399469c71018e6fe51be9be3cef28be6c7fe3ea5f1d585eae2d74c51c197650a5577e22913d5242a1201260fa26fdae160fadd4827d1d0a8ed2342af744c
SSDEEP

196608:eNdsTN3GJC6p31IDr0wqISpJ/ApsE5GWWnw9Y7kJ8vSJf/dWFHwKdF9GA:eNdOiC67ID4wqprYCEunwuhyfVWxF9G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3db33cc3dd3ccd657db61f4a516cd36bb7a1463fcfb3f9a7be01f74c03a4b6

Files

1b3db33cc3dd3ccd657db61f4a516cd36bb7a1463fcfb3f9a7be01f74c03a4b6
.exe windows:6 windows x86 arch:x86

3290db022828f1de86b18b16b9c41aa6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleExW
HeapValidate
GetDriveTypeW
GetFullPathNameW
GetConsoleCP
HeapQueryInformation
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
GetStdHandle
GetFileType
WriteConsoleW
OutputDebugStringW
QueryPerformanceFrequency
SetStdHandle
ExitProcess
SetFilePointerEx
GetConsoleMode
ReadConsoleW
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleOutputCP
GetCurrentDirectoryW
SetEnvironmentVariableW
DeleteFileW
CreateFileW
SetConsoleMode
ReadConsoleInputW
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetTimeZoneInformation
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
VirtualQuery
RaiseException
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
SearchPathA
GetTickCount64
GetTempPathA
GetUserDefaultLCID
GetTempFileNameA
VerifyVersionInfoA
VerSetConditionMask
GetWindowsDirectoryA
GetCurrentDirectoryA
GetFileTime
GetFileSizeEx
GetFileAttributesExA
GetFileAttributesA
FindResourceExW
GetACP
GetOEMCP
GetUserDefaultUILanguage
GetLocaleInfoW
GetHandleInformation
DuplicateHandle
GetVolumeInformationA
UnlockFile
SetEndOfFile
ReadFile
LockFile
GetFullPathNameA
FlushFileBuffers
RtlUnwind
GlobalFlags
GetProfileIntA
GetVersionExA
ResumeThread
SetThreadPriority
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
GetCurrentProcessId
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CompareStringA
GetAtomNameA
GlobalGetAtomNameA
lstrcmpA
LoadLibraryW
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
CopyFileA
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalSize
GlobalAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindClose
FileTimeToLocalFileTime
GetCPInfo
LCMapStringEx
LocalFree
EncodePointer
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
FormatMessageA
RemoveDirectoryA
GetModuleFileNameW
MoveFileA
FreeResource
FindResourceA
VirtualProtect
GetFileSize
CreateFileA
SetFilePointer
WriteFile
K32QueryWorkingSet
VirtualFreeEx
lstrcmpiA
CreateRemoteThread
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
VirtualAllocEx
GetProcAddress
DecodePointer
SetFileAttributesA
HeapAlloc
FindResourceW
LoadResource
GetSystemInfo
CloseHandle
HeapReAlloc
lstrcpyA
Process32Next
LockResource
LoadLibraryA
K32GetProcessMemoryInfo
GetLastError
Sleep
GetModuleFileNameA
MultiByteToWideChar
CreateToolhelp32Snapshot
HeapSize
OpenProcess
GetModuleHandleA
Module32First
WaitForSingleObject
InitializeCriticalSectionEx
FindNextFileA
Module32Next
TerminateProcess
VirtualAlloc
GetCurrentProcess
SetLastError
HeapFree
FindFirstFileA
WriteProcessMemory
Process32First
SizeofResource
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetModuleHandleA
CreateEventA
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Thread32First
GetCurrentProcessId
GetCurrentThreadId
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
WriteProcessMemory
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
GetProcessAffinityMask
SetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
Sleep
LoadLibraryA
FreeLibrary
GetTickCount
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFree
LocalAlloc
LocalFree
GetProcAddress
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleW
LoadResource
MultiByteToWideChar
FindResourceExW
FindResourceExA
WideCharToMultiByte
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
CreateFileW
LoadLibraryW
GetLastError
FlushFileBuffers
WriteConsoleW
SetStdHandle
IsProcessorFeaturePresent
DecodePointer
GetCommandLineA
RaiseException
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
HeapSize
WriteFile
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CheckDlgButton
MoveWindow
NotifyWinEvent
LoadCursorW
SetParent
GetDesktopWindow
WindowFromPoint
HideCaret
EnableScrollBar
ShowScrollBar
LockWindowUpdate
RedrawWindow
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
SetForegroundWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
KillTimer
SetTimer
SetCapture
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
PostThreadMessageA
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconW
LoadIconA
CallNextHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
SendDlgItemMessageA
AdjustWindowRectEx
GetWindowRect
GetClientRect
RemovePropA
GetPropA
SetPropA
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetKeyState
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
DefWindowProcA
GetMessageTime
GetMessagePos
DispatchMessageA
RegisterWindowMessageA
GetMenuCheckMarkDimensions
GetFocus
GetMessageA
ReleaseCapture
SetCursor
InflateRect
CopyRect
ScreenToClient
GetForegroundWindow
MessageBoxA
ShowWindow
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
GetLastActivePopup
GetWindowThreadProcessId
GetParent
GetWindowLongA
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadBitmapW
InvertRect
FrameRect
FillRect
GetAsyncKeyState
RealChildWindowFromPoint
GetKeyNameTextA
MapVirtualKeyA
DestroyMenu
SystemParametersInfoA
TranslateMessage
DestroyIcon
CharUpperA
LoadAcceleratorsA
TranslateAcceleratorA
IntersectRect
LoadImageA
SetWindowTextA
IsDialogMessageA
CreateDialogIndirectParamA
EndDialog
GetCursorPos
SetRect
OffsetRect
MapWindowPoints
SetRectEmpty
PeekMessageA
PostQuitMessage
IsMenu
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
SendMessageA
PostMessageA
IsWindow
TabbedTextOutA
MapDialogRect
GetWindowTextA
ReuseDDElParam
GetWindowTextLengthA
DrawEdge
DrawFrameControl
LoadMenuA
LoadMenuW
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
ModifyMenuA
DeleteMenu
SetMenuItemBitmaps
InsertMenuItemA
GetMenuItemInfoA
SetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
DrawIcon
DrawTextA
DrawTextExA
GrayStringA
DrawStateA
GetSysColorBrush
DrawFocusRect
DestroyCursor
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
IsClipboardFormatAvailable
CharUpperBuffA
RegisterClipboardFormatA
GetDoubleClickTime
CopyAcceleratorTableA
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
WaitMessage
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
CopyIcon
SetCursorPos
SetClassLongA
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
MessageBeep
GetIconInfo
DrawIconEx
LoadAcceleratorsW
LoadImageW
TrackMouseEvent
UnionRect
IsRectEmpty
GetClipboardFormatNameA
UnpackDDElParam
CopyImage
CharUpperBuffW

gdi32

CreateHatchBrush
CreatePalette
CreatePen
CreatePatternBrush
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateSolidBrush
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBoundsRect
GetNearestPaletteIndex
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetStockObject
GetTextColor
GetTextExtentPoint32A
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SelectObject
SetPaletteEntries
SetPixel
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsA
CreateEllipticRgn
GetObjectA
TextOutA
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceA
DeleteObject
ExcludeClipRect
GetClipBox
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
EnumFontFamiliesExA
GetSystemPaletteEntries
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
CreateDIBSection
SetDIBColorTable
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
BitBlt
ExtTextOutA
CopyMetaFileA
CreateDCA
GetDeviceCaps
DeleteDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
AllocateAndInitializeSid
FreeSid
CheckTokenMembership
AdjustTokenPrivileges
RegCloseKey
RegQueryValueExA
LookupPrivilegeValueA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragFinish
DragQueryFileA
SHGetDesktopFolder
ShellExecuteA
ShellExecuteExA
SHBrowseForFolderA
SHAppBarMessage
SHGetFileInfoA

shlwapi

PathStripToRootA
PathIsUNCA
PathRemoveFileSpecW
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
StrFormatKBSizeA

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetWindowTheme
GetThemeSysColor
OpenThemeData
DrawThemeBackground
CloseThemeData

ole32

OleLockRunning
RevokeDragDrop
RegisterDragDrop
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitialize
CoInitializeEx
CoUninitialize
CoDisconnectObject
CoCreateInstance
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID

oleaut32

LoadTypeLi
VarBstrFromDate
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
SysAllocStringByteLen
SysFreeString

gdiplus

GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateFromHDC
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipSetInterpolationMode
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

winmm

PlaySoundA

Exports

Exports

��N��JC�b�Μ>zcM��WSn$��o�M�#�.�N��),�p�ZŐ�h� ۢ��'�>L\�Ǡ�'��Ā!�5��[��2li��P5t"�'��I�R<�f��4��/��v��c��*X��:��0�|[ ��ޱd�%G�h$J�P[d�P�O2kʐ�i&�cI}�n�t�D�\�j�A��'�q�۔ ~Cq��3tS��_��n;�9�4 ��.D�L��XA5]�.�'�rscdJ�k'O��:�@��ۿ8�G��ja�?9O�R��vy��&��`��sJXk��B� {�x:h��z��_��cC|��}j�b �1{�9<5 ��&��@2l��O��E��٭��C1 �Fϴ��Fo��3��x��ˉ��L� &�p�U�]�] ��oI�<�V��<��#��7��atA�ͻVw$dڛb�}^j� ��RV�O��.S�W�څ�C�)>�ê�7YZ8��h�( �7Ԡ�ξ��?�q/�M��e��*%�Ȗ�w 0TC�ܦ ��^K��g�]:F��R5��^}�Z�3V��C!d��BnI�u��c"#�<�]��)OMR ��Ù��Q�yH��0��J��=��s~��H89�Fr��\<�� i()��'k��d%َ�O��`�`��u�� (��|Z��\!+V)�x�W Y �@��.2� ��rm��#n�}I��|�G� *��dZJ��hF��0dm��W�;0�� mW��@ /G*ߴ�sާ�9W�?��n�ƹ�u��l�M{�el�;E]׵:��B��w��Wb�ׄQ�"|��([노5�~��'�ڲ�]�9` �$K�F;(��$� Iv�{�9��O?N�]kH��}o��T��t�D��.�2ZQ��0��t�q ��B��H!/ga�t_~&N!�T�w�g�d7��.�f�,�f�a(�X~Β�`~y�j4z� ��_x�f�gW�W�z� Ѧ̒�v#��Z��W�#o��1�%/V�%��6�Eڬ4ր��!�l��#�gys��m�k�,g2��e�zթP;]��[Xw$�/{\A'��"Q{x�A&#f;�0��˃��,T�I�dS�!��[��E��<�q˳*Io��8�"H�R̢��f��J)B�1-��Y��S^|A��v��qb P�J"�D�X��u�s� �Z� ��]�eޖ��v�C��@8��?� <�_~�2{?�]��9o��_kZY�n]{��X��k�=��)��m> Z@�u��a��S�H!z��`{�@��Ѽ��s<I#5��V�~��a2��r�@B�l�Jk�O;��*��p�3�q/�۫�F#b�0^S��ڻQ��i��Q��-D�`~��5��*6\� su��7��>lt5QŨ%=��%��N+@}̅g�d�[��J�A��w&�:��:�q8�fr�Io;@ȭ��Z琫�g�0��V�|��s��NL�V��i^�S�om��^��B�P�'��F&sS銪��"vu�l��8!�ԉ��sG/q�l�[11v4t�4��1>a��t�oa܏��-( JN��%��)��t�m ��v1��P?q��s��g_�1��,�R"��3�� 4�L�(��v��?�]�տ%܊=��(��ϯq_2��x�v� &`��X�z]}hR��1c0�$��b�m��,�oX�ι2 �Q��Ct'В8�]B�pL��]�H� ��R.G�r!9��`=��-�8��)԰��P^L��W[G4δ��Z��Ĺ�4�f*�*n�\��Sɹ=�$c� ]��U�b�(䡬<IJ7�(ӝ�=k'g�~�3�qn�?��C؏��SB��KB��H�?e5LY��J�"��H�]ɇ��gA&�Z��I�jR��vi�L�(�^5,��x�d��ʨ�� uW��W��F��˘#�g��]��{F��ࣕ�=��)�h��ę��{�^$��(��O�m,�P��Pd�<.ܨ�x��}Ob�$�3�=��"oMv��o��iP�DqZf\��y=��ٹ9l[��o8�448�cO7i F!�mHI��]��*��%p��2xƅ��^6�H��6/kƯG�î��Wf��:J��E�i޿>nV�%Y�}w(Q^��t��3�p�� :��>v��l��B7��)��2��=��4�wõ��I:��q��g��>� ��M��ҙ�vG��4F�rT�S\pdL Ek�v{`%�3��^Z߰b��t�'9Q�Zrks�D��JFR�e�3Z�+g�whyW��<��~��X��ȹ�^�__�z�߭� �� ܦ��4��G<�?{��9!��0nX|��B�/��:��T�| �yP��5#PV�(��T��cs��A8b��}q�Z�b�-�+�~��[��۞��,�B��o� sY<��ډ;��eY�Ē�eV�#�,�kG x� �i��7!�f�2��p?�Z��a�4z �+��Ygy�ؤ/��5'�ڞ��1:I)��+�pY@2�(�{�fxC��^2�AeV��B�굊��;��;(�h�[_�#�]��^�}$��k<.Ş�,��q��k��\g6lP p�r��!�^�NɈ0p��`x�ge��y\H�l<gX�Z3 y@x~�S(�dc獎T��4Z�,�z��G��D�r��P��ٴ �ݨ?Ԡ�+��#0�fAl9��?��~�L iV��UK��gea>ݴ�� '�WP��®hM�q ��P��_?�3x&؃o�Uq<�� Yz)j�'?5e<

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 493KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KJb
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.u;S
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.(Cj
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3290db022828f1de86b18b16b9c41aa6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 493KB - Virtual size: 493KB

.data Size: 21KB - Virtual size: 49KB

.KJb Size: 3.6MB - Virtual size: 3.6MB

.u;S Size: 3KB - Virtual size: 3KB

.(Cj Size: 2.3MB - Virtual size: 2.3MB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 493KB - Virtual size: 493KB

.data
Size: 21KB - Virtual size: 49KB

.KJb
Size: 3.6MB - Virtual size: 3.6MB

.u;S
Size: 3KB - Virtual size: 3KB

.(Cj
Size: 2.3MB - Virtual size: 2.3MB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB