2024-07-26_8275ba788d7288cc01425b67a5724cb0_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-07-26_8275ba788d7288cc01425b67a5724cb0_icedid
Size

4.8MB
MD5

8275ba788d7288cc01425b67a5724cb0
SHA1

5744c5abaf12c0e99fc9e52509a48cd8d7541945
SHA256

f82ca1ae1912a872b2a7aa9f2955a0692a5879f993add3ee88d320cd72362ed7
SHA512

3144505b86c2dc8d738d0a0c90cccff13e76c783f44d5e5a94b3da0c26415e08b3fb937d995491051b192adc8947b240b81da9362bf256bc830f1401f9cca7c1
SSDEEP

12288:ab8vXo5PQqxh+65F8I75cDGYhrKrUjeDNYp+6p1Y9sjmSGlCE7tLC7E7tLC5boKh:pjAAGYhcUqxYp+6p1Y9idboTevSmlM6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-07-26_8275ba788d7288cc01425b67a5724cb0_icedid

Files

2024-07-26_8275ba788d7288cc01425b67a5724cb0_icedid
.exe windows:5 windows x86 arch:x86

ec1ac40b2df178cdd83c8b152a0631a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WORK\MAIN\Platform\FileHam\Fileham_20131205\src\fileham.com\Bin\FileHamDown.pdb

Imports

kernel32

GetFileSizeEx
GetFileTime
GetModuleHandleW
InterlockedIncrement
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
SetErrorMode
RtlUnwind
RaiseException
ExitThread
CreateThread
ExitProcess
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
GetFileAttributesA
VirtualQuery
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetConsoleCP
GetConsoleMode
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
LocalAlloc
SetEndOfFile
UnlockFile
LockFile
ReadFile
GetThreadLocale
FileTimeToLocalFileTime
FindNextFileA
WritePrivateProfileStringA
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryExA
InterlockedExchange
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetCurrentThreadId
InterlockedDecrement
GetModuleFileNameW
LocalFree
lstrcpynA
GlobalReAlloc
GetFileSize
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
FreeLibrary
GetVersionExA
GetSystemInfo
GetExitCodeThread
FreeResource
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
GlobalAlloc
ResetEvent
SetCurrentDirectoryA
FindFirstFileA
FindClose
GetVolumeInformationA
GetCommandLineA
InitializeCriticalSection
GetPrivateProfileStringA
lstrcmpA
CreateEventA
GetTickCount
GetDiskFreeSpaceExA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcpyA
lstrlenW
CreateMutexA
FileTimeToSystemTime
LoadLibraryA
lstrlenA
SetEvent
Sleep
GetFullPathNameA
MultiByteToWideChar
OpenProcess
CreateToolhelp32Snapshot
Thread32First
OpenThread
TerminateThread
Thread32Next
GetModuleHandleA
GetCurrentProcess
DuplicateHandle
GetExitCodeProcess
GetProcAddress
CreateRemoteThread
SetLastError
WaitForSingleObject
TerminateProcess
FormatMessageA
FlushFileBuffers
GetLocalTime
GetModuleFileNameA
CreateFileA
SetFilePointer
WriteFile
CloseHandle
VirtualAlloc
GetCurrentProcessId
VirtualFree
WideCharToMultiByte
GetCurrentThread
QueryPerformanceCounter
FindResourceA
LoadResource
LockResource
SizeofResource
VirtualProtect
GetLastError

user32

SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
EnableMenuItem
CheckMenuItem
WinHelpA
IsChild
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
GetMenu
IntersectRect
IsIconic
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
SetWindowPos
SetFocus
IsWindowEnabled
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetNextDlgGroupItem
GetDlgItem
EndPaint
BeginPaint
GetWindowDC
SetWindowsHookExA
CallNextHookEx
GetMessageA
ValidateRect
UnhookWindowsHookEx
GetMenuState
GetWindowThreadProcessId
GetWindowLongA
GetWindow
GetParent
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetAsyncKeyState
BringWindowToTop
FrameRect
ShowScrollBar
LockWindowUpdate
DefWindowProcA
GetDesktopWindow
ScreenToClient
DrawFrameControl
SystemParametersInfoA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IsRectEmpty
GetFocus
SetWindowRgn
PostQuitMessage
EndDialog
GetNextDlgTabItem
MapDialogRect
SetWindowContextHelpId
GetActiveWindow
CallWindowProcA
CharUpperA
GetSysColorBrush
UnregisterClassA
CharNextA
CopyAcceleratorTableA
MoveWindow
InvalidateRgn
FindWindowA
SendMessageA
PostMessageA
RegisterWindowMessageA
SetRect
EqualRect
GetWindowRect
GetClientRect
InvalidateRect
IsWindowVisible
SetTimer
KillTimer
RegisterClipboardFormatA
PostThreadMessageA
CreateDialogIndirectParamA
EnableWindow
LoadCursorA
IsWindow
GetClassInfoA
ExitWindowsEx
LoadBitmapA
AppendMenuA
GetSystemMenu
UpdateWindow
SetForegroundWindow
LoadIconA
GetKeyState
ShowWindow
ReplyMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetWindowLongA
FillRect
SetCursor
RedrawWindow
MessageBeep
LoadImageA
DrawIconEx
DestroyIcon
ReleaseCapture
GetSystemMetrics
WindowFromPoint
SetCapture
GetCapture
ClientToScreen
OffsetRect
InflateRect
PtInRect
CreatePopupMenu
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
DestroyMenu
MessageBoxA
CopyRect
GetDC
ReleaseDC
GetSysColor

gdi32

CreateRectRgnIndirect
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
BitBlt
LineTo
GetClipBox
SetTextColor
SetBkMode
RestoreDC
SaveDC
GetTextExtentPointA
GetCurrentObject
GetTextMetricsA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetBkColor
CreateRectRgn
CreatePen
CreateDIBSection
ExtCreateRegion
CombineRgn
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
Rectangle
DeleteDC
SelectObject
CreateSolidBrush
CreateFontA
CreateFontIndirectA
GetStockObject
GetDeviceCaps
DeleteObject
GetTextExtentPoint32A
StretchBlt
CreateCompatibleBitmap
GetObjectA
CreateCompatibleDC
MoveToEx

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegEnumKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA

shell32

SHGetFileInfoA
SHGetSpecialFolderPathA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathGetArgsA
PathFindExtensionA
PathFileExistsA
PathIsDirectoryA
PathRemoveFileSpecW
PathStripToRootA
PathIsUNCA
UrlUnescapeA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoRevokeClassObject
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc

oleaut32

VariantCopy
SafeArrayDestroy
OleCreateFontIndirect
VariantInit
VariantChangeType
SysAllocStringByteLen
SysStringLen
VariantClear
SysAllocString
SysAllocStringLen
SysFreeString
SystemTimeToVariantTime
VariantTimeToSystemTime

version

VerQueryValueA
GetFileVersionInfoA

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

v_down

?InitNodeLib@@YAXPAD@Z
?OnStart_Download@@YAHH@Z
?OnStop_Download@@YAXXZ
?GetStatus@@YAHXZ
?SetDownloadFile@@YAXPA_W00_J@Z
?SetDownMainSvrInfo@@YAXPADHH@Z
?GetSpeed@@YAHXZ
?GetDownSize@@YA_JXZ
?GetStartPoint@@YA_JXZ

wininet

InternetOpenUrlA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA

wsock32

WSASetLastError
htons
gethostbyname
ioctlsocket
WSAGetLastError
WSACleanup
WSAStartup
setsockopt
closesocket
inet_addr

nat

ord16
ord17
ord23
ord5
ord7
ord21
ord18
ord22
ord15

ws2_32

WSASocketA
WSARecv
WSASend
WSAConnect
WSAWaitForMultipleEvents

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

??0CXListCtrl@@QAE@XZ
??1CXListCtrl@@UAE@XZ
??_7CXListCtrl@@6B@
?CountCheckedItems@CXListCtrl@@QAEHH@Z
?DeleteAllItems@CXListCtrl@@QAEHXZ
?DeleteAllToolTips@CXListCtrl@@QAEXXZ
?DeleteItem@CXListCtrl@@QAEHH@Z
?DeleteProgress@CXListCtrl@@QAEXHH@Z
?DrawButton@CXListCtrl@@IAEHHHPAVCDC@@KKAAVCRect@@PAUXLISTCTRLDATA@@@Z
?DrawCheckbox@CXListCtrl@@IAEXHHPAVCDC@@KKAAVCRect@@PAUXLISTCTRLDATA@@@Z
?DrawComboBox@CXListCtrl@@IAEXHH@Z
?DrawEdit@CXListCtrl@@IAEXHH@Z
?DrawImage@CXListCtrl@@IAEHHHPAVCDC@@KKVCRect@@PAUXLISTCTRLDATA@@@Z
?DrawItem@CXListCtrl@@UAEXPAUtagDRAWITEMSTRUCT@@@Z
?DrawProgress@CXListCtrl@@IAEXHHPAVCDC@@KKAAVCRect@@PAUXLISTCTRLDATA@@@Z
?DrawSubItemText@CXListCtrl@@IAEHHHPAVCDC@@KKAAVCRect@@PAUXLISTCTRLDATA@@@Z
?EnableHeaderDividerLines@CXListCtrl@@QAEXH@Z
?FindDataItem@CXListCtrl@@QAEHK@Z
?GetAllowUserInput@CXListCtrl@@QAEHHH@Z
?GetBold@CXListCtrl@@QAEHHH@Z
?GetButtonText@CXListCtrl@@QAE?AV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@HH@Z
?GetButtonWidth@CXListCtrl@@QAEHHH@Z
?GetCellPadding@CXListCtrl@@QAEHXZ
?GetCheckedState@CXListCtrl@@QAEHHH@Z
?GetColors@CXListCtrl@@IAEXXZ
?GetColumns@CXListCtrl@@QAEHXZ
?GetComboText@CXListCtrl@@QAE?AV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@HH@Z
?GetCurSel@CXListCtrl@@QAEHXZ
?GetDrawColors@CXListCtrl@@IAEXHHAAK0@Z
?GetEllipsis@CXListCtrl@@QAEHXZ
?GetEnabled@CXListCtrl@@QAEHH@Z
?GetExtendedStyleX@CXListCtrl@@QAEKXZ
?GetHeaderAlignment@CXListCtrl@@QAEIXZ
?GetHeaderCheckedState@CXListCtrl@@QAEHH@Z
?GetHeaderItem@CXListCtrl@@QAEHHPAU_HD_ITEMA@@@Z
?GetHeaderSpacing@CXListCtrl@@QAEHXZ
?GetHeaderTextColor@CXListCtrl@@QAEKXZ
?GetItemColors@CXListCtrl@@QAEHHHAAK0@Z
?GetItemCount@CXListCtrl@@QAEHXZ
?GetItemData@CXListCtrl@@QAEKH@Z
?GetItemHeight@CXListCtrl@@QAEHXZ
?GetItemIcon@CXListCtrl@@QAEPAUHICON__@@HH@Z
?GetItemImage@CXListCtrl@@QAEHHH@Z
?GetItemToolTipText@CXListCtrl@@QAE?AV?$CStringT@DV?$StrTraitMFC@DV?$ChTraitsCRT@D@ATL@@@@@ATL@@HH@Z
?GetListModified@CXListCtrl@@QAEHXZ
?GetMessageMap@CXListCtrl@@MBEPBUAFX_MSGMAP@@XZ
?GetModified@CXListCtrl@@QAEHHH@Z
?GetNextCheckItem@CXListCtrl@@QAEHH_N@Z
?GetProgress@CXListCtrl@@QAEHHH@Z
?GetSubItemAlignment@CXListCtrl@@QAEIHH@Z
?GetSubItemRect@CXListCtrl@@QAEHHHHAAVCRect@@@Z
?GetThisMessageMap@CXListCtrl@@KGPBUAFX_MSGMAP@@XZ
?GetXHeaderCtrl@CXListCtrl@@QAEPAVCXHeaderCtrl@@XZ
?InsertColumn@CXListCtrl@@QAEHHPBDHHHH@Z
?InsertColumn@CXListCtrl@@QAEHHPBUtagLVCOLUMNA@@@Z
?InsertItem@CXListCtrl@@QAEHHPBD@Z
?InsertItem@CXListCtrl@@QAEHHPBDKK@Z
?InsertItem@CXListCtrl@@QAEHPBUtagLVITEMA@@@Z
?LoadColumns@CXListCtrl@@UAEHPBD0@Z
?MeasureItem@CXListCtrl@@QAEXPAUtagMEASUREITEMSTRUCT@@@Z
?OnCancelEditLabel@CXListCtrl@@IAEJIJ@Z
?OnClick@CXListCtrl@@IAEHPAUtagNMHDR@@PAJ@Z
?OnColumnClick@CXListCtrl@@IAEHPAUtagNMHDR@@PAJ@Z
?OnComboComplete@CXListCtrl@@IAEJIJ@Z
?OnComboEscape@CXListCtrl@@IAEJIJ@Z
?OnCreate@CXListCtrl@@IAEHPAUtagCREATESTRUCTA@@@Z
?OnCustomDraw@CXListCtrl@@IAEXPAUtagNMHDR@@PAJ@Z
?OnDestroy@CXListCtrl@@IAEXXZ
?OnEraseBkgnd@CXListCtrl@@IAEHPAVCDC@@@Z
?OnGetEditControl@CXListCtrl@@IAEJIJ@Z
?OnHeaderCheckboxClicked@CXListCtrl@@IAEJIJ@Z
?OnKeyDown@CXListCtrl@@IAEXIII@Z
?OnLButtonDblClk@CXListCtrl@@IAEXIVCPoint@@@Z
?OnLButtonDown@CXListCtrl@@IAEXIVCPoint@@@Z
?OnLButtonUp@CXListCtrl@@IAEXIVCPoint@@@Z
?OnMeasureItem@CXListCtrl@@QAEXHPAUtagMEASUREITEMSTRUCT@@@Z
?OnMouseMove@CXListCtrl@@IAEXIVCPoint@@@Z
?OnMouseWheel@CXListCtrl@@IAEHIFVCPoint@@@Z
?OnNcLButtonDown@CXListCtrl@@IAEXIVCPoint@@@Z
?OnPaint@CXListCtrl@@IAEXXZ
?OnRButtonDown@CXListCtrl@@IAEXIVCPoint@@@Z
?OnSysColorChange@CXListCtrl@@IAEXXZ
?OnTimer@CXListCtrl@@IAEXI@Z
?OnToolHitTest@CXListCtrl@@UBEHVCPoint@@PAUtagTOOLINFOA@@@Z
?OnToolTipText@CXListCtrl@@MAEHIPAUtagNMHDR@@PAJ@Z
?OnXButtonClicked@CXListCtrl@@IAEJIJ@Z
?OnXEditEscape@CXListCtrl@@IAEJIJ@Z
?OnXEditKillFocus@CXListCtrl@@IAEJIJ@Z
?PreSubclassWindow@CXListCtrl@@UAEXXZ
?ProcessMouseOverButton@CXListCtrl@@IAEXHHVCPoint@@PAUXLISTCTRLDATA@@@Z
?ProcessMouseOverCheckbox@CXListCtrl@@IAEXHHVCPoint@@PAUXLISTCTRLDATA@@@Z
?PtInButtonRect@CXListCtrl@@IAEHHHUtagPOINT@@@Z
?PtInCheckboxRect@CXListCtrl@@IAEHHHUtagPOINT@@@Z
?ResetCurrentButton@CXListCtrl@@IAEXXZ
?ResetCurrentCheckbox@CXListCtrl@@IAEXXZ
?SaveColumns@CXListCtrl@@UAEXPBD0@Z
?SendLabelEditMessage@CXListCtrl@@IAEHIHHPBDH@Z
?SendRegisteredMessage@CXListCtrl@@IAEXIHH@Z
?SetAllowUserInput@CXListCtrl@@QAEHHHH@Z
?SetBold@CXListCtrl@@QAEHHHH@Z
?SetButton@CXListCtrl@@QAEHHHPBDH@Z
?SetButtonText@CXListCtrl@@QAEHHHPBD@Z
?SetButtonWidth@CXListCtrl@@QAEHHHH@Z
?SetCellPadding@CXListCtrl@@QAEXH@Z
?SetCheckbox@CXListCtrl@@QAEHHHH@Z
?SetCheckedState@CXListCtrl@@QAEXHHH@Z
?SetComboBox@CXListCtrl@@QAEHHHHPAVCStringArray@@HHH@Z
?SetCurSel@CXListCtrl@@QAEHHH@Z
?SetEdit@CXListCtrl@@QAEHHH@Z
?SetEllipsis@CXListCtrl@@QAEHH@Z
?SetEmptyMessage@CXListCtrl@@QAEXPBDK@Z
?SetEnabled@CXListCtrl@@QAEHHH@Z
?SetExtendedStyleX@CXListCtrl@@QAEKK@Z
?SetHeaderAlignment@CXListCtrl@@QAEXI@Z
?SetHeaderCheckedState@CXListCtrl@@QAEHHH@Z
?SetHeaderItem@CXListCtrl@@QAEHHPAU_HD_ITEMA@@@Z
?SetHeaderSpacing@CXListCtrl@@QAEXH@Z
?SetHighLlightColor@CXListCtrl@@QAEXK@Z
?SetItem@CXListCtrl@@QAEHPBUtagLVITEMA@@@Z
?SetItemColors@CXListCtrl@@QAEXHHKK@Z
?SetItemData@CXListCtrl@@QAEHHK@Z
?SetItemHeight@CXListCtrl@@QAEXH@Z
?SetItemIcon@CXListCtrl@@QAEHHHPAUHICON__@@@Z
?SetItemImage@CXListCtrl@@QAEHHHH@Z
?SetItemText@CXListCtrl@@QAEHHHPBD@Z
?SetItemText@CXListCtrl@@QAEHHHPBDK@Z
?SetItemText@CXListCtrl@@QAEHHHPBDKK@Z
?SetItemToolTipText@CXListCtrl@@QAEHHHPBD@Z
?SetLineColor@CXListCtrl@@QAEXKK@Z
?SetListModified@CXListCtrl@@QAEXH@Z
?SetModified@CXListCtrl@@QAEXHHH@Z
?SetProgress@CXListCtrl@@QAEHHHHPBD@Z
?SetProgressBitmap@CXListCtrl@@QAEXII@Z
?SetRowHeight@CXListCtrl@@QAEHH@Z
?SetSubItemAlignment@CXListCtrl@@QAEXHHI@Z
?SetTransReDraw@CXListCtrl@@QAEXXZ
?SubclassHeaderControl@CXListCtrl@@IAEXXZ
?UpdateProgress@CXListCtrl@@QAEXHHH@Z
?UpdateProgress@CXListCtrl@@QAEXHHHPBDKK@Z
?UpdateSubItem@CXListCtrl@@QAEXHH@Z
?WM_XLISTCTRL_BUTTON_CLICKED@@3IA
?WM_XLISTCTRL_CHECKBOX_CLICKED@@3IA
?WM_XLISTCTRL_COMBO_SELECTION@@3IA
?WM_XLISTCTRL_EDIT_END@@3IA

Sections

.text
Size: 470KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec1ac40b2df178cdd83c8b152a0631a1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

psapi

v_down

wininet

wsock32

nat

ws2_32

oleacc

Exports

Exports

Sections

.text Size: 470KB - Virtual size: 469KB

.rdata Size: 112KB - Virtual size: 111KB

.data Size: 19KB - Virtual size: 34KB

.rsrc Size: 4.2MB - Virtual size: 4.2MB

.text
Size: 470KB - Virtual size: 469KB

.rdata
Size: 112KB - Virtual size: 111KB

.data
Size: 19KB - Virtual size: 34KB

.rsrc
Size: 4.2MB - Virtual size: 4.2MB