b03d6daa6db2d711d5da766a526edc4701042856de52883a9f5c28e088b167a9

Sharing

Copy URL Twitter E-mail

General

Target

b03d6daa6db2d711d5da766a526edc4701042856de52883a9f5c28e088b167a9
Size

9.5MB
MD5

bc5724bcb4ad369bfce2696a3e058e1c
SHA1

086da8c0351cf1eef52233969a2c3f173362525b
SHA256

b03d6daa6db2d711d5da766a526edc4701042856de52883a9f5c28e088b167a9
SHA512

0a9c03590751cca405b822ed2f78c36ac38d1fb098977c1cc81499e3132b824b4cf357b019537c35b472a38f4bcc943cc121803a763d8b98b3f8152ca9eadeae
SSDEEP

196608:GzEmddRygpmgC97muYmT4Hx05SRuEe9NEVjDAWLiAU+LFLOyomFHKnPU3WQ1:qqgpxySnesLiAU2FV3W+

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b03d6daa6db2d711d5da766a526edc4701042856de52883a9f5c28e088b167a9

Files

b03d6daa6db2d711d5da766a526edc4701042856de52883a9f5c28e088b167a9
.exe windows:6 windows x86 arch:x86

d1091d28113a5866f9692a5bbe59d13c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

onnxruntime

ord1

kernel32

WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
RemoveDirectoryW
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetStdHandle
HeapQueryInformation
VirtualQuery
GetCommandLineW
GetCommandLineA
ExitThread
GetFileInformationByHandle
GetDriveTypeW
SetFilePointerEx
GetModuleHandleExW
RtlUnwind
CreateTimerQueue
VirtualFree
VirtualAlloc
UnregisterWait
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
CreateThread
InitializeSListHead
RegisterWaitForSingleObject
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
GetEnvironmentVariableA
FreeLibraryAndExitThread
GetThreadTimes
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetTickCount64
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
LCMapStringEx
GetExitCodeThread
SwitchToThread
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
OutputDebugStringW
GetSystemTimeAsFileTime
WaitForSingleObjectEx
ResetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindResourceExW
GetUserDefaultLCID
GetTempFileNameW
GetWindowsDirectoryW
CreateEventA
MapViewOfFile
UnmapViewOfFile
GetStartupInfoW
CreateSemaphoreA
ReleaseSemaphore
SearchPathW
GetProfileIntW
SetErrorMode
VirtualProtect
GlobalGetAtomNameW
GetTempPathW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileTime
GetFileAttributesExW
FileTimeToLocalFileTime
GetThreadLocale
lstrcmpiW
DuplicateHandle
UnlockFile
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
FlushFileBuffers
IsDebuggerPresent
FindFirstFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
CompareStringW
GlobalFindAtomW
GetSystemDirectoryW
EncodePointer
GlobalAddAtomW
ResumeThread
SuspendThread
SetThreadPriority
SetEvent
CopyFileW
FormatMessageW
MulDiv
LocalFree
GlobalSize
VerifyVersionInfoW
GlobalUnlock
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
lstrcpyW
GlobalFree
GetCurrentProcessId
lstrcmpW
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
GetVersionExW
GetCurrentThreadId
GetCurrentThread
GetFileSizeEx
WaitForMultipleObjects
PeekNamedPipe
GetFileType
GetStdHandle
ExpandEnvironmentStringsA
GetTickCount
FormatMessageA
SetLastError
VerifyVersionInfoA
GetSystemDirectoryA
VerSetConditionMask
SleepEx
InitializeCriticalSection
GetModuleHandleExA
GetModuleFileNameA
LoadLibraryA
GetModuleHandleA
FindNextFileA
FindFirstFileExA
FindClose
FreeLibrary
UnlockFileEx
LockFileEx
GetFileAttributesExA
CreateFileA
GetSystemInfo
GetCurrentProcess
QueryPerformanceFrequency
QueryPerformanceCounter
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetTempPathA
GetCurrentDirectoryW
GetFileAttributesW
SetFilePointer
CreateDirectoryW
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
TerminateThread
MoveFileExW
SetHandleInformation
CreatePipe
Sleep
OutputDebugStringA
GetFileSize
DebugBreak
CreateFileW
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetExitCodeProcess
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
ExitProcess
CreateProcessW
WaitForSingleObject
GetLastError
CloseHandle
ReadFile
CreateEventW
WriteFile
GetProcAddress
LoadLibraryW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileMappingA
SignalObjectAndWait
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

CharUpperW
RealChildWindowFromPoint
DeleteMenu
CopyImage
WindowFromPoint
ReleaseCapture
SetCapture
InvalidateRect
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
DestroyMenu
EnableScrollBar
GetDoubleClickTime
GetIconInfo
CharNextW
GetMenuItemInfoW
GetMenuDefaultItem
MessageBoxA
SetScrollInfo
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
AdjustWindowRectEx
GetWindowTextLengthW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
SetForegroundWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
CopyAcceleratorTableW
InvalidateRgn
SetRect
IntersectRect
GetNextDlgGroupItem
MessageBeep
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DestroyIcon
LoadImageW
SetParent
MonitorFromPoint
TrackMouseEvent
SetFocus
GetDlgCtrlID
EndDeferWindowPos
IsZoomed
GetAsyncKeyState
LoadMenuW
GetSystemMenu
NotifyWinEvent
SetCursorPos
UnionRect
BringWindowToTop
CreatePopupMenu
CopyIcon
WaitForInputIdle
SetMenuDefaultItem
PostQuitMessage
PostMessageW
MessageBoxW
FindWindowW
GetWindow
GetClassNameW
GetWindowTextW
GetDesktopWindow
GetForegroundWindow
GetAncestor
IsIconic
IsWindowVisible
FlashWindow
IsWindow
GetWindowRect
GetWindowLongW
IsWindowEnabled
SendMessageW
LoadIconW
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
GetSystemMetrics
GetClientRect
DrawIcon
EnableWindow
UnregisterClassW
PeekMessageW
WaitMessage
SetTimer
KillTimer
GetParent
GetWindowThreadProcessId
GetLastActivePopup
SetWindowPos
SetWindowContextHelpId
MapDialogRect
RegisterWindowMessageW
DrawEdge
DrawFrameControl
GetFocus
DrawStateW
SetWindowRgn
RedrawWindow
MapWindowPoints
GetSysColor
GetSysColorBrush
DrawFocusRect
FillRect
InflateRect
OffsetRect
IsRectEmpty
DrawIconEx
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
DefWindowProcW
GetClassInfoW
SetLayeredWindowAttributes
SetRectEmpty
CopyRect
LoadCursorW
SystemParametersInfoW
GetMonitorInfoW
EnumDisplayMonitors
GetMenuStringW
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
AppendMenuW
RemoveMenu
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
ModifyMenuW
BeginDeferWindowPos
DestroyAcceleratorTable
SetClassLongW
GetUpdateRect
SendDlgItemMessageA
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyW
LoadAcceleratorsW
CreateAcceleratorTableW
UpdateLayeredWindow
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatW
GetKeyNameTextW
SubtractRect
CharUpperBuffW
FrameRect
IsClipboardFormatAvailable
PostThreadMessageW
IsCharLowerW
MapVirtualKeyExW
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
GetComboBoxInfo
CreateMenu
DestroyCursor
GetWindowRgn
LockWindowUpdate
GetCursorPos
PtInRect
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoW
LoadBitmapW
GetKeyState
ValidateRect
ShowOwnedPopups
SetCursor
GetMessagePos
GetMessageTime
CallWindowProcW
RegisterClassW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
GetWindowPlacement
SetWindowPlacement
HideCaret
InvertRect
SendMessageTimeoutW
DeferWindowPos

gdi32

GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
TextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetRgnBox
GetMapMode
SetRectRgn
DPtoLP
RealizePalette
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
GetViewportOrgEx
LPtoDP
GetWindowOrgEx
SetPixelV
GetTextFaceW
DeleteDC
CombineRgn
CreateEllipticRgn
CreateHatchBrush
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
Ellipse
GetBkColor
GetTextColor
GetTextExtentPoint32W
PatBlt
ExtTextOutW
CreatePolygonRgn
Polygon
Polyline
GetTextMetricsW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
DeleteObject
EnumFontFamiliesW
GetDeviceCaps
GetStockObject
GetTextCharsetInfo
GetObjectW
CopyMetaFileW
CreateDCW
CreateBitmap
Escape
ExcludeClipRect
GetClipBox
OffsetWindowOrgEx

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegSetValueExW
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExW
RegEnumValueW

shell32

ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
SHGetFileInfoW
SHAppBarMessage
DragFinish
DragQueryFileW
SHChangeNotify

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW
PathAppendW
PathFindExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathFindFileNameW

uxtheme

DrawThemeParentBackground
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
IsAppThemed
DrawThemeText
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
GetWindowTheme
OpenThemeData

ole32

CoRegisterMessageFilter
CoRevokeClassObject
CoInitializeEx
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
RevokeDragDrop

oleaut32

VariantCopy
VarBstrFromDate
LoadTypeLi
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantChangeType
VariantClear
VariantInit
SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString
GetErrorInfo

oledlg

OleUIBusyW

gdiplus

GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDisposeImage

wsock32

htons
getsockopt
closesocket
__WSAFDIsSet
ntohs
connect
setsockopt
select
accept
htonl
WSASetLastError
WSAStartup
WSACleanup
getpeername
bind
socket
listen
inet_ntoa
recv
send
WSAGetLastError
ntohl
gethostname
sendto
getsockname
recvfrom

iphlpapi

GetAdaptersInfo

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertAddCertificateContextToStore
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain

ws2_32

WSAIoctl
getaddrinfo
freeaddrinfo

winmm

PlaySoundW

wldap32

ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord79
ord45
ord60
ord211
ord46
ord143
ord30
ord200
ord301
ord35

Exports

Exports

#u�)�<E��^;��ꇏz�T��/��i�[�?C�w�o|و�׃�44��PpW��T��&2��ŕ��W5�W�Xd��b�N�ō�y��0Õ�4s�/�9��T�u ��I�V��'�o��X�3��!� ��X��J�i+��μ|@<��5��K{�(�;aD��n�%��P�|NFG��\�u�5@�n5��Vg��A|��ݦ�� G�s�*��{�`��K��W��HHa/3��sE��ҤO�0A~Va_U,�#(�u��ai�a��5eqr��7а.A/6�\��&��6�J�;{w.�d�5X�v��[�m��{��+��<�d�k�� 1�ub�Cjp��{��<� ,�ᓬ��6�y� �ipG@#ߔ��E��/�+��Js��>�۫�y׶!OQ��|y�g|��d(&!<��X>R��J+�Fm�;K6L�%�NZ8#��p��=�1$��(�4ٙT��B\@�;�C��x0��J��,2�JfW�W�T熶�H��K�0|w��_��#E��r�x��JL]��~=�� a]��,Â��A w�̼z�ux�П��!�΋嶲�Ό�<�LW��b��<�f��*iT�Z4��_%�O>�&��'�1��>?�<kʛNb� �H�d`9J� �zH�X�O}Z#s�q~�\_I�e|1��t ��0/ϯ��'z�m��b�0�t�}��p��x7�j�r��C�� Wi/�KX�Ez�ّ�5F/�hB�1��=4rG�Iɜ�_n�J�Ǎ"�W�)�A2猕r�(��Eo�C�+��+��1�\��~o��!٭�@��wY�>��fA��H��l&Ue��0�m�a�M8p�ru�@`R�n3��x&��t�e��&�-�p5x�A.Ҡ� ��Ka��ui��~R��/��~�#6?g�w_�xkl %lτ�𜁌��*TC��װ�`�4�jpX/4�f��)v\��mv[*P�T��-ۡ��<�>��Qx1�x��#��ݼ��f+e�A�e�� |Q��<�Nъ=��RϺG�v��Q�;�[��P�!˸&�s�Rwr��k��P��d��br��V<a��xB'@�)ck��5{u�s�0�#��a��l�F@��œ�X��l��W�lYRw�G ��P83m��ڰt �V��t��%�_h?bfL�r�+��,Y�x�+^�n,�/i0��v�ia$Y!NE��b�Ű��/�%�!�� $�X Պ��.��r�� ^�PE ��aݾ��k^ܨtՒ+!+�c��q��\�Zc�D �͙��[��z`7�%Y� 0��{ ا3~�� rG�"g��c��Y})�,�¸A�qcS��D�$�Q��P��^� m b��"V��P./8jw!��d͚s��iU��<�^�I��Xa�a��[mx+��[�R6�#��0p�a�� Y��yH4� ��.�wF$��3��Z��8�1��}c�V�2\YW��8�O�Dl�P�̬�3�Q�@^��0�XSi5��C��!��R��Ƽ��%G,1��t��ŀws�<�nO�ݥZ��c��2�N5��=��x0�Jì�<�n�U�I�;!;?�� $@��Z��z&�8Sz�P+d�i�j�|��5#��Y=�fJv��쳮� *^nOy��/:��@n��K�a��Ml��fD��~��K.{ �ro��C�.Ec�+�e��dbA�� \��f `j��V�A��9V�#��wg�N��1�+F��<3G��޺��(M�_��vaij�>�0~��k��B��S�k��h��^��PE(��[sF��٦�֕-�U�5��M��*/ڄ�ܦq��PQ�q��t��a�$x*��pI�z��!DJ)}��p�f6q7��B�7�-��Zۏ�"�!D�5"1�1�N�C��(��xu?/�7��k�gM\Z&��Oo=q��U�h�Τ�L;��HxN\|�$�,Y��Ww��U��'�^�ga�ZwfM2]�>"��.*X�C�B�I�J,r1�"��WGW*P�ZIvc��,��àP�}杒h#�ԽG�J��@��-o�Cz�FJ.�=��6E��\9(��(dtc(�Lz�͠�zu�K�5ę *�.ৼ>�0r��{!]4֊�,��#<-N0J��k�H�y�[E�[� G>B�u+�?W�hG�ߔc� �t��Z)!�!l��f��xF0��f�٢��v)?Bv��|U��.��4լ-ڣ�s��~º)��,-�<`e��]��-�� 5xI��Q��3�2U�Zy��_�r�՞��}�836�΁5��7'L��$��Q��z�4V/�0�k��m8�jY��O�9s�[5`��Mc��dݒ`� B��L��0��P~M�R��>n��-��A"�`�;��ը��Q��m�.%��^��5_�E~��l�/�U��)��~�'*9�ŷ+�� j�{mz�'_��mFq�4r��I5y�g��j��B��2L�G,�')�7�ʾh��p��8��q�Ut��#P�v�Z�жbBJ|��&��pCxt�@�]�}��ߞ�C��j�A{,;F��Ӏ�s��ׂ��R�<9vꪹvyGb+��ȺNיqB�#�Z�K��$g�2�o#r�h ��%��K�Z�/�[)�(��oIj��p~�Bz�<��C�עV�32,e2[�U�'�=�Y�x�7��R5��[�?~�d�S�W�9ܧ3l״�$gAY��j}��_ ^?�} �Ӳ%�@�4��ՈN��`!�k��^��U@P4�W�*�J`�sS[ڂ��MM/�jx@e��>

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 718KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp1
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 297KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1091d28113a5866f9692a5bbe59d13c

Headers

DLL Characteristics

File Characteristics

Imports

onnxruntime

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

wsock32

iphlpapi

oleacc

imm32

crypt32

ws2_32

winmm

wldap32

Exports

Exports

Sections

.text Size: 5.2MB - Virtual size: 5.2MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 91KB - Virtual size: 718KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.vmp0 Size: 297KB - Virtual size: 296KB

.vmp1 Size: 77KB - Virtual size: 76KB

.reloc Size: 297KB - Virtual size: 297KB

.text
Size: 5.2MB - Virtual size: 5.2MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 91KB - Virtual size: 718KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.vmp0
Size: 297KB - Virtual size: 296KB

.vmp1
Size: 77KB - Virtual size: 76KB

.reloc
Size: 297KB - Virtual size: 297KB