Extracted

• d1be53864dd8a1d0c69694ab7d0d3be1b67cd84093e8c5b2929b5f1db0bfbb40

  .exe windows:1 windows x86 arch:x86

  26babd76bbb7f9c516a338b0601b4c9f

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  wsock32

  WSAGetLastError

  WSAStartup

  __WSAFDIsSet

  accept

  bind

  closesocket

  connect

  gethostbyname

  htonl

  htons

  inet_addr

  ioctlsocket

  listen

  recv

  select

  send

  socket

  ole32

  CoCreateInstance

  CLSIDFromString

  CoTaskMemFree

  CoInitialize

  CoUninitialize

  oleaut32

  SysAllocString

  wininet

  DeleteUrlCacheEntry

  FindFirstUrlCacheEntryA

  FindNextUrlCacheEntryA

  kernel32

  ExitProcess

  ExitThread

  ExpandEnvironmentStringsA

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindClose

  FindFirstFileA

  FindNextFileA

  FreeLibrary

  GetCommandLineA

  GetCurrentProcessId

  GetCurrentThreadId

  GetExitCodeProcess

  GetExitCodeThread

  GetFileAttributesA

  GetFileSize

  GetFileTime

  GetLocalTime

  GetModuleFileNameA

  GetModuleHandleA

  CloseHandle

  GetProcAddress

  GetSystemDirectoryA

  GetTempPathA

  GetTickCount

  GetTimeZoneInformation

  GetVersion

  GetVersionExA

  GetWindowsDirectoryA

  GlobalMemoryStatus

  CopyFileA

  InterlockedIncrement

  IsBadReadPtr

  IsBadWritePtr

  LoadLibraryA

  CreateDirectoryA

  LocalAlloc

  LocalFree

  OpenFile

  OpenMutexA

  OpenProcess

  PeekNamedPipe

  CreateFileA

  ReadFile

  RemoveDirectoryA

  RtlUnwind

  SetFileAttributesA

  SetFilePointer

  CreateMutexA

  Sleep

  TerminateProcess

  TerminateThread

  CreatePipe

  VirtualQuery

  CreateProcessA

  WaitForSingleObject

  WideCharToMultiByte

  WinExec

  WriteFile

  lstrlenA

  lstrlenW

  CreateThread

  DeleteFileA

  user32

  GetWindowTextA

  GetWindowRect

  FindWindowA

  GetWindow

  IsWindowVisible

  GetClassNameA

  GetForegroundWindow

  LoadCursorA

  SetTimer

  KillTimer

  RegisterClassA

  GetMessageA

  CreateDesktopA

  SetThreadDesktop

  GetThreadDesktop

  TranslateMessage

  DispatchMessageA

  SendMessageA

  CharUpperBuffA

  OemToCharA

  PostQuitMessage

  ShowWindow

  CreateWindowExA

  DestroyWindow

  DefWindowProcA

  gdi32

  GetStockObject

  DeleteObject

  advapi32

  RegCreateKeyExA

  RegCloseKey

  RegOpenKeyExA

  RegQueryValueExA

  RegSetValueExA

  GetSecurityInfo

  SetSecurityInfo

  SetEntriesInAclA

  crtdll

  _itoa

  __GetMainArgs

  _sleep

  _strcmpi

  _stricmp

  atoi

  exit

  memcpy

  memset

  raise

  rand

  signal

  sprintf

  srand

  sscanf

  strcat

  strchr

  strncmp

  Sections

  .text

  Size: 45KB - Virtual size: 45KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .bss

  Size: - Virtual size: 122KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .ajelhf

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ