409bd7d0416ebf63733cd6f8d0f05e86e81c002fabbf4cadc4270927aee8a073

Sharing

Copy URL

Twitter E-mail

General

Target

409bd7d0416ebf63733cd6f8d0f05e86e81c002fabbf4cadc4270927aee8a073
Size

500KB
MD5

d4867290169294c423ebd479338c79c5
SHA1

7985988b74e66ff2186ea94d095196b83846fce2
SHA256

409bd7d0416ebf63733cd6f8d0f05e86e81c002fabbf4cadc4270927aee8a073
SHA512

f8d6311b4efbebd7dfc9f7913129db56034fc2965458e663eac7b4e5928c8cec6fd27e89aba2e0c2f02eb5ed679eee1e8d8e6a4ff60000ec8a38eb178dc86036
SSDEEP

12288:7LHg6KLGIA58Z1qcIwAMs4aeWDemPU/r5rwZU3WmW3cdlxPiRKI9nXnr8GsSWRE:7LE1qbwACmPYxFWmWgxG8GsPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409bd7d0416ebf63733cd6f8d0f05e86e81c002fabbf4cadc4270927aee8a073

Files

409bd7d0416ebf63733cd6f8d0f05e86e81c002fabbf4cadc4270927aee8a073
.exe windows:5 windows x86 arch:x86

e5f5f1624b0a6dab68049fe6761c0eec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\docker\Documents\workspace\build-v2\common\hr_sysdiag-app-50\bin\HRUpdate.pdb

Imports

jansson

json_integer_value
json_object_get
json_delete
json_pack
json_object
json_object_set_new
json_integer
json_deep_copy
json_string
json_array
json_array_append_new
json_loads
json_array_insert_new
json_dumps
json_dumps_free
json_array_extend
json_object_size
json_array_get
json_array_size

kernel32

TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
RtlUnwind
WaitForSingleObjectEx
ResetEvent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetCommandLineA
GetStartupInfoW
VirtualAlloc
IsProcessorFeaturePresent
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
FlushInstructionCache
CompareStringW
IsDebuggerPresent
OutputDebugStringW
EncodePointer
GetTempFileNameW
RemoveDirectoryW
GetCommandLineW
ExitProcess
GetModuleHandleExW
VirtualFree
MoveFileExW
SetFileAttributesW
GetStringTypeW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetFileType
GetACP
GetStdHandle
SetFilePointer
lstrlenW
FlushFileBuffers
GetSystemDirectoryW
SetLastError
CreateProcessW
OpenEventW
LocalAlloc
GetModuleFileNameA
GetCurrentProcessId
CreateMutexW
LoadLibraryExW
lstrcmpiW
FreeLibrary
GetCurrentThreadId
SetCurrentDirectoryW
GetModuleFileNameW
GetUserDefaultUILanguage
CreateEventW
CreateThread
WaitForMultipleObjects
SetEvent
TerminateThread
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
GetVersionExW
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
TerminateProcess
Process32NextW
Process32FirstW
Module32NextW
Module32FirstW
CreateToolhelp32Snapshot
LoadLibraryW
SystemTimeToTzSpecificLocalTime
GetLocalTime
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
GetFileAttributesW
LoadLibraryA
GetVersion
GetModuleHandleA
GetTickCount
InterlockedIncrement
DeleteCriticalSection
LocalFree
Sleep
OpenProcess
InitializeCriticalSection
LeaveCriticalSection
GetCurrentProcess
GetLongPathNameW
EnterCriticalSection
InterlockedExchange
DeviceIoControl
CreateFileA
GetSystemDirectoryA
MultiByteToWideChar
GetSystemDefaultLangID
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
InterlockedDecrement
GetNativeSystemInfo
GetWindowsDirectoryW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetFileSize
WriteFile
ReadFile
GetLastError
GetModuleHandleW
GetProcAddress
CreateFileW
CloseHandle
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
SetEndOfFile
ReadConsoleW
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
LCMapStringW

user32

GetSystemMetrics
UnregisterClassW
DefWindowProcW
GetClientRect
SetWindowPos
GetWindowThreadProcessId
GetWindowRect
IsWindowVisible
GetParent
ExitWindowsEx
GetForegroundWindow
EnumThreadWindows
EnumChildWindows
IntersectRect
SendMessageW
LoadImageW
MoveWindow
FlashWindow
LoadCursorW
GetClassInfoExW
RegisterClassExW
CreateWindowExW
EnableWindow
SetFocus
PostQuitMessage
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetWindow
MapWindowPoints
DestroyWindow
SendMessageTimeoutW
CharNextW
CallWindowProcW
SetWindowRgn
SetWindowLongW
OffsetRect
CopyRect
MonitorFromWindow
GetMonitorInfoW
IsZoomed
GetWindowLongW
ScreenToClient
IsChild
KillTimer
FindWindowW
IsWindow
IsIconic
SetForegroundWindow
PostMessageW
SetTimer
ShowWindow

gdi32

GetObjectType
DeleteObject
CreateRoundRectRgn

advapi32

RegEnumKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
GetTokenInformation
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
QueryServiceConfigW
StartServiceW
OpenSCManagerW
CloseServiceHandle
QueryServiceStatus
CreateServiceW
CheckTokenMembership
CreateWellKnownSid
DuplicateToken
RegDeleteKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
GetSidSubAuthority
FreeSid
AllocateAndInitializeSid
OpenServiceW

shell32

SHGetSpecialFolderPathA
ShellExecuteExW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

oleaut32

VarUI4FromStr
VariantClear
VariantInit
SysFreeString
SysAllocString

hipsdb

ord9
ord13

comctl32

InitCommonControlsEx

libcurl

curl_easy_perform
curl_easy_cleanup
curl_easy_setopt
curl_easy_init

libxsse

ord30
ord10

gdiplus

GdipCreatePen2
GdipDeletePen
GdipSetPenMode
GdipSetPenStartCap
GdipCreatePath
GdipDeletePath
ord1
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDeleteBrush
GdipSetPenEndCap
GdipCreateLineBrush
GdipTranslateWorldTransform
GdipRotateWorldTransform
GdipDrawPath
GdipResetWorldTransform
GdipFillEllipseI
GdipCreateSolidFill

duilib

?Invalidate@CControlUI@DuiLib@@QAEXXZ
?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?GetInstance@CPaintManagerUI@DuiLib@@SAPAUHINSTANCE__@@XZ
?GetDPIAwareness@CDPI@DuiLib@@SA?AW4PROCESS_DPI_AWARENESS@@XZ
?GetDPIOfMonitorNearestToPoint@CDPI@DuiLib@@SAHUtagPOINT@@@Z
?GetMainMonitorDPI@CDPI@DuiLib@@SAHPAUHWND__@@@Z
?SetDPIAwareness@CDPI@DuiLib@@SAHW4PROCESS_DPI_AWARENESS@@@Z
?SelectTable@CTranslateManager@DuiLib@@QAE_NPB_W@Z
?SetDefaultTable@CTranslateManager@DuiLib@@QAE_NPB_W@Z
?GetTranslateManager@CPaintManagerUI@DuiLib@@SAAAVCTranslateManager@2@XZ
?LoadTable@CTranslateManager@DuiLib@@QAEHVSTRINGorID@2@PB_W1@Z
?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPB_W_N@Z
?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ
?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPB_W@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?GetRoundCorner@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?GetCaptionRect@CPaintManagerUI@DuiLib@@QAE?AUtagRECT@@XZ
?GetSizeBox@CPaintManagerUI@DuiLib@@QAE?AUtagRECT@@XZ
?GetMinInfo@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?GetMaxInfo@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?GetScale@CDPI@DuiLib@@QAEIXZ
?GetDPIFix@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@H@Z
?GetDPIObj@CPaintManagerUI@DuiLib@@QAEPAVCDPI@2@XZ
?GetInitSize@CPaintManagerUI@DuiLib@@QAE?AUtagSIZE@@XZ
?AddNotifier@CPaintManagerUI@DuiLib@@QAE_NPAVINotifyUI@2@@Z
?AttachDialog@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@@Z
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?Init@CPaintManagerUI@DuiLib@@QAEXPAUHWND__@@@Z
??1CDialogBuilder@DuiLib@@QAE@XZ
??0CDialogBuilder@DuiLib@@QAE@XZ
?ReapObjects@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?GetRoot@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@XZ
??0CControlUI@DuiLib@@QAE@XZ
?SetAccSerMouseCtrl@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@@Z
?IsEnableAccSerHitTest@CPaintManagerUI@DuiLib@@QBE_NXZ
?PreMessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
?TranslateAcceleratorW@CPaintManagerUI@DuiLib@@QAE_NPAUtagMSG@@@Z
?MessageHandler@CPaintManagerUI@DuiLib@@QAE_NIIJAAJ@Z
??1CDuiString@DuiLib@@QAE@XZ
?StringFormat@CControlUI@DuiLib@@QAAXPB_WZZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
??1CPaintManagerUI@DuiLib@@QAE@XZ
??0CPaintManagerUI@DuiLib@@QAE@XZ
??BCDuiString@DuiLib@@QBEPB_WXZ
?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z
?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ
?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetText@CControlUI@DuiLib@@UAEXPB_W@Z
?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ
?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@_N@Z
?GetWidth@CControlUI@DuiLib@@UBEHXZ
?GetHeight@CControlUI@DuiLib@@UBEHXZ
?GetX@CControlUI@DuiLib@@UBEHXZ
?GetY@CControlUI@DuiLib@@UBEHXZ
?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z
?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ
?Scale@CDPI@DuiLib@@QAEHH@Z
?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ
?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinWidth@CControlUI@DuiLib@@UBEHXZ
?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ
?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z
?GetMinHeight@CControlUI@DuiLib@@UBEHXZ
?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z
?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ
?GetAccCtrlFromPoint@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@ABUtagPOINT@@@Z
??1CControlUI@DuiLib@@UAE@XZ
?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z
?GetFloatPercent@CControlUI@DuiLib@@UBE?AUtagTPercentInfo@2@XZ
?SetFloatPercent@CControlUI@DuiLib@@UAEXUtagTPercentInfo@2@@Z
?ResetPos@CControlUI@DuiLib@@UAEXXZ
?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?SetToolTip@CControlUI@DuiLib@@UAEXPB_W@Z
?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z
?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ
?GetShortcut@CControlUI@DuiLib@@UBE_WXZ
?SetShortcut@CControlUI@DuiLib@@UAEX_W@Z
?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ
?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z
?SetAttribute@CControlUI@DuiLib@@UAEXPB_W0@Z
?SetTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@II@Z
?KillTimer@CPaintManagerUI@DuiLib@@QAE_NPAVCControlUI@2@I@Z
??0CProgressUI@DuiLib@@QAE@XZ
?GetInterface@CProgressUI@DuiLib@@UAEPAXPB_W@Z
?SetAttribute@CProgressUI@DuiLib@@UAEXPB_W0@Z
?Scale@CDPI@DuiLib@@QAEXPAUtagSIZE@@@Z
?Scale@CDPI@DuiLib@@QAEXPAUtagRECT@@@Z
??0CRenderClip@DuiLib@@QAE@XZ
??1CRenderClip@DuiLib@@QAE@XZ
?GenerateRoundClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@1HHAAV12@@Z
?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintText@CLabelUI@DuiLib@@UAEXPAUHDC__@@@Z
?GenerateClip@CRenderClip@DuiLib@@SAXPAUHDC__@@UtagRECT@@AAV12@@Z
??1CProgressUI@DuiLib@@UAE@XZ
?GetAccSerName@CProgressUI@DuiLib@@UBE?AVCDuiString@2@_N@Z
?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?DoEvent@CLabelUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?GetText@CLabelUI@DuiLib@@UBE?AVCDuiString@2@XZ
?HandleCursorMessage@CControlUI@DuiLib@@UBE_NABUtagPOINT@@@Z
?GetControlData@CControlUI@DuiLib@@UAE_NPAPAX@Z
?FindAccSerChildByPt@CControlUI@DuiLib@@UAEPAV12@ABUtagPOINT@@@Z
?GetAccSerState@CControlUI@DuiLib@@UBEJXZ
?GetAccSerName@CControlUI@DuiLib@@UBE?AVCDuiString@2@_N@Z
?SetAccSerInfo@CControlUI@DuiLib@@UAEXPAUtagTAccessibleServerInfo@2@@Z
?FindFirstAccSerCtrl@CControlUI@DuiLib@@UAEPAV12@XZ
?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z
?DoPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z
?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z
?SetAttributeList@CControlUI@DuiLib@@UAEXPB_W@Z
?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z
?DoInit@CControlUI@DuiLib@@UAEXXZ
?Init@CControlUI@DuiLib@@UAEXXZ
?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z
?SetFloat@CControlUI@DuiLib@@UAEX_N@Z
?IsFloat@CControlUI@DuiLib@@UBE_NXZ
?IsFocused@CControlUI@DuiLib@@UBE_NXZ
?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z
?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ
?IsEnabled@CControlUI@DuiLib@@UBE_NXZ
?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z
?IsVisible@CControlUI@DuiLib@@UBE_NXZ
?SetTag@CControlUI@DuiLib@@UAEXI@Z
?GetTag@CControlUI@DuiLib@@UBEIXZ
?SetUserData@CControlUI@DuiLib@@UAEXPB_W@Z
?PaintStatusImage@CProgressUI@DuiLib@@UAEXPAUHDC__@@@Z
?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ
?SelectItem@CTabLayoutUI@DuiLib@@QAE_NH_N@Z
?SetText@CLabelUI@DuiLib@@UAEXPB_W@Z
?GetItem@CTranslateManager@DuiLib@@QAE?AVCDuiString@2@PB_W0@Z
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PB_W@Z
?SetVisible@CControlUI@DuiLib@@UAEX_N@Z
?GetCurSel@CTabLayoutUI@DuiLib@@QBEHXZ
?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z
?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ
?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ
?ScaleBack@CDPI@DuiLib@@QAEHH@Z
?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ
??0CDuiString@DuiLib@@QAE@XZ
??4CDuiString@DuiLib@@QAEABV01@ABV01@@Z
?IsEmpty@CDuiString@DuiLib@@QBE_NXZ
?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z
?GetMaxValue@CProgressUI@DuiLib@@QBEHXZ
?GetValue@CProgressUI@DuiLib@@QBEHXZ
?SetValue@CProgressUI@DuiLib@@QAEXH@Z
?FindSubControlByName@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PAV32@PB_W@Z
?GetMinValue@CProgressUI@DuiLib@@QBEHXZ
?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ
?GetLinkContent@CTextUI@DuiLib@@QAEPAVCDuiString@2@H@Z
??8CDuiString@DuiLib@@QBE_NPB_W@Z
?SetMaxValue@CProgressUI@DuiLib@@QAEXH@Z
?SetNextTabControl@CPaintManagerUI@DuiLib@@QAE_N_N@Z
?SetFocus@CControlUI@DuiLib@@UAEXXZ
?SetName@CControlUI@DuiLib@@UAEXPB_W@Z
?GetInterface@CControlUI@DuiLib@@UAEPAXPB_W@Z
?GetControlFlags@CControlUI@DuiLib@@UBEIXZ
?Activate@CControlUI@DuiLib@@UAE_NXZ
?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z

upgrade

ord13
ord4
ord2
ord5
ord14
ord15
ord11
ord6
ord9
ord8
ord7
ord10
ord16
ord12
ord1

hrcomm

CreateLPCClient

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameW

selfprot

disable_msg_inject

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5f5f1624b0a6dab68049fe6761c0eec

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jansson

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

hipsdb

comctl32

libcurl

libxsse

gdiplus

duilib

upgrade

hrcomm

iphlpapi

psapi

selfprot

version

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 9KB - Virtual size: 32KB

.gfids Size: 512B - Virtual size: 388B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 85KB - Virtual size: 88KB

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 9KB - Virtual size: 32KB

.gfids
Size: 512B - Virtual size: 388B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 85KB - Virtual size: 88KB