Setupv2[.]5[.]1[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Setupv2.5.1.zip
Size

11.3MB
MD5

fb713cd74363ef0b0286eb324366a9a3
SHA1

ea60b2584670603dc2f636ce63f6d89067058bb1
SHA256

b84757f61afe1e60e646e29163c32db9c4ca4317f52b2e0382f3f0a740677c57
SHA512

61df7b381911976e338ab28a840e726a81c78fb5a90442dbe2fa1f0246d1baab6e1347f6d25219eff6c8f210b151063e063b35df40d956ac1bee43dca300402c
SSDEEP

196608:6VeNNPpzsmrE2ThOuylSnmy4Q7ThGYscCn5YV7MBe6qA816z0g1l0IlFAass0pMM:6wHzsmlyknmO7TqcC5YVgY4zB0IlFUCM

Score

7^/10

Malware Config

Signatures

.NET Reactor proctector 1 IoCs

Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

resource	yara_rule
static1/unpack001/Setup/Setup.exe	net_reactor

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup/Setup.exe
unpack001/Setup/desktop_drop_plugin.dll
unpack001/Setup/flutter_windows.dll
unpack001/Setup/url_launcher_windows_plugin.dll
unpack001/Setup/window_size_plugin.dll

Files

Setupv2.5.1.zip
.zip
Setup/Setup.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bss
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Setup/data/app.so
.elf linux x64
Setup/data/flutter_assets/AssetManifest.bin
Setup/data/flutter_assets/AssetManifest.json
Setup/data/flutter_assets/FontManifest.json
Setup/data/flutter_assets/NOTICES.Z
.gz
NOTICES.Z
Setup/data/flutter_assets/fonts/MaterialIcons-Regular.otf
Setup/data/flutter_assets/shaders/ink_sparkle.frag
Setup/data/icudtl.dat
Setup/desktop_drop_plugin.dll
.dll windows:6 windows x64 arch:x64

9f2cfaadb7f66ae5e23f7abc00c33fd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopMessengerUnlock
FlutterDesktopViewGetHWND
FlutterDesktopPluginRegistrarGetView
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSetCallback
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopPluginRegistrarSetDestructionHandler
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
GlobalUnlock
GlobalLock
WideCharToMultiByte
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable

user32

ScreenToClient

shell32

DragQueryFileW

ole32

OleUninitialize
RegisterDragDrop
RevokeDragDrop
ReleaseStgMedium
OleInitialize

msvcp140

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xbad_function_call@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xlength_error@std@@YAXPEBD@Z
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_terminate
__std_exception_copy
memcpy
memmove
memset
__std_type_info_compare
memcmp
__current_exception
__current_exception_context
__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

terminate
_invoke_watson
_invalid_parameter_noinfo_noreturn
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

Exports

Exports

DesktopDropPluginRegisterWithRegistrar

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/flutter_windows.dll
.dll windows:5 windows x64 arch:x64

f16eaa62b5f6fcb0acaa62efb5c21eb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\b\s\w\ir\cache\builder\src\out\ci\host_release\flutter_windows.dll.pdb

Imports

advapi32

RegOpenKeyExW
RegCloseKey
RegGetValueW
RegNotifyChangeKeyValue
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW

iphlpapi

GetAdaptersAddresses

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

oleaut32

SysFreeString
SysStringLen
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayGetDim
LoadTypeLi
SafeArrayGetUBound
VariantCopy
SafeArrayGetVartype
VarUI4FromStr
VariantClear
LoadRegTypeLi
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysAllocStringLen
VariantInit
VarBstrCmp

psapi

GetProcessMemoryInfo
EnumProcessModules

shlwapi

PathIsRelativeW
PathCreateFromUrlW
UrlIsW

rpcrt4

UuidCreateSequential
UuidToStringW
RpcStringFreeW

winmm

timeBeginPeriod
timeEndPeriod

ws2_32

getsockopt
ioctlsocket
freeaddrinfo
socket
getaddrinfo
closesocket
shutdown
connect
setsockopt
recv
send
WSAGetLastError
WSASetLastError
WSARecv
WSASendTo
WSARecvFrom
WSAIoctl
GetHostNameW
htons
ntohs
WSAAddressToStringW
WSAStartup
getsockname
getpeername
getnameinfo
InetPtonW
InetNtopW
bind
WSASend
WSASocketW
listen

imm32

ImmGetCompositionStringW
ImmReleaseContext
ImmSetCompositionWindow
ImmSetCompositionStringW
ImmNotifyIME
ImmGetContext
ImmSetCandidateWindow

user32

PostMessageW
GetSysColor
SetClipboardData
EmptyClipboard
GetClipboardData
GetClassInfoW
OpenClipboard
CloseClipboard
MessageBeep
GetKeyState
CloseTouchInputHandle
GetTouchInputInfo
DestroyCaret
ReleaseCapture
CreateCaret
SetCapture
GetMessageExtraInfo
DefWindowProcW
RegisterTouchWindow
SetWindowLongPtrW
SendMessageW
MapVirtualKeyW
PeekMessageW
KillTimer
GetWindowLongPtrW
TrackMouseEvent
ScreenToClient
GetCursorPos
SetCursor
DestroyWindow
SetTimer
SetUserObjectInformationA
CreateWindowExW
LoadCursorW
SystemParametersInfoW
ClientToScreen
MonitorFromPoint
MonitorFromWindow
UnregisterClassW
CreateIconIndirect
ReleaseDC
GetDC
GetClientRect
WindowFromDC
GetWindowThreadProcessId
IsIconic
InvalidateRect
CreateWindowExA
GetFocus
SetCaretPos
PostQuitMessage
EnumThreadWindows
GetParent
CharNextW
NotifyWinEvent
UnregisterClassA
RegisterClassW
IsWindow
IsClipboardFormatAvailable

opengl32

wglGetProcAddress
wglGetCurrentContext

bcrypt

BCryptGenRandom

api-ms-win-core-path-l1-1-0

PathCchCombineEx
PathCchRemoveFileSpec
PathAllocCanonicalize

ntdll

RtlAddGrowableFunctionTable
VerSetConditionMask
RtlDeleteGrowableFunctionTable
RtlUnwind
RtlUnwindEx

oleacc

LresultFromObject

uiautomationcore

UiaRaiseAutomationEvent
UiaRaiseAutomationPropertyChangedEvent
UiaGetReservedNotSupportedValue
UiaGetReservedMixedAttributeValue
UiaHostProviderFromHwnd

propsys

VariantCompare

dxgi

CreateDXGIFactory1
CreateDXGIFactory

gdi32

GetDeviceCaps
DeleteDC
SetPixel
GetPixel
SelectObject
PatBlt
GetObjectW
CreateCompatibleDC
CreateDIBSection
DeleteObject
GetPixelFormat
CreateCompatibleBitmap
ChoosePixelFormat
SetPixelFormat
DescribePixelFormat
SwapBuffers
SetDIBitsToDevice

d3d9

Direct3DCreate9
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
D3DPERF_BeginEvent

kernel32

TzSpecificLocalTimeToSystemTime
GetCPInfo
CompareStringEx
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
LCMapStringEx
InitializeCriticalSectionEx
EncodePointer
RtlPcToFileHeader
GetStringTypeW
InitOnceComplete
InitOnceBeginInitialize
GetExitCodeThread
SwitchToThread
GetFileInformationByHandleEx
AreFileApisANSI
FindFirstFileExW
GetStartupInfoW
IsProcessorFeaturePresent
ReadConsoleW
HeapSize
PeekNamedPipe
GetDriveTypeW
InterlockedPushEntrySList
InterlockedFlushSList
CreateThread
ExitThread
SystemTimeToFileTime
HeapFree
HeapAlloc
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetEnvironmentVariableW
SetEnvironmentVariableW
GetTempFileNameA
GetTempPathA
GetModuleHandleExW
GetFileAttributesExW
GetModuleHandleExA
GetModuleHandleA
LocaleNameToLCID
SizeofResource
LoadResource
FindResourceW
GetTimeZoneInformationForYear
VirtualQuery
OpenThread
TlsFree
CreatePipe
SetEvent
WakeAllConditionVariable
WakeConditionVariable
SleepConditionVariableSRW
InitializeConditionVariable
TryAcquireSRWLockExclusive
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
SetFileTime
DeviceIoControl
MoveFileW
CopyFileExW
CreateSymbolicLinkW
GetFullPathNameW
UnlockFileEx
LockFileEx
VirtualFree
VirtualProtect
SetFilePointerEx
VirtualAlloc
SetFileAttributesW
MoveFileExW
GetConsoleScreenBufferInfo
GetExitCodeProcess
CreateNamedPipeW
TerminateProcess
OpenProcess
WaitForMultipleObjects
CreateProcessW
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
DeleteProcThreadAttributeList
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetUserDefaultLocaleName
GetSystemInfo
SetUnhandledExceptionFilter
SetCurrentDirectoryW
GetCurrentDirectoryW
GetQueuedCompletionStatus
ReadDirectoryChangesW
WriteFile
PostQueuedCompletionStatus
GetFileType
CancelIoEx
CreateIoCompletionPort
SetStdHandle
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetProcessHeap
GetCommandLineA
lstrcmpiW
FreeLibraryAndExitThread
UnhandledExceptionFilter
SetConsoleMode
GetConsoleMode
GetStdHandle
SetConsoleCP
SetConsoleOutputCP
InitializeCriticalSectionAndSpinCount
GetLastError
FormatMessageW
DecodePointer
DeleteCriticalSection
LoadLibraryA
GetProcAddress
CreateEventW
RegisterWaitForSingleObject
ResetEvent
UnregisterWait
CloseHandle
OutputDebugStringW
LocalFree
GetCurrentProcess
GetModuleHandleW
GetCurrentThread
SetThreadPriority
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetLocaleInfoEx
GetCurrentThreadId
GetCurrentProcessId
CreateToolhelp32Snapshot
Thread32Next
Thread32First
FormatMessageA
GetThreadPreferredUILanguages
CreateSemaphoreW
WaitForSingleObject
ReleaseSemaphore
WaitForSingleObjectEx
RaiseException
GetCommandLineW
WideCharToMultiByte
GetTempPathW
CreateDirectoryW
CreateFileW
DuplicateHandle
GetFileInformationByHandle
GetFileAttributesW
RemoveDirectoryW
DeleteFileW
SetFilePointer
SetEndOfFile
FlushViewOfFile
FlushFileBuffers
FindFirstFileW
FindNextFileW
FindClose
GetFinalPathNameByHandleW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateWaitableTimerW
VerifyVersionInfoW
SetWaitableTimer
LoadLibraryW
FreeLibrary
GetModuleFileNameW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
CreateFileA
IsDebuggerPresent
GetNativeSystemInfo
LoadLibraryExW
MultiByteToWideChar
GetFileSizeEx
ReadFile
OutputDebugStringA
LoadLibraryExA
InitOnceExecuteOnce
InitializeSRWLock
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
TlsGetValue
TlsAlloc
SetLastError
TlsSetValue
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetFinalPathNameByHandleA
SetConsoleCtrlHandler
GetConsoleOutputCP
WriteConsoleW

crypt32

CertFreeCertificateContext
CertEnumCertificatesInStore
CertOpenStore
CertCloseStore

Exports

Exports

FlutterDesktopEngineCreate
FlutterDesktopEngineCreateViewController
FlutterDesktopEngineDestroy
FlutterDesktopEngineGetMessenger
FlutterDesktopEngineGetPluginRegistrar
FlutterDesktopEngineGetTextureRegistrar
FlutterDesktopEngineProcessExternalWindowMessage
FlutterDesktopEngineProcessMessages
FlutterDesktopEngineRegisterPlatformViewType
FlutterDesktopEngineReloadSystemFonts
FlutterDesktopEngineRun
FlutterDesktopEngineSetNextFrameCallback
FlutterDesktopGetDpiForHWND
FlutterDesktopGetDpiForMonitor
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerLock
FlutterDesktopMessengerRelease
FlutterDesktopMessengerSend
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerUnlock
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarGetViewById
FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarSetDestructionHandler
FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopResyncOutputStreams
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopViewControllerCreate
FlutterDesktopViewControllerDestroy
FlutterDesktopViewControllerForceRedraw
FlutterDesktopViewControllerGetEngine
FlutterDesktopViewControllerGetView
FlutterDesktopViewControllerGetViewId
FlutterDesktopViewControllerHandleTopLevelWindowProc
FlutterDesktopViewGetGraphicsAdapter
FlutterDesktopViewGetHWND
InternalFlutterGpu_CommandBuffer_Initialize
InternalFlutterGpu_CommandBuffer_Submit
InternalFlutterGpu_Context_GetDefaultColorFormat
InternalFlutterGpu_Context_GetDefaultDepthStencilFormat
InternalFlutterGpu_Context_GetDefaultStencilFormat
InternalFlutterGpu_Context_GetMinimumUniformByteAlignment
InternalFlutterGpu_Context_InitializeDefault
InternalFlutterGpu_DeviceBuffer_Flush
InternalFlutterGpu_DeviceBuffer_Initialize
InternalFlutterGpu_DeviceBuffer_InitializeWithHostData
InternalFlutterGpu_DeviceBuffer_Overwrite
InternalFlutterGpu_HostBuffer_EmplaceBytes
InternalFlutterGpu_HostBuffer_Initialize
InternalFlutterGpu_RenderPass_Begin
InternalFlutterGpu_RenderPass_BindIndexBufferDevice
InternalFlutterGpu_RenderPass_BindIndexBufferHost
InternalFlutterGpu_RenderPass_BindPipeline
InternalFlutterGpu_RenderPass_BindTexture
InternalFlutterGpu_RenderPass_BindUniformDevice
InternalFlutterGpu_RenderPass_BindUniformHost
InternalFlutterGpu_RenderPass_BindVertexBufferDevice
InternalFlutterGpu_RenderPass_BindVertexBufferHost
InternalFlutterGpu_RenderPass_ClearBindings
InternalFlutterGpu_RenderPass_Draw
InternalFlutterGpu_RenderPass_Initialize
InternalFlutterGpu_RenderPass_SetColorAttachment
InternalFlutterGpu_RenderPass_SetColorBlendEnable
InternalFlutterGpu_RenderPass_SetColorBlendEquation
InternalFlutterGpu_RenderPass_SetCullMode
InternalFlutterGpu_RenderPass_SetDepthCompareOperation
InternalFlutterGpu_RenderPass_SetDepthStencilAttachment
InternalFlutterGpu_RenderPass_SetDepthWriteEnable
InternalFlutterGpu_RenderPass_SetPrimitiveType
InternalFlutterGpu_RenderPass_SetStencilConfig
InternalFlutterGpu_RenderPass_SetStencilReference
InternalFlutterGpu_RenderPass_SetWindingOrder
InternalFlutterGpu_RenderPipeline_Initialize
InternalFlutterGpu_ShaderLibrary_GetShader
InternalFlutterGpu_ShaderLibrary_InitializeWithAsset
InternalFlutterGpu_Shader_GetUniformMemberOffset
InternalFlutterGpu_Shader_GetUniformStructSize
InternalFlutterGpu_Texture_AsImage
InternalFlutterGpu_Texture_BytesPerTexel
InternalFlutterGpu_Texture_Initialize
InternalFlutterGpu_Texture_Overwrite
InternalFlutterGpu_Texture_SetCoordinateSystem

Sections

.text
Size: 13.5MB - Virtual size: 13.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 377KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/url_launcher_windows_plugin.dll
.dll windows:6 windows x64 arch:x64

63be31e64c3cb61abeaf476ebd416c01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

shlwapi

UrlUnescapeA

flutter_windows

FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarSetDestructionHandler
FlutterDesktopMessengerSetCallback

kernel32

GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
GetCurrentThreadId
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
MultiByteToWideChar
GetSystemTimeAsFileTime
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DisableThreadLibraryCalls
UnhandledExceptionFilter
InitializeSListHead

shell32

ShellExecuteW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

msvcp140

?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xbad_function_call@std@@YAXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

vcruntime140

_CxxThrowException
memcpy
memmove
_purecall
memchr
memcmp
memset
__std_type_info_compare
__current_exception
__current_exception_context
__C_specific_handler
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__std_terminate

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_cexit
_initterm
_initterm_e
_configure_narrow_argv
_seh_filter_dll
_crt_atexit
terminate
_invoke_watson
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Exports

Exports

UrlLauncherWindowsRegisterWithRegistrar

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/window_size_plugin.dll
.dll windows:6 windows x64 arch:x64

e450d7e794146e131b541e015245ff17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

flutter_windows

FlutterDesktopViewGetHWND
FlutterDesktopRegistrarGetTextureRegistrar
FlutterDesktopPluginRegistrarGetMessenger
FlutterDesktopTextureRegistrarMarkExternalTextureFrameAvailable
FlutterDesktopTextureRegistrarUnregisterExternalTexture
FlutterDesktopTextureRegistrarRegisterExternalTexture
FlutterDesktopMessengerUnlock
FlutterDesktopMessengerLock
FlutterDesktopMessengerIsAvailable
FlutterDesktopMessengerRelease
FlutterDesktopMessengerAddRef
FlutterDesktopMessengerSetCallback
FlutterDesktopMessengerSendResponse
FlutterDesktopMessengerSendWithReply
FlutterDesktopMessengerSend
FlutterDesktopGetDpiForMonitor
FlutterDesktopGetDpiForHWND
FlutterDesktopPluginRegistrarUnregisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarRegisterTopLevelWindowProcDelegate
FlutterDesktopPluginRegistrarGetView
FlutterDesktopPluginRegistrarSetDestructionHandler

user32

GetAncestor
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
GetWindowRect
SetWindowTextW
SetWindowPos
ShowWindow

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Xbad_function_call@std@@YAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Xlength_error@std@@YAXPEBD@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??Bid@locale@std@@QEAA_KXZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?flags@ios_base@std@@QEBAHXZ
?width@ios_base@std@@QEBA_JXZ
?width@ios_base@std@@QEAA_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

vcruntime140

__std_terminate
__std_type_info_destroy_list
memcmp
memcpy
memmove
__std_type_info_compare
memset
__current_exception
__current_exception_context
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm
_initterm_e
_invoke_watson
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_invalid_parameter_noinfo_noreturn
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

kernel32

TerminateProcess
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive

Exports

Exports

WindowSizePluginRegisterWithRegistrar

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 33KB - Virtual size: 33KB

.rsrc Size: 1024B - Virtual size: 578B

.reloc Size: 512B - Virtual size: 12B

.bss Size: 323KB - Virtual size: 323KB

9f2cfaadb7f66ae5e23f7abc00c33fd8

Headers

DLL Characteristics

File Characteristics

Imports

flutter_windows

kernel32

user32

shell32

ole32

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 52KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 3KB - Virtual size: 4KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 384B

f16eaa62b5f6fcb0acaa62efb5c21eb6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

iphlpapi

ole32

oleaut32

psapi

shlwapi

rpcrt4

winmm

ws2_32

imm32

user32

opengl32

bcrypt

api-ms-win-core-path-l1-1-0

ntdll

oleacc

uiautomationcore

propsys

dxgi

gdi32

d3d9

kernel32

crypt32

Exports

Exports

Sections

.text Size: 13.5MB - Virtual size: 13.5MB

.rdata Size: 2.9MB - Virtual size: 2.9MB

.data Size: 377KB - Virtual size: 463KB

.pdata Size: 461KB - Virtual size: 460KB

_RDATA Size: 512B - Virtual size: 348B

.reloc Size: 136KB - Virtual size: 135KB

63be31e64c3cb61abeaf476ebd416c01

Headers

.text
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 1024B - Virtual size: 578B

.reloc
Size: 512B - Virtual size: 12B

.bss
Size: 323KB - Virtual size: 323KB

.text
Size: 53KB - Virtual size: 52KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 384B

.text
Size: 13.5MB - Virtual size: 13.5MB

.rdata
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 377KB - Virtual size: 463KB

.pdata
Size: 461KB - Virtual size: 460KB

_RDATA
Size: 512B - Virtual size: 348B

.reloc
Size: 136KB - Virtual size: 135KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 5KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 448B

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 5KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 400B