General

Malware Config

Signatures

Files

• dde34f614758e4d68e6732f7de0c9e210e6e8d56d65aae0f2cb1ee5d953d587c

  .exe windows:5 windows x86 arch:x86

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Exports

  Exports

  �@��w�\C�a� k���=�|[R�{����< �$�H�H�u��nn��83J�,�>몳b��is<��s��=�q_l 2Ws��p�x�1��}��K�!�}�%�Iu�ׁhn���.�e�گ���� ,k�����^�r�̱u?%I������8wY:4sa���x4�����o���3��q�r�J��q]�4=+������j]�LG��י��3�75�4�N��"�>B)����6|���~g>%5��\��u�} ���'~��ی�[h��W:u���Ϳ�-e���RN���-i}&��e@b��/��ɐqca�J��G���;b��\�!�l�D�+�ca��O�✷q"S��$��F���� c�����6�ԓ
  ��U�ǁ�\}�G�V:���<ˇ׾xke�gx��r�>�a�� IӀo2����A+�R$��� ;�������k��d��#b3209/��{;��O�wi��L��3i�)��~����6/�9W�Ϊ�[֍_|��s�}��IDB���D\��߈���/۬7�Nsq�%�
  /p\��mf���ur2���Xv%���mN����BD.�67֚�븋�"��"���ő;�ͭ(Ĥ�T*YG#�h�JtS�=Q�d�?���:Y9��bhh���Ҁ�E����#.�>��q<�N��Rw�{_�� DA��H��g�&�}�����""R�V����<d��c���ʍW�p��(���B��V���P��"[�6�C�t\�Tjd�M��r[�w�џ~��m��UK�+�&ʒ�s�҈��*:EY�V�)B�4�땨v> ��g��3�������yz\0�wf�֚�݂76̣8^�R#��tR1�����g���i�F��# ����{̺P��}���:I��)A���@��5�P*�ը�/�wsW��LJ�������#��x�Շ}�7Y��*���6�᚜;��ӻA�m�g�r�9��أkP�"��R�����H�H���;�����7���0`���/���{� ��FL�_�͘���7��-c��ց�-i�c{�%&�_QڿF�S�i�&��w%�������b>Z ��WX�A�Ԯa����^�2���"#��o�5-_��/�I���O��t����xy�p23鏵������`$}\.�h�J} .Hj7P3�`Z�ߙ#��ǨK�ї�#�����/g����5K�����F￨�l�d<o�imA��Dպ`��a��3�x��G���5�rKl@�.d�T�6����e����m4�\�gZq�k��^�`���X�&;6Ia��丹,��[��n�pU����;����&�{�X��*�L?�M�tx�P��N٘+��{[�U���˛��[��1I�{E��]tXs��(>B�åOIY��ڻjgk�6�1�`�M�MW �c�5���e�GL�5�ɩ����[���\�/�,�5J���c�/�@� ��[����J�h�#ݭ#��u2|�W`1��#�{3K�3�be]t)UM��Ō���ң������]JY.��V�����3����J�JXg�<�ð܍���m�'� ��;��Q����v ��T�`y���6ݛgY4��N@�ҍb} ������|���J8%�&2*�b�#������.ž��� �
  9�
  T�v�"I���5���k}M�H���J^^��7�!�����Q�h���<nB1 $���L{]�i鶅�!�2���]:Аw��v�qV?�c½��[�Χ���~���Dne5��}�
  �VnB�R+��Gl��MÔ�L)� ϵ����0�P"%vHD����C���)gU�����-L�
  �_����c�I�����D�T8��.��K&�K��S��En���+n�/�ݾ(���VJӺ�猜/8�e t�b�����wv�'LFP�Q��K`gm�!$�<�� � ��,��0I���!�v��u���ji��~��u���,^�L�Ϛ
  1������IV�Ō=ޜ 2%�h�۟���C���.m�eXa6qʚ�|�6,hƥ�6>d��%{9�@!{B۸욲�h�uW�[=b�f���p���^y r�*M��OS�x{�2F ���x��d�Zs<�I����5����o@?����Pj/�n8x+���Ңz�`8��
  ��3R�/\xL�g80\\#�Og)�C�:�����1!-�*�5^�C'��e��� � p��V�6��o�**B�_-O�?ة�:y��N�-k�p��m��ld�Й�{�� DF"@��v"yvm��L��&�lM�G#O�o��A�F�먪xcF)FI�{�0+>����7
  ��9G���U�����2P���,�/��q:�ч������Z?��6�� y�V���u��X�����]��8�BJ���Ah��c<`ܯ�bB��&�x�
  ϱ֕i�����¬(�5�(���n��o&!!��$(���>�]��~����%�A;8��<���9�(�7��$��ܳXMz�4J�c?V����HD*�LT����������N3:
  ��g/%���� �E�Z�Á���I^�|<���[<��2� w@\T� ����K~�f��[�\l.09�Ԁ�������UmWd8[2{�N�]�� A���y��"6X��A������Lλ!�j.� r�@�)gM<9b�,G�r��C�7���z�3#��]���N;����X�޵��X��S� Y�2LuZͯ�ex���:"s����� �仈y���|X�&�p1�ڱ�(�O��U,i�^z��ݝZ�چB��*�&�Н�lG����~sk��9��$���fM��o
  h���#׳c��c�P0�����lg>�km�ȼ��9O�>�tv�tZ,n�_��x��J"��a8����lk�@�2]��Y"BY�����H]%��i��E�
  72������ˢ���5%�o��w|�e��7B�<�*�|�T�KS�"�L(���`Q+6(��3��^���;�0� ���'��_�R���6 �@���Ȭ4��y���|�r`���������z%�N�V�o��j+�u&�xv�>�(ڑ��cr|�`d�X��E�<Hb.��~�����#p���cïX��G�RF�w�/�5������tZȡ��z��U�Ԣ�I���;

  Sections

  Size: 41KB - Virtual size: 108KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 16KB - Virtual size: 32KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 1024B - Virtual size: 2.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 8KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 202KB - Virtual size: 7.6MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 2.1MB - Virtual size: 2.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE