| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | MultiHack_.exe |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 1a85b35f61d9c19fa99fedc55c22938c570888f6 |
| MD5: | 6a0e423c72f0a14ef84c9c2e6dde2118 |
| First Seen Date: | 2015-10-05 19:46:44.596000 ( ) |
| Number of Clients Seen: | 5 |
| Last Analysis Date: | 2016-04-09 05:22:48.265598 ( ) |
| Human Expert Analysis Result: | No human expert analysis verdict given to this sample yet. |
| Property | Value |
|---|---|
| number of sections | 5 |
| compilation time stamp | 0x56094BC4 [Mon Sep 28 14:16:36 2015 UTC] |
| LegalCopyright | Copyright \xa9 2015 |
| InternalName | java |
| FileVersion | 8.0.51.16 |
| Full Version | 1.8.0_51-b16 |
| CompanyName | Oracle Corporation |
| ProductName | Java(TM) Platform SE 8 |
| ProductVersion | 8.0.51.16 |
| FileDescription | Java(TM) Platform SE binary |
| OriginalFilename | java.exe |
| Translation | 0x0000 0x04b0 |
| entry point | 0x401914 (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 345088 |
| sha256 | 85d0d6cf0d1c5de0d70c01ede1d89beb9e7958a330d46498823f3f930ababee1 |
| mime type | application/x-dosexec |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x6974 | 0x6a00 | 6.589007 | - |
| .rdata | 0x8000 | 0x1eaa | 0x2000 | 5.321830 | - |
| .data | 0xa000 | 0x1fdc | 0xe00 | 2.319294 | - |
| .rsrc | 0xc000 | 0x4a000 | 0x49800 | 6.886594 | - |
| .reloc | 0x56000 | 0xe54 | 0x1000 | 4.245482 | - |
-
KERNEL32.dll
- VirtualProtectEx
- GetProcAddress
- GetModuleHandleW
- ResumeThread
- VirtualFree
- VirtualAlloc
- VirtualProtect
- SizeofResource
- LockResource
- LoadResource
- FindResourceW
- GetModuleHandleA
- FreeLibrary
- GetTickCount
- VirtualAllocExNuma
- GetCurrentProcess
- ExitProcess
- GetCommandLineA
- GetStartupInfoA
- TerminateProcess
- UnhandledExceptionFilter
- SetUnhandledExceptionFilter
- IsDebuggerPresent
- Sleep
- WriteFile
- GetStdHandle
- GetModuleFileNameA
- FreeEnvironmentStringsA
- GetEnvironmentStrings
- FreeEnvironmentStringsW
- WideCharToMultiByte
- GetLastError
- GetEnvironmentStringsW
- SetHandleCount
- GetFileType
- DeleteCriticalSection
- TlsGetValue
- TlsAlloc
- TlsSetValue
- TlsFree
- InterlockedIncrement
- SetLastError
- GetCurrentThreadId
- InterlockedDecrement
- HeapCreate
- HeapFree
- QueryPerformanceCounter
- GetCurrentProcessId
- GetSystemTimeAsFileTime
- LeaveCriticalSection
- EnterCriticalSection
- LoadLibraryA
- InitializeCriticalSectionAndSpinCount
- GetCPInfo
- GetACP
- GetOEMCP
- IsValidCodePage
- HeapAlloc
- HeapReAlloc
- RtlUnwind
- HeapSize
- GetLocaleInfoA
- LCMapStringA
- MultiByteToWideChar
- LCMapStringW
- GetStringTypeA
- GetStringTypeW
RT_VERSION
RT_MANIFEST