| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | 6df071963b8025beeb1bbac9b57ef0d7c7f7bf2a |
| File Type: | PE32 executable (GUI) Intel 80386, for MS Windows |
| SHA1: | 6df071963b8025beeb1bbac9b57ef0d7c7f7bf2a |
| MD5: | 4996fe396abf69522dba0efad2d622a6 |
| First Seen Date: | 2015-09-28 19:10:17.957000 ( ) |
| Number of Clients Seen: | 12 |
| Last Analysis Date: | 2016-04-13 12:45:04.131400 ( ) |
| Human Expert Analysis Result: | No human expert analysis verdict given to this sample yet. |
| Property | Value |
|---|---|
| number of sections | 4 |
| file size | 185658 |
| entry point | 0x414d61 (.text) |
| mime type | application/x-dosexec |
| machine type | Intel 386 or later - 32Bit |
| compilation time stamp | 0x560574C7 [Fri Sep 25 16:22:31 2015 UTC] |
| sha256 | d69e70071d631ecc5269f064db0a4fe091e31d5f32f75f339175177bd2b411c0 |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x1e9fa | 0x1ea00 | 6.748426 | - |
| .data | 0x20000 | 0x2460 | 0x1400 | 4.649987 | - |
| .rsrc | 0x23000 | 0x1c8 | 0x200 | 2.692508 | - |
| .reloc | 0x24000 | 0x3ad8 | 0x3c00 | 6.181328 | - |
-
KERNEL32.dll
- LoadLibraryW
- HeapReAlloc
- LocalUnlock
- MultiByteToWideChar
- InterlockedIncrement
- InterlockedDecrement
- Sleep
- InitializeCriticalSection
- DeleteCriticalSection
- EnterCriticalSection
- LeaveCriticalSection
- EncodePointer
- DecodePointer
- RtlUnwind
- GetCommandLineA
- HeapSetInformation
- GetStartupInfoW
- GetLastError
- HeapFree
- HeapAlloc
- GetProcAddress
- GetModuleHandleW
- ExitProcess
- UnhandledExceptionFilter
- SetUnhandledExceptionFilter
- IsDebuggerPresent
- TerminateProcess
- GetCurrentProcess
- IsProcessorFeaturePresent
- RaiseException
- TlsAlloc
- TlsGetValue
- TlsSetValue
- TlsFree
- SetLastError
- GetCurrentThreadId
- WriteFile
- GetStdHandle
- GetModuleFileNameW
- GetModuleFileNameA
- FreeEnvironmentStringsW
- WideCharToMultiByte
- GetEnvironmentStringsW
- SetHandleCount
- InitializeCriticalSectionAndSpinCount
- GetFileType
- HeapCreate
- QueryPerformanceCounter
- GetTickCount
- GetCurrentProcessId
- GetSystemTimeAsFileTime
- HeapSize
- GetCPInfo
- GetACP
- GetOEMCP
- IsValidCodePage
- GetStringTypeW
- LCMapStringW
-
USER32.dll
- GetKBCodePage
- IsDlgButtonChecked
- ScrollWindowEx
-
GDI32.dll
- GetBitmapBits
-
COMDLG32.dll
- GetFileTitleA
-
ADVAPI32.dll
- MapGenericMask
RT_DIALOG