Static Analysis

PE Compile Time

2024-09-20 16:00:24

PE Imphash

f074f05734c833b6765a05ba23e98088

Sections

Name Virtual Address Virtual Size Size of Raw Data Entropy
.text 0x00001000 0x000040d7 0x00000000 0.0
.rdata 0x00006000 0x0003c57e 0x00000000 0.0
.data 0x00043000 0x00000d40 0x00000000 0.0
.pdata 0x00044000 0x00000564 0x00000000 0.0
.aspr0 0x00045000 0x006f941f 0x00000000 0.0
.aspr1 0x0073f000 0x00000a20 0x00000c00 0.193528336219
.aspr2 0x00740000 0x00bca494 0x00bca600 7.84812025634
.reloc 0x0130b000 0x0000010c 0x00000200 2.54945243461
.rsrc 0x0130c000 0x000001d5 0x00000200 4.72749157975

Resources

Name Offset Size Language Sub-language File type
RT_MANIFEST 0x0130c058 0x0000017d LANG_ENGLISH SUBLANG_ENGLISH_US XML 1.0 document, ASCII text, with CRLF line terminators

Imports

Library KERNEL32.dll:
0x18073f000 CloseHandle
Library ADVAPI32.dll:
0x18073f010 OpenSCManagerA
Library MSVCP140.dll:
Library VCRUNTIME140_1.dll:
0x18073f030 __CxxFrameHandler4
Library VCRUNTIME140.dll:
0x18073f040 _CxxThrowException
Library api-ms-win-crt-stdio-l1-1-0.dll:
0x18073f050 fgetpos
Library api-ms-win-crt-runtime-l1-1-0.dll:
0x18073f060 _cexit
Library api-ms-win-crt-filesystem-l1-1-0.dll:
0x18073f070 _lock_file
Library api-ms-win-crt-heap-l1-1-0.dll:
0x18073f080 _callnewh
Library KERNEL32.dll:
0x18073f090 GetSystemTimeAsFileTime
Library KERNEL32.dll:
0x18073f0a0 HeapAlloc
0x18073f0a8 HeapFree
0x18073f0b0 ExitProcess
0x18073f0b8 GetModuleHandleA
0x18073f0c0 LoadLibraryA
0x18073f0c8 GetProcAddress

Exports

Ordinal Address Name
1 0x1800026c0 DllMain
!This program cannot be run in DOS mode.
`.rdata
@.data
.pdata
@.aspr0
`.aspr1
.aspr2
h.reloc
@.rsrc
5UjzGkb
_1sq;?
Vi[+M)
$SU40b
@C}NCx
BFg5PRq
Rx6LiJ
YAC9KZ
!cu}}K
Y#'R#M
hp:/1l`p:/a4@p:/
p:/1hHp:/
-suR+p
:9N@s:^
EV@s:n
qJTXP*"
r-$ {/
t"ov|
jiFs:1
N9Fs:Q
qlQ;Ak&
HlobuA
zm@K+d
Jh$wY3L"
Uk5YZBk
J^,Bo(
pny'0/
*Sq],FL
|eY}Me
Vw%1qE
Xs:n2m
r{EIQ1'
Gt\s:,p
2]62v#
<y/>"&
"s:BO
xjnXaT
ma~0-F)
bKqL'x-RYj
WCE#Yo!
'DH;@l`
kp's:x
f_mK%`
I$@[S
kE4fno!
>L[kn
>e5B`
qal|oG
7+vT3'
<#pAnW
A| .ZR
f@Ng%
&m:_x~D
tc]4g7
\4g!(t
TZGM08;
z:W+nw7g
amI>nLC
Ak>(M+x~
d[(m[B
#h2g"=
vp@K|+
rKup@*
25ApKO
@?"lpW2
[i,iu]i
^[ S Vr
]ZDf(1Rs
#|-N<~
6!hgm8
kIG\m@
|Eap@.
ap@W3'
4p*`Ds](
Z'm#w
&,x~QJ
c/ZaSR
&RFAm"
XgUS-W
mj/)$3
DEN(m3,
NB;'pi(^
[-Zh_T
s:^2q.
s:LM2e
@s!&2G
|#Qw$FA
I\\,%-;bf
Sy\es*
Ev6Wl}
/JZL;9
PkoG=#
hP@W l
+}\:l`
b?>p==J
_g[qN]o
(QM|N
vK2k{N#
)k*Af9
K58n{
nG|Nmj`
xKPwdDG=
+\f4}F
,h,c!2~q
vP9Y|]
aL{04O
^ d\w2
!0#YAE
SE@rydJ!|
z2.KPo
VSH#{:
nza[lf
=9a~z2$
aWQ*;E
4%:m'hD
'"z`NTu
HE:&^n
~O9Et1
P4EI0[5
mOQwCL
bQt'U
'gVv4rm
ER9negS
f\DN%;Y
.j5:9G
G%r{J&
$^"77^4
kI16Dj
~)=2iE
d3a`]?
#i[gzyb
TGg1TjK
QW_Hko
(SG=EcP
,p{y69
ce]o)Y
/S{s
Z@{9{Z
-]=\Ns#
t$E-"1
gHv';&
w+@9A@
tbGOu*B
S'JG?{
\*Ae;P
z*AfQJ
Az="@[m
BE9'7?=}
e"V*]l
Zl3@0o
~[l,Wo
V;q@7
%Yc:q@
mo;wkS
O}{:VF
QKclAZ
2_Cz}*T
U>ATr:
{sy--e
MgO("3
~HL#7TD~HLO
:c8 k
S^='HN4
api-ms-win-crt-filesystem-l1-1-0.dll
]az{c=@
I>P|(Q
]q@2X{
UM|"1[l
sZ6ya/gi
}5[LrT>
2#2K:2
FTNS(\<
,Lq@-z
:psq@CV
sq@*>Z
Pa3['p2
S*uq@!
{X(L,Q
lOHU@6
ANPO#>
'%P/3.
~&bEzj
[WL/|
^nafBd1
XA@'vl|$`
A%p!g;K`L
]~0ZOl
&@k!Dx
p)~!,S
dq@\{l
$Mdq@5
?fkq@5P
:@^{MTn
[IktM_&
^<(r}E
IjtX2AE
i{DPTE
~}oqrJ
vZN'nF
Km3*i@
ztkAVk
FoLjvb
Fi&ah
\{rWTW
[Nr8R;
hD2W8z
D2W8rc
{6i9X|
ZlV6"+
]=aU4iB,
rUc@q%h
x:/B^"
|tX=?4a
\[@#p?
WRuj5z
;XTXA-+
'MvI]
_H4oNYh}0
q@2T(r
2*N]#$
3~`JPK
\aoD3|
2>4']Ro
kB2fB
IFH'% +
1YbNy~
>27Z=w
b:QMWK
M|bu#
Tgnhxu
@3ZZkO:
AT+z>`
#=TmKW8
+\J"Y^oZ
U}CoM
~\k3+d
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
B_?,kr
)6!Nnm
[#"c:
V+Flm5_
gKp?7
zL(r[Q
L$^f&-
$Mu8ln
%,4J<A
6x|Qu/
-'u#R8
@;jf*w
%d0WSL
}]^@%@NC
Q\">Yx(S
[AwT=v
P\GICw
uiy0&f
|>V/'`I
uTqhJd.
^ud<Q.#Pd
R&5(]'
F0ZhQw:~}
MSVCP140.dll
rPG [,
_@I<r@17
*{Go{r
vzS 's
}{BPM|5
in0RB]"
x(@[}s
=a-#j.|
Kh3(>Pl
u[5NRR
ii\e?G
R^r@"4
9}n+=>
dQ/c}m
DHSA(b
$$1Rz6
LoadLibraryA
1rUfSOy
c}Ot2,M@
@&2}Gk
4&,6C6_
OGn\KYd
f.AG>jM
}}.73
EAA i2
EAG~I?
{<J?H(FW
Q9r~))
|^2eX^y
/3)vpCr1
>E-\Dr
a2v~<8l
R>20.J
x>'$w1
.v7dJ0
_m/Lt|}
<(=>4g
|?4gn@
2R7s[,
hRV|'2
mB[G7C
k&4mf-$
3U#Z|X
5q[A@v
q[ALF?
\-wv[A
h6%!D~
owYgz*CAH
z[A:qiKz[A
>=@ZgL;
"cQJ|M|
Dg7zu8
hFtZ{0{
+u}y0F
w_6H(L
AX,anYQ
W*"d|N
N7|*LW
q5(V;-L
cqM=}Q
-[giOf`
]^9x{=8
&mZp;y)lk+
%x~rM#
![AfHRk![A
_"ivNN+
MO(tnH1
Q8n.D\
'[Afm,'[A
d/'[AJ
V,W%++
LO{Ns[
W%++*\
*[AOmNf*[A
BR)Dh<
r@h+Q
iA4Ze?
LL1LG=
C3Y,ZB
1OGxk jk
e1pB -E
9tomD
}y]P`!
I|EYPt
VuVE3W
a&mZO=,Hc
Pq5{5%k-0
;D)5wZk
|Si5'Y
bf$"S?
~slCAY}
8"U"UE!;3
N~KhG#
`yedPi)[
x)6,A<cY
P1Z|C4
,#Ui5/
!YO-~A
~(}2;vYHwq
R!p!P<
12k?k$
XMneq
[9#okv
_\Q/q_
9>Ne5M
QH:6tR
{g82G7
Sthmu14
>)lu14
y;0&*9
~dOiOO
%v:2bd
Ns8g|_-
wxqp:@
rLZ&c|{
z(MEyT
qRPp&<HM0
IEg#'<O
`.{DRo
u!A37J~i
:ZtR:H
)OGM'i
[^Q4q:
:U}`X:
#4M1s@
x5jZa}
Za}RG.
CKjt!e
N>h%@w
3haLrk
b rv$%l1"c~'
R"c~gv
FDarP<>
@z-9Sh
!?MZsFh
nxIi$[
~c{]2s
et+\2,t
@jjPxc
{/Nu 8
z-Afeu
#.0wsc
5l#eEn
Lihy-U
$mQHqP
tyc "?
OFl..V
wxr[jG
&6q3D6
@sI<)p
YH}OV&
^f^8)v
R;CmOk4
:ydR%jeV
'5>1EW-YK
H2231V
[2zN;@
X"mXvv9
h,SgVX
Wj6luX{f
0&WA_^
pl i5.
u,[N`J
B{Uin>l
o%$ NI
%:rZ[E
LoPa<4
WqQLU5
"h'Bzq
R<Fwpe`e
81q6%uW\
:J&Ly]
@^<zdnKk#
K@'*_^
HdD(t%8
x$FXWK
ZBt<}~
/YE!I$
@ZA$WWu@ZA
%J \N9
fy>H"k
vEaSo8
pqBRm*
y_>)-):b
1X>\X6
y1YrW/
[ZA0~L
~>HAR&
e2=3!B
(>35"L
Sg2*s99$
>y*8:w
y7hpvk
7g{baf@,K
I!NZrI!N
Ru.YV~
4L=dFE
J+~C4\cz
-mVy$f
l$:gwf
Yi3.|g
#5SsK
p:/7 w
0h"rCiY
an[d~xy
2#N?PA]W~
4,?2Yo
=mP/dz
=%lGbGV
R6I)~#
5/~8Hhx
6s[.Wu
$$Swch
__CxxFrameHandler4
^Z@,,)0
[^a(CT9
#R3v=
eLLTbh>
21KLL:
,\f?58
8DA[6=
:KL)$R
v3mP'r
Q7jZFi4He?
$@>ij-
ssAHe?
>unRIe?
_Xn1&>\w
L#PC?
$tl7]5i
$}pCfB
*DY:CBL
>&e-(-
_<3<w
qMy7AQv
EO)_)
zj?d.
xyEFgMp
PC.mjh
clUBcl
mZ,6k[
>eWzkVY
74phQk
cqU]^b'
3uw%{S
I';}NPH
uh+iD
)nxo~
+;1#)K
?W@zu/
DGpMSSG
mD7JSy
vr>Jzn
Ylpit6=W4
rl4XzE
0q@o#
)Ik%eV
Z>RGEzl
M\Jy!=
T)|x_3Z
Kabk?o
a"T_NK
K6*sF{Q
#d]{|@
bq?p8l
u_;kk8
$Xpvy6JDKj
Ok!~|@
M8MOJ\
T=8.p
2c|@BT
c|@yl8
{Ba|@C
vOx74o
{L|pbxQ
&)@e|@
@e|@+CC
%u.Mhi
4RT$<>
t}o|@ec
-o|@U~I
q6_n|@
lmUF!kB3;
cW@w]Lv;]b
H=|c*_o
H.)wuH
N-I%vC
{YhUA
q0;s3zj?
-7'`]da
7(d1v#d
TtG*G%
N"2;@F
(lpe!
{UAC`J
iR^G*:
Jz[d!
] UvsXIUd&
)0i=`e
2jV&`0
RuJU'xY?
_|T=&;
X+ViMf
C]4;Tx
^&mWUA
WUA(WO
_cexit
HeapFree
{B'.Yk
]8JkS2|W
}V~6Oo
Vta1dZ
B-r~mZ
ST~$Zm
C,`Bk*5
0:]]6-u
Xuo(Up
i$*/)v[<
1RxIZ)
R|KR*T
G8LZ!q
Oxg!fD
PIF/#ho
F,)VDUM
.GrqA3
\QK%\Y
X-[A?J]
Out8Iz
YZ\Eik
a-NRG7=
eQU@zd]
GdboL*
|@A%a+
N)R%$?x"
xx1$7BG4a
$R7b=P
F8"A'u7
TA(S;I
H{03Ml
deL<a~
?pL'"B
@@^9TO
Qq~eej
YKg)du>
iSkEW
f2g1<
*"hBvmi
mnXJwa
bHJ/b`
>x[fB/
k:I)D0
PzLJxa
K^gelY
oy6{&%
sZmcjA
-?=Naj0.
eevNWcf
/E<zNy
D-=}@vC
xcqu1B
:3LkIfl
K0y4c_
c{F6UX?
O&}@_9-g&}@
U~:;FW
Z~:\pX
/*Ro|
K_e/}@}
@u>+g6
=/})AL
B:\-)<
!^rB-y0
Edkpqu
j+s/?}+b
d:n3X|
U<9_wu
y8>$,g/+
+?\0(s
nnj<Gb
mL6ii{
+d7~:U
C47~:D
s|7~:5
_~]\xP1
#L`TO0
}~FHCT=P
sm(|~F
*e@S?u
ZXIh_j
XS6fti
b(`]$?Kg
s8AzA\
VsHW]d
b$Ul&^
c=ZC>e
\h6@Rb%
k}@kAM
yCeqvs
v:'Il
P{6vWo
X+"2y=zC
,Ic.*XR
r$*~?R
>gXC1q/dH
)x2uQp
pp4|Y9
K|:a=oF)
#F6hsc
i>eD&N
.&AE7b
Y(z^^
wg0/~6
Hg*:Q<
Eapi-ms-win-crt-heap-l1-1-0.dll
=X]8M=
,cP}SC~
ETA#Tt
B8NVu]
=c5tWZ
df_JTA*-O
n{4\$0
MDO{Pg6
m8oPT5
Z3Y;SO,w
aC_Q/p
xrNBR2
dN{+&mH
$ScjYg
qq7<RM
hYU4#v
+9aG!Cu
L#ajCr
J2MZr`
JDvV.jg,Y
y) &X
2dSx+\
Iv`,}3
f@[oTO:
C"PL=ZK
%r"fB%
P5gXuG
LUZesL
:12qS(m
{ jc{E
5l><"{
&f`#xv
k8??oB~g
R1'#Q=
Fbw:mJ
Hy%tCt
]-{^xu
&t|Tnmy
\9={au
iADt1$
7uTe~~
RZj9)C
:9EaTGv
ESvymf#F<
c6mhK
q}:\0c
q:q}:[Ws
k(D-i=
TH/6_Ja>f
9E.4<c
o7fL e=
8v}:!
e^x}:_R
y~x}:^J
x}:>sz
{vQy,/azFS/^}
,0[sb>lX
7t1pnu
Z!Mtm
^c.TNC
QqW1(Z
%e< #wPOE
wLA_Q'
a\oD(_
Xp`-Gjf
mP\cd>
nS&?|=
a]dC]N
4{]8*9
r^{3K"
i_v==U
sy`yT)I[
3=WRRE
_uxoye
B^QT$J
`NM9'of
H p<Yn
f1(ClGw
,_C_KC
D/UjY1
"jXdn
f]'znR
S<rQ@P
eWkB5%
S[K<e6
Au.G<ZYg
\%n/Hn
]so4X9
*]E"7N
@UU}*h
1LY@^%
Q(!*pr
h#@Z\>dVt5
ZT*%fj
(Wj?sR
ay}xa
0?gyUA
#^x;39
;@7b}l
,NHiA+
4YC+O-
hXn7b
mc$d?n
,EW4k+
eW9:kJ\
i/GI)1
X,2^/<!U. xqY
%R_2[N
t*`u<U
9;{C<QN
[@Q?]qH
A<bCl<
?5qGYI
xY]XEZ
e=2;l-
$x#fRf
IY!L+Q
&[h"\)
24c9*1
DoIFvox
Z.+ws{:
1z29v!^
mNP*5yd
y'W'rs
0f?%.^
#A-=`cw
=0cGfA
JQ@uSK
zkLDf&
ywO2+)koa
ur;yBx
'DCIOo
f'5[VV
@GB*Dc
)l#^<x
}yt+lH
-."4s2]
Ih7[qe}n
d5v5T{
gdxR:+krnk
+y<n~H
x/-y?x
Ax7Og{
Gh;]7pigr
Bl[ M:
Ej?U0N
@L@,#(Z6W
??F:~X
XaB#m[
[T'Tqr#
F,"dz,
DIhR4W
L9[#5R|-
`)oYr$-M
n?"'y[
s.Jhl%
c|=Kp7
mz5@yJ"T
29Y6]z
J^fyEk
fz,RO4c
ghT22sM
YPd]G
C]aE`H
6F>@9z
Vg-V^*
`4d}cq9}
#,0y!Z
( 0N3b1
^,hZ~\
Ny "uaip
/Td)*@M
Y@>B
o7nsZh
@/U]NgM
YjG-\mV
b 53xHT
hndX5^
1{AW2|
i!;i,
}[{@I0Bj~}{
QwpA*W
nTR^IWN
:# Sho
fF`/|Y
5I\f,L(
36ObI%
d*9QIK
429$rBF\
;ZH+;s
l&]i4Tl
wds4LBi%$
@;;8K{
imdg@~
>}(d1E!
fTs -^
ph;I"h
}K'F6sa
;9WE/Y
&T){IX
nJMSfr
sYvO/
>{+:+:/
CQFxoe
"<s\;U
VXZZ(
$JF'h2
G.`~6_
U=N/iQ`dyDvu
IXY!qm
2b+Xsf
@ftLr9&G
&&|0#:n
5"$Wcbh
@#0Dc"d
vR!B3vu
!HT!)6
&XV_VU
+`k4|A
m5$L#j
a\sxb1[
Ih]8qa_TI
D~KC}V
8:(lRO
B.6;r82
:z)mng
N7Bg.z
M(-YR9
OMGUI@
d_Kqc~
'i#Nw0
^JH'MNx
UkI|Z"X
%IjKfnT
#4! C-
/19;}5
Q`B-'"
;-UZZj
7iMRgWT
];nk60
Q+D3P-
P4HwQh8
5N<[+0
'uvzf~vTr
QeQFP4
L,$(u=<
IuG^FgmUZ
##SVAR
MN<W7'AP
4[O{Pi
RW~Ebw
;F,"}E0
LHhOZ5
S3a[^i=
9Y/UorN
=Iv/ov
"FZ$hW
Kz7@W?
W_u!AH
GiD\Pw|~@i<
-1-{+
L[ `43`
Zqi`2`
^+3M;7vws
7#3{;W{o
_&T?VA
YFq~`n;gE
2@4%eT
eas_]7
E93lWm#
ZlWm#
mWm#`&
{zob|bsz
mpvQ-`
VAZf6#B
"Cg6#R
R@_cGmXKc
-NNJ8?n
X$`vN:
+z!/h3
eU_Hf[
5jb{O6
zL)3,W
>r>,e4;
#F)*u
+d?5}E
pkx_!b
{ji/Km
Vn-\fiZ
H+@DEx
z\%KyFd
JIuf88
g8*;vO
c3#M)uj
WWg%"w,
Z0R9ig
Bpp0&-
WdD4,,
(uiQl*Q$B
9xgy:.
+,hT.j~
x@ul-U
IB@DS 0}n
?1(%g
nCY-54,
wk*hY?~
"B{4@#G
~Wv_&-%"
I?d?fU
iB{Lz"
H9.mEg
VZi?_z
!"-^Ej
('.%js
$-Zx@=
T:Qt6
f]9<U<
cvYgbv#
:eCqC>
j/H-?]
1DiV_u
ep}[xwD
@sfyy$
"$DPs+
q.*~4Ao
M< gMNj
/]'6cH
q}5;x0
(Gn/"_(Gnx
@dG9aM
6<`bni
tyJz+K
8Uyk$P
]I}Bq,A
S)y`fB
lDT{Cz#o
yuv0ez
U|~BQk
MZ+hCw
Qg<&#T
u3m@ta@
(Xu3m@W
e-5v.0
J(P%<R
JJ~eje
9$8[^_Y6EtU
sk< lr
+qAO4h
9a8+n1K
}1%)OM
3a%6[G
h&)V^"
"9}Y@8i
;7K-yQE
U/<CYd@
,%: A]
An${~M
W!(WHR
b(@-eH
P[X]{8
jAs|:<]
d?dp>V
s:1k~~
v9p.rjb
atUtQ
>22\2-
:C/:sG
>f;K!~
DV*RlV4m
_pn5k%f
P_+oBb-
Anzsd
?7nV?:
AJ^ &M*
CuVCJ{
>lJ7F&k
;an&C#
sQNG4*
~Of&)w
iBMiW{t
|QD~L#
~7^I/js
f{O5M|
&>p=mf
R?${ob:
gS?zwy
;~j>64
!vDU`C
-}UBa1
%"~fh(
16@wii9
{hOAJW
m 7;Y4
n$XSj4-Y
l6ycT.1
BhRTGe
1-JNr7
Ptqqv
3z?Bxi:=
92yDz:
3*Vv^(
_Qn]YX
_fqv!3
0lbW)Q
{I,eA=
>??y=t'
a~Oz:/
VOz:7;M
azSz:c?Q
Q["%ir
%?YO(M+PP
J&BHh
0(b=_K
c}kKT<
Hj?IEq
G%KcgZ7
bWhws1
.1b:Cn
xvv?Tc
s+8x:.S
6,d3]h]TrJ
Jl[6R\
AZl**ul
zS[y@X
l@;j))a
_y@( y
.M}36Y
!bYcXP
wV7}0b
&sv^ig
^!M_j7Zs
pYF#Y^Me.H|f
[:`kV[p
evjw(=
4YECcC
v}Nx@oV"Z
EGUq<q
vRQt&a
o0%t(d^P
n9(6y S
olg.r>/
ME7cSu
O-%>Eb
,S5E'\
&1)Zq8
f6I+UW
%E'Z@7L
xb"m(<
+|^Xpw
BjV1G6HQ&y
2$\*~j
:AK8u
Symc[l
TtGR|<
mI%hlI
w\ t6]1=
n2?f#A
s6~t\&*s
C)>12
ZoGh|.
Gh|N2_Gh|
X(Oxy
QumEjgK
;2Q-Ql
@ofit
@op}\T
BWs&F=
,.~6Ya
LRVk-f
THu.6c
?av+4]
YBM:L
P|^nxw
<Rfy|9oD
~xXw;F
A]*a&9]
7K-qx@
uNw97R
6wr:.
t#pnVz
qO@U3U
H&WF-Mp
utd`bU
XK'|#p
)o2>5-
uo{d~)26y
F 'CdR4
;~f o[3
,U *A&
~"r]}fa
R0\lhm
#%bbw:
!(uD!M
d6Qlhm
+Q<yS
?G<~]i
!FCeyy
fA4WeK
E&@(\0
){o0Xj_9
5{w,_#k
JCvb",
.yE]Th
:z@(/(
YC9z@[
@=z@h.i
Yp=z@2f
@=z@{S
`r~6J"
/:4F=U
:yelu_x=
K_+i~&
nkh/Ty:_cX?Ty:
Q/JGgF%
WQv;Y@_
|S,Zy:
6OnomT
1%>YWv
$1z$!R
;M5T|!
0-$*id
Tfm9mcrZtB
5&0Nw~
P&Ow`!8
'[8< ,
D3I/Es].
Ti~2Lw
5+r`AH
q,!cLG
dmUe7cK\
u5X2ypa5
2Av-~86
k$c{U$
[6>N
oFKgM
y:cr=j
kyJtTB'
VB@oEo
6~`._>H
Rj/pK:
X\we~UN
I13.e)
]TF9/v\
E@}&1dT
*isg `a
gW{m@{]
[G"nD)
ky\[Ay
\XEis
m:J--Q
&1lR:
:o<Q$%
yhT6|/9
}G{7hT
_ *h||
AwL]bw
HeapAlloc
nm=Tx L
(^XE.?
QKP--h1@/
GSAcd_
GSAgDffGSA
WNqkW7y
W*bv>EF
fK;Cvw
ST~zOGU
q$ j{$iR
Vif:xR
]4:[?m
%YSAX7m
K$'Hd_
lus`Y
yT'}$cEd
$=#1k"[
"`\}?X29
-OiyxG
AL#$om
}+&P"Mb
|,DvCg
e.|3'ECx
/!iM3tw%
^_iU[2y
TQUG[o;j_O
bv:AF6
mo)+-[
dSd6_|
ym>2"vp|
e3<(DBk<a
ME 1x(
_zPx%i
lzPx%yz
$P?1t{R
07f!J2CO
D#X26n<
=^^L(bc7
CloseHandle
mhHyS
l8I,u03m-
_mc{4a
w/2jX*
P&KP['D]
{@#eQ
Q3hCg(/
Jmpx:D8r
0~d{Gv
z+Em:$
,0j;!7
:p#~wbh:~
ai(f+HE
|[^k@&
VRu3/pz
f"PzsAt
8zao#1
O+xQ#!
WV<FPO
zM"NfF
XV<[y@
)TVkA^"
%]_#l/pr
SW}|:cgH4
_#{@4Q}
#S[tOi
{lkNA
B(@nX@.
=a!\9<
Z)r[x:
r';'9T
^3CMEV
RA{I+j
[y8yM)
~u$+;V<
H!yg@r
wSF(`Js
eF(`JC
YOXcY_
+8pf`w?
?)`XKb
:PDIq{A
.f{;z"_
6I*b5\
rW|t3q
xS<x:J[ [<x:+
<x:h=2A<x:
Ka`lU{^
! 7^#W
kIbXd.
~Fo*Id
*dj?&r
x0?N@0
H&Y~P+
%ekz8W
{pLy;L
wKz9;w
;O&4'`
<Xiiz/
^[:U6:
QvBjRs<
x~eb2a
!\3b.VA$
q/sRN\
>]1}7,
d\Yk)u
d\Y'eE
<uQa_#
)DW-Q=
3IxSy6
2AaNh.L
I[=O '
EOo\AK
:fvy.S
>gp/?5z
lEXed[/
c{zDj
6/>"^W
{Q9o+>o
26X+^y
wIX$ikP
?z[Ct6
!jWS&LO
#%;nBAv
@39cGE
bGEt[^
rK4vHT
_!DT/3
]&0/L<9
fZ\n!6
#a|h8!
3:hKWg
64SAkX
!vp-kp
V/n#McO@
[8]0_(
EO,QZ*
dy]18m
-H_~tS
DN7CtO
6-P5lT
<Ez|!?;$
jEMQMI
98(&FoB
{f:.7;
\@(`zI
hA,`BO
OvFFBwT
QJ`wDp
<Yp+\fQ
U; Png%9
{jhD+jidT|
e%vGV?
=UY;>"
X==uQz9o
#Iqzpw
R*Sa] !
n"cXC
ao?u[$
a7,c3'
RV|K!bL&
}PVAS#5
ZgP|j?
uGILTP
WL.qSo
9g&V3n4d
`4gVl6
s7s]Z\
eU!Il
6rwhG
neqwei
28Dhg?B
<L`mal
v+ZZ{K
lCQQl$
:USH(I
GetModuleHandleA
<EGkF~
H'f:C.
=@tBdhe
PY+s1,PY+#
zO`lu]j
{l}OCIRbW
mS1uR4
F12EXKX
N)iU<L
{lSzmS
6Hr8]NN
@wvhQi
3j890O
e8=',l
2|]E>5z
Yog2&7
*6@| ;
mwT@B.
#&K6<d:f
:G;$Oj
]40Mmp
0j~:31
M4E5/Z%I
}(k*<o
m8Z7o2
.@@KS"
10G;*r
DBnk63
!s<+[@Q
(91*g,Y
-xx.(c!
),yC$S
vZJPcJ
yhPOz
Cj,p91
)b86L@al
!)Gbu(
rayjva
gvbx@6
Xf]3<[Z
R_O]]n
w/7&Oh^>
@xr{DE
>"bn"N0&m"
S5={:%
Mj(X$(
#AZhJ!
;H2Zat
p!}H#X
3S|r3Y
{j8k"7
eL`7egt
4S;GN\
>N63@;
kzESZ$-
Z68uF7
;U!/$U
I+`PM5m
1FR.Zg
U`nmuW
>v98x.
aqa:Sh
8~vZ4:
Z4:V
bnPE7"H
_:Z4:
D[4::
5kDD,Q0 eG
l?97-+
-vzoj
K}?/h2
0E"L+
5R0|,i
}^tX0|
|[x6EV
:h.)D7
AwcfsX
#E$mY,
OpOjPW
&n6yWg
DEDJE1F&
iE#*??Q
z)C WWH
"TFvgs
*^'>rP
5>/\C@o
Rpg*od
Y?f*fT
api-ms-win-crt-stdio-l1-1-0.dll
|j|ZQ
)IX}!}6
Hr7<FL
NwH)F2
T{FK^^U
c^^UT&9-
RtxM<w
Yh\>k
}}j6Z(
u?CGdm
;+f\?/}
U#)l6-{
hC{[=W
{Pz>GLrb
c*Lv=N
y>%We*
r30BZM
,:onzr
YB8>my
XWv-BT
;<+?ye
>v_I+<
a8jtF]
DB/dKC
)wD_0]
qfd@:z
<~s_"7
j4$XP=
~pQWt#
XpzI];
BlBCUS
{r>}aGG3
#tbAMG*
Fa-cm<
P@b*+=
7X^^Z,
q$YOJFm
sqUgVi
8)W}iZ
tXe0ME
Z|TbRxL.
.IudLZ
n/:%+
nqp{]FH
WH<#1r&
7DlZc+#
&7M*}=
znyd==Oy
(?)=dV3
@Wv]-u
wtiZmu
d,ie\v%
4zaTx
G%hKwi
2tEE{v
$54Q&E
R3l|&b
*$f3^bN
*JKHL&"/
4D<5'k
\9e5'i
q#74'i
tWMJB7
@J#bI|
r_Q5rv
*ySm70{w
}{hVQc
sn{t2ru
`L$u[Nw
dIYpFL
VmJ6Gq
"3lCrn2
uF|^EA
9.$ch'
e/0,4&
C,b4D[
XB8-hEO
C*e/s-
+q`/,
~GmasO
n.!\^)V
lWKidyX
\p];Z[~
Jpi,4p
oU~Ok.
b1R#4H
Gy9/8t0
L9as-
a@zhS<M4A
|| %h
7P2ZZl
[_EpPy
+I`$wP
+)o){YN
!+vDQ4
8&qXeD
'^rUV:
|x7w(5
3JQw]X
m:V(0n
?h$!|A*{
h%6$02
U6$0=`m6$0
8.+sc';
-k!P`J
xCP,m81
LH+WTK
Vh\,I"
u~xKNIT$-
+42"qg!
Ar_yt
:J$NgM#
3CW{r|$
]o!]$d]o!eX
]o!=lt]o!%
|3fek`
j+h:kb2+h:
+h:sV2+h:{
K[>%x?(
udK.k/udK&[7udK
oudKN+
'udKnK
EEvH3S
:'pe%dv
5t{gn$
S^[b4
I,LhX.
bwM<Aa
B s81QP
P`TxJ'ShT
ShT?2ShT8
=&s]kC
]TMpUh
'(gjhU
_/Y-*_g<q
X[t[_!FnE
{=|H4'b
m m_A:NR
c=%0QQ
l^o+jRU
@bK9ZE
*S.^-k
Wc{GZj
BKUI ~
}#K!.N
-[mwmx
UN^Vrz
)(~_R)(~
@\X\6;
fEy{CxF=
J)SS_jJ)S
@7^|b$N
%6hK,j
49d2qST
\KALO&
~`lf~P3b
u0U~iI9
)Eu~O>Dp
ZEt}~t@
<d,8s5
<a==c,R
O`Kx Sp
@2XaZE
r,-K\/
h3_l!g
(>1<!d8~
c.+xqr
5EOCPH
h+o*4G
4-vKVix
oP2}c-1
5UVj1HCX
Is^P|X
d_bI,]!
sF0&4h
_callnewh
06wB:]_m&
zuh8HJ
't7??e$K
0v6"uk
,9^9I
!BRkoh
\}BG>,cZ
$PUe;h
z2UcgU
_ZY8 z
wtkkMl/
zX8`H1
~sPcHu
he8fJ<
`5-E^*
gGM9^/
oFq9W
<% l\f
f%Ml$<
>gpI S
Sm/fF)
g%]*F>
I_=w' ~a
L0""lmbZ
\RUj,T
9k6b/D
R4v}B,
3&n7DL
p1g>>e
1x;ff?s
eWI@tk
#'-zCX
fF)T8=
+F?)<w
]7ep2l
%4%fa`
BD(ytB'
?WG9:(
\R&mv*
%L PsQ
WRY?KY
h$e_m,
,0~dCD
M8a7uy
47z~A~
-z)2LD
ZjM,^D?
}~1LIl
56#No\>
-]/NT~
%C)"Y"g
yn'@l!
_lock_file
reP]|L
[xff9hN
VQwyfg
`9Cpr<CJ
ZiNKC
CT.BR^
=+?G.
_w*ew1
WR|l[_
Q*#KGJ
n'D* +
R.h'X
ukPdE|}
&IE\G#
qpz%5s,6C"
,tc()K
[@ICg}
@-y%o<
Q^I34M;
Dr/ 0C
xeB-$i
g[{.g
pE@%tULA
dmq`[a
DffwNotk
[EzkZ\
iAo^xH
U]V5U@
$%}'I#
#7rPV)
(U4<J
Ct`J])
@3{k[E&d
+kZGe_
QJ@iVWxyJ
)Its_u
$UAU@Da;
[WnK/&v
9"00H
(\aP@~
3aO9Q1E
U$YqG9
Xdy,f
L_?cpB
Jo7J3I
$c1sNC
O[E7,}
g+X{M`
@ui&N}
Fxu"#O
>Ub[zYuBq
$4YH2I
nd| -j
+-wx>e
|o/oKc
c-GN@|3UQ&
Be+L,vv
GlLua
f/}]e
zl"&$d
kbq=#,T>
#A^t./;B
uX?rE_H
H57<E=
52L/2E
n0bp^7
"X:MsQ
]J>I.R
r)Y?`r?
?U#0+Tn
U:B[kf
m0Pn'(~)
5kdcGpV
ez'x0`'
mO_X ,\
q?a<KM
!b.Bok
pN6rd/
Gt$#X:
[H4@gp\
&+($:0
Hy|\NB
dEF=j =
7@Gw\Y
mBaA^k
5{sbPY*8
L@c_Eh/D
-h$1u.
>W`!e`
bl_VCRUNTIME140.dll
2yrb0R
H%6?D|
ywA(/p
bI\IB6
;5_DXe
){BkU!
FB7:vU
L:81Bc
!88 }C8kj
ca'X[_
$-yIn##
o?;D@t
i(jFl=XEQ[
F3J@o=
wDrgq
>[3h8&
I)+;_;
ht]+7\
HTgwSqx
|-"sxV
E$,:oB
,Wjm47~
{7@\2}X
[UT"gETt
gETud2gET
B9Y2|6
"O\_cc9c
*|6:A>hPS
B9Ylyt
7m}@Z8
.'St9)
SY$N{y
QoLRwjvt
vOW] 3
,}/-_uT
8)qZQW
7\6zr9
U3a_?vB
owuTIw
xX`JwP
69ry x
wINL{Uxp
KqS3i0
oqD&G
iLr6w
LLAQ|g
Z~}=WEb]
@u^~XE
)uu`P[l
4F1Sc@
~Kje~k
ihaY)d
ehz*$|
a73j!(Q1
](.%`U
w1K,#c#
b[)u?+
MWwrtCpP
(b'LF/
TO|673
udEdjz
j`3]M8T
Gw-ou~'
!Cqys@~
~pBiIiehY
j@L|[9|
z#Yswd
,AVEla
/S\,k;
8s6-O"i
885\bx
dv-AP[)
kbg|F}
~|7kj%/
0KJQbZ
&jy}'DwFa
ZZ+gUL3B
F1%y-&Xf
R&1;U
bid1t
!{@F2?X
C}^OKP
El&5X89
=(6kjzSS
)fQ~9*
)$!M4c
|?u!t{r
YVRnL3
6l*=`o
eOE0p A
U)6]rw
pa=atf
{w=zHh
'o3)gc
Y/g$ze
ZZA&&LU
y2<OU2
Lkikv&i8
@R+|lk
@*|xv
6v+D6XG
V:U_ |
P^vSz<
=Cl}@.
HL^WNe
1ti(7Ct
uX-*X^=
Bd;@&R
@L].+7
\%<]:j
v`0kZ8w
J*`..4
@%UPGhQ
Ac>?3GC
ni[o1y
[!^#so
zn*{(<CU3
[X`0/{
SF\0W|9,
D_Ps;>
$a>c:W
FE%MOi
a33/nB
+Uj^%+gn
Y.,hi:t
(<aSQV
+d_YJp
LgFRc=G
l4)/S
>5)4PS
BQG2Jh
bwJmAd
Hm|kd
umC9Sd
xd4MQm
]]m@6:\
(UEEu|w3"n
pTv[e8
7;(W$2Y
BZQZ|Pv
.?NHuG
O/%),k#/
\gNbK2
8r{<8v
J<Eg/d&dee
UYh?X>
2*`V(W7i
[s`!S~K`
Fl5i9KBh
_-+#B`9
ax1Z4YCF
T'*HQoQ|
Yexg"I
Y%sg<~ztO
Z`p3<%o{
[!o!lE8
FjKj!5i
ra7Dmy_
3z$I1D%f
pUlh^Q
z}HG)|Y
jo%M?1
@Xd`ZX
0(n]pm
*>`%62
]fW/_!
eQy<h#h
1@3V:%
Jo;/~7
UZ+v,x7
_^OVg[
`*1*R"
TpGm3Q
M^O9Z;
Zh6v{-k3C
Q:I<N<7
v-8&x,L
Hg5:.i
ia)y.f
Q:jUId\P|
<y2Q=ZA
i~~V#v
wrGakQ
^G(hOO,
82M!j_
z.dj%lE
PY6yFI
3%yi6:
aw1ovo
aA{Gd4nJ
:Htf(]
)N%S(K
`Su:3
GHmN2TNQ
BU2>0X
h4I`}UY
!4lNG%H
?{#r\Ew
YtHBC)#
fP=7,G
9xt67tj
]7#e&S2
m@<{aa
Z;tdF`r
w.35b[
~pCS><
7!4$eo
Yl7fj\
{w;Ye'
:/tUuv
'sa2D'Cl4
-]M[XI
tf7.Ga
w`NI+2T
\7lS0+S
W3B5u
zUk&xtW
-4C`{m
{be{<T
OjsM\L
_R23YH
O2|;^,
~9kFU#v
Antivirus Result
Bkav W64.Aidetectmalware
Lionic Trojan.Win32.Vmprotect.4!C
Elastic Malicious (High Confidence)
ClamAV None
CMC None
CAT-QuickHeal None
Skyhigh Behaveslike.Win64.Generic.Wc
ALYac None
Cylance Unsafe
Zillya None
Sangfor None
CrowdStrike Win/Malicious_Confidence_90% (D)
Alibaba None
K7GW Trojan ( 005a7c0f1 )
K7AntiVirus Trojan ( 005a7c0f1 )
huorong None
Baidu None
VirIT None
Paloalto Generic.Ml
Symantec Trojan.Gen.Mbt
tehtris None
ESET-NOD32 A Variant Of Win64/Packed.Vmprotect.Aa Suspicious
APEX Malicious
Avast Win64:Malwarex-Gen [Trj]
Cynet Malicious (Score: 100)
Kaspersky None
BitDefender None
NANO-Antivirus None
ViRobot None
MicroWorld-eScan None
Tencent None
Sophos Mal/Generic-S
F-Secure None
DrWeb None
VIPRE None
TrendMicro None
McAfeeD Real Protect-Ls!B78a80052c26
Trapmine None
CTX Dll.Trojan.Vmprotect
Emsisoft None
Ikarus Pua.Vmprotect
FireEye Generic.Mg.B78a80052c26c584
Jiangmin None
Webroot None
Varist W64/Abapplication.Umpb-5977
Avira None
Fortinet Possiblethreat.Pallas.H
Antiy-AVL Grayware/Win32.Puwaders
Kingsoft None
Gridinsoft Trojan.Heur!.02212022
Xcitium None
Arcabit None
SUPERAntiSpyware None
ZoneAlarm None
Microsoft Hacktool:Win32/Crack!Mtb
Google Detected
AhnLab-V3 Malware/Win.Generic.R669253
Acronis None
McAfee Artemis!B78a80052c26
TACHYON None
VBA32 None
Malwarebytes Malware.Ai.1443392206
Panda None
Zoner None
TrendMicro-HouseCall None
Rising None
Yandex None
SentinelOne Static Ai - Suspicious Pe
MaxSecure Trojan.Malware.300983.Susgen
GData None
AVG Win64:Malwarex-Gen [Trj]
DeepInstinct Malicious
alibabacloud None
IRMA Signature
ESET Security (Windows) a variant of Win64/Packed.VMProtect.AA suspicious application
Avast Core Security (Linux) Win64:MalwareX-gen [Trj]
C4S ClamAV (Linux) Clean
F-Secure Antivirus (Linux) Clean
Windows Defender (Windows) HackTool:Win32/Crack!MTB
McAfee CLI scanner (Linux) Clean
Forticlient (Linux) PossibleThreat.PALLAS.H
Bitdefender Antivirus (Linux) Trojan.GenericKD.74826203
G Data Antivirus (Windows) Virus: Trojan.GenericKD.74826203 (Engine A)
Sophos Anti-Virus (Linux) Mal/Generic-S
DrWeb Antivirus (Linux) Clean
Trend Micro SProtect (Linux) Clean
ClamAV (Linux) Clean
eScan Antivirus (Linux) Trojan.GenericKD.74826203(DB)
Kaspersky Standard (Windows) Clean
Emsisoft Commandline Scanner (Windows) Trojan.GenericKD.74826203 (B)
Cuckoo

We're processing your submission... This could take a few seconds.