VMRay Analyzer Report
| Sample files count | 1 |
| Created files count | 2 |
| Modified files count | 0 |
| File Properties | |
|---|---|
| Names | 9c0ce809c87b54cbd8aa589a2644a74f7f656462.malware.exe (Sample File) c:\users\wi2yhmti onvscy7pe\appdata\roaming\wtrrifwf\dafgfvjv.exe (Created File) |
| Size | 211.00 KB (216064 bytes) |
| Hash Values | MD5: 5babf25f698870abea3f10393a1abf31 SHA1: 9c0ce809c87b54cbd8aa589a2644a74f7f656462 SHA256: e6d5efed898e2e51a2782bb959b23e2ab3d9dd53bd4ff7f56019901f6fa93a76 |
| Actions | 
|
| File Properties | |
|---|---|
| Image Base | 0x400000 |
| Entry Point | 0x40a797 |
| Size Of Code | 0x1ba00 |
| Size Of Initialized Data | 0x18e00 |
| Size Of Uninitialized Data | 0x0 |
| Format | x86 |
| Type | Executable |
| Subsystem | IMAGE_SUBSYSTEM_WINDOWS_GUI |
| Machine Type | IMAGE_FILE_MACHINE_I386 |
| Compile Timestamp | 2016-09-01 20:12:16 |
| Compiler/Packer | Unknown |
| Name | Virtual Address | Virtual Size | Raw Data Size | Raw Data Offset | Flags | Entropy |
|---|---|---|---|---|---|---|
| .text | 0x401000 | 0x1b96d | 0x1ba00 | 0x400 | CNT_CODE, MEM_EXECUTE, MEM_READ | 6.66 |
| .rdata | 0x41d000 | 0x8e60 | 0x9000 | 0x1be00 | CNT_INITIALIZED_DATA, MEM_READ | 6.24 |
| .data | 0x426000 | 0x8b50 | 0x6e00 | 0x24e00 | CNT_INITIALIZED_DATA, MEM_READ, MEM_WRITE | 7.05 |
| .tls | 0x42f000 | 0x9 | 0x200 | 0x2bc00 | CNT_INITIALIZED_DATA, MEM_READ, MEM_WRITE | 0.0 |
| .rsrc | 0x430000 | 0x62a8 | 0x6400 | 0x2be00 | CNT_INITIALIZED_DATA, MEM_READ | 4.56 |
| .reloc | 0x437000 | 0x1a28f2 | 0x2a00 | 0x32200 | CNT_INITIALIZED_DATA, MEM_DISCARDABLE, MEM_READ | 4.98 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| GetModuleFileNameA | 0x0 | 0x41d0e8 | 0x24bb8 | 0x239b8 |
| ExitProcess | 0x0 | 0x41d0ec | 0x24bbc | 0x239bc |
| SetFilePointer | 0x0 | 0x41d0f0 | 0x24bc0 | 0x239c0 |
| FlushFileBuffers | 0x0 | 0x41d0f4 | 0x24bc4 | 0x239c4 |
| GetConsoleMode | 0x0 | 0x41d0f8 | 0x24bc8 | 0x239c8 |
| GetConsoleCP | 0x0 | 0x41d0fc | 0x24bcc | 0x239cc |
| WriteFile | 0x0 | 0x41d100 | 0x24bd0 | 0x239d0 |
| GetFileType | 0x0 | 0x41d104 | 0x24bd4 | 0x239d4 |
| SetHandleCount | 0x0 | 0x41d108 | 0x24bd8 | 0x239d8 |
| HeapReAlloc | 0x0 | 0x41d10c | 0x24bdc | 0x239dc |
| VirtualAlloc | 0x0 | 0x41d110 | 0x24be0 | 0x239e0 |
| VirtualFree | 0x0 | 0x41d114 | 0x24be4 | 0x239e4 |
| HeapCreate | 0x0 | 0x41d118 | 0x24be8 | 0x239e8 |
| GetCurrentThreadId | 0x0 | 0x41d11c | 0x24bec | 0x239ec |
| SetLastError | 0x0 | 0x41d120 | 0x24bf0 | 0x239f0 |
| TlsFree | 0x0 | 0x41d124 | 0x24bf4 | 0x239f4 |
| TlsSetValue | 0x0 | 0x41d128 | 0x24bf8 | 0x239f8 |
| QueryPerformanceCounter | 0x0 | 0x41d12c | 0x24bfc | 0x239fc |
| GetTickCount | 0x0 | 0x41d130 | 0x24c00 | 0x23a00 |
| GetCurrentProcessId | 0x0 | 0x41d134 | 0x24c04 | 0x23a04 |
| GetSystemTimeAsFileTime | 0x0 | 0x41d138 | 0x24c08 | 0x23a08 |
| GetStringTypeA | 0x0 | 0x41d13c | 0x24c0c | 0x23a0c |
| GetStringTypeW | 0x0 | 0x41d140 | 0x24c10 | 0x23a10 |
| HeapSize | 0x0 | 0x41d144 | 0x24c14 | 0x23a14 |
| GetUserDefaultLCID | 0x0 | 0x41d148 | 0x24c18 | 0x23a18 |
| IsValidLocale | 0x0 | 0x41d14c | 0x24c1c | 0x23a1c |
| InitializeCriticalSectionAndSpinCount | 0x0 | 0x41d150 | 0x24c20 | 0x23a20 |
| WriteConsoleA | 0x0 | 0x41d154 | 0x24c24 | 0x23a24 |
| GetConsoleOutputCP | 0x0 | 0x41d158 | 0x24c28 | 0x23a28 |
| WriteConsoleW | 0x0 | 0x41d15c | 0x24c2c | 0x23a2c |
| SetStdHandle | 0x0 | 0x41d160 | 0x24c30 | 0x23a30 |
| GetLocaleInfoW | 0x0 | 0x41d164 | 0x24c34 | 0x23a34 |
| CreateEventA | 0x0 | 0x41d168 | 0x24c38 | 0x23a38 |
| CreateIoCompletionPort | 0x0 | 0x41d16c | 0x24c3c | 0x23a3c |
| PostQueuedCompletionStatus | 0x0 | 0x41d170 | 0x24c40 | 0x23a40 |
| SetConsoleCtrlHandler | 0x0 | 0x41d174 | 0x24c44 | 0x23a44 |
| GetLastError | 0x0 | 0x41d178 | 0x24c48 | 0x23a48 |
| FreeEnvironmentStringsA | 0x0 | 0x41d17c | 0x24c4c | 0x23a4c |
| GlobalFree | 0x0 | 0x41d180 | 0x24c50 | 0x23a50 |
| DeviceIoControl | 0x0 | 0x41d184 | 0x24c54 | 0x23a54 |
| FreeEnvironmentStringsW | 0x0 | 0x41d188 | 0x24c58 | 0x23a58 |
| GetConsoleScreenBufferInfo | 0x0 | 0x41d18c | 0x24c5c | 0x23a5c |
| FillConsoleOutputCharacterA | 0x0 | 0x41d190 | 0x24c60 | 0x23a60 |
| FillConsoleOutputAttribute | 0x0 | 0x41d194 | 0x24c64 | 0x23a64 |
| SetConsoleCursorPosition | 0x0 | 0x41d198 | 0x24c68 | 0x23a68 |
| LoadLibraryW | 0x0 | 0x41d19c | 0x24c6c | 0x23a6c |
| GetProcAddress | 0x0 | 0x41d1a0 | 0x24c70 | 0x23a70 |
| HeapAlloc | 0x0 | 0x41d1a4 | 0x24c74 | 0x23a74 |
| FreeLibrary | 0x0 | 0x41d1a8 | 0x24c78 | 0x23a78 |
| GetVersion | 0x0 | 0x41d1ac | 0x24c7c | 0x23a7c |
| GetProcessHeap | 0x0 | 0x41d1b0 | 0x24c80 | 0x23a80 |
| HeapFree | 0x0 | 0x41d1b4 | 0x24c84 | 0x23a84 |
| LocalAlloc | 0x0 | 0x41d1b8 | 0x24c88 | 0x23a88 |
| GetLocaleInfoA | 0x0 | 0x41d1bc | 0x24c8c | 0x23a8c |
| EnumSystemLocalesA | 0x0 | 0x41d1c0 | 0x24c90 | 0x23a90 |
| CreateFileA | 0x0 | 0x41d1c4 | 0x24c94 | 0x23a94 |
| GetFileSize | 0x0 | 0x41d1c8 | 0x24c98 | 0x23a98 |
| GlobalAlloc | 0x0 | 0x41d1cc | 0x24c9c | 0x23a9c |
| TlsAlloc | 0x0 | 0x41d1d0 | 0x24ca0 | 0x23aa0 |
| TlsGetValue | 0x0 | 0x41d1d4 | 0x24ca4 | 0x23aa4 |
| GetModuleHandleW | 0x0 | 0x41d1d8 | 0x24ca8 | 0x23aa8 |
| IsValidCodePage | 0x0 | 0x41d1dc | 0x24cac | 0x23aac |
| GetOEMCP | 0x0 | 0x41d1e0 | 0x24cb0 | 0x23ab0 |
| GetACP | 0x0 | 0x41d1e4 | 0x24cb4 | 0x23ab4 |
| GetCPInfo | 0x0 | 0x41d1e8 | 0x24cb8 | 0x23ab8 |
| LCMapStringW | 0x0 | 0x41d1ec | 0x24cbc | 0x23abc |
| WideCharToMultiByte | 0x0 | 0x41d1f0 | 0x24cc0 | 0x23ac0 |
| LCMapStringA | 0x0 | 0x41d1f4 | 0x24cc4 | 0x23ac4 |
| GetStartupInfoA | 0x0 | 0x41d1f8 | 0x24cc8 | 0x23ac8 |
| GetCommandLineA | 0x0 | 0x41d1fc | 0x24ccc | 0x23acc |
| RtlUnwind | 0x0 | 0x41d200 | 0x24cd0 | 0x23ad0 |
| RaiseException | 0x0 | 0x41d204 | 0x24cd4 | 0x23ad4 |
| IsDebuggerPresent | 0x0 | 0x41d208 | 0x24cd8 | 0x23ad8 |
| SetUnhandledExceptionFilter | 0x0 | 0x41d20c | 0x24cdc | 0x23adc |
| UnhandledExceptionFilter | 0x0 | 0x41d210 | 0x24ce0 | 0x23ae0 |
| GetCurrentProcess | 0x0 | 0x41d214 | 0x24ce4 | 0x23ae4 |
| TerminateProcess | 0x0 | 0x41d218 | 0x24ce8 | 0x23ae8 |
| LeaveCriticalSection | 0x0 | 0x41d21c | 0x24cec | 0x23aec |
| GlobalLock | 0x0 | 0x41d220 | 0x24cf0 | 0x23af0 |
| ReadFile | 0x0 | 0x41d224 | 0x24cf4 | 0x23af4 |
| GlobalUnlock | 0x0 | 0x41d228 | 0x24cf8 | 0x23af8 |
| EnterCriticalSection | 0x0 | 0x41d22c | 0x24cfc | 0x23afc |
| DeleteCriticalSection | 0x0 | 0x41d230 | 0x24d00 | 0x23b00 |
| InitializeCriticalSection | 0x0 | 0x41d234 | 0x24d04 | 0x23b04 |
| LocalFree | 0x0 | 0x41d238 | 0x24d08 | 0x23b08 |
| GetEnvironmentStrings | 0x0 | 0x41d23c | 0x24d0c | 0x23b0c |
| CloseHandle | 0x0 | 0x41d240 | 0x24d10 | 0x23b10 |
| MultiByteToWideChar | 0x0 | 0x41d244 | 0x24d14 | 0x23b14 |
| Sleep | 0x0 | 0x41d248 | 0x24d18 | 0x23b18 |
| InterlockedDecrement | 0x0 | 0x41d24c | 0x24d1c | 0x23b1c |
| InterlockedIncrement | 0x0 | 0x41d250 | 0x24d20 | 0x23b20 |
| GetStdHandle | 0x0 | 0x41d254 | 0x24d24 | 0x23b24 |
| GetEnvironmentStringsW | 0x0 | 0x41d258 | 0x24d28 | 0x23b28 |
| GetModuleHandleA | 0x0 | 0x41d25c | 0x24d2c | 0x23b2c |
| LoadLibraryA | 0x0 | 0x41d260 | 0x24d30 | 0x23b30 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| FillRect | 0x0 | 0x41d2d0 | 0x24da0 | 0x23ba0 |
| DefWindowProcA | 0x0 | 0x41d2d4 | 0x24da4 | 0x23ba4 |
| ReleaseDC | 0x0 | 0x41d2d8 | 0x24da8 | 0x23ba8 |
| GetDC | 0x0 | 0x41d2dc | 0x24dac | 0x23bac |
| GetDesktopWindow | 0x0 | 0x41d2e0 | 0x24db0 | 0x23bb0 |
| GetWindowLongA | 0x0 | 0x41d2e4 | 0x24db4 | 0x23bb4 |
| IsWindowVisible | 0x0 | 0x41d2e8 | 0x24db8 | 0x23bb8 |
| GetForegroundWindow | 0x0 | 0x41d2ec | 0x24dbc | 0x23bbc |
| EndDialog | 0x0 | 0x41d2f0 | 0x24dc0 | 0x23bc0 |
| GetDlgItem | 0x0 | 0x41d2f4 | 0x24dc4 | 0x23bc4 |
| GetWindowDC | 0x0 | 0x41d2f8 | 0x24dc8 | 0x23bc8 |
| SetWindowPlacement | 0x0 | 0x41d2fc | 0x24dcc | 0x23bcc |
| GetWindowPlacement | 0x0 | 0x41d300 | 0x24dd0 | 0x23bd0 |
| ShowWindow | 0x0 | 0x41d304 | 0x24dd4 | 0x23bd4 |
| CreateWindowExA | 0x0 | 0x41d308 | 0x24dd8 | 0x23bd8 |
| LoadStringA | 0x0 | 0x41d30c | 0x24ddc | 0x23bdc |
| RegisterClassA | 0x0 | 0x41d310 | 0x24de0 | 0x23be0 |
| LoadCursorA | 0x0 | 0x41d314 | 0x24de4 | 0x23be4 |
| LoadIconA | 0x0 | 0x41d318 | 0x24de8 | 0x23be8 |
| GetMenuBarInfo | 0x0 | 0x41d31c | 0x24dec | 0x23bec |
| GetMenu | 0x0 | 0x41d320 | 0x24df0 | 0x23bf0 |
| CheckMenuItem | 0x0 | 0x41d324 | 0x24df4 | 0x23bf4 |
| InvalidateRect | 0x0 | 0x41d328 | 0x24df8 | 0x23bf8 |
| IsWindowEnabled | 0x0 | 0x41d32c | 0x24dfc | 0x23bfc |
| MessageBoxW | 0x0 | 0x41d330 | 0x24e00 | 0x23c00 |
| BeginPaint | 0x0 | 0x41d334 | 0x24e04 | 0x23c04 |
| EndPaint | 0x0 | 0x41d338 | 0x24e08 | 0x23c08 |
| DestroyWindow | 0x0 | 0x41d33c | 0x24e0c | 0x23c0c |
| FrameRect | 0x0 | 0x41d340 | 0x24e10 | 0x23c10 |
| GetWindowRect | 0x0 | 0x41d344 | 0x24e14 | 0x23c14 |
| MapWindowPoints | 0x0 | 0x41d348 | 0x24e18 | 0x23c18 |
| IsDlgButtonChecked | 0x0 | 0x41d34c | 0x24e1c | 0x23c1c |
| GetDlgItemTextA | 0x0 | 0x41d350 | 0x24e20 | 0x23c20 |
| FindWindowA | 0x0 | 0x41d354 | 0x24e24 | 0x23c24 |
| SetWindowTextA | 0x0 | 0x41d358 | 0x24e28 | 0x23c28 |
| MessageBoxA | 0x0 | 0x41d35c | 0x24e2c | 0x23c2c |
| GetClientRect | 0x0 | 0x41d360 | 0x24e30 | 0x23c30 |
| GetFocus | 0x0 | 0x41d364 | 0x24e34 | 0x23c34 |
| SendMessageA | 0x0 | 0x41d368 | 0x24e38 | 0x23c38 |
| OffsetRect | 0x0 | 0x41d36c | 0x24e3c | 0x23c3c |
| DestroyIcon | 0x0 | 0x41d370 | 0x24e40 | 0x23c40 |
| DrawTextA | 0x0 | 0x41d374 | 0x24e44 | 0x23c44 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| Pie | 0x0 | 0x41d064 | 0x24b34 | 0x23934 |
| GetDeviceCaps | 0x0 | 0x41d068 | 0x24b38 | 0x23938 |
| SetBkColor | 0x0 | 0x41d06c | 0x24b3c | 0x2393c |
| Rectangle | 0x0 | 0x41d070 | 0x24b40 | 0x23940 |
| CreateSolidBrush | 0x0 | 0x41d074 | 0x24b44 | 0x23944 |
| SelectObject | 0x0 | 0x41d078 | 0x24b48 | 0x23948 |
| DeleteObject | 0x0 | 0x41d07c | 0x24b4c | 0x2394c |
| CreateHatchBrush | 0x0 | 0x41d080 | 0x24b50 | 0x23950 |
| SetBkMode | 0x0 | 0x41d084 | 0x24b54 | 0x23954 |
| GetStockObject | 0x0 | 0x41d088 | 0x24b58 | 0x23958 |
| SelectClipRgn | 0x0 | 0x41d08c | 0x24b5c | 0x2395c |
| FrameRgn | 0x0 | 0x41d090 | 0x24b60 | 0x23960 |
| OffsetRgn | 0x0 | 0x41d094 | 0x24b64 | 0x23964 |
| CreateCompatibleBitmap | 0x0 | 0x41d098 | 0x24b68 | 0x23968 |
| CreatePen | 0x0 | 0x41d09c | 0x24b6c | 0x2396c |
| MoveToEx | 0x0 | 0x41d0a0 | 0x24b70 | 0x23970 |
| LineTo | 0x0 | 0x41d0a4 | 0x24b74 | 0x23974 |
| BitBlt | 0x0 | 0x41d0a8 | 0x24b78 | 0x23978 |
| ExtTextOutA | 0x0 | 0x41d0ac | 0x24b7c | 0x2397c |
| DeleteDC | 0x0 | 0x41d0b0 | 0x24b80 | 0x23980 |
| SetMapMode | 0x0 | 0x41d0b4 | 0x24b84 | 0x23984 |
| SetWindowExtEx | 0x0 | 0x41d0b8 | 0x24b88 | 0x23988 |
| SetViewportExtEx | 0x0 | 0x41d0bc | 0x24b8c | 0x2398c |
| RestoreDC | 0x0 | 0x41d0c0 | 0x24b90 | 0x23990 |
| SaveDC | 0x0 | 0x41d0c4 | 0x24b94 | 0x23994 |
| CreateCompatibleDC | 0x0 | 0x41d0c8 | 0x24b98 | 0x23998 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| GetOpenFileNameA | 0x0 | 0x41d05c | 0x24b2c | 0x2392c |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| CryptHashData | 0x0 | 0x41d000 | 0x24ad0 | 0x238d0 |
| CryptImportKey | 0x0 | 0x41d004 | 0x24ad4 | 0x238d4 |
| CryptSignHashA | 0x0 | 0x41d008 | 0x24ad8 | 0x238d8 |
| CryptExportKey | 0x0 | 0x41d00c | 0x24adc | 0x238dc |
| CryptGetUserKey | 0x0 | 0x41d010 | 0x24ae0 | 0x238e0 |
| CryptReleaseContext | 0x0 | 0x41d014 | 0x24ae4 | 0x238e4 |
| CryptDestroyKey | 0x0 | 0x41d018 | 0x24ae8 | 0x238e8 |
| RegOpenKeyExA | 0x0 | 0x41d01c | 0x24aec | 0x238ec |
| RegQueryValueExA | 0x0 | 0x41d020 | 0x24af0 | 0x238f0 |
| RegCloseKey | 0x0 | 0x41d024 | 0x24af4 | 0x238f4 |
| CryptAcquireContextA | 0x0 | 0x41d028 | 0x24af8 | 0x238f8 |
| CryptCreateHash | 0x0 | 0x41d02c | 0x24afc | 0x238fc |
| CryptDestroyHash | 0x0 | 0x41d030 | 0x24b00 | 0x23900 |
| CryptDeriveKey | 0x0 | 0x41d034 | 0x24b04 | 0x23904 |
| CryptSetHashParam | 0x0 | 0x41d038 | 0x24b08 | 0x23908 |
| CryptGetHashParam | 0x0 | 0x41d03c | 0x24b0c | 0x2390c |
| CryptVerifySignatureA | 0x0 | 0x41d040 | 0x24b10 | 0x23910 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| SHGetFileInfoA | 0x0 | 0x41d2c0 | 0x24d90 | 0x23b90 |
| SHGetMalloc | 0x0 | 0x41d2c4 | 0x24d94 | 0x23b94 |
| SHGetSpecialFolderLocation | 0x0 | 0x41d2c8 | 0x24d98 | 0x23b98 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| CoInitialize | 0x0 | 0x41d3b4 | 0x24e84 | 0x23c84 |
| CreateStreamOnHGlobal | 0x0 | 0x41d3b8 | 0x24e88 | 0x23c88 |
| OleDraw | 0x0 | 0x41d3bc | 0x24e8c | 0x23c8c |
| StringFromGUID2 | 0x0 | 0x41d3c0 | 0x24e90 | 0x23c90 |
| StringFromCLSID | 0x0 | 0x41d3c4 | 0x24e94 | 0x23c94 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| OleLoadPicture | 0x1a2 | 0x41d268 | 0x24d38 | 0x23b38 |
| OleLoadPicturePath | 0x1a8 | 0x41d26c | 0x24d3c | 0x23b3c |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| WSAStartup | 0x73 | 0x41d37c | 0x24e4c | 0x23c4c |
| htons | 0x9 | 0x41d380 | 0x24e50 | 0x23c50 |
| bind | 0x2 | 0x41d384 | 0x24e54 | 0x23c54 |
| recvfrom | 0x11 | 0x41d388 | 0x24e58 | 0x23c58 |
| listen | 0xd | 0x41d38c | 0x24e5c | 0x23c5c |
| closesocket | 0x3 | 0x41d390 | 0x24e60 | 0x23c60 |
| ioctlsocket | 0xa | 0x41d394 | 0x24e64 | 0x23c64 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| AVIStreamOpenFromFileA | 0x0 | 0x41d048 | 0x24b18 | 0x23918 |
| AVIStreamGetFrame | 0x0 | 0x41d04c | 0x24b1c | 0x2391c |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| SCardIntroduceReaderW | 0x0 | 0x41d39c | 0x24e6c | 0x23c6c |
| SCardIsValidContext | 0x0 | 0x41d3a0 | 0x24e70 | 0x23c70 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| GetInterfaceInfo | 0x0 | 0x41d0e0 | 0x24bb0 | 0x239b0 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| ImageList_ReplaceIcon | 0x0 | 0x41d054 | 0x24b24 | 0x23924 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| glBegin | 0x0 | 0x41d274 | 0x24d44 | 0x23b44 |
| glTexSubImage2D | 0x0 | 0x41d278 | 0x24d48 | 0x23b48 |
| glTexCoord2f | 0x0 | 0x41d27c | 0x24d4c | 0x23b4c |
| glRotatef | 0x0 | 0x41d280 | 0x24d50 | 0x23b50 |
| glEnable | 0x0 | 0x41d284 | 0x24d54 | 0x23b54 |
| glHint | 0x0 | 0x41d288 | 0x24d58 | 0x23b58 |
| glVertex3f | 0x0 | 0x41d28c | 0x24d5c | 0x23b5c |
| glTranslatef | 0x0 | 0x41d290 | 0x24d60 | 0x23b60 |
| glLoadIdentity | 0x0 | 0x41d294 | 0x24d64 | 0x23b64 |
| glEnd | 0x0 | 0x41d298 | 0x24d68 | 0x23b68 |
| glMatrixMode | 0x0 | 0x41d29c | 0x24d6c | 0x23b6c |
| glClear | 0x0 | 0x41d2a0 | 0x24d70 | 0x23b70 |
| glClearColor | 0x0 | 0x41d2a4 | 0x24d74 | 0x23b74 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| gluOrtho2D | 0x0 | 0x41d0d0 | 0x24ba0 | 0x239a0 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| ImmGetGuideLineA | 0x0 | 0x41d0d8 | 0x24ba8 | 0x239a8 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| SetupDiEnumDeviceInterfaces | 0x0 | 0x41d2ac | 0x24d7c | 0x23b7c |
| SetupDiDestroyDeviceInfoList | 0x0 | 0x41d2b0 | 0x24d80 | 0x23b80 |
| SetupDiGetDeviceInterfaceDetailA | 0x0 | 0x41d2b4 | 0x24d84 | 0x23b84 |
| SetupDiGetClassDevsA | 0x0 | 0x41d2b8 | 0x24d88 | 0x23b88 |
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset |
|---|---|---|---|---|
| WlanOpenHandle | 0x0 | 0x41d3a8 | 0x24e78 | 0x23c78 |
| WlanEnumInterfaces | 0x0 | 0x41d3ac | 0x24e7c | 0x23c7c |
| File Properties | |
|---|---|
| Names | c:\users\wi2yhmti onvscy7pe\appdata\roaming\wtrrifwf\dafgfvjv.exe (Created File) |
| Size | 0.00 KB (0 bytes) |
| Hash Values | MD5: d41d8cd98f00b204e9800998ecf8427e SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
This feature requires an online-connection to the VMRay backend.
An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefox
with deactivated setting "security.fileuri.strict_origin_policy".
