Try VMRay Platform
Malicious
Classifications

Injector Downloader

Threat Names

Mal/HTMLGen-A Mal/Generic-S Pikabot

Dynamic Analysis Report

Created on 2024-02-22T11:01:51+00:00

Xjgkkltfdhdfhfjg.exe

Windows Exe (x86-32)
...

Remarks (1/1)

(0x0200000E): The overall sleep time of all monitored processes was truncated from "43 seconds" to "10 seconds" to reveal dormant functionality.

Filters:
File Name Category Type Verdict Actions
C:\Users\OqXZRaykm\Desktop\Xjgkkltfdhdfhfjg.exe Sample File Binary
Malicious
...
»
MIME Type application/vnd.microsoft.portable-executable
File Size 3.25 MB
MD5 2a3a840641803b101b86e0c321b0a5fe Copy to Clipboard
SHA1 52bc3e121f44c4f9e71b43110f468886294c7fc2 Copy to Clipboard
SHA256 b025e37611168c0abcc446125a8bd7cb831625338434929febadfcc9cc4c816e Copy to Clipboard
SSDeep 49152:zCXtvRXOhEc2MgyyuTEGQp8EamZaFChW7ZaxJmLufu4I:zCxRXOhEc2MgJHTp+isL1 Copy to Clipboard
ImpHash 5e4731b579fcbf2ee2d5b665a7fef172 Copy to Clipboard
File Reputation Information
»
Verdict
Malicious
Names Mal/Generic-S
PE Information
»
Image Base 0x00400000
Entry Point 0x0049F3A2
Size Of Code 0x00143400
Size Of Initialized Data 0x001FA200
File Type IMAGE_FILE_EXECUTABLE_IMAGE
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Machine Type IMAGE_FILE_MACHINE_I386
Compile Timestamp 2019-09-25 16:37 (UTC)
Version Information (9)
»
CompanyName MAGIX Software GmbH
FileDescription VEGAS Pro 18 Edit (en-US)
FileVersion 1.3.46.38
LegalCopyright Copyright © MAGIX Software GmbH
ProductName VEGAS Pro 18 Edit (en-US)
ProductVersion 1.3.46.38
MX_Culture en-US
MX_StubConfig Release
MX_StubVersion 1.8.0.0
Sections (6)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x00401000 0x00143286 0x00143400 0x00000400 IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ 6.6
.rdata 0x00545000 0x00044928 0x00044A00 0x00143800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 4.83
.data 0x0058A000 0x00016CE0 0x0000BC00 0x00188200 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 5.01
.tls 0x005A1000 0x00000002 0x00000200 0x00193E00 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 0.0
.rsrc 0x005A2000 0x001967B0 0x00196800 0x00194000 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 6.62
.reloc 0x00739000 0x000130DC 0x00013200 0x0032A800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ 6.57
Imports (13)
»
KERNEL32.dll (203)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
LoadLibraryExW - 0x005450D0 0x001872D8 0x00185AD8 0x0000033E
GlobalDeleteAtom - 0x005450D4 0x001872DC 0x00185ADC 0x000002B5
lstrcmpA - 0x005450D8 0x001872E0 0x00185AE0 0x00000541
lstrcmpW - 0x005450DC 0x001872E4 0x00185AE4 0x00000542
GetPrivateProfileIntW - 0x005450E0 0x001872E8 0x00185AE8 0x0000023C
GetPrivateProfileStringW - 0x005450E4 0x001872EC 0x00185AEC 0x00000242
WritePrivateProfileStringW - 0x005450E8 0x001872F0 0x00185AF0 0x0000052B
GlobalAddAtomW - 0x005450EC 0x001872F4 0x00185AF4 0x000002B2
LoadLibraryA - 0x005450F0 0x001872F8 0x00185AF8 0x0000033C
EncodePointer - 0x005450F4 0x001872FC 0x00185AFC 0x000000EA
GlobalFindAtomW - 0x005450F8 0x00187300 0x00185B00 0x000002B7
GetFileSizeEx - 0x005450FC 0x00187304 0x00185B04 0x000001F1
GetFileTime - 0x00545100 0x00187308 0x00185B08 0x000001F2
SystemTimeToFileTime - 0x00545104 0x0018730C 0x00185B0C 0x000004BD
GetFullPathNameW - 0x00545108 0x00187310 0x00185B10 0x000001FB
GetVolumeInformationW - 0x0054510C 0x00187314 0x00185B14 0x000002A7
LockFile - 0x00545110 0x00187318 0x00185B18 0x00000352
UnlockFile - 0x00545114 0x0018731C 0x00185B1C 0x000004D4
DuplicateHandle - 0x00545118 0x00187320 0x00185B20 0x000000E8
GetStringTypeExW - 0x0054511C 0x00187324 0x00185B24 0x00000268
GetThreadLocale - 0x00545120 0x00187328 0x00185B28 0x0000028C
GlobalFlags - 0x00545124 0x0018732C 0x00185B2C 0x000002B9
CompareStringW - 0x00545128 0x00187330 0x00185B30 0x00000064
GetSystemDefaultUILanguage - 0x0054512C 0x00187334 0x00185B34 0x0000026E
SetErrorMode - 0x00545130 0x00187338 0x00185B38 0x00000458
GetUserDefaultLCID - 0x00545134 0x0018733C 0x00185B3C 0x0000029B
RtlUnwind - 0x00545138 0x00187340 0x00185B40 0x00000418
CreateThread - 0x0054513C 0x00187344 0x00185B44 0x000000B5
ExitThread - 0x00545140 0x00187348 0x00185B48 0x0000011A
GetCPInfo - 0x00545144 0x0018734C 0x00185B4C 0x00000172
GetSystemTimeAsFileTime - 0x00545148 0x00187350 0x00185B50 0x00000279
ExitProcess - 0x0054514C 0x00187354 0x00185B54 0x00000119
GetModuleHandleExW - 0x00545150 0x00187358 0x00185B58 0x00000217
AreFileApisANSI - 0x00545154 0x0018735C 0x00185B5C 0x00000015
IsDebuggerPresent - 0x00545158 0x00187360 0x00185B60 0x00000300
IsProcessorFeaturePresent - 0x0054515C 0x00187364 0x00185B64 0x00000304
SetStdHandle - 0x00545160 0x00187368 0x00185B68 0x00000487
GetFileType - 0x00545164 0x0018736C 0x00185B6C 0x000001F3
HeapQueryInformation - 0x00545168 0x00187370 0x00185B70 0x000002D1
GetSystemInfo - 0x0054516C 0x00187374 0x00185B74 0x00000273
VirtualProtect - 0x00545170 0x00187378 0x00185B78 0x000004EF
VirtualQuery - 0x00545174 0x0018737C 0x00185B7C 0x000004F1
GetStartupInfoW - 0x00545178 0x00187380 0x00185B80 0x00000263
GetEnvironmentStringsW - 0x0054517C 0x00187384 0x00185B84 0x000001DA
FreeEnvironmentStringsW - 0x00545180 0x00187388 0x00185B88 0x00000161
UnhandledExceptionFilter - 0x00545184 0x0018738C 0x00185B8C 0x000004D3
GetCurrentThread - 0x00545188 0x00187390 0x00185B90 0x000001C4
TerminateProcess - 0x0054518C 0x00187394 0x00185B94 0x000004C0
IsValidCodePage - 0x00545190 0x00187398 0x00185B98 0x0000030A
GetOEMCP - 0x00545194 0x0018739C 0x00185B9C 0x00000237
GetStringTypeW - 0x00545198 0x001873A0 0x00185BA0 0x00000269
GetTimeZoneInformation - 0x0054519C 0x001873A4 0x00185BA4 0x00000298
GetConsoleCP - 0x005451A0 0x001873A8 0x00185BA8 0x0000019A
GetConsoleMode - 0x005451A4 0x001873AC 0x00185BAC 0x000001AC
ReadConsoleW - 0x005451A8 0x001873B0 0x00185BB0 0x000003BE
OutputDebugStringW - 0x005451AC 0x001873B4 0x00185BB4 0x0000038A
GetDateFormatW - 0x005451B0 0x001873B8 0x00185BB8 0x000001C8
GetTimeFormatW - 0x005451B4 0x001873BC 0x00185BBC 0x00000297
LCMapStringW - 0x005451B8 0x001873C0 0x00185BC0 0x0000032D
IsValidLocale - 0x005451BC 0x001873C4 0x00185BC4 0x0000030C
EnumSystemLocalesW - 0x005451C0 0x001873C8 0x00185BC8 0x0000010F
WriteConsoleW - 0x005451C4 0x001873CC 0x00185BCC 0x00000524
SetEnvironmentVariableA - 0x005451C8 0x001873D0 0x00185BD0 0x00000456
FreeResource - 0x005451CC 0x001873D4 0x00185BD4 0x00000165
LocalReAlloc - 0x005451D0 0x001873D8 0x00185BD8 0x0000034B
LocalAlloc - 0x005451D4 0x001873DC 0x00185BDC 0x00000344
GlobalHandle - 0x005451D8 0x001873E0 0x00185BE0 0x000002BD
EnterCriticalSection - 0x005451DC 0x001873E4 0x00185BE4 0x000000EE
GlobalReAlloc - 0x005451E0 0x001873E8 0x00185BE8 0x000002C1
TlsFree - 0x005451E4 0x001873EC 0x00185BEC 0x000004C6
TlsSetValue - 0x005451E8 0x001873F0 0x00185BF0 0x000004C8
TlsGetValue - 0x005451EC 0x001873F4 0x00185BF4 0x000004C7
TlsAlloc - 0x005451F0 0x001873F8 0x00185BF8 0x000004C5
LocalFree - 0x005451F4 0x001873FC 0x00185BFC 0x00000348
GlobalFree - 0x005451F8 0x00187400 0x00185C00 0x000002BA
GlobalUnlock - 0x005451FC 0x00187404 0x00185C04 0x000002C5
GlobalLock - 0x00545200 0x00187408 0x00185C08 0x000002BE
GlobalAlloc - 0x00545204 0x0018740C 0x00185C0C 0x000002B3
OutputDebugStringA - 0x00545208 0x00187410 0x00185C10 0x00000389
GetACP - 0x0054520C 0x00187414 0x00185C14 0x00000168
MulDiv - 0x00545210 0x00187418 0x00185C18 0x00000366
GetVersion - 0x00545214 0x0018741C 0x00185C1C 0x000002A2
FindResourceExW - 0x00545218 0x00187420 0x00185C20 0x0000014D
lstrlenA - 0x0054521C 0x00187424 0x00185C24 0x0000054D
CreateProcessW - 0x00545220 0x00187428 0x00185C28 0x000000A8
GetEnvironmentVariableW - 0x00545224 0x0018742C 0x00185C2C 0x000001DC
LoadLibraryW - 0x00545228 0x00187430 0x00185C30 0x0000033F
FreeLibrary - 0x0054522C 0x00187434 0x00185C34 0x00000162
EnumResourceNamesW - 0x00545230 0x00187438 0x00185C38 0x00000102
SetFilePointerEx - 0x00545234 0x0018743C 0x00185C3C 0x00000467
FlushFileBuffers - 0x00545238 0x00187440 0x00185C40 0x00000157
ResumeThread - 0x0054523C 0x00187444 0x00185C44 0x00000413
SuspendThread - 0x00545240 0x00187448 0x00185C48 0x000004BA
GetThreadPriority - 0x00545244 0x0018744C 0x00185C4C 0x0000028E
SetThreadPriority - 0x00545248 0x00187450 0x00185C50 0x00000499
GetDriveTypeW - 0x0054524C 0x00187454 0x00185C54 0x000001D3
GetCommandLineW - 0x00545250 0x00187458 0x00185C58 0x00000187
FormatMessageW - 0x00545254 0x0018745C 0x00185C5C 0x0000015E
GetLongPathNameW - 0x00545258 0x00187460 0x00185C60 0x0000020F
InitializeCriticalSectionAndSpinCount - 0x0054525C 0x00187464 0x00185C64 0x000002E3
RaiseException - 0x00545260 0x00187468 0x00185C68 0x000003B1
GetProcessHeap - 0x00545264 0x0018746C 0x00185C6C 0x0000024A
LCMapStringA - 0x00545268 0x00187470 0x00185C70 0x0000032B
GetStringTypeExA - 0x0054526C 0x00187474 0x00185C74 0x00000267
FormatMessageA - 0x00545270 0x00187478 0x00185C78 0x0000015D
WaitForSingleObjectEx - 0x00545274 0x0018747C 0x00185C7C 0x000004FA
CreateEventA - 0x00545278 0x00187480 0x00185C80 0x00000082
CreateSemaphoreA - 0x0054527C 0x00187484 0x00185C84 0x000000AB
WaitForMultipleObjectsEx - 0x00545280 0x00187488 0x00185C88 0x000004F8
OpenEventA - 0x00545284 0x0018748C 0x00185C8C 0x00000374
SetWaitableTimer - 0x00545288 0x00187490 0x00185C90 0x000004AC
CreateWaitableTimerA - 0x0054528C 0x00187494 0x00185C94 0x000000BF
CreateTimerQueue - 0x00545290 0x00187498 0x00185C98 0x000000BC
SignalObjectAndWait - 0x00545294 0x0018749C 0x00185C9C 0x000004B0
SwitchToThread - 0x00545298 0x001874A0 0x00185CA0 0x000004BC
GetLogicalProcessorInformation - 0x0054529C 0x001874A4 0x00185CA4 0x0000020A
CreateTimerQueueTimer - 0x005452A0 0x001874A8 0x00185CA8 0x000000BD
ChangeTimerQueueTimer - 0x005452A4 0x001874AC 0x00185CAC 0x00000048
DeleteTimerQueueTimer - 0x005452A8 0x001874B0 0x00185CB0 0x000000DA
GetNumaHighestNodeNumber - 0x005452AC 0x001874B4 0x00185CB4 0x00000229
GetProcessAffinityMask - 0x005452B0 0x001874B8 0x00185CB8 0x00000246
SetThreadAffinityMask - 0x005452B4 0x001874BC 0x00185CBC 0x00000490
RegisterWaitForSingleObject - 0x005452B8 0x001874C0 0x00185CC0 0x000003F5
UnregisterWait - 0x005452BC 0x001874C4 0x00185CC4 0x000004DA
GetThreadTimes - 0x005452C0 0x001874C8 0x00185CC8 0x00000291
FreeLibraryAndExitThread - 0x005452C4 0x001874CC 0x00185CCC 0x00000163
InitializeSListHead - 0x005452C8 0x001874D0 0x00185CD0 0x000002E7
InterlockedPopEntrySList - 0x005452CC 0x001874D4 0x00185CD4 0x000002F0
HeapSize - 0x005452D0 0x001874D8 0x00185CD8 0x000002D4
HeapFree - 0x005452D4 0x001874DC 0x00185CDC 0x000002CF
HeapReAlloc - 0x005452D8 0x001874E0 0x00185CE0 0x000002D2
HeapAlloc - 0x005452DC 0x001874E4 0x00185CE4 0x000002CB
DecodePointer - 0x005452E0 0x001874E8 0x00185CE8 0x000000CA
Sleep - 0x005452E4 0x001874EC 0x00185CEC 0x000004B2
GetExitCodeProcess - 0x005452E8 0x001874F0 0x00185CF0 0x000001DF
GetDiskFreeSpaceExW - 0x005452EC 0x001874F4 0x00185CF4 0x000001CE
MapViewOfFileEx - 0x005452F0 0x001874F8 0x00185CF8 0x00000358
GetFileAttributesExW - 0x005452F4 0x001874FC 0x00185CFC 0x000001E7
GetFileAttributesW - 0x005452F8 0x00187500 0x00185D00 0x000001EA
GetModuleFileNameW - 0x005452FC 0x00187504 0x00185D04 0x00000214
CreateFileMappingW - 0x00545300 0x00187508 0x00185D08 0x0000008C
UnmapViewOfFile - 0x00545304 0x0018750C 0x00185D0C 0x000004D6
GetCurrentProcess - 0x00545308 0x00187510 0x00185D10 0x000001C0
GetUserDefaultLangID - 0x0054530C 0x00187514 0x00185D14 0x0000029C
GetUserDefaultUILanguage - 0x00545310 0x00187518 0x00185D18 0x0000029E
GetLocaleInfoW - 0x00545314 0x0018751C 0x00185D1C 0x00000206
FindResourceW - 0x00545318 0x00187520 0x00185D20 0x0000014E
SizeofResource - 0x0054531C 0x00187524 0x00185D24 0x000004B1
LoadResource - 0x00545320 0x00187528 0x00185D28 0x00000341
LockResource - 0x00545324 0x0018752C 0x00185D2C 0x00000354
WaitForMultipleObjects - 0x00545328 0x00187530 0x00185D30 0x000004F7
GetStdHandle - 0x0054532C 0x00187534 0x00185D34 0x00000264
GetFileInformationByHandle - 0x00545330 0x00187538 0x00185D38 0x000001EC
InterlockedPushEntrySList - 0x00545334 0x0018753C 0x00185D3C 0x000002F1
InterlockedFlushSList - 0x00545338 0x00187540 0x00185D40 0x000002EE
QueryDepthSList - 0x0054533C 0x00187544 0x00185D44 0x0000039E
UnregisterWaitEx - 0x00545340 0x00187548 0x00185D48 0x000004DB
SetFilePointer - 0x00545344 0x0018754C 0x00185D4C 0x00000466
SetEndOfFile - 0x00545348 0x00187550 0x00185D50 0x00000453
ReadFile - 0x0054534C 0x00187554 0x00185D54 0x000003C0
WriteFile - 0x00545350 0x00187558 0x00185D58 0x00000525
GetFileSize - 0x00545354 0x0018755C 0x00185D5C 0x000001F0
FindNextFileW - 0x00545358 0x00187560 0x00185D60 0x00000145
FindFirstFileW - 0x0054535C 0x00187564 0x00185D64 0x00000139
GetModuleHandleA - 0x00545360 0x00187568 0x00185D68 0x00000215
GetLogicalDriveStringsW - 0x00545364 0x0018756C 0x00185D6C 0x00000208
FindClose - 0x00545368 0x00187570 0x00185D70 0x0000012E
MoveFileW - 0x0054536C 0x00187574 0x00185D74 0x00000363
DeleteFileW - 0x00545370 0x00187578 0x00185D78 0x000000D6
SetFileAttributesW - 0x00545374 0x0018757C 0x00185D7C 0x00000461
CreateFileW - 0x00545378 0x00187580 0x00185D80 0x0000008F
RemoveDirectoryW - 0x0054537C 0x00187584 0x00185D84 0x00000403
CreateDirectoryW - 0x00545380 0x00187588 0x00185D88 0x00000081
GetCurrentDirectoryW - 0x00545384 0x0018758C 0x00185D8C 0x000001BF
GetTempPathW - 0x00545388 0x00187590 0x00185D90 0x00000285
GetSystemDirectoryW - 0x0054538C 0x00187594 0x00185D94 0x00000270
GetModuleHandleW - 0x00545390 0x00187598 0x00185D98 0x00000218
SetFileTime - 0x00545394 0x0018759C 0x00185D9C 0x0000046A
SetLastError - 0x00545398 0x001875A0 0x00185DA0 0x00000473
GetProcAddress - 0x0054539C 0x001875A4 0x00185DA4 0x00000245
FileTimeToLocalFileTime - 0x005453A0 0x001875A8 0x00185DA8 0x00000124
CreateSemaphoreW - 0x005453A4 0x001875AC 0x00185DAC 0x000000AE
CreateEventW - 0x005453A8 0x001875B0 0x00185DB0 0x00000085
CloseHandle - 0x005453AC 0x001875B4 0x00185DB4 0x00000052
WaitForSingleObject - 0x005453B0 0x001875B8 0x00185DB8 0x000004F9
ReleaseSemaphore - 0x005453B4 0x001875BC 0x00185DBC 0x000003FE
ResetEvent - 0x005453B8 0x001875C0 0x00185DC0 0x0000040F
SetEvent - 0x005453BC 0x001875C4 0x00185DC4 0x00000459
InitializeCriticalSection - 0x005453C0 0x001875C8 0x00185DC8 0x000002E2
GetLastError - 0x005453C4 0x001875CC 0x00185DCC 0x00000202
GetVersionExW - 0x005453C8 0x001875D0 0x00185DD0 0x000002A4
VirtualFree - 0x005453CC 0x001875D4 0x00185DD4 0x000004EC
VirtualAlloc - 0x005453D0 0x001875D8 0x00185DD8 0x000004E9
FileTimeToSystemTime - 0x005453D4 0x001875DC 0x00185DDC 0x00000125
WideCharToMultiByte - 0x005453D8 0x001875E0 0x00185DE0 0x00000511
MultiByteToWideChar - 0x005453DC 0x001875E4 0x00185DE4 0x00000367
QueryPerformanceCounter - 0x005453E0 0x001875E8 0x00185DE8 0x000003A7
GetTickCount - 0x005453E4 0x001875EC 0x00185DEC 0x00000293
GetCurrentThreadId - 0x005453E8 0x001875F0 0x00185DF0 0x000001C5
GetCurrentProcessId - 0x005453EC 0x001875F4 0x00185DF4 0x000001C1
DeleteCriticalSection - 0x005453F0 0x001875F8 0x00185DF8 0x000000D1
LeaveCriticalSection - 0x005453F4 0x001875FC 0x00185DFC 0x00000339
SetUnhandledExceptionFilter - 0x005453F8 0x00187600 0x00185E00 0x000004A5
USER32.dll (147)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
IntersectRect - 0x00545488 0x00187690 0x00185E90 0x000001BD
GetSysColorBrush - 0x0054548C 0x00187694 0x00185E94 0x0000017C
DestroyMenu - 0x00545490 0x00187698 0x00185E98 0x000000A4
SetWindowTextW - 0x00545494 0x0018769C 0x00185E9C 0x000002CB
MoveWindow - 0x00545498 0x001876A0 0x00185EA0 0x0000021B
ShowWindow - 0x0054549C 0x001876A4 0x00185EA4 0x000002DF
GetMonitorInfoW - 0x005454A0 0x001876A8 0x00185EA8 0x0000015F
MonitorFromWindow - 0x005454A4 0x001876AC 0x00185EAC 0x0000021A
WinHelpW - 0x005454A8 0x001876B0 0x00185EB0 0x00000329
GetClassLongW - 0x005454AC 0x001876B4 0x00185EB4 0x00000110
SetWindowLongW - 0x005454B0 0x001876B8 0x00185EB8 0x000002C4
EqualRect - 0x005454B4 0x001876BC 0x00185EBC 0x000000F3
AdjustWindowRectEx - 0x005454B8 0x001876C0 0x00185EC0 0x00000003
RemovePropW - 0x005454BC 0x001876C4 0x00185EC4 0x00000269
GetPropW - 0x005454C0 0x001876C8 0x00185EC8 0x0000016B
SetPropW - 0x005454C4 0x001876CC 0x00185ECC 0x000002AD
SetForegroundWindow - 0x005454C8 0x001876D0 0x00185ED0 0x00000293
UpdateWindow - 0x005454CC 0x001876D4 0x00185ED4 0x00000311
SetMenu - 0x005454D0 0x001876D8 0x00185ED8 0x0000029C
GetMenu - 0x005454D4 0x001876DC 0x00185EDC 0x0000014B
GetCapture - 0x005454D8 0x001876E0 0x00185EE0 0x00000108
GetDlgCtrlID - 0x005454DC 0x001876E4 0x00185EE4 0x00000126
GetClassInfoExW - 0x005454E0 0x001876E8 0x00185EE8 0x0000010D
GetClassInfoW - 0x005454E4 0x001876EC 0x00185EEC 0x0000010E
CallWindowProcW - 0x005454E8 0x001876F0 0x00185EF0 0x0000001E
DefWindowProcW - 0x005454EC 0x001876F4 0x00185EF4 0x0000009C
GetMessageTime - 0x005454F0 0x001876F8 0x00185EF8 0x0000015C
RealChildWindowFromPoint - 0x005454F4 0x001876FC 0x00185EFC 0x00000243
GetWindowTextLengthW - 0x005454F8 0x00187700 0x00185F00 0x000001A2
SetFocus - 0x005454FC 0x00187704 0x00185F04 0x00000292
IsDialogMessageW - 0x00545500 0x00187708 0x00185F08 0x000001CD
GetTopWindow - 0x00545504 0x0018770C 0x00185F0C 0x00000185
MessageBeep - 0x00545508 0x00187710 0x00185F10 0x0000020D
IsChild - 0x0054550C 0x00187714 0x00185F14 0x000001C9
SetWindowContextHelpId - 0x00545510 0x00187718 0x00185F18 0x000002C1
WindowFromPoint - 0x00545514 0x0018771C 0x00185F1C 0x0000032C
GetLastActivePopup - 0x00545518 0x00187720 0x00185F20 0x00000144
MessageBoxW - 0x0054551C 0x00187724 0x00185F24 0x00000215
PostQuitMessage - 0x00545520 0x00187728 0x00185F28 0x00000237
LoadStringA - 0x00545524 0x0018772C 0x00185F2C 0x000001F9
CallNextHookEx - 0x00545528 0x00187730 0x00185F30 0x0000001C
SetWindowsHookExW - 0x0054552C 0x00187734 0x00185F34 0x000002CF
ValidateRect - 0x00545530 0x00187738 0x00185F38 0x0000031C
DispatchMessageW - 0x00545534 0x0018773C 0x00185F3C 0x000000AF
TranslateMessage - 0x00545538 0x00187740 0x00185F40 0x000002FC
GetMessageW - 0x0054553C 0x00187744 0x00185F44 0x0000015D
GetDesktopWindow - 0x00545540 0x00187748 0x00185F48 0x00000123
SetActiveWindow - 0x00545544 0x0018774C 0x00185F4C 0x0000027F
IsWindowEnabled - 0x00545548 0x00187750 0x00185F50 0x000001DC
GetActiveWindow - 0x0054554C 0x00187754 0x00185F54 0x00000100
GetNextDlgTabItem - 0x00545550 0x00187758 0x00185F58 0x00000162
EndDialog - 0x00545554 0x0018775C 0x00185F5C 0x000000DA
CreateDialogIndirectParamW - 0x00545558 0x00187760 0x00185F60 0x00000061
DestroyWindow - 0x0054555C 0x00187764 0x00185F64 0x000000A6
LoadBitmapW - 0x00545560 0x00187768 0x00185F68 0x000001E7
SetMenuItemInfoW - 0x00545564 0x0018776C 0x00185F6C 0x000002A2
GetMenuCheckMarkDimensions - 0x00545568 0x00187770 0x00185F70 0x0000014D
SetMenuItemBitmaps - 0x0054556C 0x00187774 0x00185F74 0x000002A0
EnableMenuItem - 0x00545570 0x00187778 0x00185F78 0x000000D6
CheckMenuItem - 0x00545574 0x0018777C 0x00185F7C 0x0000003F
ClientToScreen - 0x00545578 0x00187780 0x00185F80 0x00000047
EndPaint - 0x0054557C 0x00187784 0x00185F84 0x000000DC
BeginPaint - 0x00545580 0x00187788 0x00185F88 0x0000000E
GetWindowDC - 0x00545584 0x0018778C 0x00185F8C 0x00000192
CharNextW - 0x00545588 0x00187790 0x00185F90 0x00000031
OffsetRect - 0x0054558C 0x00187794 0x00185F94 0x00000225
SetCapture - 0x00545590 0x00187798 0x00185F98 0x00000280
ReleaseCapture - 0x00545594 0x0018779C 0x00185F9C 0x00000264
CopyAcceleratorTableW - 0x00545598 0x001877A0 0x00185FA0 0x00000052
InvalidateRgn - 0x0054559C 0x001877A4 0x00185FA4 0x000001BF
SetRect - 0x005455A0 0x001877A8 0x00185FA8 0x000002AE
RegisterClipboardFormatW - 0x005455A4 0x001877AC 0x00185FAC 0x00000250
PostThreadMessageW - 0x005455A8 0x001877B0 0x00185FB0 0x00000239
TabbedTextOutW - 0x005455AC 0x001877B4 0x00185FB4 0x000002EE
GrayStringW - 0x005455B0 0x001877B8 0x00185FB8 0x000001A8
DrawTextExW - 0x005455B4 0x001877BC 0x00185FBC 0x000000CF
DrawTextW - 0x005455B8 0x001877C0 0x00185FC0 0x000000D0
UnhookWindowsHookEx - 0x005455BC 0x001877C4 0x00185FC4 0x00000300
GetMessagePos - 0x005455C0 0x001877C8 0x00185FC8 0x0000015B
GetMenuItemCount - 0x005455C4 0x001877CC 0x00185FCC 0x00000151
GetMenuItemID - 0x005455C8 0x001877D0 0x00185FD0 0x00000152
GetSubMenu - 0x005455CC 0x001877D4 0x00185FD4 0x0000017A
SendDlgItemMessageA - 0x005455D0 0x001877D8 0x00185FD8 0x00000272
PtInRect - 0x005455D4 0x001877DC 0x00185FDC 0x00000240
IsRectEmpty - 0x005455D8 0x001877E0 0x00185FE0 0x000001D4
DrawFrameControl - 0x005455DC 0x001877E4 0x00185FE4 0x000000C6
ShowCaret - 0x005455E0 0x001877E8 0x00185FE8 0x000002D9
HideCaret - 0x005455E4 0x001877EC 0x00185FEC 0x000001A9
GetCursorPos - 0x005455E8 0x001877F0 0x00185FF0 0x00000120
SetCursor - 0x005455EC 0x001877F4 0x00185FF4 0x00000288
GetWindow - 0x005455F0 0x001877F8 0x00185FF8 0x0000018E
GetParent - 0x005455F4 0x001877FC 0x00185FFC 0x00000164
GetWindowLongW - 0x005455F8 0x00187800 0x00186000 0x00000196
MapWindowPoints - 0x005455FC 0x00187804 0x00186004 0x00000209
GetWindowTextW - 0x00545600 0x00187808 0x00186008 0x000001A3
GetForegroundWindow - 0x00545604 0x0018780C 0x0018600C 0x0000012D
FlashWindowEx - 0x00545608 0x00187810 0x00186010 0x000000FC
CreateWindowExW - 0x0054560C 0x00187814 0x00186014 0x0000006E
FillRect - 0x00545610 0x00187818 0x00186018 0x000000F6
GetSysColor - 0x00545614 0x0018781C 0x0018601C 0x0000017B
SystemParametersInfoW - 0x00545618 0x00187820 0x00186020 0x000002EC
InvalidateRect - 0x0054561C 0x00187824 0x00186024 0x000001BE
DeleteMenu - 0x00545620 0x00187828 0x00186028 0x0000009E
GetSystemMenu - 0x00545624 0x0018782C 0x0018602C 0x0000017D
KillTimer - 0x00545628 0x00187830 0x00186030 0x000001E3
SetTimer - 0x0054562C 0x00187834 0x00186034 0x000002BB
GetKeyState - 0x00545630 0x00187838 0x00186038 0x0000013D
SetDlgItemTextW - 0x00545634 0x0018783C 0x0018603C 0x00000290
InflateRect - 0x00545638 0x00187840 0x00186040 0x000001B5
CopyRect - 0x0054563C 0x00187844 0x00186044 0x00000055
RedrawWindow - 0x00545640 0x00187848 0x00186048 0x0000024A
GetFocus - 0x00545644 0x0018784C 0x0018604C 0x0000012C
TrackMouseEvent - 0x00545648 0x00187850 0x00186050 0x000002F5
ScreenToClient - 0x0054564C 0x00187854 0x00186054 0x0000026D
GetClientRect - 0x00545650 0x00187858 0x00186058 0x00000114
GetDlgItem - 0x00545654 0x0018785C 0x0018605C 0x00000127
EndDeferWindowPos - 0x00545658 0x00187860 0x00186060 0x000000D9
DeferWindowPos - 0x0054565C 0x00187864 0x00186064 0x0000009D
BeginDeferWindowPos - 0x00545660 0x00187868 0x00186068 0x0000000D
SetWindowPos - 0x00545664 0x0018786C 0x0018606C 0x000002C6
IsWindow - 0x00545668 0x00187870 0x00186070 0x000001DB
AllowSetForegroundWindow - 0x0054566C 0x00187874 0x00186074 0x00000006
GetWindowThreadProcessId - 0x00545670 0x00187878 0x00186078 0x000001A4
GetClassNameW - 0x00545674 0x0018787C 0x0018607C 0x00000112
MsgWaitForMultipleObjects - 0x00545678 0x00187880 0x00186080 0x0000021C
PeekMessageW - 0x0054567C 0x00187884 0x00186084 0x00000233
IsWindowVisible - 0x00545680 0x00187888 0x00186088 0x000001E0
UnregisterClassW - 0x00545684 0x0018788C 0x0018608C 0x00000306
MapDialogRect - 0x00545688 0x00187890 0x00186090 0x00000204
LoadIconW - 0x0054568C 0x00187894 0x00186094 0x000001ED
LoadCursorW - 0x00545690 0x00187898 0x00186098 0x000001EB
GetWindowRect - 0x00545694 0x0018789C 0x0018609C 0x0000019C
ReleaseDC - 0x00545698 0x001878A0 0x001860A0 0x00000265
GetDC - 0x0054569C 0x001878A4 0x001860A4 0x00000121
DefDlgProcW - 0x005456A0 0x001878A8 0x001860A8 0x00000095
RegisterClassW - 0x005456A4 0x001878AC 0x001860AC 0x0000024E
ReplyMessage - 0x005456A8 0x001878B0 0x001860B0 0x0000026A
RegisterWindowMessageW - 0x005456AC 0x001878B4 0x001860B4 0x00000263
LoadImageW - 0x005456B0 0x001878B8 0x001860B8 0x000001EF
GetSystemMetrics - 0x005456B4 0x001878BC 0x001860BC 0x0000017E
PostMessageW - 0x005456B8 0x001878C0 0x001860C0 0x00000236
SendMessageW - 0x005456BC 0x001878C4 0x001860C4 0x0000027C
EnableWindow - 0x005456C0 0x001878C8 0x001860C8 0x000000D8
DestroyIcon - 0x005456C4 0x001878CC 0x001860CC 0x000000A3
CharUpperW - 0x005456C8 0x001878D0 0x001860D0 0x0000003C
GetNextDlgGroupItem - 0x005456CC 0x001878D4 0x001860D4 0x00000161
LoadStringW - 0x005456D0 0x001878D8 0x001860D8 0x000001FA
GDI32.dll (35)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
SetWindowExtEx - 0x00545040 0x00187248 0x00185A48 0x000002AC
ScaleViewportExtEx - 0x00545044 0x0018724C 0x00185A4C 0x00000271
ScaleWindowExtEx - 0x00545048 0x00187250 0x00185A50 0x00000272
CreateRectRgnIndirect - 0x0054504C 0x00187254 0x00185A54 0x00000050
GetMapMode - 0x00545050 0x00187258 0x00185A58 0x000001F0
GetBkColor - 0x00545054 0x0018725C 0x00185A5C 0x000001A9
SetViewportExtEx - 0x00545058 0x00187260 0x00185A60 0x000002A8
GetRgnBox - 0x0054505C 0x00187264 0x00185A64 0x0000020C
SetMapMode - 0x00545060 0x00187268 0x00185A68 0x00000294
ExtTextOutW - 0x00545064 0x0018726C 0x00185A6C 0x00000138
TextOutW - 0x00545068 0x00187270 0x00185A70 0x000002B9
SetTextColor - 0x0054506C 0x00187274 0x00185A74 0x000002A6
GetTextColor - 0x00545070 0x00187278 0x00185A78 0x00000218
SetBkColor - 0x00545074 0x0018727C 0x00185A7C 0x0000027E
ExtSelectClipRgn - 0x00545078 0x00187280 0x00185A80 0x00000136
SaveDC - 0x0054507C 0x00187284 0x00185A84 0x00000270
RestoreDC - 0x00545080 0x00187288 0x00185A88 0x00000269
RectVisible - 0x00545084 0x0018728C 0x00185A8C 0x0000025E
PtVisible - 0x00545088 0x00187290 0x00185A90 0x0000025A
GetWindowExtEx - 0x0054508C 0x00187294 0x00185A94 0x0000022B
GetViewportExtEx - 0x00545090 0x00187298 0x00185A98 0x00000228
GetStockObject - 0x00545094 0x0018729C 0x00185A9C 0x0000020D
GetClipBox - 0x00545098 0x001872A0 0x00185AA0 0x000001C0
ExcludeClipRect - 0x0054509C 0x001872A4 0x00185AA4 0x00000131
Escape - 0x005450A0 0x001872A8 0x00185AA8 0x0000012E
DeleteDC - 0x005450A4 0x001872AC 0x00185AAC 0x000000E3
CreateBitmap - 0x005450A8 0x001872B0 0x00185AB0 0x00000029
OffsetViewportOrgEx - 0x005450AC 0x001872B4 0x00185AB4 0x0000023E
SetViewportOrgEx - 0x005450B0 0x001872B8 0x00185AB8 0x000002A9
DeleteObject - 0x005450B4 0x001872BC 0x00185ABC 0x000000E6
CreateFontIndirectW - 0x005450B8 0x001872C0 0x00185AC0 0x00000040
GetDeviceCaps - 0x005450BC 0x001872C4 0x00185AC4 0x000001CB
GetObjectW - 0x005450C0 0x001872C8 0x00185AC8 0x000001FD
SelectObject - 0x005450C4 0x001872CC 0x00185ACC 0x00000277
CreateSolidBrush - 0x005450C8 0x001872D0 0x00185AD0 0x00000054
WINSPOOL.DRV (3)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
OpenPrinterW - 0x005456D8 0x001878E0 0x001860E0 0x00000090
DocumentPropertiesW - 0x005456DC 0x001878E4 0x001860E4 0x0000004E
ClosePrinter - 0x005456E0 0x001878E8 0x001860E8 0x0000001D
ADVAPI32.dll (10)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
RegDeleteValueW - 0x00545000 0x00187208 0x00185A08 0x00000248
RegEnumValueW - 0x00545004 0x0018720C 0x00185A0C 0x00000252
RegQueryValueW - 0x00545008 0x00187210 0x00185A10 0x0000026F
RegEnumKeyW - 0x0054500C 0x00187214 0x00185A14 0x00000250
RegSetValueExW - 0x00545010 0x00187218 0x00185A18 0x0000027E
RegDeleteKeyW - 0x00545014 0x0018721C 0x00185A1C 0x00000244
RegCreateKeyExW - 0x00545018 0x00187220 0x00185A20 0x00000239
RegQueryValueExW - 0x0054501C 0x00187224 0x00185A24 0x0000026E
RegOpenKeyExW - 0x00545020 0x00187228 0x00185A28 0x00000261
RegCloseKey - 0x00545024 0x0018722C 0x00185A2C 0x00000230
SHELL32.dll (9)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
SHOpenFolderAndSelectItems - 0x00545440 0x00187648 0x00185E48 0x000000F3
SHParseDisplayName - 0x00545444 0x0018764C 0x00185E4C 0x000000F6
SHGetSpecialFolderPathW - 0x00545448 0x00187650 0x00185E50 0x000000E1
SHCreateItemFromParsingName - 0x0054544C 0x00187654 0x00185E54 0x00000090
ShellExecuteExW - 0x00545450 0x00187658 0x00185E58 0x00000121
SHGetPathFromIDListW - 0x00545454 0x0018765C 0x00185E5C 0x000000D7
SHBrowseForFolderW - 0x00545458 0x00187660 0x00185E60 0x0000007B
None 0x000000A5 0x0054545C 0x00187664 0x00185E64 -
ShellExecuteW - 0x00545460 0x00187668 0x00185E68 0x00000122
COMCTL32.dll (4)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
None 0x0000019D 0x0054502C 0x00187234 0x00185A34 -
None 0x0000019A 0x00545030 0x00187238 0x00185A38 -
InitCommonControlsEx - 0x00545034 0x0018723C 0x00185A3C 0x0000007B
None 0x0000019C 0x00545038 0x00187240 0x00185A40 -
SHLWAPI.dll (7)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
UrlCreateFromPathW - 0x00545468 0x00187670 0x00185E70 0x0000015A
PathCreateFromUrlAlloc - 0x0054546C 0x00187674 0x00185E74 0x00000042
UrlIsW - 0x00545470 0x00187678 0x00185E78 0x00000169
PathFindExtensionW - 0x00545474 0x0018767C 0x00185E7C 0x00000047
PathFindFileNameW - 0x00545478 0x00187680 0x00185E80 0x00000049
PathIsUNCW - 0x0054547C 0x00187684 0x00185E84 0x00000071
PathStripToRootW - 0x00545480 0x00187688 0x00185E88 0x00000097
ole32.dll (20)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
CreateILockBytesOnHGlobal - 0x0054570C 0x00187914 0x00186114 0x00000080
CoFreeUnusedLibraries - 0x00545710 0x00187918 0x00186118 0x0000001D
StgCreateDocfileOnILockBytes - 0x00545714 0x0018791C 0x0018611C 0x00000168
CoGetClassObject - 0x00545718 0x00187920 0x00186120 0x00000026
CLSIDFromProgID - 0x0054571C 0x00187924 0x00186124 0x00000006
CLSIDFromString - 0x00545720 0x00187928 0x00186128 0x00000008
CoCreateGuid - 0x00545724 0x0018792C 0x0018612C 0x0000000F
CoTaskMemAlloc - 0x00545728 0x00187930 0x00186130 0x00000067
StringFromCLSID - 0x0054572C 0x00187934 0x00186134 0x00000178
CoTaskMemFree - 0x00545730 0x00187938 0x00186138 0x00000068
CoCreateInstance - 0x00545734 0x0018793C 0x0018613C 0x00000010
CoUninitialize - 0x00545738 0x00187940 0x00186140 0x0000006C
CoInitialize - 0x0054573C 0x00187944 0x00186144 0x0000003E
StgOpenStorageOnILockBytes - 0x00545740 0x00187948 0x00186148 0x00000175
OleInitialize - 0x00545744 0x0018794C 0x0018614C 0x00000132
OleUninitialize - 0x00545748 0x00187950 0x00186150 0x00000149
CoRevokeClassObject - 0x0054574C 0x00187954 0x00186154 0x0000005F
OleFlushClipboard - 0x00545750 0x00187958 0x00186158 0x0000012D
OleIsCurrentClipboard - 0x00545754 0x0018795C 0x0018615C 0x00000134
CoRegisterMessageFilter - 0x00545758 0x00187960 0x00186160 0x00000056
OLEAUT32.dll (12)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
OleCreateFontIndirect 0x000001A4 0x0054540C 0x00187614 0x00185E14 -
SysFreeString 0x00000006 0x00545410 0x00187618 0x00185E18 -
SysAllocString 0x00000002 0x00545414 0x0018761C 0x00185E1C -
SysAllocStringLen 0x00000004 0x00545418 0x00187620 0x00185E20 -
VariantClear 0x00000009 0x0054541C 0x00187624 0x00185E24 -
VariantCopy 0x0000000A 0x00545420 0x00187628 0x00185E28 -
VariantInit 0x00000008 0x00545424 0x0018762C 0x00185E2C -
VariantChangeType 0x0000000C 0x00545428 0x00187630 0x00185E30 -
SysStringLen 0x00000007 0x0054542C 0x00187634 0x00185E34 -
SystemTimeToVariantTime 0x000000B8 0x00545430 0x00187638 0x00185E38 -
VariantTimeToSystemTime 0x000000B9 0x00545434 0x0018763C 0x00185E3C -
SafeArrayDestroy 0x00000010 0x00545438 0x00187640 0x00185E40 -
oledlg.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
OleUIBusyW - 0x00545760 0x00187968 0x00186168 0x00000003
msi.dll (8)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
None 0x00000076 0x005456E8 0x001878F0 0x001860F0 -
None 0x00000030 0x005456EC 0x001878F4 0x001860F4 -
None 0x0000005C 0x005456F0 0x001878F8 0x001860F8 -
None 0x000000AB 0x005456F4 0x001878FC 0x001860FC -
None 0x000000A0 0x005456F8 0x00187900 0x00186100 -
None 0x0000009F 0x005456FC 0x00187904 0x00186104 -
None 0x00000008 0x00545700 0x00187908 0x00186108 -
None 0x00000020 0x00545704 0x0018790C 0x0018610C -
OLEACC.dll (2)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
CreateStdAccessibleObject - 0x00545400 0x00187608 0x00185E08 0x00000004
LresultFromObject - 0x00545404 0x0018760C 0x00185E0C 0x00000014
Digital Signature Information
»
Verification Status Valid
Certificate: A.P.Hernandez Consulting s.r.o.
»
Issued by A.P.Hernandez Consulting s.r.o.
Parent Certificate SSL.com EV Code Signing Intermediate CA RSA R3
Country Name SK
Valid From 2024-01-25 16:51 (UTC)
Valid Until 2025-01-24 16:51 (UTC)
Algorithm sha256_rsa
Serial Number 29 41 D5 F8 75 85 01 F9 DB C4 BA 15 80 58 C3 B5
Thumbprint AE 7A D3 DF 41 DE F3 E3 16 9F FA 94 B2 E8 54 D4 EF DC EC 35
Certificate: SSL.com EV Code Signing Intermediate CA RSA R3
»
Issued by SSL.com EV Code Signing Intermediate CA RSA R3
Parent Certificate SSL.com EV Root Certification Authority RSA R2
Country Name US
Valid From 2019-03-26 17:44 (UTC)
Valid Until 2034-03-22 17:44 (UTC)
Algorithm sha256_rsa
Serial Number 42 4B 6A 53 CE C7 66 14 1C 2A 63 B1 A5 1C 41 04
Thumbprint D2 95 3D BA 95 08 6F EB 58 05 BE FC 41 28 3C A6 4C 39 7D F5
Certificate: SSL.com EV Root Certification Authority RSA R2
»
Issued by SSL.com EV Root Certification Authority RSA R2
Country Name US
Valid From 2017-05-31 18:14 (UTC)
Valid Until 2042-05-30 18:14 (UTC)
Algorithm sha256_rsa
Serial Number 56 B6 29 CD 34 BC 78 F6
Thumbprint 74 3A F0 52 9B D0 32 A0 F4 4A 83 CD D4 BA A9 7B 7C 2E C4 9A
Memory Dumps (60)
»
Name Process ID Start VA End VA Dump Reason PE Rebuild Bitness Entry Point YARA Actions
xjgkkltfdhdfhfjg.exe 1 0x00400000 0x0074CFFF Relevant Image False 32-bit 0x004A8AB4 False
...
buffer 1 0x02490000 0x024C3FFF First Execution False 32-bit 0x024A5474 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A0450 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A45CC False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02495EB8 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02491079 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249D394 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A2234 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249E6E4 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A137C False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A22F6 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249DE62 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A3ED0 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A4B08 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249E6E4 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A232F False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A3ED0 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A4B08 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249E6E4 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02491022 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249F614 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249A19C False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02495FC1 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A52AC False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A16E0 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A02F0 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249BD40 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249BD9C False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249FA5C False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024915BA False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249A19C False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02493330 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02494000 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02493000 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02498168 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249C828 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A0578 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A4978 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A28F8 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A3A64 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249EF74 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A5000 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249F078 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249B545 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02496A92 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02498430 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A0578 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A4978 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A28F8 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249C828 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A1180 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A3374 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x024A5000 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249EF74 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x02499000 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249D000 False
...
buffer 1 0x02490000 0x024C3FFF Content Changed False 32-bit 0x0249108D False
...
buffer 1 0x009B9020 0x00AB901F Image In Buffer False 32-bit - False
...
buffer 1 0x02410000 0x02440FFF Image In Buffer False 32-bit - False
...
xjgkkltfdhdfhfjg.exe 1 0x00400000 0x0074CFFF Process Termination False 32-bit - False
...
dd770c0d8301a5bf7408d98be823da7ec0ee7a30793b6f3e43a3f7f66bb779c3 Downloaded File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 7.46 KB
MD5 ca6acfcfa5089a63edc7eb36a9bac499 Copy to Clipboard
SHA1 2596307978997fa744e017d34047fef6944e5e08 Copy to Clipboard
SHA256 dd770c0d8301a5bf7408d98be823da7ec0ee7a30793b6f3e43a3f7f66bb779c3 Copy to Clipboard
SSDeep 192:lIfqWpzaBSnTnQg5FYsKk8SAVOYE/z+t2EdhXogJwW6hljl8:RozaQnTJFYfVVlEqTdhXogD6Pl8 Copy to Clipboard
ImpHash -
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e Downloaded File HTML
Clean
...
»
MIME Type text/html
File Size 552 Bytes
MD5 eac0a6a53d4a4353aace122055b4b4c8 Copy to Clipboard
SHA1 b400d2a40c870dd448eed9b418297c3038b9d023 Copy to Clipboard
SHA256 5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e Copy to Clipboard
SSDeep 12:TD11VI48lI5r8INGlTF5TF5TF5TF5TF5TFK:bGDTPTPTPTPTPTc Copy to Clipboard
ImpHash -
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    

     Exit-Icon
    

    

     

      WHOIS Domain Information
     

     

      

       
        Domain Name
       
       
       
      

      

       
        WHOIS Response
       
       
        

       		
      

     

    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image