Cuckoo Sandbox

PE Compile Time

2024-12-08 17:23:22

PE Imphash

2eabe9054cad5152567f0699947a2c5b

Sections

Name	Virtual Address	Virtual Size	Size of Raw Data	Entropy
\x00	0x00001000	0x00052000	0x00024200	7.97817479577
.rsrc	0x00053000	0x000002b0	0x00000400	5.18683272489
.idata	0x00054000	0x00001000	0x00000200	1.11947181056
	0x00055000	0x002b6000	0x00000200	0.260771276048
kymuzjnt	0x0030b000	0x001aa000	0x001a9200	7.95340455353
zjyqsyrw	0x004b5000	0x00001000	0x00000400	5.79244201624
.taggant	0x004b6000	0x00003000	0x00002200	0.789214960398

Resources

Name	Offset	Size	Language	Sub-language	File type
RT_MANIFEST	0x00053058	0x00000256	LANG_NEUTRAL	SUBLANG_NEUTRAL	ASCII text, with CRLF line terminators

Imports

Library kernel32.dll:

• 0x45403b lstrcpy

!This program cannot be run in DOS mode.$
.idata  
        
kymuzjnt
zjyqsyrw
.taggant
L73zw"0f
I8(kDEn
Qz0tA0
oeJ-Zd
GYj<n_ns
{n^;c"
tvx?Apnpya0=:
pZloT+
lM4q2h
dSfxB>
X[xP6"
DHze!L!Z)]
{K`Xvc
d)K7Z{
ltO^,GQ
?|ycb0
pjD!%Fs
!{*]0,Z
rH78`e
]K&&aH
3BWuv>
E*z,qav
.)`ZS 
.*~=L
]l[lxh
tMV,A4[
&aP|I]
)48M9i
?AN<YJ
Sti@Ji
xPv`*8w
RfUOl[
#$0kf:B
8c(.;|
:_MIL)
a?'sL
|xao\?qn
>jJ0~P
Ay(!+!n
1Wn*o
f`$kRDa
rrX*vr%
S)GCs@n
ze}s9s|
(AJwLqb
1=ri2(
1.tQk+
)e0V:F
,KB)T;-
t'P"b\
@m-&=$?
WDM64m
%Ff&pZ
5smb$6
\yC4[F
22h&Z+m
Rv^ Ti
LJP/q\(
{V=c]/
mP:EKp
/'.*xy
?"YZ~x
PL4/S,
SZFr,oS
}'}_G
yB&mT;
26,+;fc
JlcN|e
9B<Fa+=
{1-GE[+H
o%>ZLo
as{lr|
z]-Vj+
\Gk.kkX
;clqlW:l
6!V}T7}
{a$r{Z
fkiu}z3
'l$Pj++
xY92R[
/Sc^&u9
zg{pIE
T+vD;vtE9
mGv*?#X
f.qHF!
%K6fwCs
)h,H'W
v$y$GP
:tOqE`14
(Dci)-t
n$c38(
\Hgk.o9
~J^nPQJP1
i?|Kv1"Dh
m`lm`0
\uXHc4+
`Fvc<S
!3t+@KXpk
OKIA'b
l}d))Z
9ovME.
s{m_)p
jE8vAQ
Vd]#')
z1^hYK&)v
[s]~CH*
GBE+>{
s}Umf+
<h~leO
OX]!px
wS-K{:X
P!i.]$[
)<pzt]U
*uY{L0
iumwLD
fT-~{U
P{[HGeL
EBO9$!
JWZRLf
~4&gIF
^1\P65
FT9Z-&I
uCl%lH
!p_$ap
z7eBOhE
Nyh2U]_Z7
+gL'a(u"
^QNQn$P
T'%"M>N
yIqr9E^
uNW8{L
EcT6k|
ESv&X1W
7W%=Sr
^VgG$$
$kcURJf
gdFHe?
y1aWBH
Z~b%5-d#Mx
=5Y[[s
VZ4?$y
+-mVl1[
Ih@luk
PU_NyK2
J]i! iY
S[eEJO
yG7$fE
LDS0e-AV
Hs0!#X
uI'J^ik
M*T+cW
*3kag3
\%m7ez
j\uIi21Q
8l7a4f
Syti5g
VR@/]#
/o\t\W
<u!~9?
PDyydY
MxI?!3
{yn}b/J
ph+YoZ
iN1{ P
`,Q`($
Qya_b[
xUJ;6
) &O/)
j\X-1YT
zKy\lc
hx<8QK^T6R
O+0y:B
uQ~wzG
=nX!uOE/
{%Jk6Jj
.R5gI:
<y<eJ$
8)U6YB
vc@Sa*
-a!ygl
3Vn"_:szn
h9lc%{
]$1;a%Ut
J3>'q7s?
t\7H~E
:;dI~Pp+
CBX?BG
R7ONg|
2$l;%U
K<wf@e,
2<TB=.
aze9,;
avq909
]BI!<cK
E=%zEU%rEM$,
FxZ!kS"
V9DVH;
Q$#D;!v
hMe8g5c
%ElNjI
#Gc+_k,
OC-dBf'O&
zXlu[J
k4$u{f
zYHR6 
a%U2UY
E+:11eN
KH9]ZO
QfgFm
Q(6"aY%>E
vqdLHb
p*f)L\
 h7plQ<
2Fj%[B=d
;$e`\W
oa9%Rc
YYr5!-
R_-q5C
QQ9kzM
[0A<M.
m/gp
0=8fk8
DaLqlo
A_3xgA
,g <D:
k]s\Di]*
Y,ifn5
T@Tf'>~"
hI:(8|
-~0"|;-
VQL1Ix
WvsKo;N3
2IZ$[`<
oR7#oA
uh4&"Qb
g:diEK*
E-4#mZP*
76Z|cO;H
k5"Bv&
<VkB~l
gopUo;`
WS,g&&j
2me]#Lf
no!fz8
P[>o$RO
'rGY>#<
ouj=aOXmJm
]~$4]]
ufZ{0D
03&;cl~
\f<lQv
D\<[],
fqda;]r
F-+5On
V-|2AdB
HVO6}C
T^JRV
P\?.Fh
]!rRj$
2|MXHn]c\
qG([xW
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.VC90.CRT" version="9.0.21022.8" processorArchitecture="x86" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING
lstrcpy
SHEmptyRecycleBinW
kernel32.dll
SHELL32.dll
Ev,OTv
FLh9L`
-9:4z^
JJHr**
"-d*>\
o\ds`c
otd=O9
AAbp`|
h|PHf&
[X;qdHa
^$y ,H
Rq}X=%
uH<^Jt
+aujIY
@Dl<;f&
`[uZ*@ 
o.?|!<Ci
^m4$/d
( Tf:(7x^
siP,.1p
HCv0rU?A
bXt}s-
-@u*7S1`,
)u])Zx
d.[uoIh`
aDy.D4"
xV6iu+J
]^@_),
(yg^ew
+p0v((i_
za\pQu
JKTA`\
_wc6P@<
\`]h4gj
Uq<_=}
 b\NT\x
O`2BY~
\y]HHm
]VAnmP
YhG7";bJ
L$%7TVY
y {n0^EL
?2"|Rl
)xDyFJ?
o3h#$)4
@d&1Q7A
`MTYUqQ
w -9u*
J@-<uH
Q"f%4>
ST[v[d
kO!5Cj
".wOhI
B %FM"
%: GK
r\D@!i
I_)a|NtL62
:)q;%A
*TA18d
tH:$Nyq:
Pw9c5:
Zk_RT'
+{[!!G
]_^0[ZYX
b5eyhE
ut#Mf?
Cb+9YA
>_'32N
/+7nfz
%qLb-$
oI)qvQ
A&Kq)^8#%
eN<)?6
D;^e\s'
GK3K[v
f+W(%BP
k G`5>
 ei1g
P-U@Rj
bt>l"y
tSGk~7$yY
6*[m')
iD!0+0
R_nMX:
j(?3K7
kBDeT/
(zf+>%
q*aW'MN
t%QiMn>4X
gcl?['
f/1>xyC
 >2*6v
HtnZ\O
DzdT+%w
{Q1q/.)
(y2MPo<
Ik2QAD
-Y;K)7h
H!Ixwk
U:cFX'
;TZLJ^
 KgmhB1
rYD&y/
^K-LrT
Z/)~E 
NL\iXX
5T;EL1
y-U|)P)
&}{9qW
OiUfuK1
T;R_Sy
Ivo?B()
Q-",T&
!{z)R0
~r1&3b
R6j"32Q
(YtI\ab
)8!6op
853&-
W1r)/e
$r(v-'
6&X*3.
2'\jg!
aU>)d,
r@:!2N1
a5$?,w
3%uN@O
`z-48b
A'!1q~#
v#k|ud
.N[&!;
5(Nh_-
vidq')
Sn!7+1l
F;"y-W
*q_[OQ
jKep,G
:&_|FR
28$qvIWBi`
">TL1j
aCeR.xQ
N )tT0-
>TD.1W
Rb"]qD
7:~6P)
)bmwF*
-f%iZ1
DX1R5dLx
_TjP3;J%
2aT65f
m2X.1
pzX<^1
ZX$}V'
$y/1a!
'"W~)-
.~+[ZH
8B'|DVi
-rLe)K
"FJ).-%bd
R%WQ/H
/+#>7+
K`)aXw
`EJf%R5
%Sq<I2
t$@VWh
*oIU3M
/u:ywvv
hRBwz|
0)lh]Xh
/.J`\U
%F9%[Y[
A-*mvLz(
"1v#>-
#/b>1G5;
hgI1/K
&JX6)$d
|PSz!8
:/UEQ!
:g^sb+
d%E(-D0g
B\YRIJ=}
@_[iZL
rZtOf
J1319:
,}T@[Z&
WY"IWF
7T{jAK
~eRW0+
m]%b=^
Wy|JN*%
V=Z\[Q
' ae=?
[Y mJ:
ZvNv`N
5!f)7>
-L>)%m/q*
+092z9
JBw\2Z)[
(IUBXW|
c~RZf$
_rA5vn
Uh@_V~]
XnD&=a/
qFIWF/'
_(5?d_
?)O?e
PKE609
VvkT+e(g7
<q'%trp
z:)./s
M(g4'a:
N$0>(O
o?X@CB
+O22u)
2MU~OeE
1kvf'~U
r$n3>!
]^-e54*
2}J@2o
Zwb u^
-ySKV}e
!%}3mOF
>M(Nt0
-le6?!
61JtQZ
k+4f(%1
Vsx+Q
7Z"5'1
fz-@eG
y#rN\%)>
_^][ZY
(l-P`(
L QN5?
/%|$b19
)|h"O)jo3k
"d9%-@e
JItSRw
[X-|)y
B(%i'!
GJG<?'
%ULdk)(
-]>Z]x
a R0$
\^h>_;
t_L,!V
Ff,-t#
`*82+Z>
"#51f4r
ep-f;k
![z)^fi
) ?))8*
$1g;,=
I}9N1:
-O!,3'N
t1ZB^}et
U2=wE-'i
\:/Eq'
p/J'_T
z9wX;)
ge/p<y
k)N!po
+22&RP+1
WJA:-y|
qIUl3'!
E<$sc+
eu`VQh
]Q I}[
%Ul?*W
&8d\ZY
_)qUqYo
+p^4;
%SY/y`
%!18c l
ze%X<w
Q-IXz-
'e %wL
JWYa@ 
%ue|%B
2,[r%y
[Jv-yk
BJ~_R0
Z-|EX-
;6%+[V
|fR))^
ddk39FG
 fnb^9
b+8Bwv
%|I-{]?
-z5M*
/^-Y7b%(
3b!0D&
Z%5a1
 ?)8,/K
zuG;/u
'u:?Wq!E
=h^v~<
\3_3D1k
L`"I*J&
TVk+,[O
^?qZ=t
0HN,rg
U)Gq8I
o)Na3/
|vRT6>Y
Bc]p2\
j<,Z1(
QWqDkD
#H:L`[7X
-)H_1t
UQgI0D_
k^uMrr8
8F%Xfe$!
ek~O=K
_ 4[(V
wv%Zvp
v6%22"
MPo(d)
/{v@7b;l[G
X(DCQK
38_nxZ
_vsRHS)
A<19:I
f9>~?i
|r`B)L\
wQ4I}F
5CPfjvb
^)RwxF
K,?!K1
si"T%%:
8O)|qOo
>#J3O5
"uVmlF,
TR[b$Wp
>X,C"L
%yv:Ms(
<1ip$S
h}:0]H
xK7r71U
I#7/91
%t@i]d
9{Zp)x
gyU2gl
'UE$$F-
R|)-Q(
mJ/-T.S
`]f!R-kD[
Sa2-IU,eNv
Y KZ&K
6?L\Ik
&+SZjq
&q%EW(
?"E)U`
ky2I_[
suQ0lyJ
bz-U^Uif
:s1'5weV
"'FfL+s0
'!YjS"
w8j}<{
N1)V&(
S\'UFYK
$]xKOP
y!I}Q-
"*XJU E
)/6%)
Waf12!a;
zN (=%
~AR}v'a
ISM<GX/
R*$QjI
uog'w:2
@0ziRH
Ck^s1N
3N3<f= 
:2{UuX
'Af9>.
Juq8/U
E}%]l|
I^5Mkw
7(;[g^
?~/NlK2#
yWkflt
/"&w9$
;y|H}K
2m9N/[
H}QJMJ~
i\yiI2
YT.6L~N
%)_N'
-(VDZU
fi\B%}
'b4xH:
M2J|<5
e*-lE!
^]q@rn
SmW)qW
Ji}D)Q
%TN!C'{!
de_D)]
yw\"r^
!P/(&!
h}-R#N
c<n)zOIB
:-8n<a
zi~YC<
<qbE;i
<'HhFa
+Sk.!_
]t`RUf
y%%wF+N
->TY["
%{y$bIwq0
Q#H4KF
X-Bgfv
21R+9h
)'#At[
gb v6n
S'7y_G
/%wQ=D(
),*2g-
K]d4'T<Q
eK-Fy?#
Tu6tzP)
qIUl2,)
a2g.@eF
w8/.d%
(t!Rwq
GQ-LLV
V :>ra
n)(&9_
@~}Rp}
oY>iwS
qII]ST
!'l=^S
4WuTK<
*ZR^%Q
ka0<x%
`{?^IZ_
o1u31D
_1Z)1=(
HYJI&1
(%s:M;
-mRt9h
i]{idQ
Q%/3`?
DB5y)D
ehO6q'
dD|[yT
mPSR,?
+D$boT
]2^^Nn
|}{;/.
n$aZ1Q$M
RU[X?-@:
`aQ)0t8
>2&Y_n
>)}-('
Li%5W
3vXu {
v5j)+X^)?
-}2oYk
;)hEQ
_-Q#"@
(~^Rwq
*4Ntq5
R]QII8f)
*7yR|?F
"$.=sRe
%+0]f"
K_Ee#@%
%se%a{
VkZb-L
/9{.`I!Y
'\TY%n
&M8EZ)
&9N#P!1
vJ71Q1
8h3'1
5o).zO!
F`3>b'!
7n!'!2e
$jkp0K
kLBUl3
9O1{$[
&\|@z4
kZVTZ^4
Tl!QI]
k%l~qV
ZUET)H
aS|yi}
LwfN_!
WVR+E
>%6cXS
g/bFUE
)K1@n)
f)7][y%s
wE3%H,
}%n\z3
($f-1
-w1'@k
J/)'{!
?L&Z2F
bL-^c|
(`+[9q'!
EgJZ(q3
qN^k,]
ax9NOd5
A;Oq35@</
.WRq,%
jBt;'F8
9+6j;)_
}3*_nq
}%t:zT
yR"R- 
}:lVkk
R\U/Z]
P%@dD)
x"7Q%m
}Q%#v-
Ua61l*
,U:,SO
O%~k)-,cJ
vURuqMM
V*rtLi
\?Ruq6
f,e+g5
e>+j$:
KR]{P!
jdYZJrc
# ~(x)N
iP%-S 
3~3Z%7d
# ;6CR
fz./-$
?r~~kl
.;B+7uB
)s%!:4
u%5~+r
q2*J5
ZVQ/|0
~]RTcn
uEA-{W
HIn9-!
$%YXT'K)g.
o&%(Nd
ob1wY<
+)a6V*
|\Zuf:K
*n[$)t.
);9uvk
b _tG'
+>2A~ K
]==2>0,
($GzWk
5]q=E Z
n^ic!T
jlJtDh`?
-N#B|,
VbRuN=i
wf"+/)
,j1RvZ'E'
u:H]L:[
(z(8!r
'9:}Ew$
 >-;n4
na9% 9
:qp&H$
;!! ?
l],3>(
 P5%)S
6`ylSJ
{;PQh
|tsQ!X
Y5&I;N5=
'Pf)Z8
qiK^LOS
n)L@I]
5 GM 5
0E8!<;
s_Vfhe/
1fJO]6
-@\#b1
q81;|m
7}t8R 
~aR`4!
<TW^8Q>:
mi+kU1>
3Wnj')
anV-W1
Q\b%$q@n
h%g/ b
e1P_}n)
+kWNU%
d\FZyy
:aK+8<A
pRQ'i;)
5T>RCl
Q p'5}
f>P%{3
e'-u:?+
281u85!
)N$.)I
'H'%|Rp6
-V7Ze1
sg[H\Eb-]
>1[)_k0
0A)35o7|$
Yw2q2@
'!;j^E
?O)Zhj
Q.I~?,
)O!Ao}
@;0J/t
!+1*)y[
)U;d%E
QqKlwZ
=ZbL]+
hH-p#'
hPqOIQ
\;/Q'B)3A
WEu"~O
Qn 5O-
:)Jkq*
]'e%38
sZBC2L
~-_kuw
P..).9J
"boj +
$vES~}K(
Y/q2{#
%'!^:4&
\|Pf5=V
ey'@B)
K%\DR~2
>^!A95#
%(E|%f
IwFq5!
]\+Y5v
TdR_iB
j(@^d|E!
g Ubv#a,!
J\TZu2
&)7B'T
sk!/~R,
.)}O~K
]8#3;-98|
j?)k.VU
`]K6["'
#yPl~p
qO3;o-
0g^u*R3
|RB_UI
TtB1il
P%S;'
@b-$T-P
/_24TM
W\'R^J`)
"P\dR2
!SH&k&1
DM)LkLa
we2,&
S3 $51
BO F1;
t[Rz{i
^W=%Q
f]{(-j
K!*f1mi
3RShD
XQTFY$R
I `ES?-;
)M!R+(
eA,//e7
bVEV}6O
nKUG#'
b]$)]Q
",J4}r
!VF[%+
hjt~"-3]lb-
3j9@Bm
PR]YkD
8uYfIu
Tz^g)O
~%}TuP1
t"'~|y
m1_|Kr^
W!z%$i
Po7]^C
%;)+/V
^E&o_~gEf
^s0$-(<
 tf*NV
r]Yb%}
e& }P5
h1C-4.
"-8(38
e;-TkE
vz'| T
yD$L+=1K
K2fu~W
+*uSYk
1fV}M+
k)gnV0
a1(]6j1B(
ba|giQ
f1;VjQ3*
%bIQ4h
\K^<os
|L)K(h
,V1Z8(
i;%1X!K
1DjD)9
Z]9-;+
'jh5tT
#e)'/b
e4'VNB
#<@{Ry
;Gym.a
mBO|IR]F
J2v-t*
UBtQ/K
-F;!x3
2JwT2P)
u\(R_^[P
8PB-N$(
bM6o~
`G<0%1
,.R"81
Vfg)k^
}E~%f\Z
U{L%Fd
tH#I)r{'
9I7OuL
^%TA'S2'
n1m32/b
)-vPR
8-bRy2i
G#,8a)
3VB=)J
Ag%$,:
3Zb!y2
Y(if9^)
uVK^3M
]\fHi
-ep%vcR
?%Pxh9
Tt"R]37
QPha-y9
\@^{),
;)A,)&1
'y%Jzd
't]Q2:
iF_Y@E5
(v$RBE
F#D)Q
zsO|([
QNo)!y
9XaAMP:
A!\:-r
89;l_S
^fhjIX
{vjNxV
|K^`-n
(9~!uAo?:
$HT(%Q
A)QoW2
5Qhc+1k
}bqqHe
8_Ao8.
c-R6~TZ
Rtm!F0r
!V~wPG
NiJweM
}ey%fg-
/172Gl
@-8%z,
K?f<&% AS
i1^dL%
`_> e?
"-*-](
?5~[*|
+NWRTMtC
uqbe5D\
>K0Y)3
r|-b31
u!>){.
7PuV\Z
8M|UTp
kUf)P1
-]9Z%@
Gv]KW<
r@. ^,_
YcIl_'
O9>9#
O-%\~)e{"
]AU*%K
w~NZWL
"\xX&N
- H';I
Rh-r+1
ZYN$!&
q5M:;-
EA+>-~a
:W}SZ?-eK
3JR6Fz
k-ZI|*
j?-vuZf;
n-*78K
j4Z@<3
(yZ)I,
I_3!r:
K|93hl
6%% qcK|
-S(=!5-
mb)3W^
_%_uy
#kWv{-
8Y@@6\o#irV
2*q8?*
^OkUjQu
!|1bf)
\r/:zJ
3)T>H1
8_ Wh!%
[`z` $O{+
!5UW]!
T'5}8l
/-t"iu)
/Nfb(R
Z}n(Kj
/S\99|J
UE]./IT
Qk/eu,?2
).~kXa
wY0ey@d`
-eR$.'E
1A]o)*M
I}N4z!
)4T9X!
)>]_GC
bQ8i:S
.,'[,-
-eM'2&
2Iq\/XWN
Z_bA\sZ
R"N+>~
J[w7`+
z,%\`&
w:ow|.
~TSQEq*
*YSbb
`-Lc\>
9ja%+8(a
^,%YKK
`1,:$U'<|
%e%&U'dX
^ )8{2
}')ewo
LUK)H;dw
Wu2"AZ-
ubP[9$k$.
)mQdIU
(f+[2`}
w~rZ}V
TA/^n%Y
i^^;R_
R}TK,"
<Z-5it
R^;#N7
/vfZJ`T6
-A7kwQ
]T7RjS
bn vlg
\HR}lV
z,-$=P
TA[C&W/
?-Rj{
v_WNU>)
R\=%QrC
^:(Hf298
06uV7/
tmTHVNifk
`qs!~
!/T1-|
tX%^Is
_KtgR]VzX)
Ak$I1f
`i}B|b
wGu%v&
`]Yqjw
':/Zvry
VzRUSL'LM
R-7Z{,B)
]~rZ_r
Y[K]0"!
C.bT$T<R
ZWfm%3
}QzIUy
DUY3Kw3o
C)u:!0
@<hrK(
Gyy1iX&
_5O)6f
):{)jMm
@-a.!%|
/Ci,]Q
iuGZ54
JjpLywD
Y?k)QTjY
@>X8*|5Z_
;XVSvw@
Lv_-+'
f~-%F
-Wn,%1
[ %LAD5
W(%@<K
-q#`H>k
*6&6BN-
I_ ep,
t<61Z
K{E@;4Q
6Q)(,*-
X}Q6i:
_UmW#E4
H#9{aM5
Fa_-z,R
kt6B5@
Jk2Wt~
WE 'We
P.i-p#
vSWhM7_
Z7X)x 
gn'DW4314
<wBL{Q
Qsm*hj
|7rbnwy
5>-d/$
R\[LW{
]QOo`)
f@/`?1
/q_MFi
9|7:( 
\Ek/QT
P";'DZY
[Hb#t|
hPT#`!
^]LYN%2
[4}GoW2
7j&<+9
G|Y^i;
JUA.2T1_
eR'viZW
wvK$8u
_e"/^Zb)
&% cSN
Mtase\
"(|y4!B
7/iY8{
So/S?I
WB#q$OI
2;AFmX
7_[!X'
Y{U$fc
.JH C9!
`'>gi4v
o5).)m*
;T6!_0
52$-Od;
QUL:J3
Gv/(%M
 -*6M*
<0jw$q
:wg`"
OG"5XU
I~O3p812)K9
@)}0@)
:q~)1i
;ay)9>
-~sjE)
Yv4[uD2[
6Lv]|Uh
!xr_.p
2MZXv.
,!%[)
Q?O`"Y
%38nK"
-CpXiO
?(H+)3
i+^>p!
{b!B~"Q
->38O&
+-()/a
wbE}q@D
1J-t|E
'\,rY7
hSK5s
u28~Dg
tV-)3V
arV<)&`-a
RQ=1rN
|Hz-Sg
W^}rqU!_
_G..#mO
$.)P`6
%5txZB
j2oW|'e
)}Nr^W(
u]|JR]
\7SDG)[
:|?Q8n
=),*_hF
WX=_14
6}:FPP
B`;&}H[cr0
WZ_(k
qPid0Z
 -k71(
?)X{9|{
iQ]>(6
z^oE3#S
7O)Uy,O
%(+)xZ
J5O$,K
:q#-$TU
,/:_:@0
B{'rNU
-$-}o
2ofEK74-
E##='fS
*'wlR(!
+\8k{O
+2o"{%
a'nC'1
U~/R_tHr
{hCz-1
 vG(/)
q4Q3>r
uq!iyb
z%.Pf<Z
lGZ[)2
\_Zj,N
juX]z-
w:^U{u)
%G=Y3%
|5ZY<2
Sjt9e:
')^qkx
qv-P.]
hi&]'9
5L7p,
H/\#r]
s^-DM2)
}^^Zp_[
wqIh$$@
~fHXJ^
KVk?$%
)o3NHh
Z}9e>k
e%2ZO)
/~e10X
ZH|Oar
}e\%|u
:A@~#]
l~WPN
`VbKEJ+
26R&Z$
Ob-@V~
w~9RJi|
R~dg&Q
z(Uf-)
}YTI)TYqE
`W{)'X
XZ)\_Z
;2M3jGy:e
b_]8932*)
A`+9z5
!'TK[Kn
ws^0;f9
TZQBF&
vBW'uN
-[ bt
4 ot}Vc
jk(51O
xo)f{
ht1-\
%)>u\^ic7
*X$|:)
\#b)0u9P3;
Z]J=Wn`v
Z\nj3"{J%
oRVpk|
KU:uwv
Q]IB[V
~qr_[A-
,56]w^
=2;2y6
:Gt%g(
$z(h!Z
j3UV2z
P+'?>UG
An n)gyd
S@p"jQ-j>
>awu-:
Ih@YM~
>UKeRA
H*_)0q
$naD 1
GId?+(
(^f-13
8H)7K-
%$-NJ%
4UhAD]1
) J+ j/254
A|rIO
@82@;t@?
P gT .X 
l "p ys 
`a_`V6
N_o7!|~`hQ
!5bFR^F
`okZRPrh
=RH))C
X5 0_~}
,v-YR4x
w_{`j
h] r4M
-.~QPe
wT_*}^!TL
.q;?-/D
,:baLZ
%G'{S5!
|`Uh V
O{`'3~
-@hT}f
W:~#Q1s/
DKD_\/
JQ*4-\:
<%0qPTOX
(!=u;\
Y*)'aE
PW9w\"
t7m#)T 
#A,}PN
y(5U;tD
G[//Z[
5cl$A1Z""
@&z_h
[3krpJ
`FQ%SYt
5UerA[\=
7%_Rq"I
5{6uZ?
2`VWhS
)e@}dD
"k^(Ptl0
i^FqYn
0KkY[_
5zH:|h
0{\avk
yuI3S[~
|h+I5\S
&(yH@E]
E(0*Y'
}(}~80S
CST/[V
+(LLA/
"(k@_Zs
M-hN<j% ~
.*~/-LP
&$JVXX
'qu>{#_
]h5'67
B'?2R\
@Ne<}pA
A#QuJJ
=v.Vp>m<S
P2T;!}O
$h)l()
([/BN%
RVshatZ^
yKVrk]
JG*aNB 
4pl,J1
SH(2\%
,Q1n-::
+NT.IQ/k\lXt
@@lJ'S
`gG0Dl
x-Zo`s
WyYpWQ
c4[G,S|
T]o*Wa"
NhC8f2
S5sJp&
DrmP>b
a@%SQu ,/
Iex>ii,
L%Yevm
\PY'12o
yS%ZBU
O]h|`}
Wm';GP
;hS,2/
Pvo^5Y
*Xx]B*-?^
0)V^KYt
F]v&V!DW
-r+t@f
&[f.H]
V?"?^]
Y3i]4!
yKT\B+
'[HiaAO
-L*!_
zR:7Jqw
rUT0Z}
Ss]hHx
P,8?g 
PT_QaK
e%2d]\
pM4%AqK
xH!bH/;
01+P"?Q]
-G$Z./
;-Wu0X
h3uX 
-XJq.e
0FZkK-
&-Du#Z
2%|y(H
Ph]Er-
hS iLB
k4~kX1P
o-HGp~
@4DnTO
%|I'2?F
g-[o&Ez
4-8A3/
]'\PqN
OR \'5CJ[
QH<Ph7
hfu/!@\
ZXPvXv8
 <]t<;sH
%We2Nj
terWAxQh
vX?f0X~
Rh|z*o7
-w:Jz(
Zv?Y]~oZ
I:h;RJG
hOk:/R[d
 o(<?{;%
th;?e~\Xp)
kN!f5g
Mt$g,@$'
vO8,JU
A0s:0]5!:
>S8>E}
*b@(U;J
#e`#4B
I n[Edj
2@s^d+
`.pR1_`6
D$JodD
DFNOA($
w'ct$*]
P}*|`-p
<,rHVM
J|@&\7
5 4)*0y(
4B8zBTJ
VRJ(E_<)N
[su\e$
VKPbW+
W9x1?*8wNM(
A'lL$Ix
1BWzvNV
zQO[#y
Qm-&G-
v[S0^?
x3tJ l
a&^s.E
n"xy}g
}Fh>wU/n
@`D!\9
 rP$6_
dxd&9
(bKjPP,
aP#WXH
GRZ$W
YxA&0U
UAl }&
4P*5@D
~3W7sRp
Dt.T\6[
bWPQh8
Zw[iji_rO
R!]YwS
tIc<)XA
|u7_k 
J-Iay0)
-SbJei
t{Yb#1)
JV-h)x
EY"%b^
E"AhB/
yx0xXc
8@*KP)
E)&f8<
L_j0*v
Bj3bD`6
}1"<@sd
Zw^0|l
jA04Ff
BB,c !
)(~.%p
}%JlB`B7]
<$A@* H
rPIW9(1
\Hl1:x
g,|&]|<
|FyqL1
c1 @+
Zt|qJD
L!G%gs
A}eshv
:wL_= 
(jT1Rm
]gWmUs
ption I
Plyess
|d~v}lyp
ngcg@s.
`snCTRLu+
OUT8Pr
CPU]qm
w/6VI>S
5UP8{Y
~\kRAoU
mQZY1:d
"pM^PWt
{+[b39
r,Rf-X)
3g[V&T^
FJTDiT>
Xbh}Vi
JGQYrQ
:ukbvU
6Uh.2/E
ho[P=j{_s
mjr=[l
S7QV2!
^Y[E`5{
5(ndRRaZ
UzvwB#
dRjEaL
%Kjrmb
2$Wagh
-8yBo5
9&_"b0
`])(oGr{
|wor}Xy
YH`@:e~c
(}`@px
'`V[og
j!o|htH
_Q-("l
W1Q!0{
4H`@$"
yA bTzB
[O1aL@r(
R)`xn^
*c0UE0
QuSiPa
 ;3RslZ@
tcu6 x
ar|D['/
en0pNL
Cgi/~8@
"lpZtG
fH 9WH[ 
{}<6R/)
`,<AT~
!:`?)+
'W`li
E|-O}>;`
D?2\'
YT*R!(
^S~PgGAXo:
.SxkB'
>=?o- 
`bT3D
aIE)
v0p(c@
'krUNp
g`dnS"
A<}QP*0
6f?a)H
^p;Mrs
?%iVN*
>jAvNG
f2>rYqH>
.!7-X8|
fY =*0
PcDUXE
HN}n@`
Zj/DFF
?K0A&@]
n0$z9)
*D$3m&
-)^!d>
DuTM'<
rF%Qpz
v,: aS
"Ya)"zu
&%'qsB
!.G'Zp
3+$=OV
p.\AM@
(lX3dE
3]iC`f
H]:N^f
AC:x\)@
0H-^ a
;R~vP*
=wd<~<@
_nZP\bh
W_frZE
[X$$-P
"MW{?h
dXKR8X
sSo`[h
{-SW~vY[{
WWqvk1[)D
e87YW\
wYCMqzAJ0
Q}V;GI
svrPmZ
v&yim}%
Rhp]}tZ&
GkHTb*I
+)5{@"
"S^WY
`{Hk#Yy
~?2A:l
RqztY
;N7plD
r[C>(
B&]UvA
2'fq5t
X*}@L>
R%e)S"
rK7F>FP
p1RlQA
!KXc(y
6.Il!8
Tz=hZ4yf<nB}
7zW^9yj
VDVF%?*
jgIt|vF
"`toZz
$'J\|F
7fpUjH8d
Pqh;ON_
Yh= bf
9s("/<
O)LL~0
FqJ;xu>
-yV`>8
8`A2qr!'
eG9|U8\i
xF$T@P
M!x}x>
 I=@\,X
@tFM Z
.U9LA`9
QwUT2@
AVzr%R
/A>Bp@=d
P  \f`
dh8QC%~
<JhJ<$
0_HyYL
7(v?H\5
WFRm"<<)
,XO HE
Wb^IALn!P
~r@(\_PC
6j[g}r
2gb9"~<N
SX0(U@
kiFRdB\*t`
Xp z?x M
ai-%\'
*C"YQB8h
 uX*&S `
9.$B^N
q[$G*L
%$)T4N
[5$!``y
Mn_Hetb
N8g[|9y y
T!Aex7
]<a>X,
yK^/D#
,/ai?k
=XjTJA
i~8vF%=
0dnElXW
m;^|tF&
S/E;B8
PWVRZO^
 57|1 Y9$
Qn`q!b
? W@t{
fQr@G
XE#5Tx
DUp.C#
xH}[Zd
0fSKRb
=aj-tJ
u*?-=b)U7F
S"o[b4_7
$&]wz`
$+Q5~I]
jna*`|D4t6C 
H6y*/f]Ux
jAYp^GZ
Nal+|b
:D*T]-/4P
.6>defg
<g:zS+
YaTrDe
}o%Gb0
Xg%^v3n`
-V^t Iw
R{5>G}
A3\rRS+pS
G'ZZ%_a
Q%`ax#"
3}DTf3
#[QQqP
&1VhS:
7Xg"PT
qz&@~kX1
+Eb$^nF`
eUYIrV
}'YCp*
VB^PY9
EQ~ SUE~
#}z?Yaa
_A3AKb
1!${g@
R U]H)
7?hpb<n
,DW'_aL
p* R&*XK
-Sf{K[
C @(J_
f{/P V<
%jSPxx
b_xz.5
K`giPJ
/{TxuP
PloZQ0
%PoA9+
aS=.tPk
9"YL2>
<qaTXI
7aZ|pz
u8{t&X
E2:Y3mdbU
a[`W!:="<[
tviyUD
6!uz:"5RUF
/%g)w)!q
~%tpQ4
AuEe>K
r @:B~
'VPt&eX
I[ZPS]K
x}W'X_F
*K:/\hRyB
V*DDa_
RISCF&
)r,QHa1
Tzj /Y
r9"t%D
fCi-Wp
v+bN%1
9?=.dZ
px#%@9
j.'6>Z
[4r!-q
Ima.(c8
}M<KLX
LR_@&Q
%u+q+iS
2o;PVJ
!*'Wd`Jjo
1/($E@
/^Bbte@*
LxKk1(
v}S@f)
=\U4rQ
U{uiR)$
FWY"1'SU
[_)uVIh
bR)<(\/
EfA\^O
7Wg/=J
:kIt1h
&yj101
U(h3B{
1*O5^Qp
uAeD:AWs
q'AZh9
^JRNU<t
R%[\'z
pE$v/CXK
h]!<QH
s8$H\D
:qxzF/c 
Vct*qw
qP<4cl
`| bn*
Y{X"wd,
 X||=k^
RFhH(`
1/EL0dR(
-J*"X.0
k%hR1#
$|WQs 
A %p8U9rm\
$6>R/
JqbUDx
Bx</.a
9.'$-QlL`%
0@:=bw;
jF10CX
5jTv*N
d@<*FP
X_&CSH
(L#\`A
j\D$$U
{y"8)A
44>a#P
xvbcY7
W$((vI!
pLCoYp
G0s/'\
pm2,si
^$PQZd
@?#t+i
p`|F+
 0L=X
bR0Hd[
W13|H]
!9-(LJ8`
hypdz^
FPn4<$
E-N)qVH
ir38\V
hHP$aW3G
ZP3m?H^
bQVh"(
%^0,]c3L
,8(N@
NgCL0D
1h0Hr`
{E4-uS
b`1OA
zF9y'*V
%DhXxP\
B~%&"I`
pZ DHxN
R;FcZQ
uo` VSK
\Sr( B
ILM5@5
\ Sq(e
oQ,6ix
`QC9oy
sncX:g0
#r0XJYG
B(`d{O
9}<XvO
=*)d)0
/LLEi20
Jpm-dx
W`Px0 
DP QT:*[0
,;P9[2
D33p1I
*.b%}1
6H(*XZ
64sB@
/2#D4t
s@4)Hh
&S2v>,
SfV!08
h:P4Xf
D<G?H"
dl@0{4T
isQHTo
bBV~OX
0z`F3`wM
@`~@-5
(txMXc|LH
TCsi(H
]6\^aTZ
_uBf$o
$NwI.d
=;~L4xJ
ir[s$\q9<
 <A<6g
lTe/f*
z 0Ci9
};koF?
! Pp&o
PT2llh
L3H $$
iID\e8
E|-@XdYD
YY $>P@+0p
OTC`zyI
xt%u,h
_c@PC%
|my}&Z
Nhx[Rd
dp|WDm
spQ+xp
 Wd lv
C-I(8L
\z(4[\
Vf10&``Gd
uf@|Fp
00I(k7U$
~)crCs
0yE'4o
%%_'^**&)
el.w|?
*cn78&
#9~Y#}
Qh6z@8
YQDd7,
5V#!6 
MFjc/Y&
;W`a_:^V
Y)DLPW}
,1B&57
" os`9
<{q$v
-"XYZ8
+w|d&Zyt
W#*0BN
%K0L1)
(L1CfI
xukR.=
BF:j!Nw
IFVsdT
~'p^b
Q*2;G-

Antivirus	Signature
Bkav	W32.AIDetectMalware
Lionic	Clean
Elastic	malicious (high confidence)
ClamAV	Clean
CMC	Clean
CAT-QuickHeal	Clean
Skyhigh	BehavesLike.Win32.Generic.tc
ALYac	Gen:Variant.Symmi.93663
Cylance	Unsafe
Zillya	Clean
Sangfor	Clean
CrowdStrike	win/malicious_confidence_90% (D)
Alibaba	Clean
K7GW	Clean
K7AntiVirus	Clean
huorong	HEUR:TrojanSpy/Stealer.ay
Baidu	Clean
VirIT	Clean
Paloalto	Clean
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Packed.Themida.HZB
APEX	Malicious
Avast	Win32:Evo-gen [Trj]
Cynet	Malicious (score: 99)
Kaspersky	VHO:Trojan-Spy.Win32.Convagent.gen
BitDefender	Gen:Variant.Symmi.93663
NANO-Antivirus	Clean
ViRobot	Clean
MicroWorld-eScan	Gen:Variant.Symmi.93663
Tencent	Clean
Sophos	Generic ML PUA (PUA)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
DrWeb	Clean
VIPRE	Gen:Variant.Symmi.93663
TrendMicro	Clean
McAfeeD	Real Protect-LS!4208CB745B34
Trapmine	malicious.high.ml.score
CTX	exe.unknown.symmi
Emsisoft	Gen:Variant.Symmi.93663 (B)
Ikarus	Clean
FireEye	Generic.mg.4208cb745b3416b4
Jiangmin	Clean
Webroot	Clean
Varist	W32/Themida.CT.gen!Eldorado
Avira	TR/Crypt.XPACK.Gen
Fortinet	Clean
Antiy-AVL	Clean
Kingsoft	malware.kb.b.989
Gridinsoft	Trojan.Heur!.038120A1
Xcitium	Clean
Arcabit	Trojan.Symmi.D16DDF
SUPERAntiSpyware	Clean
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
AhnLab-V3	Trojan/Win.Generic.R683293
Acronis	Clean
McAfee	Clean
TACHYON	Clean
VBA32	Clean
Malwarebytes	Trojan.MalPack
Panda	Clean
Zoner	Probably Heur.ExeHeaderL
TrendMicro-HouseCall	Clean
Rising	Stealer.Agent!1.106CA (CLASSIC)
Yandex	Clean
SentinelOne	Static AI - Malicious PE
MaxSecure	Clean
GData	Gen:Variant.Symmi.93663
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Clean

IRMA	Signature
ESET Security (Windows)	a variant of Win32/Packed.Themida.HZB trojan
Avast Core Security (Linux)	Win32:Evo-gen [Trj]
C4S ClamAV (Linux)	Clean
F-Secure Antivirus (Linux)	Trojan.TR/Crypt.XPACK.Gen [Aquarius]
Windows Defender (Windows)	Trojan:Win32/LummaStealer.RPAA!MTB
McAfee CLI scanner (Linux)	Clean
Forticlient (Linux)	W32/PossibleThreat
Bitdefender Antivirus (Linux)	Gen:Variant.Symmi.93663
G Data Antivirus (Windows)	Virus: Gen:Variant.Symmi.93663 (Engine A)
Sophos Anti-Virus (Linux)	Mal/Generic-S
DrWeb Antivirus (Linux)	Trojan.PWS.Lumma.1113
Trend Micro SProtect (Linux)	Clean
ClamAV (Linux)	Clean
eScan Antivirus (Linux)	Gen:Variant.Symmi.93663(DB)
Kaspersky Standard (Windows)	Trojan.Win32.Phpw.btqs
Emsisoft Commandline Scanner (Windows)	Gen:Variant.Symmi.93663 (B)

Browser recommendation

Static Analysis

PE Compile Time

PE Imphash

Sections

Resources

Imports

Browser recommendation

PE Compile Time

PE Imphash

Sections

Resources

Imports

Feedback