Windows
Analysis Report
SecuriteInfo.com.Variant.Lazy.500504.22488.21237.exe
Overview
General Information
Detection
Score: | 5 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 60% |
Signatures
Classification
Analysis Advice
Sample tries to load a library which is not present or installed on the analysis machine, adding the library might reveal more behavior |
Sample may offer command line options, please run it with the 'Execute binary with arguments' cookbook (it's possible that the command line switches require additional characters like: "-", "/", "--") |
- System is w10x64
- SecuriteInfo.com.Variant.Lazy.500504.22488.21237.exe (PID: 5796 cmdline:
"C:\Users\ user\Deskt op\Securit eInfo.com. Variant.La zy.500504. 22488.2123 7.exe" MD5: 30BFAA616F636182DB9969CB430259D8)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 0_2_00007FF7F2ABD264 |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Window created: | Jump to behavior |
Source: | Code function: | 0_2_00007FF7F2ACAF4B | |
Source: | Code function: | 0_2_00007FF7F2A923F8 | |
Source: | Code function: | 0_2_00007FF7F2AB9320 | |
Source: | Code function: | 0_2_00007FF7F2ACE4C6 | |
Source: | Code function: | 0_2_00007FF7F2A9A4EC | |
Source: | Code function: | 0_2_00007FF7F2AB6430 | |
Source: | Code function: | 0_2_00007FF7F2A9A1A0 | |
Source: | Code function: | 0_2_00007FF7F2A8B208 | |
Source: | Code function: | 0_2_00007FF7F2A8918C | |
Source: | Code function: | 0_2_00007FF7F2ABC22C | |
Source: | Code function: | 0_2_00007FF7F2ACE278 | |
Source: | Code function: | 0_2_00007FF7F2ABD264 | |
Source: | Code function: | 0_2_00007FF7F2AB17A0 | |
Source: | Code function: | 0_2_00007FF7F2A81728 | |
Source: | Code function: | 0_2_00007FF7F2AB8770 | |
Source: | Code function: | 0_2_00007FF7F2A918CC | |
Source: | Code function: | 0_2_00007FF7F2AC8848 | |
Source: | Code function: | 0_2_00007FF7F2A85824 | |
Source: | Code function: | 0_2_00007FF7F2ABA6FC | |
Source: | Code function: | 0_2_00007FF7F2AB5694 | |
Source: | Code function: | 0_2_00007FF7F2ABEB1C | |
Source: | Code function: | 0_2_00007FF7F2AB1CA9 | |
Source: | Code function: | 0_2_00007FF7F2A86CD8 | |
Source: | Code function: | 0_2_00007FF7F2A8BAA8 | |
Source: | Code function: | 0_2_00007FF7F2AAFA1C | |
Source: | Code function: | 0_2_00007FF7F2AB8770 | |
Source: | Code function: | 0_2_00007FF7F2A8AA5C | |
Source: | Code function: | 0_2_00007FF7F2AB0A6C | |
Source: | Code function: | 0_2_00007FF7F2A8AA5C | |
Source: | Code function: | 0_2_00007FF7F2AC2010 | |
Source: | Code function: | 0_2_00007FF7F2AC3F88 | |
Source: | Code function: | 0_2_00007FF7F2A9E024 | |
Source: | Code function: | 0_2_00007FF7F2AB108C | |
Source: | Code function: | 0_2_00007FF7F2AC0070 | |
Source: | Code function: | 0_2_00007FF7F2A87DA0 | |
Source: | Code function: | 0_2_00007FF7F2AB9D2C | |
Source: | Code function: | 0_2_00007FF7F2A9AF00 | |
Source: | Code function: | 0_2_00007FF7F2A84E58 |
Source: | Code function: |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Classification label: |
Source: | Code function: | 0_2_00007FF7F2A861F8 |
Source: | Code function: | 0_2_00007FF7F2A8DC60 |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Window detected: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_00007FF7F2AA3604 |
Source: | Static PE information: |
Source: | API coverage: |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Code function: | 0_2_00007FF7F2ABD264 |
Source: | API call chain: | graph_0-35264 |
Source: | Code function: | 0_2_00007FF7F2AA8164 |
Source: | Code function: | 0_2_00007FF7F2A8918C |
Source: | Code function: | 0_2_00007FF7F2AA3604 |
Source: | Code function: | 0_2_00007FF7F2ACAC7C |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Code function: | 0_2_00007FF7F2AA8348 | |
Source: | Code function: | 0_2_00007FF7F2AA8164 | |
Source: | Code function: | 0_2_00007FF7F2AADB04 | |
Source: | Code function: | 0_2_00007FF7F2AA7EAC |
Source: | Code function: | 0_2_00007FF7F2A8918C |
Source: | Code function: | 0_2_00007FF7F2ABC990 |
Source: | Code function: | 0_2_00007FF7F2AC0614 | |
Source: | Code function: | 0_2_00007FF7F2ABB5EC | |
Source: | Code function: | 0_2_00007FF7F2ABBB6C | |
Source: | Code function: | 0_2_00007FF7F2AA5B64 | |
Source: | Code function: | 0_2_00007FF7F2AC0D14 | |
Source: | Code function: | 0_2_00007FF7F2AC0960 | |
Source: | Code function: | 0_2_00007FF7F2AC0AC8 | |
Source: | Code function: | 0_2_00007FF7F2AC0A30 | |
Source: | Code function: | 0_2_00007FF7F2AC0F1C | |
Source: | Code function: | 0_2_00007FF7F2AC1048 | |
Source: | Code function: | 0_2_00007FF7F2AC0E6C |
Source: | Code function: | 0_2_00007FF7F2AA83B4 |
Source: | Code function: | 0_2_00007FF7F2A87DA0 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 2 Command and Scripting Interpreter | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Deobfuscate/Decode Files or Information | OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 1 Native API | Boot or Logon Initialization Scripts | 1 DLL Side-Loading | 1 Obfuscated Files or Information | LSASS Memory | 3 Security Software Discovery | Remote Desktop Protocol | 1 Clipboard Data | Junk Data | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 DLL Side-Loading | Security Account Manager | 1 Account Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | Steganography | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | 1 System Owner/User Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | Software Packing | LSA Secrets | 1 File and Directory Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | Steganography | Cached Domain Credentials | 22 System Information Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1416009 |
Start date and time: | 2024-03-26 18:27:04 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 2m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 2 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | SecuriteInfo.com.Variant.Lazy.500504.22488.21237.exe |
Detection: | CLEAN |
Classification: | clean5.winEXE@1/0@0/0 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe
- VT rate limit hit for: SecuriteInfo.com.Variant.Lazy.500504.22488.21237.exe
File type: | |
Entropy (8bit): | 6.506811268107808 |
TrID: |
|
File name: | SecuriteInfo.com.Variant.Lazy.500504.22488.21237.exe |
File size: | 681'680 bytes |
MD5: | 30bfaa616f636182db9969cb430259d8 |
SHA1: | ee79baea063ffcd410287fbce92fd2ffe18854ad |
SHA256: | 6050dcd009f11a022028af182260830c423bdc29e72f97f1d0014d9403f6d536 |
SHA512: | 010cea91010c3b7e1d4c2e93dfbf928ff05e1027694843c12d2bf640f9fded024215c6fcc00d454aed5425ab46646b033a7a1a3931f37328b9f8b256732653f4 |
SSDEEP: | 12288:jIeaMb/Ix3S/mfmjYZww90Ako3hZAvep5TeTEOHB4uZ:jI8l/mOjYZwwCAkaQ5YOh4uZ |
TLSH: | D0E46C89BFBA03E4E46FD2788B028956E673B85B0230D25B13544266DF336129F6FF51 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........................................k.............................................................o.....................Rich... |
Icon Hash: | 136d46d24e6c3966 |
Entrypoint: | 0x140027b84 |
Entrypoint Section: | .text |
Digitally signed: | true |
Imagebase: | 0x140000000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE |
DLL Characteristics: | HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x64A301B5 [Mon Jul 3 17:13:25 2023 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 6 |
OS Version Minor: | 0 |
File Version Major: | 6 |
File Version Minor: | 0 |
Subsystem Version Major: | 6 |
Subsystem Version Minor: | 0 |
Import Hash: | 59427ab706597f686ec257d930e8dc89 |
Signature Valid: | true |
Signature Issuer: | CN=Sectigo Public Code Signing CA R36, O=Sectigo Limited, C=GB |
Signature Validation Error: | The operation completed successfully |
Error Number: | 0 |
Not Before, Not After |
|
Subject Chain |
|
Version: | 3 |
Thumbprint MD5: | 7C93619D614B24DC921A52B9BBD55C86 |
Thumbprint SHA-1: | F15BF16F88638FCF3FFF551BBC4C2F178C1C4837 |
Thumbprint SHA-256: | B9CE15CCA3D218403FDB497913811B7CBE4A4314ACB1A05390041187A6090B9C |
Serial: | 00D43A44D80D12C3B58054993699F97261 |
Instruction |
---|
dec eax |
sub esp, 28h |
call 00007F7E74622FFCh |
dec eax |
add esp, 28h |
jmp 00007F7E7462264Fh |
int3 |
int3 |
dec eax |
sub esp, 28h |
dec ebp |
mov eax, dword ptr [ecx+38h] |
dec eax |
mov ecx, edx |
dec ecx |
mov edx, ecx |
call 00007F7E746227E2h |
mov eax, 00000001h |
dec eax |
add esp, 28h |
ret |
int3 |
int3 |
int3 |
inc eax |
push ebx |
inc ebp |
mov ebx, dword ptr [eax] |
dec eax |
mov ebx, edx |
inc ecx |
and ebx, FFFFFFF8h |
dec esp |
mov ecx, ecx |
inc ecx |
test byte ptr [eax], 00000004h |
dec esp |
mov edx, ecx |
je 00007F7E746227E5h |
inc ecx |
mov eax, dword ptr [eax+08h] |
dec ebp |
arpl word ptr [eax+04h], dx |
neg eax |
dec esp |
add edx, ecx |
dec eax |
arpl ax, cx |
dec esp |
and edx, ecx |
dec ecx |
arpl bx, ax |
dec edx |
mov edx, dword ptr [eax+edx] |
dec eax |
mov eax, dword ptr [ebx+10h] |
mov ecx, dword ptr [eax+08h] |
dec eax |
mov eax, dword ptr [ebx+08h] |
test byte ptr [ecx+eax+03h], 0000000Fh |
je 00007F7E746227DDh |
movzx eax, byte ptr [ecx+eax+03h] |
and eax, FFFFFFF0h |
dec esp |
add ecx, eax |
dec esp |
xor ecx, edx |
dec ecx |
mov ecx, ecx |
pop ebx |
jmp 00007F7E74621F62h |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
nop word ptr [eax+eax+00000000h] |
dec eax |
sub esp, 10h |
dec esp |
mov dword ptr [esp], edx |
dec esp |
mov dword ptr [esp+08h], ebx |
dec ebp |
xor ebx, ebx |
dec esp |
lea edx, dword ptr [esp+18h] |
dec esp |
sub edx, eax |
dec ebp |
cmovb edx, ebx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x7ffe4 | 0xf0 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x99000 | 0xea00 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x93000 | 0x4890 | .pdata |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0xa3a00 | 0x2cd0 | .rsrc |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xa8000 | 0x11b0 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x6fde0 | 0x70 | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x6fe80 | 0x28 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x6fca0 | 0x140 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x59000 | 0x588 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x579a0 | 0x57a00 | 76e1a8d27271d71803592866ff66bf70 | False | 0.48915054386590584 | data | 6.407340783062554 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x59000 | 0x282ce | 0x28400 | ef544eb79a9810628d0bbb18dc7d682c | False | 0.35195676436335405 | data | 4.786721665317084 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0x82000 | 0x1022c | 0xe400 | a51f8e63ec3875c7b2ef556f90361337 | False | 0.06534402412280702 | DIY-Thermocam raw data (Lepton 3.x), scale -3919-1344, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 0.833027 | 4.796461379137914 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.pdata | 0x93000 | 0x4890 | 0x4a00 | 7d72ad5583aa1bdec45bef9b0c62e1e1 | False | 0.4507495777027027 | data | 5.651383404515554 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
_RDATA | 0x98000 | 0x15c | 0x200 | 75150a4c8aa0cd249261af8163610370 | False | 0.408203125 | data | 3.3076904235964735 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.rsrc | 0x99000 | 0xea00 | 0xea00 | 49f2e9d3e09d78a52277f44198261f3b | False | 0.9693676549145299 | data | 7.887617559747496 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xa8000 | 0x11b0 | 0x1200 | 226510f2cdb444220c27dfc47feb8615 | False | 0.4594184027777778 | data | 5.399173149192816 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
AFX_DIALOG_LAYOUT | 0x992e8 | 0x2 | data | English | United States | 5.0 |
PNG | 0x992f0 | 0x2f06 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States | 0.9987539458381791 |
PNG | 0x9c1f8 | 0x6435 | PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced | English | United States | 0.9942696760612794 |
RT_ICON | 0xa2b20 | 0x20d | PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced | English | United States | 1.020952380952381 |
RT_ICON | 0xa2d30 | 0x4ab | PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced | English | United States | 1.0092050209205021 |
RT_ICON | 0xa31e0 | 0x959 | PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced | English | United States | 1.0045967404931049 |
RT_ICON | 0xa3b40 | 0x13ca | PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced | English | United States | 1.0021713383339914 |
RT_ICON | 0xa4f10 | 0x2988 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States | 0.9946388261851016 |
RT_DIALOG | 0xa2630 | 0x100 | data | English | United States | 0.69921875 |
RT_GROUP_ICON | 0xa2ad0 | 0x4c | data | English | United States | 0.7894736842105263 |
RT_MANIFEST | 0xa2730 | 0x39f | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with very long lines (867), with CRLF line terminators | English | United States | 0.48759439050701187 |
DLL | Import |
---|---|
KERNEL32.dll | GetLastError, GetTempPathW, CreateDirectoryW, WideCharToMultiByte, MultiByteToWideChar, GetLocaleInfoW, GetACP, OutputDebugStringA, Sleep, GetModuleFileNameW, CopyFileW, GetModuleHandleW, FindResourceW, SizeofResource, LoadResource, LockResource, GlobalAlloc, GlobalLock, TrySubmitThreadpoolCallback, WaitForSingleObject, LoadLibraryW, LocalFree, HeapSize, GetConsoleMode, GetConsoleOutputCP, FlushFileBuffers, SetStdHandle, GetProcessHeap, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, GetCommandLineA, OutputDebugStringW, IsValidCodePage, SetFilePointerEx, EnumSystemLocalesW, GetUserDefaultLCID, IsValidLocale, LCMapStringW, CompareStringW, FormatMessageW, GetCurrentPackageFullName, WriteConsoleW, ExitProcess, HeapReAlloc, GetFileType, SetEnvironmentVariableW, HeapAlloc, HeapFree, WriteFile, GetStdHandle, GetModuleHandleExW, RtlUnwind, LoadLibraryExW, FreeLibrary, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, SetLastError, GetOEMCP, SetDefaultDllDirectories, FormatMessageA, CreateFileW, FindClose, FindFirstFileExW, FindNextFileW, GetFileAttributesW, AreFileApisANSI, CloseHandle, GetProcAddress, GetLocaleInfoEx, RtlPcToFileHeader, RaiseException, WaitForSingleObjectEx, SwitchToThread, GetCurrentThreadId, GetStringTypeW, EncodePointer, DecodePointer, EnterCriticalSection, LeaveCriticalSection, InitializeCriticalSectionEx, DeleteCriticalSection, LCMapStringEx, QueryPerformanceCounter, ReleaseSRWLockExclusive, AcquireSRWLockExclusive, CompareStringEx, GetCPInfo, GetSystemTimeAsFileTime, InitializeCriticalSectionAndSpinCount, SetEvent, ResetEvent, CreateEventW, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, IsProcessorFeaturePresent, IsDebuggerPresent, GetStartupInfoW, GetCurrentProcessId, InitializeSListHead, RtlUnwindEx, InterlockedPushEntrySList |
USER32.dll | LoadCursorW, SetCursor, SetTimer, GetMessageW, CreateDialogParamW, TranslateMessage, DispatchMessageW, GetDpiForWindow, SetWindowPos, GetDlgItem, ShowWindow, IsDialogMessageW, EnableWindow, SendMessageW, SetWindowTextW, SetWindowLongPtrW, GetWindowLongPtrW, GetDesktopWindow, MessageBoxW, PostQuitMessage, KillTimer, EndPaint, GetClientRect, BeginPaint |
COMCTL32.dll | InitCommonControlsEx |
GDI32.dll | GetStockObject |
SHELL32.dll | ShellExecuteW, SHFileOperationW |
netutils.dll | NetApiBufferFree |
api-ms-win-core-com-l1-1-0.dll | CoGetApartmentType, CoCreateInstance, CreateStreamOnHGlobal, CoTaskMemAlloc, CoInitializeEx, CoCreateFreeThreadedMarshaler, CoGetObjectContext |
gdiplus.dll | GdipCreateFromHDC, GdipDeleteGraphics, GdiplusShutdown, GdipGetImageWidth, GdipGetDpiX, GdipFree, GdipAlloc, GdipCloneImage, GdipDisposeImage, GdiplusStartup, GdipBitmapSetResolution, GdipDrawImageI, GdipCreateBitmapFromStream, GdipGetImageHorizontalResolution |
NETAPI32.dll | NetUserGetInfo |
ADVAPI32.dll | GetUserNameW |
OLEAUT32.dll | SetErrorInfo, GetErrorInfo, SysFreeString, SysAllocString, SysStringLen |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Target ID: | 0 |
Start time: | 18:27:48 |
Start date: | 26/03/2024 |
Path: | C:\Users\user\Desktop\SecuriteInfo.com.Variant.Lazy.500504.22488.21237.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff7f2a80000 |
File size: | 681'680 bytes |
MD5 hash: | 30BFAA616F636182DB9969CB430259D8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Execution Graph
Execution Coverage: | 3.5% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 16.7% |
Total number of Nodes: | 759 |
Total number of Limit Nodes: | 30 |
Graph
Function 00007FF7F2ACAF4B Relevance: 74.4, APIs: 27, Strings: 15, Instructions: 880memorythreadwindowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA3604 Relevance: 28.2, APIs: 11, Strings: 5, Instructions: 235libraryloaderCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8DC60 Relevance: 22.8, APIs: 11, Strings: 2, Instructions: 73memorywindowCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACAC7C Relevance: 19.7, APIs: 7, Strings: 4, Instructions: 433COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A85C88 Relevance: 65.1, APIs: 32, Strings: 5, Instructions: 317windowtimeCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA2684 Relevance: 26.5, APIs: 10, Strings: 5, Instructions: 255libraryloaderCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A87CE8 Relevance: 22.8, APIs: 7, Strings: 6, Instructions: 43COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A856B4 Relevance: 21.1, APIs: 14, Instructions: 83timewindowCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACFC62 Relevance: 19.8, APIs: 8, Strings: 3, Instructions: 509COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA0E74 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 66COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA2C7C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 124COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9FF80 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 95COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9FE4C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 80COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA026C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 66COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA00E4 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 66COMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8E11C Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 13COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA73C8 Relevance: 3.0, APIs: 2, Instructions: 34COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB85EC Relevance: 1.5, APIs: 1, Instructions: 36memoryCOMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB8F9C Relevance: 1.5, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A87DA0 Relevance: 120.2, APIs: 55, Strings: 13, Instructions: 1153memorysleepfileCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC8848 Relevance: 101.4, APIs: 39, Strings: 18, Instructions: 1682memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8918C Relevance: 65.7, APIs: 28, Strings: 9, Instructions: 935memorysynchronizationCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A86CD8 Relevance: 51.5, APIs: 14, Strings: 15, Instructions: 704memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8AA5C Relevance: 40.5, APIs: 21, Strings: 2, Instructions: 290memorytimeCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8BAA8 Relevance: 39.1, APIs: 14, Strings: 8, Instructions: 561memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC2010 Relevance: 24.0, APIs: 9, Strings: 4, Instructions: 1210COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACE278 Relevance: 17.9, APIs: 9, Strings: 1, Instructions: 403threadCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACE4C6 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 299memorythreadCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8B208 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 249memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A923F8 Relevance: 10.9, APIs: 5, Strings: 1, Instructions: 366COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A918CC Relevance: 10.9, APIs: 5, Strings: 1, Instructions: 363COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC0614 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 222COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC1048 Relevance: 10.7, APIs: 7, Instructions: 171COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AADB04 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A84E58 Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 495COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A861F8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 56windowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA83B4 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA5B64 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 39windowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABBB6C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 35COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB17A0 Relevance: 4.8, APIs: 3, Instructions: 317COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB9320 Relevance: 3.8, APIs: 1, Strings: 1, Instructions: 251COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB9D2C Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 220COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABA6FC Relevance: 3.2, APIs: 2, Instructions: 232COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB0A6C Relevance: 3.2, APIs: 2, Instructions: 207COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC0960 Relevance: 1.6, APIs: 1, Instructions: 61COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC0A30 Relevance: 1.5, APIs: 1, Instructions: 41COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABB5EC Relevance: 1.5, APIs: 1, Instructions: 32COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAFA1C Relevance: 1.4, Strings: 1, Instructions: 196COMMONLIBRARYCODE
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB1CA9 Relevance: .5, Instructions: 536COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC0070 Relevance: .3, Instructions: 272COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9A1A0 Relevance: .2, Instructions: 247COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9A4EC Relevance: .2, Instructions: 178COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB5694 Relevance: .1, Instructions: 126COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABC990 Relevance: .0, Instructions: 32COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA8348 Relevance: .0, Instructions: 2COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABBEDC Relevance: 36.8, APIs: 10, Strings: 11, Instructions: 57COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA46F0 Relevance: 33.3, APIs: 22, Instructions: 278memoryCOMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACEDBD Relevance: 23.2, APIs: 9, Strings: 4, Instructions: 490memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA7694 Relevance: 21.1, APIs: 8, Strings: 4, Instructions: 61libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD53F1 Relevance: 19.4, APIs: 9, Strings: 2, Instructions: 175memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8AE70 Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 226memorysleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA2340 Relevance: 16.6, APIs: 11, Instructions: 98memorywindowCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC7547 Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 257COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD51B7 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 137memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD5F08 Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 157memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA732C Relevance: 14.0, APIs: 4, Strings: 4, Instructions: 21libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8B5F8 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 133COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD203A Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 131memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAAEC0 Relevance: 10.8, APIs: 3, Strings: 3, Instructions: 317COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC810D Relevance: 10.7, APIs: 7, Instructions: 212memorythreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACA5AC Relevance: 10.7, APIs: 7, Instructions: 193memorythreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACC628 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 158memorythreadCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8B7F8 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 147COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAD6EC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 88libraryloaderCOMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC63F8 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48fileCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA6EEC Relevance: 9.2, APIs: 6, Instructions: 200COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD72F1 Relevance: 9.2, APIs: 4, Strings: 2, Instructions: 150memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD265A Relevance: 9.1, APIs: 4, Strings: 2, Instructions: 126memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACBFF0 Relevance: 9.0, APIs: 3, Strings: 2, Instructions: 216memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8A340 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 169memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD145C Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 149memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A862E4 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 147COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAA1B4 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 144COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A97738 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 123COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD7C53 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 93memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD3BC6 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 83memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB4C14 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9823C Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 18libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ACD7B6 Relevance: 7.8, APIs: 5, Instructions: 284memorythreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC3A3C Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAB398 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 317COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A811C0 Relevance: 7.3, APIs: 2, Strings: 2, Instructions: 306COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD1705 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 244memorythreadCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A955A4 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 233COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A830C0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 209COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AABAB0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 190COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A958D0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 175COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD0495 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 173threadCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A97E58 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 171COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A95BCC Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 170COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A90AB8 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 152COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAB894 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 147COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAC024 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 145COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8FE34 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 124COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A90D0C Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 122COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9108C Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 122COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A90ECC Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 121COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8393C Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 101COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD2BFE Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 96memoryCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A97C40 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 94COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8F244 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 91COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8EAF4 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 91COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A8EEA4 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 91COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A82F8C Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 81COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A83884 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 51COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A83B38 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 50COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9F3BC Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 34libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA5924 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A9F5FC Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 14libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAC25C Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 163COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAF57C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 151COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB9790 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 134COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AAC894 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 117COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AB4EEC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AC4694 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100fileCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA0658 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 95COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA45D8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 82COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABCB24 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 80COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA427C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 76memoryCOMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA3964 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 74COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABCA00 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 62COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABAA68 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 54COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD7B44 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 53COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABB8CC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 50COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABBD80 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 50COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A83D8C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 48COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AA94C0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 42COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABBBF0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 26COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABBC54 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2ABBB18 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2A990F0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21windowCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00007FF7F2AD8384 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 8COMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |