Advertisement
paladin316

ddos_dll_2019-06-24_20_30.json

Jun 24th, 2019
1,295
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 25.98 KB | None | 0 0
  1.  
  2. [*] MalFamily: "Spyeyes"
  3.  
  4. [*] MalScore: 10.0
  5.  
  6. [*] File Name: "ddos.dll"
  7. [*] File Size: 9728
  8. [*] File Type: "PE32 executable (DLL) (console) Intel 80386, for MS Windows"
  9. [*] SHA256: "c7a7fc134d874ebb60bbc4ee8594c7fe9b472340f7ee304ce1cedf182685e2fd"
  10. [*] MD5: "716d82810241daa5e2a41327014e9a77"
  11. [*] SHA1: "b2639f5808d996a32484c0d23043870d651d0864"
  12. [*] SHA512: "058196a90d1d2e6c4f262290f4cfbab5b592caf2447f76c5830f97984ad4b397b5e1aa3778be598732b4f0e9a95a7175dff4eb4d33357096a8cbcc668b0f8db9"
  13. [*] CRC32: "B2D8C52C"
  14. [*] SSDEEP: "96:oWHaOMll5M5ZShrp0sdr0jSx5hGK2LpDHWqe7ytpEgcRQmdHQX/Kmd5+4cs7PZAD:olOonl0WpWpjxLt61qPzP+4cuLIb/w"
  15.  
  16. [*] Process Execution: []
  17.  
  18. [*] Signatures Detected: [
  19. {
  20. "Description": "File has been identified by 36 Antiviruses on VirusTotal as malicious",
  21. "Details": [
  22. {
  23. "Bkav": "W32.OnGameWLALXAJ.Trojan"
  24. },
  25. {
  26. "MicroWorld-eScan": "Trojan.Generic.KDV.205559"
  27. },
  28. {
  29. "nProtect": "Trojan/W32.Small.9728.FH"
  30. },
  31. {
  32. "CAT-QuickHeal": "TrojanSpy.SpyEyes.gdz"
  33. },
  34. {
  35. "McAfee": "PWS-Spyeye.dw"
  36. },
  37. {
  38. "Malwarebytes": "Trojan.SpyEyes"
  39. },
  40. {
  41. "TheHacker": "Trojan/Spy.SpyEyes.gdz"
  42. },
  43. {
  44. "Agnitum": "TrojanSpy.SpyEyes!Mv/wHCJz9P0"
  45. },
  46. {
  47. "Norman": "Suspicious_Gen2.MMOHQ"
  48. },
  49. {
  50. "TotalDefense": "Win32/SpyEye.VH"
  51. },
  52. {
  53. "TrendMicro-HouseCall": "TROJ_GEN.RCBCDE2"
  54. },
  55. {
  56. "ClamAV": "Win.Trojan.Spyeyes-559"
  57. },
  58. {
  59. "Kaspersky": "Trojan-Spy.Win32.SpyEyes.gdz"
  60. },
  61. {
  62. "BitDefender": "Trojan.Generic.KDV.205559"
  63. },
  64. {
  65. "NANO-Antivirus": "Trojan.Win32.SpyEyes.kxoyf"
  66. },
  67. {
  68. "Ad-Aware": "Trojan.Generic.KDV.205559"
  69. },
  70. {
  71. "Sophos": "Mal/Generic-S"
  72. },
  73. {
  74. "Comodo": "UnclassifiedMalware"
  75. },
  76. {
  77. "F-Secure": "Trojan.Generic.KDV.205559"
  78. },
  79. {
  80. "DrWeb": "BackDoor.Spy.1547"
  81. },
  82. {
  83. "VIPRE": "Trojan.Win32.Generic!BT"
  84. },
  85. {
  86. "AntiVir": "TR/Spy.SpyEyes.gdz"
  87. },
  88. {
  89. "TrendMicro": "TROJ_GEN.RCBCDE2"
  90. },
  91. {
  92. "McAfee-GW-Edition": "PWS-Spyeye.dw"
  93. },
  94. {
  95. "Jiangmin": "TrojanSpy.SpyEyes.ceb"
  96. },
  97. {
  98. "Kingsoft": "Win32.Troj.SpyEyes.(kcloud)"
  99. },
  100. {
  101. "Microsoft": "Trojan:Win32/EyeStye.plugin"
  102. },
  103. {
  104. "ViRobot": "Trojan.Win32.A.SpyEyes.9728.F"
  105. },
  106. {
  107. "AhnLab-V3": "Spyware/Win32.SpyEyes"
  108. },
  109. {
  110. "GData": "Trojan.Generic.KDV.205559"
  111. },
  112. {
  113. "VBA32": "TrojanSpy.SpyEyes"
  114. },
  115. {
  116. "Panda": "Generic Malware"
  117. },
  118. {
  119. "Ikarus": "Trojan-Spy.Win32.SpyEyes"
  120. },
  121. {
  122. "Fortinet": "W32/SpyEyes.GDZ!tr"
  123. },
  124. {
  125. "AVG": "PSW.Generic8.CCIY"
  126. },
  127. {
  128. "Baidu-International": "Trojan.Win32.SpyEyes.aULb"
  129. }
  130. ]
  131. }
  132. ]
  133.  
  134. [*] Started Service: []
  135.  
  136. [*] Executed Commands: []
  137.  
  138. [*] Mutexes: []
  139.  
  140. [*] Modified Files: []
  141.  
  142. [*] Deleted Files: []
  143.  
  144. [*] Modified Registry Keys: []
  145.  
  146. [*] Deleted Registry Keys: []
  147.  
  148. [*] DNS Communications: []
  149.  
  150. [*] Domains: []
  151.  
  152. [*] Network Communication - ICMP: []
  153.  
  154. [*] Network Communication - HTTP: []
  155.  
  156. [*] Network Communication - SMTP: []
  157.  
  158. [*] Network Communication - Hosts: []
  159.  
  160. [*] Network Communication - IRC: []
  161.  
  162. [*] Static Analysis: {
  163. "pe": {
  164. "peid_signatures": null,
  165. "imports": [
  166. {
  167. "imports": [
  168. {
  169. "name": "free",
  170. "address": "0x10003074"
  171. },
  172. {
  173. "name": "atoi",
  174. "address": "0x10003078"
  175. },
  176. {
  177. "name": "malloc",
  178. "address": "0x1000307c"
  179. },
  180. {
  181. "name": "realloc",
  182. "address": "0x10003080"
  183. },
  184. {
  185. "name": "memset",
  186. "address": "0x10003084"
  187. },
  188. {
  189. "name": "sprintf",
  190. "address": "0x10003088"
  191. },
  192. {
  193. "name": "strtok",
  194. "address": "0x1000308c"
  195. },
  196. {
  197. "name": "srand",
  198. "address": "0x10003090"
  199. },
  200. {
  201. "name": "rand",
  202. "address": "0x10003094"
  203. }
  204. ],
  205. "dll": "msvcrt.dll"
  206. },
  207. {
  208. "imports": [
  209. {
  210. "name": "ioctlsocket",
  211. "address": "0x10003048"
  212. },
  213. {
  214. "name": "send",
  215. "address": "0x1000304c"
  216. },
  217. {
  218. "name": "sendto",
  219. "address": "0x10003050"
  220. },
  221. {
  222. "name": "WSAStartup",
  223. "address": "0x10003054"
  224. },
  225. {
  226. "name": "htons",
  227. "address": "0x10003058"
  228. },
  229. {
  230. "name": "socket",
  231. "address": "0x1000305c"
  232. },
  233. {
  234. "name": "connect",
  235. "address": "0x10003060"
  236. },
  237. {
  238. "name": "closesocket",
  239. "address": "0x10003064"
  240. },
  241. {
  242. "name": "inet_addr",
  243. "address": "0x10003068"
  244. },
  245. {
  246. "name": "gethostbyname",
  247. "address": "0x1000306c"
  248. }
  249. ],
  250. "dll": "WS2_32.dll"
  251. },
  252. {
  253. "imports": [
  254. {
  255. "name": "UnhandledExceptionFilter",
  256. "address": "0x10003000"
  257. },
  258. {
  259. "name": "GetCurrentProcess",
  260. "address": "0x10003004"
  261. },
  262. {
  263. "name": "TerminateProcess",
  264. "address": "0x10003008"
  265. },
  266. {
  267. "name": "RtlUnwind",
  268. "address": "0x1000300c"
  269. },
  270. {
  271. "name": "CreateThread",
  272. "address": "0x10003010"
  273. },
  274. {
  275. "name": "lstrcmpA",
  276. "address": "0x10003014"
  277. },
  278. {
  279. "name": "lstrcpynA",
  280. "address": "0x10003018"
  281. },
  282. {
  283. "name": "WaitForSingleObject",
  284. "address": "0x1000301c"
  285. },
  286. {
  287. "name": "CloseHandle",
  288. "address": "0x10003020"
  289. },
  290. {
  291. "name": "lstrlenA",
  292. "address": "0x10003024"
  293. },
  294. {
  295. "name": "lstrcpyA",
  296. "address": "0x10003028"
  297. },
  298. {
  299. "name": "GetTickCount",
  300. "address": "0x1000302c"
  301. },
  302. {
  303. "name": "Sleep",
  304. "address": "0x10003030"
  305. },
  306. {
  307. "name": "GetProcessHeap",
  308. "address": "0x10003034"
  309. },
  310. {
  311. "name": "HeapFree",
  312. "address": "0x10003038"
  313. },
  314. {
  315. "name": "HeapAlloc",
  316. "address": "0x1000303c"
  317. },
  318. {
  319. "name": "SetUnhandledExceptionFilter",
  320. "address": "0x10003040"
  321. }
  322. ],
  323. "dll": "KERNEL32.dll"
  324. }
  325. ],
  326. "digital_signers": null,
  327. "exported_dll_name": "ddos.dll",
  328. "actual_checksum": "0x0000c9fa",
  329. "overlay": null,
  330. "imagebase": "0x10000000",
  331. "reported_checksum": "0x00000000",
  332. "icon_hash": null,
  333. "entrypoint": "0x100016e8",
  334. "timestamp": "2011-01-30 20:42:30",
  335. "osversion": "5.1",
  336. "sections": [
  337. {
  338. "name": ".text",
  339. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
  340. "virtual_address": "0x00001000",
  341. "size_of_data": "0x00001200",
  342. "entropy": "5.98",
  343. "raw_address": "0x00000400",
  344. "virtual_size": "0x00001074",
  345. "characteristics_raw": "0x60000020"
  346. },
  347. {
  348. "name": ".rdata",
  349. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
  350. "virtual_address": "0x00003000",
  351. "size_of_data": "0x00000600",
  352. "entropy": "4.44",
  353. "raw_address": "0x00001600",
  354. "virtual_size": "0x00000547",
  355. "characteristics_raw": "0x40000040"
  356. },
  357. {
  358. "name": ".data",
  359. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
  360. "virtual_address": "0x00004000",
  361. "size_of_data": "0x00000400",
  362. "entropy": "5.75",
  363. "raw_address": "0x00001c00",
  364. "virtual_size": "0x00000858",
  365. "characteristics_raw": "0xc0000040"
  366. },
  367. {
  368. "name": ".reloc",
  369. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
  370. "virtual_address": "0x00005000",
  371. "size_of_data": "0x00000600",
  372. "entropy": "1.86",
  373. "raw_address": "0x00002000",
  374. "virtual_size": "0x00000464",
  375. "characteristics_raw": "0x42000040"
  376. }
  377. ],
  378. "resources": [],
  379. "dirents": [
  380. {
  381. "virtual_address": "0x000034c0",
  382. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
  383. "size": "0x00000087"
  384. },
  385. {
  386. "virtual_address": "0x00003244",
  387. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
  388. "size": "0x00000050"
  389. },
  390. {
  391. "virtual_address": "0x00000000",
  392. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
  393. "size": "0x00000000"
  394. },
  395. {
  396. "virtual_address": "0x00000000",
  397. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
  398. "size": "0x00000000"
  399. },
  400. {
  401. "virtual_address": "0x00000000",
  402. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
  403. "size": "0x00000000"
  404. },
  405. {
  406. "virtual_address": "0x00005000",
  407. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
  408. "size": "0x0000013c"
  409. },
  410. {
  411. "virtual_address": "0x00000000",
  412. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
  413. "size": "0x00000000"
  414. },
  415. {
  416. "virtual_address": "0x00000000",
  417. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
  418. "size": "0x00000000"
  419. },
  420. {
  421. "virtual_address": "0x00000000",
  422. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
  423. "size": "0x00000000"
  424. },
  425. {
  426. "virtual_address": "0x00000000",
  427. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
  428. "size": "0x00000000"
  429. },
  430. {
  431. "virtual_address": "0x000031d8",
  432. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
  433. "size": "0x00000040"
  434. },
  435. {
  436. "virtual_address": "0x00000000",
  437. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
  438. "size": "0x00000000"
  439. },
  440. {
  441. "virtual_address": "0x00003000",
  442. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
  443. "size": "0x0000009c"
  444. },
  445. {
  446. "virtual_address": "0x00000000",
  447. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
  448. "size": "0x00000000"
  449. },
  450. {
  451. "virtual_address": "0x00000000",
  452. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
  453. "size": "0x00000000"
  454. },
  455. {
  456. "virtual_address": "0x00000000",
  457. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
  458. "size": "0x00000000"
  459. }
  460. ],
  461. "exports": [
  462. {
  463. "ordinal": 1,
  464. "name": "GetState",
  465. "address": "0x10001776"
  466. },
  467. {
  468. "ordinal": 2,
  469. "name": "SpyEye_Init",
  470. "address": "0x100016ee"
  471. },
  472. {
  473. "ordinal": 3,
  474. "name": "SpyEye_Start",
  475. "address": "0x1000191e"
  476. },
  477. {
  478. "ordinal": 4,
  479. "name": "SpyEye_Stop",
  480. "address": "0x10001736"
  481. }
  482. ],
  483. "guest_signers": {},
  484. "imphash": "6dc4401b4cfbfd191184a56946f37307",
  485. "icon_fuzzy": null,
  486. "icon": null,
  487. "pdbpath": null,
  488. "imported_dll_count": 3,
  489. "versioninfo": []
  490. }
  491. }
  492.  
  493. [*] Resolved APIs: []
  494.  
  495. [*] Static Analysis: {
  496. "pe": {
  497. "peid_signatures": null,
  498. "imports": [
  499. {
  500. "imports": [
  501. {
  502. "name": "free",
  503. "address": "0x10003074"
  504. },
  505. {
  506. "name": "atoi",
  507. "address": "0x10003078"
  508. },
  509. {
  510. "name": "malloc",
  511. "address": "0x1000307c"
  512. },
  513. {
  514. "name": "realloc",
  515. "address": "0x10003080"
  516. },
  517. {
  518. "name": "memset",
  519. "address": "0x10003084"
  520. },
  521. {
  522. "name": "sprintf",
  523. "address": "0x10003088"
  524. },
  525. {
  526. "name": "strtok",
  527. "address": "0x1000308c"
  528. },
  529. {
  530. "name": "srand",
  531. "address": "0x10003090"
  532. },
  533. {
  534. "name": "rand",
  535. "address": "0x10003094"
  536. }
  537. ],
  538. "dll": "msvcrt.dll"
  539. },
  540. {
  541. "imports": [
  542. {
  543. "name": "ioctlsocket",
  544. "address": "0x10003048"
  545. },
  546. {
  547. "name": "send",
  548. "address": "0x1000304c"
  549. },
  550. {
  551. "name": "sendto",
  552. "address": "0x10003050"
  553. },
  554. {
  555. "name": "WSAStartup",
  556. "address": "0x10003054"
  557. },
  558. {
  559. "name": "htons",
  560. "address": "0x10003058"
  561. },
  562. {
  563. "name": "socket",
  564. "address": "0x1000305c"
  565. },
  566. {
  567. "name": "connect",
  568. "address": "0x10003060"
  569. },
  570. {
  571. "name": "closesocket",
  572. "address": "0x10003064"
  573. },
  574. {
  575. "name": "inet_addr",
  576. "address": "0x10003068"
  577. },
  578. {
  579. "name": "gethostbyname",
  580. "address": "0x1000306c"
  581. }
  582. ],
  583. "dll": "WS2_32.dll"
  584. },
  585. {
  586. "imports": [
  587. {
  588. "name": "UnhandledExceptionFilter",
  589. "address": "0x10003000"
  590. },
  591. {
  592. "name": "GetCurrentProcess",
  593. "address": "0x10003004"
  594. },
  595. {
  596. "name": "TerminateProcess",
  597. "address": "0x10003008"
  598. },
  599. {
  600. "name": "RtlUnwind",
  601. "address": "0x1000300c"
  602. },
  603. {
  604. "name": "CreateThread",
  605. "address": "0x10003010"
  606. },
  607. {
  608. "name": "lstrcmpA",
  609. "address": "0x10003014"
  610. },
  611. {
  612. "name": "lstrcpynA",
  613. "address": "0x10003018"
  614. },
  615. {
  616. "name": "WaitForSingleObject",
  617. "address": "0x1000301c"
  618. },
  619. {
  620. "name": "CloseHandle",
  621. "address": "0x10003020"
  622. },
  623. {
  624. "name": "lstrlenA",
  625. "address": "0x10003024"
  626. },
  627. {
  628. "name": "lstrcpyA",
  629. "address": "0x10003028"
  630. },
  631. {
  632. "name": "GetTickCount",
  633. "address": "0x1000302c"
  634. },
  635. {
  636. "name": "Sleep",
  637. "address": "0x10003030"
  638. },
  639. {
  640. "name": "GetProcessHeap",
  641. "address": "0x10003034"
  642. },
  643. {
  644. "name": "HeapFree",
  645. "address": "0x10003038"
  646. },
  647. {
  648. "name": "HeapAlloc",
  649. "address": "0x1000303c"
  650. },
  651. {
  652. "name": "SetUnhandledExceptionFilter",
  653. "address": "0x10003040"
  654. }
  655. ],
  656. "dll": "KERNEL32.dll"
  657. }
  658. ],
  659. "digital_signers": null,
  660. "exported_dll_name": "ddos.dll",
  661. "actual_checksum": "0x0000c9fa",
  662. "overlay": null,
  663. "imagebase": "0x10000000",
  664. "reported_checksum": "0x00000000",
  665. "icon_hash": null,
  666. "entrypoint": "0x100016e8",
  667. "timestamp": "2011-01-30 20:42:30",
  668. "osversion": "5.1",
  669. "sections": [
  670. {
  671. "name": ".text",
  672. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
  673. "virtual_address": "0x00001000",
  674. "size_of_data": "0x00001200",
  675. "entropy": "5.98",
  676. "raw_address": "0x00000400",
  677. "virtual_size": "0x00001074",
  678. "characteristics_raw": "0x60000020"
  679. },
  680. {
  681. "name": ".rdata",
  682. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
  683. "virtual_address": "0x00003000",
  684. "size_of_data": "0x00000600",
  685. "entropy": "4.44",
  686. "raw_address": "0x00001600",
  687. "virtual_size": "0x00000547",
  688. "characteristics_raw": "0x40000040"
  689. },
  690. {
  691. "name": ".data",
  692. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
  693. "virtual_address": "0x00004000",
  694. "size_of_data": "0x00000400",
  695. "entropy": "5.75",
  696. "raw_address": "0x00001c00",
  697. "virtual_size": "0x00000858",
  698. "characteristics_raw": "0xc0000040"
  699. },
  700. {
  701. "name": ".reloc",
  702. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_DISCARDABLE|IMAGE_SCN_MEM_READ",
  703. "virtual_address": "0x00005000",
  704. "size_of_data": "0x00000600",
  705. "entropy": "1.86",
  706. "raw_address": "0x00002000",
  707. "virtual_size": "0x00000464",
  708. "characteristics_raw": "0x42000040"
  709. }
  710. ],
  711. "resources": [],
  712. "dirents": [
  713. {
  714. "virtual_address": "0x000034c0",
  715. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
  716. "size": "0x00000087"
  717. },
  718. {
  719. "virtual_address": "0x00003244",
  720. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
  721. "size": "0x00000050"
  722. },
  723. {
  724. "virtual_address": "0x00000000",
  725. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
  726. "size": "0x00000000"
  727. },
  728. {
  729. "virtual_address": "0x00000000",
  730. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
  731. "size": "0x00000000"
  732. },
  733. {
  734. "virtual_address": "0x00000000",
  735. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
  736. "size": "0x00000000"
  737. },
  738. {
  739. "virtual_address": "0x00005000",
  740. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
  741. "size": "0x0000013c"
  742. },
  743. {
  744. "virtual_address": "0x00000000",
  745. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
  746. "size": "0x00000000"
  747. },
  748. {
  749. "virtual_address": "0x00000000",
  750. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
  751. "size": "0x00000000"
  752. },
  753. {
  754. "virtual_address": "0x00000000",
  755. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
  756. "size": "0x00000000"
  757. },
  758. {
  759. "virtual_address": "0x00000000",
  760. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
  761. "size": "0x00000000"
  762. },
  763. {
  764. "virtual_address": "0x000031d8",
  765. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
  766. "size": "0x00000040"
  767. },
  768. {
  769. "virtual_address": "0x00000000",
  770. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
  771. "size": "0x00000000"
  772. },
  773. {
  774. "virtual_address": "0x00003000",
  775. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
  776. "size": "0x0000009c"
  777. },
  778. {
  779. "virtual_address": "0x00000000",
  780. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
  781. "size": "0x00000000"
  782. },
  783. {
  784. "virtual_address": "0x00000000",
  785. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
  786. "size": "0x00000000"
  787. },
  788. {
  789. "virtual_address": "0x00000000",
  790. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
  791. "size": "0x00000000"
  792. }
  793. ],
  794. "exports": [
  795. {
  796. "ordinal": 1,
  797. "name": "GetState",
  798. "address": "0x10001776"
  799. },
  800. {
  801. "ordinal": 2,
  802. "name": "SpyEye_Init",
  803. "address": "0x100016ee"
  804. },
  805. {
  806. "ordinal": 3,
  807. "name": "SpyEye_Start",
  808. "address": "0x1000191e"
  809. },
  810. {
  811. "ordinal": 4,
  812. "name": "SpyEye_Stop",
  813. "address": "0x10001736"
  814. }
  815. ],
  816. "guest_signers": {},
  817. "imphash": "6dc4401b4cfbfd191184a56946f37307",
  818. "icon_fuzzy": null,
  819. "icon": null,
  820. "pdbpath": null,
  821. "imported_dll_count": 3,
  822. "versioninfo": []
  823. }
  824. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement