NanoCore_bb320a8163c8343ed560bb91f310ede7_exe_2019-06-26_08_30.json

1.  
2. [*] MalFamily: ""
3.  
4. [*] MalScore: 3.5
5.  
6. [*] File Name: "NanoCore_bb320a8163c8343ed560bb91f310ede7.exe"
7. [*] File Size: 548864
8. [*] File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
9. [*] SHA256: "df4869d77a6f7f4f8bd88b5a8ad9ce1541aaceee54f0e473a9310c634d951b1a"
10. [*] MD5: "bb320a8163c8343ed560bb91f310ede7"
11. [*] SHA1: "9602c61fef634982cff89a74070c1a68bece474c"
12. [*] SHA512: "e673bec9b8b8ff2dd8acf6dde869d8e516c127ef5fb79e1289a13372891c90f50841c158d38b65cb58024c94852b67a504c3eee636bef36a8902495159ded01d"
13. [*] CRC32: "433C964F"
14. [*] SSDEEP: "12288:8dD6GALJg1grqtopJQawZaNnTvdLFuekP:8VA9/rqtoJQa9NTFRx"
15.  
16. [*] Process Execution: [
17. "NanoCore_bb320a8163c8343ed560bb91f310ede7.exe"
18. ]
19.  
20. [*] Signatures Detected: [
21. {
22. "Description": "Creates RWX memory",
23. "Details": []
24. },
25. {
26. "Description": "The binary likely contains encrypted or compressed data.",
27. "Details": [
28. {
29. "section": "name: .text, entropy: 7.08, characteristics: IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ, raw_size: 0x0007d000, virtual_size: 0x0007c83c"
30. }
31. ]
32. },
33. {
34. "Description": "Attempts to repeatedly call a single API many times in order to delay analysis time",
35. "Details": [
36. {
37. "Spam": "NanoCore_bb320a8163c8343ed560bb91f310ede7.exe (2416) called API CreateProcessInternalW 44491 times"
38. }
39. ]
40. }
41. ]
42.  
43. [*] Started Service: []
44.  
45. [*] Executed Commands: [
46. "\\x01C:\\Users\\user\\AppData\\Local\\Temp\\NanoCore_bb320a8163c8343ed560bb91f310ede7.exe\""
47. ]
48.  
49. [*] Mutexes: [
50. "CicLoadWinStaWinSta0",
51. "Local\\MSCTF.CtfMonitorInstMutexDefault1"
52. ]
53.  
54. [*] Modified Files: []
55.  
56. [*] Deleted Files: []
57.  
58. [*] Modified Registry Keys: []
59.  
60. [*] Deleted Registry Keys: []
61.  
62. [*] DNS Communications: []
63.  
64. [*] Domains: []
65.  
66. [*] Network Communication - ICMP: []
67.  
68. [*] Network Communication - HTTP: []
69.  
70. [*] Network Communication - SMTP: []
71.  
72. [*] Network Communication - Hosts: []
73.  
74. [*] Network Communication - IRC: []
75.  
76. [*] Static Analysis: {
77. "pe": {
78. "peid_signatures": null,
79. "imports": [
80. {
81. "imports": [
82. {
83. "name": "MethCallEngine",
84. "address": "0x401000"
85. },
86. {
87. "name": null,
88. "address": "0x401004"
89. },
90. {
91. "name": null,
92. "address": "0x401008"
93. },
94. {
95. "name": null,
96. "address": "0x40100c"
97. },
98. {
99. "name": null,
100. "address": "0x401010"
101. },
102. {
103. "name": null,
104. "address": "0x401014"
105. },
106. {
107. "name": null,
108. "address": "0x401018"
109. },
110. {
111. "name": null,
112. "address": "0x40101c"
113. },
114. {
115. "name": null,
116. "address": "0x401020"
117. },
118. {
119. "name": null,
120. "address": "0x401024"
121. },
122. {
123. "name": null,
124. "address": "0x401028"
125. },
126. {
127. "name": null,
128. "address": "0x40102c"
129. },
130. {
131. "name": null,
132. "address": "0x401030"
133. },
134. {
135. "name": "EVENT_SINK_AddRef",
136. "address": "0x401034"
137. },
138. {
139. "name": null,
140. "address": "0x401038"
141. },
142. {
143. "name": null,
144. "address": "0x40103c"
145. },
146. {
147. "name": null,
148. "address": "0x401040"
149. },
150. {
151. "name": null,
152. "address": "0x401044"
153. },
154. {
155. "name": null,
156. "address": "0x401048"
157. },
158. {
159. "name": "EVENT_SINK_Release",
160. "address": "0x40104c"
161. },
162. {
163. "name": null,
164. "address": "0x401050"
165. },
166. {
167. "name": "EVENT_SINK_QueryInterface",
168. "address": "0x401054"
169. },
170. {
171. "name": "__vbaExceptHandler",
172. "address": "0x401058"
173. },
174. {
175. "name": null,
176. "address": "0x40105c"
177. },
178. {
179. "name": null,
180. "address": "0x401060"
181. },
182. {
183. "name": null,
184. "address": "0x401064"
185. },
186. {
187. "name": null,
188. "address": "0x401068"
189. },
190. {
191. "name": null,
192. "address": "0x40106c"
193. },
194. {
195. "name": null,
196. "address": "0x401070"
197. },
198. {
199. "name": null,
200. "address": "0x401074"
201. },
202. {
203. "name": null,
204. "address": "0x401078"
205. },
206. {
207. "name": null,
208. "address": "0x40107c"
209. },
210. {
211. "name": null,
212. "address": "0x401080"
213. },
214. {
215. "name": null,
216. "address": "0x401084"
217. },
218. {
219. "name": null,
220. "address": "0x401088"
221. },
222. {
223. "name": null,
224. "address": "0x40108c"
225. },
226. {
227. "name": null,
228. "address": "0x401090"
229. },
230. {
231. "name": null,
232. "address": "0x401094"
233. },
234. {
235. "name": null,
236. "address": "0x401098"
237. },
238. {
239. "name": null,
240. "address": "0x40109c"
241. }
242. ],
243. "dll": "MSVBVM60.DLL"
244. }
245. ],
246. "digital_signers": null,
247. "exported_dll_name": null,
248. "actual_checksum": "0x0008f78b",
249. "overlay": null,
250. "imagebase": "0x00400000",
251. "reported_checksum": "0x0008f78b",
252. "icon_hash": null,
253. "entrypoint": "0x004011a0",
254. "timestamp": "2009-08-19 15:24:29",
255. "osversion": "4.0",
256. "sections": [
257. {
258. "name": ".text",
259. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
260. "virtual_address": "0x00001000",
261. "size_of_data": "0x0007d000",
262. "entropy": "7.08",
263. "raw_address": "0x00001000",
264. "virtual_size": "0x0007c83c",
265. "characteristics_raw": "0x60000020"
266. },
267. {
268. "name": ".data",
269. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
270. "virtual_address": "0x0007e000",
271. "size_of_data": "0x00000000",
272. "entropy": "0.00",
273. "raw_address": "0x00000000",
274. "virtual_size": "0x00003678",
275. "characteristics_raw": "0xc0000040"
276. },
277. {
278. "name": ".rsrc",
279. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
280. "virtual_address": "0x00082000",
281. "size_of_data": "0x00008000",
282. "entropy": "4.49",
283. "raw_address": "0x0007e000",
284. "virtual_size": "0x00007300",
285. "characteristics_raw": "0x40000040"
286. }
287. ],
288. "resources": [],
289. "dirents": [
290. {
291. "virtual_address": "0x00000000",
292. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
293. "size": "0x00000000"
294. },
295. {
296. "virtual_address": "0x0007d6f4",
297. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
298. "size": "0x00000028"
299. },
300. {
301. "virtual_address": "0x00082000",
302. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
303. "size": "0x00007300"
304. },
305. {
306. "virtual_address": "0x00000000",
307. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
308. "size": "0x00000000"
309. },
310. {
311. "virtual_address": "0x00000000",
312. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
313. "size": "0x00000000"
314. },
315. {
316. "virtual_address": "0x00000000",
317. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
318. "size": "0x00000000"
319. },
320. {
321. "virtual_address": "0x00000000",
322. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
323. "size": "0x00000000"
324. },
325. {
326. "virtual_address": "0x00000000",
327. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
328. "size": "0x00000000"
329. },
330. {
331. "virtual_address": "0x00000000",
332. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
333. "size": "0x00000000"
334. },
335. {
336. "virtual_address": "0x00000000",
337. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
338. "size": "0x00000000"
339. },
340. {
341. "virtual_address": "0x00000000",
342. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
343. "size": "0x00000000"
344. },
345. {
346. "virtual_address": "0x00000220",
347. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
348. "size": "0x00000020"
349. },
350. {
351. "virtual_address": "0x00001000",
352. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
353. "size": "0x000000a4"
354. },
355. {
356. "virtual_address": "0x00000000",
357. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
358. "size": "0x00000000"
359. },
360. {
361. "virtual_address": "0x00000000",
362. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
363. "size": "0x00000000"
364. },
365. {
366. "virtual_address": "0x00000000",
367. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
368. "size": "0x00000000"
369. }
370. ],
371. "exports": [],
372. "guest_signers": {},
373. "imphash": "bc32e3d6e1e656c56bfb10376fc9519a",
374. "icon_fuzzy": null,
375. "icon": null,
376. "pdbpath": null,
377. "imported_dll_count": 1,
378. "versioninfo": []
379. }
380. }
381.  
382. [*] Resolved APIs: [
383. "cryptbase.dll.SystemFunction036",
384. "uxtheme.dll.ThemeInitApiHook",
385. "user32.dll.IsProcessDPIAware",
386. "oleaut32.dll.OleLoadPictureEx",
387. "oleaut32.dll.DispCallFunc",
388. "oleaut32.dll.LoadTypeLibEx",
389. "oleaut32.dll.UnRegisterTypeLib",
390. "oleaut32.dll.CreateTypeLib2",
391. "oleaut32.dll.VarDateFromUdate",
392. "oleaut32.dll.VarUdateFromDate",
393. "oleaut32.dll.GetAltMonthNames",
394. "oleaut32.dll.VarNumFromParseNum",
395. "oleaut32.dll.VarParseNumFromStr",
396. "oleaut32.dll.VarDecFromR4",
397. "oleaut32.dll.VarDecFromR8",
398. "oleaut32.dll.VarDecFromDate",
399. "oleaut32.dll.VarDecFromI4",
400. "oleaut32.dll.VarDecFromCy",
401. "oleaut32.dll.VarR4FromDec",
402. "oleaut32.dll.GetRecordInfoFromTypeInfo",
403. "oleaut32.dll.GetRecordInfoFromGuids",
404. "oleaut32.dll.SafeArrayGetRecordInfo",
405. "oleaut32.dll.SafeArraySetRecordInfo",
406. "oleaut32.dll.SafeArrayGetIID",
407. "oleaut32.dll.SafeArraySetIID",
408. "oleaut32.dll.SafeArrayCopyData",
409. "oleaut32.dll.SafeArrayAllocDescriptorEx",
410. "oleaut32.dll.SafeArrayCreateEx",
411. "oleaut32.dll.VarFormat",
412. "oleaut32.dll.VarFormatDateTime",
413. "oleaut32.dll.VarFormatNumber",
414. "oleaut32.dll.VarFormatPercent",
415. "oleaut32.dll.VarFormatCurrency",
416. "oleaut32.dll.VarWeekdayName",
417. "oleaut32.dll.VarMonthName",
418. "oleaut32.dll.VarAdd",
419. "oleaut32.dll.VarAnd",
420. "oleaut32.dll.VarCat",
421. "oleaut32.dll.VarDiv",
422. "oleaut32.dll.VarEqv",
423. "oleaut32.dll.VarIdiv",
424. "oleaut32.dll.VarImp",
425. "oleaut32.dll.VarMod",
426. "oleaut32.dll.VarMul",
427. "oleaut32.dll.VarOr",
428. "oleaut32.dll.VarPow",
429. "oleaut32.dll.VarSub",
430. "oleaut32.dll.VarXor",
431. "oleaut32.dll.VarAbs",
432. "oleaut32.dll.VarFix",
433. "oleaut32.dll.VarInt",
434. "oleaut32.dll.VarNeg",
435. "oleaut32.dll.VarNot",
436. "oleaut32.dll.VarRound",
437. "oleaut32.dll.VarCmp",
438. "oleaut32.dll.VarDecAdd",
439. "oleaut32.dll.VarDecCmp",
440. "oleaut32.dll.VarBstrCat",
441. "oleaut32.dll.VarCyMulI4",
442. "oleaut32.dll.VarBstrCmp",
443. "ole32.dll.CoCreateInstanceEx",
444. "ole32.dll.CLSIDFromProgIDEx",
445. "sxs.dll.SxsOleAut32MapIIDOrCLSIDToTypeLibrary",
446. "user32.dll.GetSystemMetrics",
447. "user32.dll.MonitorFromWindow",
448. "user32.dll.MonitorFromRect",
449. "user32.dll.MonitorFromPoint",
450. "user32.dll.EnumDisplayMonitors",
451. "user32.dll.GetMonitorInfoA",
452. "dwmapi.dll.DwmIsCompositionEnabled",
453. "gdi32.dll.GetLayout",
454. "gdi32.dll.GdiRealizationInfo",
455. "gdi32.dll.FontIsLinked",
456. "advapi32.dll.RegOpenKeyExW",
457. "advapi32.dll.RegQueryInfoKeyW",
458. "gdi32.dll.GetTextFaceAliasW",
459. "advapi32.dll.RegEnumValueW",
460. "advapi32.dll.RegCloseKey",
461. "advapi32.dll.RegQueryValueExW",
462. "gdi32.dll.GetFontAssocStatus",
463. "advapi32.dll.RegQueryValueExA",
464. "advapi32.dll.RegEnumKeyExW",
465. "gdi32.dll.GdiIsMetaPrintDC",
466. "ole32.dll.CoInitializeEx",
467. "ole32.dll.CoUninitialize",
468. "ole32.dll.CoRegisterInitializeSpy",
469. "ole32.dll.CoRevokeInitializeSpy",
470. "gdi32.dll.GetTextExtentExPointWPri",
471. "kernel32.dll.NlsGetCacheUpdateCount",
472. "kernel32.dll.GetCalendarInfoW",
473. "kernel32.dll.GetTickCount",
474. "kernel32.dll.Sleep",
475. "user32.dll.GetCursorPos",
476. "user32.dll.EnumWindows",
477. "kernel32.dll.SetErrorMode",
478. "kernel32.dll.SetLastError",
479. "kernel32.dll.VirtualAllocEx",
480. "kernel32.dll.CloseHandle",
481. "shell32.dll.ShellExecuteW",
482. "kernel32.dll.WriteFile",
483. "kernel32.dll.UnmapViewOfFile",
484. "kernel32.dll.CreateFileW",
485. "kernel32.dll.TerminateProcess",
486. "kernel32.dll.VirtualProtectEx",
487. "kernel32.dll.CreateProcessInternalW",
488. "kernel32.dll.GetTempPathW",
489. "kernel32.dll.GetLongPathNameW",
490. "kernel32.dll.GetFileSize",
491. "kernel32.dll.ReadFile",
492. "ntdll.dll.NtProtectVirtualMemory",
493. "kernel32.dll.GetCommandLineW"
494. ]
495.  
496. [*] Static Analysis: {
497. "pe": {
498. "peid_signatures": null,
499. "imports": [
500. {
501. "imports": [
502. {
503. "name": "MethCallEngine",
504. "address": "0x401000"
505. },
506. {
507. "name": null,
508. "address": "0x401004"
509. },
510. {
511. "name": null,
512. "address": "0x401008"
513. },
514. {
515. "name": null,
516. "address": "0x40100c"
517. },
518. {
519. "name": null,
520. "address": "0x401010"
521. },
522. {
523. "name": null,
524. "address": "0x401014"
525. },
526. {
527. "name": null,
528. "address": "0x401018"
529. },
530. {
531. "name": null,
532. "address": "0x40101c"
533. },
534. {
535. "name": null,
536. "address": "0x401020"
537. },
538. {
539. "name": null,
540. "address": "0x401024"
541. },
542. {
543. "name": null,
544. "address": "0x401028"
545. },
546. {
547. "name": null,
548. "address": "0x40102c"
549. },
550. {
551. "name": null,
552. "address": "0x401030"
553. },
554. {
555. "name": "EVENT_SINK_AddRef",
556. "address": "0x401034"
557. },
558. {
559. "name": null,
560. "address": "0x401038"
561. },
562. {
563. "name": null,
564. "address": "0x40103c"
565. },
566. {
567. "name": null,
568. "address": "0x401040"
569. },
570. {
571. "name": null,
572. "address": "0x401044"
573. },
574. {
575. "name": null,
576. "address": "0x401048"
577. },
578. {
579. "name": "EVENT_SINK_Release",
580. "address": "0x40104c"
581. },
582. {
583. "name": null,
584. "address": "0x401050"
585. },
586. {
587. "name": "EVENT_SINK_QueryInterface",
588. "address": "0x401054"
589. },
590. {
591. "name": "__vbaExceptHandler",
592. "address": "0x401058"
593. },
594. {
595. "name": null,
596. "address": "0x40105c"
597. },
598. {
599. "name": null,
600. "address": "0x401060"
601. },
602. {
603. "name": null,
604. "address": "0x401064"
605. },
606. {
607. "name": null,
608. "address": "0x401068"
609. },
610. {
611. "name": null,
612. "address": "0x40106c"
613. },
614. {
615. "name": null,
616. "address": "0x401070"
617. },
618. {
619. "name": null,
620. "address": "0x401074"
621. },
622. {
623. "name": null,
624. "address": "0x401078"
625. },
626. {
627. "name": null,
628. "address": "0x40107c"
629. },
630. {
631. "name": null,
632. "address": "0x401080"
633. },
634. {
635. "name": null,
636. "address": "0x401084"
637. },
638. {
639. "name": null,
640. "address": "0x401088"
641. },
642. {
643. "name": null,
644. "address": "0x40108c"
645. },
646. {
647. "name": null,
648. "address": "0x401090"
649. },
650. {
651. "name": null,
652. "address": "0x401094"
653. },
654. {
655. "name": null,
656. "address": "0x401098"
657. },
658. {
659. "name": null,
660. "address": "0x40109c"
661. }
662. ],
663. "dll": "MSVBVM60.DLL"
664. }
665. ],
666. "digital_signers": null,
667. "exported_dll_name": null,
668. "actual_checksum": "0x0008f78b",
669. "overlay": null,
670. "imagebase": "0x00400000",
671. "reported_checksum": "0x0008f78b",
672. "icon_hash": null,
673. "entrypoint": "0x004011a0",
674. "timestamp": "2009-08-19 15:24:29",
675. "osversion": "4.0",
676. "sections": [
677. {
678. "name": ".text",
679. "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
680. "virtual_address": "0x00001000",
681. "size_of_data": "0x0007d000",
682. "entropy": "7.08",
683. "raw_address": "0x00001000",
684. "virtual_size": "0x0007c83c",
685. "characteristics_raw": "0x60000020"
686. },
687. {
688. "name": ".data",
689. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
690. "virtual_address": "0x0007e000",
691. "size_of_data": "0x00000000",
692. "entropy": "0.00",
693. "raw_address": "0x00000000",
694. "virtual_size": "0x00003678",
695. "characteristics_raw": "0xc0000040"
696. },
697. {
698. "name": ".rsrc",
699. "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ",
700. "virtual_address": "0x00082000",
701. "size_of_data": "0x00008000",
702. "entropy": "4.49",
703. "raw_address": "0x0007e000",
704. "virtual_size": "0x00007300",
705. "characteristics_raw": "0x40000040"
706. }
707. ],
708. "resources": [],
709. "dirents": [
710. {
711. "virtual_address": "0x00000000",
712. "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
713. "size": "0x00000000"
714. },
715. {
716. "virtual_address": "0x0007d6f4",
717. "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
718. "size": "0x00000028"
719. },
720. {
721. "virtual_address": "0x00082000",
722. "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
723. "size": "0x00007300"
724. },
725. {
726. "virtual_address": "0x00000000",
727. "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
728. "size": "0x00000000"
729. },
730. {
731. "virtual_address": "0x00000000",
732. "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
733. "size": "0x00000000"
734. },
735. {
736. "virtual_address": "0x00000000",
737. "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
738. "size": "0x00000000"
739. },
740. {
741. "virtual_address": "0x00000000",
742. "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
743. "size": "0x00000000"
744. },
745. {
746. "virtual_address": "0x00000000",
747. "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
748. "size": "0x00000000"
749. },
750. {
751. "virtual_address": "0x00000000",
752. "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
753. "size": "0x00000000"
754. },
755. {
756. "virtual_address": "0x00000000",
757. "name": "IMAGE_DIRECTORY_ENTRY_TLS",
758. "size": "0x00000000"
759. },
760. {
761. "virtual_address": "0x00000000",
762. "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
763. "size": "0x00000000"
764. },
765. {
766. "virtual_address": "0x00000220",
767. "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
768. "size": "0x00000020"
769. },
770. {
771. "virtual_address": "0x00001000",
772. "name": "IMAGE_DIRECTORY_ENTRY_IAT",
773. "size": "0x000000a4"
774. },
775. {
776. "virtual_address": "0x00000000",
777. "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
778. "size": "0x00000000"
779. },
780. {
781. "virtual_address": "0x00000000",
782. "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
783. "size": "0x00000000"
784. },
785. {
786. "virtual_address": "0x00000000",
787. "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
788. "size": "0x00000000"
789. }
790. ],
791. "exports": [],
792. "guest_signers": {},
793. "imphash": "bc32e3d6e1e656c56bfb10376fc9519a",
794. "icon_fuzzy": null,
795. "icon": null,
796. "pdbpath": null,
797. "imported_dll_count": 1,
798. "versioninfo": []
799. }
800. }