Manalyze report for 499573b29d2641689c549d0639ad6487bd443872251a38f9777869e62f654a36

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2009-Feb-11 16:02:04
Detected languages	English - United States

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C++ 6.0 - 8.0` `Microsoft Visual C++ 8` `Microsoft Visual C++ 8.0` `MSVC++ v.8 (procedure 1 recognized - h)`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to CRC32`
Suspicious	The PE is possibly packed.	`Unusual section name found: .secu` `Section .secu is both writable and executable.`
Suspicious	The PE contains functions most legitimate programs don't use.	`[!] The program may be hiding some of its imports: LoadLibraryA GetProcAddress LoadLibraryW` `Functions which can be used for anti-debugging purposes: CreateToolhelp32Snapshot` `Possibly launches other programs: ShellExecuteW` `Manipulates other processes: Process32NextW Process32FirstW` `Can take screenshots: GetDC CreateCompatibleDC`
Suspicious	The file contains overlay data.	`10999998 bytes of data starting at offset 0x315000.` `Overlay data amounts for 77.292% of the executable.`
Malicious	VirusTotal score: 11/72 (Scanned on 2026-04-07 00:51:30)	`APEX: Malicious` `CAT-QuickHeal: Trojan.Ghanarava.1515421465a38ea0` `CrowdStrike: win/malicious_confidence_60% (W)` `DeepInstinct: MALICIOUS` `Google: Detected` `Gridinsoft: Virus.Win32.Virut.cl` `Microsoft: PUA:Win32/GameHack` `NANO-Antivirus: Virus.Win32.Virut-Gen.bwpxnc` `TrellixENS: Artemis!E26B9BEE8555` `Varist: W32/Risk.LORQ-1960` `Xcitium: Virus.Win32.Virut.CE@1fhkga`

Hashes

MD5	`e26b9bee8555ef543cdb636170a38ea0`
SHA1	`2a6d9d8c303924d989845bc6c3f1cce3c899ef59`
SHA256	`499573b29d2641689c549d0639ad6487bd443872251a38f9777869e62f654a36`
SHA3	`aed8ec737a1a1feef0ea88e93d1b86a2a8545d51f3761bd6b08e72057d34164c`
SSDeep	`24576:98qvkZUeUAvWT2jmmX1agk90I/nyf63EZOpzx8pViAdQWyY0xq3yugnyePC2lZo:9DkiesT5mTwhmcxY0UGcrWBPlbs94ZA`
Imports Hash	`39e65eab83e0e6d32006bf325364dd58`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x118`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`5`
TimeDateStamp	2009-Feb-11 16:02:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_RELOCS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`8.0`
SizeOfCode	`0x26b000`
SizeOfInitializedData	`0x16d000`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x0021C2A1 (Section: .text)`
BaseOfCode	`0x1000`
BaseOfData	`0x238000`
ImageBase	`0x400000`
SectionAlignment	`0x1000`
FileAlignment	`0x1000`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x3d9000`
SizeOfHeaders	`0x1000`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x500000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`16`

.text

MD5	`158bb9a3c71ee0736781ef2c70e90ea1`
SHA1	`78c00abf1268643e386c3bc51ad0d1679b610bf5`
SHA256	`027adf4070f1ee0a6daee02966634c4e430f0c0371a4656739dbae7d265de8a1`
SHA3	`4dcf2d0977cbc8210a5d2ef624fa352d159021f40a3d44609032ccdf975e1dc7`
VirtualSize	`0x23649a`
VirtualAddress	`0x1000`
SizeOfRawData	`0x237000`
PointerToRawData	`0x1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`6.46774`

.rdata

MD5	`aa425eca59a858ab41c9f2cbd1ed13ca`
SHA1	`36c312b6487fd4a42ebed40bbc400a4790c42cb5`
SHA256	`6c93a87ae082c82a3576236d4237733c72cc7044e4ac999ff64d594ec7a84888`
SHA3	`484b17c6bad115af699678710628691f561a120451825bb60ccc9c056c8c1659`
VirtualSize	`0x4cd38`
VirtualAddress	`0x238000`
SizeOfRawData	`0x4d000`
PointerToRawData	`0x238000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.43515`

.data

MD5	`d116ae9fc925a823336fd5998f23a77b`
SHA1	`6a4af0c24b1f058ad3a9a64c40346d2f2e8936ff`
SHA256	`8c458e319fb7e702045fe6b76fe167d7897aaf15024b9153c82e950989797d5a`
SHA3	`f9b8dbf58caa1f124c1916eb2cf62461b86d93ec61240fda501d11a1df20a520`
VirtualSize	`0x11c024`
VirtualAddress	`0x285000`
SizeOfRawData	`0x59000`
PointerToRawData	`0x285000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`3.01154`

.rsrc

MD5	`01d137f51371fc1b06b55185c0c93f53`
SHA1	`ab6a1ad9c3c5c2922f369afb7fe4c3ba1a9a1bfb`
SHA256	`9c70d502aa248593e431fb2c01d0ce67d992df53602f91f4bb4b85e0c08379ee`
SHA3	`fcf0ea18cc90a23cbfccb3a55a79754bd1616ba80b9c2f4965e753b5ceb46b87`
VirtualSize	`0x2d68`
VirtualAddress	`0x3a2000`
SizeOfRawData	`0x3000`
PointerToRawData	`0x2de000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.50263`

.secu

MD5	`3a6873ed21c6b2b14bee3fbda2c0e797`
SHA1	`585b49acf7ba0684aee213fdddbe6ac7755c5be4`
SHA256	`7e6b62610e88e9811316d5a438218eccda49ac300b43055c20f5ea8cca1c3f7e`
SHA3	`317e4d677c6c240278b30b5d1ef9346e128f0ee8ff57fcc3e8b153860c4b0188`
VirtualSize	`0x33f80`
VirtualAddress	`0x3a5000`
SizeOfRawData	`0x34000`
PointerToRawData	`0x2e1000`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`5.04301`

Imports

d3dx9_35.dll	`D3DXCreateEffectPool` `D3DXCreateEffectEx` `D3DXMatrixInverse` `D3DXMatrixOrthoLH` `D3DXMatrixMultiply` `D3DXMatrixTranspose`
WINMM.dll	`timeBeginPeriod` `timeEndPeriod`
COMCTL32.dll	`#17`
fmod_event.dll	`?setCallback@Event@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_EVENT@@W4FMOD_EVENT_CALLBACKTYPE@@PAX22@Z2@Z` `_FMOD_EventSystem_Create@4` `?start@Event@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?setVolume@Event@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?stop@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?getUserData@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAPAX@Z` `?setPaused@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?setPitch@Event@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?set3DAttributes@Event@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@00@Z` `?getPropertyByIndex@Event@FMOD@@QAG?AW4FMOD_RESULT@@HPAX_N@Z` `?setUserData@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAX@Z` `?getState@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z` `_FMOD_File_SetDiskBusy@4` `_FMOD_Debug_SetLevel@4`
fmodex.dll	`?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z` `?setPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z` `?getOpenState@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OPENSTATE@@PAIPA_N@Z` `?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ` `?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z` `?getPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z` `?setCallback@Channel@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNEL_CALLBACKTYPE@@P6G?AW43@PAUFMOD_CHANNEL@@0HII@ZH@Z` `?setSpeakerLevels@Channel@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKER@@PAMH@Z` `?setFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z` `?set3DMinMaxDistance@Channel@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z` `?set3DAttributes@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@0@Z` `?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z` `?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z` `?getSubSound@Sound@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@@Z` `?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z` `?setPriority@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z` `?getFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z` `?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z` `FMOD_Memory_Initialize` `FMOD_Memory_GetStats` `?set3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_VECTOR@@000@Z` `?setSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@HW4FMOD_SOUND_FORMAT@@HHW4FMOD_DSP_RESAMPLER@@@Z` `?setSpeakerMode@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKERMODE@@@Z` `?setDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@IH@Z` `?getDriverCaps@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAIPAH1PAW4FMOD_SPEAKERMODE@@@Z` `?setSoftwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@H@Z` `?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z` `?setVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z`
DINPUT8.dll	`DirectInput8Create`
binkw32.dll	`_BinkOpen@8` `_BinkSetVolume@12` `_BinkWait@4` `_BinkClose@4` `_BinkSetSoundSystem@8` `_BinkDoFrame@4` `_BinkShouldSkip@4` `_BinkNextFrame@4` `_BinkCopyToBufferRect@44` `_BinkGetRects@8` `_BinkOpenDirectSound@4` `_BinkPause@8`
SHLWAPI.dll	`PathAppendW` `PathFileExistsW`
KERNEL32.dll	`GetConsoleMode` `GetConsoleCP` `GetLocaleInfoA` `GetStringTypeW` `GetStringTypeA` `GetCurrentProcessId` `GetTickCount` `GetCommandLineA` `GetEnvironmentStringsW` `FreeEnvironmentStringsW` `GetEnvironmentStrings` `FreeEnvironmentStringsA` `GetStartupInfoA` `SetHandleCount` `SetFilePointer` `LCMapStringW` `LCMapStringA` `LoadLibraryA` `HeapSize` `VirtualAlloc` `VirtualFree` `HeapCreate` `HeapDestroy` `GetModuleFileNameA` `GetCurrentThreadId` `SetLastError` `TlsFree` `TlsSetValue` `TlsAlloc` `TlsGetValue` `IsValidCodePage` `GetOEMCP` `GetACP` `InterlockedDecrement` `InterlockedIncrement` `GetCPInfo` `GetStartupInfoW` `GetProcessHeap` `GetSystemTimeAsFileTime` `FlushFileBuffers` `WideCharToMultiByte` `ExitProcess` `GetModuleHandleA` `RtlUnwind` `SetStdHandle` `IsDebuggerPresent` `SetUnhandledExceptionFilter` `UnhandledExceptionFilter` `TerminateProcess` `HeapFree` `HeapAlloc` `HeapReAlloc` `GetStdHandle` `WriteConsoleW` `CreateFileA` `WriteConsoleA` `EnterCriticalSection` `LeaveCriticalSection` `InitializeCriticalSection` `QueryPerformanceCounter` `QueryPerformanceFrequency` `DeleteCriticalSection` `GetModuleHandleW` `GetVersionExW` `MultiByteToWideChar` `FreeLibrary` `GetProcAddress` `LoadLibraryW` `GetCommandLineW` `SetThreadExecutionState` `Sleep` `GetLastError` `GetModuleFileNameW` `CloseHandle` `GetCurrentProcess` `lstrlenW` `GetVersionExA` `GetFileAttributesW` `ExpandEnvironmentStringsW` `CreateEventW` `WriteFile` `CreateFileW` `GetUserDefaultUILanguage` `ReadFile` `CompareFileTime` `SystemTimeToFileTime` `GetDiskFreeSpaceW` `SystemTimeToTzSpecificLocalTime` `GetTimeZoneInformation` `GetSystemTime` `FindClose` `FindFirstFileW` `SetFileAttributesW` `DeleteFileW` `Process32NextW` `Process32FirstW` `CreateToolhelp32Snapshot` `SetProcessAffinityMask` `GetConsoleOutputCP` `SetEndOfFile` `RaiseException` `GetFileType`
USER32.dll	`SendMessageW` `IsWindowVisible` `IsZoomed` `AdjustWindowRect` `IsIconic` `SetWindowPos` `SetWindowPlacement` `GetMenu` `GetWindowPlacement` `SetMenu` `SetWindowLongW` `GetWindowLongW` `DefWindowProcW` `GetCursorPos` `UnregisterClassW` `DestroyWindow` `DestroyMenu` `ScreenToClient` `CreateWindowExW` `PostQuitMessage` `RegisterClassW` `LoadCursorW` `DestroyAcceleratorTable` `DispatchMessageW` `TranslateMessage` `TranslateAcceleratorW` `PeekMessageW` `GetMonitorInfoW` `EnumDisplaySettingsW` `SystemParametersInfoA` `SetTimer` `UnhookWindowsHookEx` `SetWindowsHookExW` `CallNextHookEx` `GetIconInfo` `GetDC` `ReleaseDC` `ShowWindow` `GetSystemMetrics` `MessageBoxW` `GetClientRect` `SetCursor` `GetClassLongW` `GetWindowRect` `ClipCursor` `SetRect` `SystemParametersInfoW`
GDI32.dll	`GetDIBits` `DeleteObject` `GetObjectW` `CreateCompatibleDC` `SelectObject` `GetStockObject` `DeleteDC`
SHELL32.dll	`SHGetFolderPathW` `SHCreateDirectoryExW` `ShellExecuteW` `ExtractIconW` `CommandLineToArgvW`

Delayed Imports

1

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.26796`
MD5	`2c458b879f1e319ebdb5ec2d94f18b0d`
SHA1	`959f1ae6d49534eeb63e8ad6081bb716e09c30dc`
SHA256	`18bcde27c4f41cf2e1f4c2eca550e86d9da84d7675e9d5809af4e9635f598512`
SHA3	`300294e4277481c30745b685bc3b191a02af4d5d78dee7baa5b62d1d3e48d6e6`

2

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.51695`
MD5	`d6b6c2444900824372a1ce0258244198`
SHA1	`747428e31189593ee135b128396d64f1648d6bcc`
SHA256	`c989364f9add04669548d664cbf990184f9a26c6750b7814e78456324f12cd55`
SHA3	`74fb327d4a65f73412fd2cfca4206a64009c0c2b48f841eafc859003c0ef13db`

3

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.21321`
MD5	`4333fc619fb7a3b32231a24bd575fb00`
SHA1	`a3a029bf41a991054828759889bccc82db92981c`
SHA256	`c6492dd2d2d064f1a3b35ab866863b70b8631849ee990dc0c3e4214071f9bb42`
SHA3	`816900ae8d3127638382efa68e769e5a0df94389fa5b30ab2920ade11b88cf3d`

4

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.32075`
MD5	`2ba27d88c5a39c3f31b7db965694c637`
SHA1	`d6f125c9bec5e8add0e5e2f51dbe7b9b02caeea1`
SHA256	`98bd9edaaba9ef13b4136e231bdc8db92df82f6941b0b851ed577c092f86fc73`
SHA3	`647fcdc222630b20d3ae302e0626f20b1e011396a5a7e05f10a943cc0f1b08c2`

5

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.23059`
MD5	`8436e3f6daaf9b76a1cec64cb58a305b`
SHA1	`6b2f3e08cb80237de3aea89fe5f9eb296636dfc0`
SHA256	`382e3c0965ba614f05c471906119c9f3712768d6f76b49aac88438dc6bfde6fb`
SHA3	`46a128b8d48aedcb2f6d1fd8d4b83bd7cf35c2b440cabe4d95e96537ce62f7d9`

6

Type	`RT_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`6.13165`
MD5	`67604f8f0d68dd52a98abc00e6983c90`
SHA1	`675e27e6f82d38e819765064c53304c275ac27c5`
SHA256	`1953ca299668daae255e57d99a7374dafc586a93777361c435d7ed0ffe0b3b49`
SHA3	`17c7d64e286b4e709cf654a2174c0bea2673d4361431a453b2add769c57ac891`

116

Type	`RT_GROUP_ICON`
Language	English - United States
Codepage	UNKNOWN
Size	`0x5a`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.86669`
Detected Filetype	Icon file
MD5	`172fa8d15b72e28b37524dde17ca5f1a`
SHA1	`f0802242829ad5cf23a38178e7fe1ae903f489de`
SHA256	`10774da934323cf587f613f65626937843c1b879d7ce6539f113d2e8f6746fd5`
SHA3	`a3864189b88346971cc48cfc813b8e69102d1446a3f9e11f1991abf2c7867af0`

1 (#2)

Type	`RT_MANIFEST`
Language	English - United States
Codepage	UNKNOWN
Size	`0x3f4`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.0304`
MD5	`7db8619246f5a5689e62fae2daec82e9`
SHA1	`50cef0476f1d806cfbf720ec5d684b82ed0ef205`
SHA256	`9995ee99b0e36aa1ba132581ca216e5a634f29c3c2e9a353633f15ea9fedeef0`
SHA3	`f6bc4f46c7a2ca4d0b6e5d51fb44c7eef2c564a4211193433f35315eb73691b3`

Version Info

IMAGE_DEBUG_TYPE_UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.0`
SizeofData	`0`
AddressOfRawData	`0`
PointerToRawData	`0`

TLS Callbacks

Load Configuration

Size	`0x48`
TimeDateStamp	`1970-Jan-01 00:00:00`
Version	`0.0`
GlobalFlagsClear	`(EMPTY)`
GlobalFlagsSet	`(EMPTY)`
CriticalSectionDefaultTimeout	`0`
DeCommitFreeBlockThreshold	`0`
DeCommitTotalFreeThreshold	`0`
LockPrefixTable	`0`
MaximumAllocationSize	`0`
VirtualMemoryThreshold	`0`
ProcessAffinityMask	`0`
ProcessHeapFlags	`(EMPTY)`
CSDVersion	`0`
Reserved1	`0`
EditList	`0`
SecurityCookie	`0x6dc2e0`
SEHandlerTable	`0x681180`
SEHandlerCount	`61`

RICH Header

Errors

[*] Warning: Yara callback received an unhandled message (6).

Leave a comment

No comments yet.