General

Malware Config

Signatures

Files

• 2bf0cd1ad61a49963afbd88a7aae1bb62775816bc2e2551ec97ab9eeac1aa7a0

  .exe windows x64

  8cd6bfdd312c879adfc6fcc5b6f366c8

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  GetSystemTimeAsFileTime

  GetTickCount64

  CreateThread

  GetSystemTime

  CloseHandle

  DeleteCriticalSection

  GlobalFindAtomW

  CreateEventW

  LockResource

  ResetEvent

  EnterCriticalSection

  HeapSize

  GetLastError

  GlobalUnlock

  GetStartupInfoW

  lstrlenW

  lstrcmpW

  CompareStringW

  MulDiv

  LeaveCriticalSection

  HeapDestroy

  SizeofResource

  WideCharToMultiByte

  GlobalAlloc

  GetModuleHandleW

  SetEvent

  GlobalLock

  GlobalSize

  CreateProcessW

  GetCurrentThreadId

  DecodePointer

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  IsDebuggerPresent

  EncodePointer

  LoadResource

  FindResourceW

  lstrlenA

  HeapReAlloc

  user32

  EmptyClipboard

  gdi32

  ExtCreatePen

  MoveToEx

  GetTextExtentPoint32W

  GetTextMetricsW

  LineTo

  SetTextColor

  DeleteDC

  CreateDIBSection

  CreateFontIndirectW

  GetDeviceCaps

  SetBkColor

  GetRgnBox

  SetBkMode

  SelectObject

  SetRectRgn

  CreateCompatibleDC

  CreateRectRgnIndirect

  CombineRgn

  CreateSolidBrush

  EqualRgn

  GetStockObject

  CreatePatternBrush

  CreateRectRgn

  GetObjectW

  GetTextExtentPointW

  CreateCompatibleBitmap

  advapi32

  RegEnumKeyExW

  RegQueryValueExW

  RegQueryInfoKeyW

  RegDeleteKeyW

  RegSetValueExW

  RegCloseKey

  RegCreateKeyW

  RegOpenKeyExW

  RegEnumValueW

  RegGetValueW

  shell32

  SHGetSpecialFolderPathW

  ShellAboutW

  ole32

  CoInitialize

  CoUninitialize

  CoCreateInstance

  oleaut32

  BSTR_UserFree

  comctl32

  ImageList_Create

  ImageList_Add

  ImageList_Destroy

  rpcrt4

  UuidToStringW

  RpcStringFreeW

  UuidCreate

  winmm

  timeGetTime

  shlwapi

  ord388

  uxtheme

  IsThemeActive

  BufferedPaintClear

  msvcr110

  exit

  _commode

  _onexit

  __dllonexit

  _calloc_crt

  _unlock

  _lock

  __crtSetUnhandledExceptionFilter

  ?terminate@@YAXXZ

  __crtCapturePreviousContext

  __crtTerminateProcess

  __crtUnhandledException

  abort

  memmove

  isspace

  free

  malloc

  isalnum

  tolower

  fopen

  isalpha

  fprintf

  isdigit

  toupper

  fclose

  isxdigit

  _XcptFilter

  _amsg_exit

  __getmainargs

  __set_app_type

  _fmode

  _exit

  _cexit

  _configthreadlocale

  __setusermatherr

  _initterm_e

  _initterm

  __C_specific_handler

  __initenv

  __crt_debugger_hook

  Sections

  .text

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 288B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 158KB - Virtual size: 158KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 156B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ