General

Malware Config

Signatures

Files

• 1ee1ba514212f11a69d002005dfc623b1871cc808f18ddfa2191102bbb9f623b

  .exe windows x86

  e6e4f44d61de72c55cacdaac14c4d99f

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryW

  LoadLibraryExW

  OutputDebugStringW

  SetFilePointerEx

  ReadFile

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  HeapReAlloc

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCurrentProcessId

  GetModuleFileNameA

  GetFileType

  GetProcessHeap

  GetCurrentThreadId

  GetOEMCP

  GetACP

  IsValidCodePage

  IsDebuggerPresent

  HeapSize

  ExitProcess

  GetModuleFileNameW

  WriteFile

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  SetStdHandle

  WriteConsoleW

  ReadConsoleW

  SetConsoleCursorPosition

  GetConsoleScreenBufferInfo

  FillConsoleOutputAttribute

  FillConsoleOutputCharacterA

  SetFileInformationByHandle

  CreateFileW

  GetModuleHandleA

  CreateEventA

  lstrlenW

  lstrcpyW

  CloseHandle

  GetLocaleInfoW

  LCMapStringW

  GetProcAddress

  GetModuleHandleW

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  GetStdHandle

  WaitForSingleObject

  GetLastError

  TlsAlloc

  TerminateProcess

  GetCurrentProcess

  SetLastError

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetModuleHandleExW

  VirtualAlloc

  HeapAlloc

  GetCPInfo

  InterlockedIncrement

  InterlockedDecrement

  WideCharToMultiByte

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  Sleep

  EncodePointer

  DecodePointer

  MultiByteToWideChar

  GetStringTypeW

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetSystemTimeAsFileTime

  HeapFree

  RaiseException

  RtlUnwind

  IsProcessorFeaturePresent

  GetCommandLineA

  InitializeCriticalSectionAndSpinCount

  user32

  DefWindowProcA

  PostQuitMessage

  EnumDesktopsA

  DispatchMessageA

  SendMessageA

  GetMessageA

  SetScrollPos

  GetIconInfo

  LookupIconIdFromDirectory

  DestroyIcon

  LoadBitmapA

  GetWindowLongA

  UnionRect

  SetRect

  RegisterClassA

  MessageBoxW

  GetClientRect

  SetWindowTextA

  GetCursorPos

  ScrollWindowEx

  EndPaint

  BeginPaint

  SetForegroundWindow

  UpdateWindow

  TrackPopupMenu

  AppendMenuW

  CreatePopupMenu

  SendDlgItemMessageA

  GetDlgItemTextA

  SetDlgItemTextA

  GetDlgItem

  SetWindowPos

  DestroyWindow

  CreateWindowExW

  CreateWindowExA

  gdi32

  GetStockObject

  GetObjectA

  SelectClipPath

  CreateDIBSection

  SelectObject

  BitBlt

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreatePatternBrush

  CreateFontIndirectA

  CreateEllipticRgnIndirect

  CreateEllipticRgn

  CreateCompatibleDC

  shell32

  SHCreateShellItem

  SHBrowseForFolderA

  SHGetFolderPathA

  ole32

  StgCreateDocfile

  CoCreateInstance

  CoInitializeEx

  userenv

  CreateEnvironmentBlock

  shlwapi

  UrlUnescapeW

  comctl32

  ImageList_ReplaceIcon

  InitCommonControlsEx

  gdiplus

  GdiplusShutdown

  opengl32

  glLoadIdentity

  glOrtho

  glMatrixMode

  glViewport

  glu32

  gluLookAt

  setupapi

  SetupDiGetClassDevsA

  Exports

  Exports

  Stop

  Sections

  .text

  Size: 234KB - Virtual size: 233KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 97KB - Virtual size: 96KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 13KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 109KB - Virtual size: 108KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ