General

Malware Config

Signatures

Files

• 2b5eefc4bc2d34cbe5093332c47b5405cf5c32e8156767fc8bc9ddd9cdcf3018

  .exe windows x86

  2578cc11ea18f7aa98506cc57c5aba11

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetLocaleInfoA

  GetUserDefaultLCID

  SetFilePointer

  FlushFileBuffers

  GetConsoleCP

  HeapReAlloc

  GetStringTypeW

  GetStringTypeA

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  VirtualFree

  HeapCreate

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetStdHandle

  WriteFile

  IsValidCodePage

  GetOEMCP

  GetACP

  ExitProcess

  HeapSize

  GlobalLock

  SetLastError

  TlsFree

  EnumSystemLocalesA

  TlsAlloc

  TlsGetValue

  GetProcAddress

  GetModuleHandleW

  HeapAlloc

  LCMapStringW

  LCMapStringA

  HeapFree

  GetCPInfo

  RtlUnwind

  RaiseException

  GetStartupInfoA

  GetCommandLineA

  GetConsoleMode

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  CreateThread

  GetCurrentThreadId

  ExitThread

  MultiByteToWideChar

  InterlockedExchange

  WideCharToMultiByte

  GetCurrentProcess

  LoadResource

  MapViewOfFile

  lstrcmpA

  FindResourceA

  GetFileSize

  CreateFileA

  LocalFree

  IsValidLocale

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  GetLocaleInfoW

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  GetSystemTime

  OpenFileMappingA

  GetFileInformationByHandle

  LockResource

  EnumSystemCodePagesW

  VirtualAlloc

  GetLastError

  GlobalUnlock

  ReadFile

  SizeofResource

  Sleep

  TlsSetValue

  GlobalAlloc

  DeleteCriticalSection

  GetModuleHandleA

  WaitForSingleObject

  GetModuleFileNameA

  InitializeCriticalSection

  InterlockedDecrement

  InterlockedIncrement

  GetCommandLineW

  CloseHandle

  WaitForMultipleObjects

  EnterCriticalSection

  TerminateProcess

  CreateProcessA

  GetExitCodeProcess

  LeaveCriticalSection

  CreateEventA

  SetEvent

  TryEnterCriticalSection

  user32

  GetSystemMetrics

  LoadStringA

  LoadImageA

  SetDlgItemTextA

  DestroyMenu

  DialogBoxParamA

  MessageBoxA

  DestroyIcon

  ClientToScreen

  PostMessageA

  CloseClipboard

  GetSystemMenu

  GetWindowRect

  SetActiveWindow

  SendDlgItemMessageA

  GetWindowDC

  FindWindowA

  LoadCursorA

  DispatchMessageA

  CreatePopupMenu

  ShowWindow

  GetMenuItemID

  KillTimer

  GetKeyState

  GetSubMenu

  DrawIconEx

  CopyImage

  GetFocus

  LoadMenuA

  GetClipCursor

  IsWindowEnabled

  wsprintfA

  GetClientRect

  GetDC

  InflateRect

  GetForegroundWindow

  GetMenu

  OffsetRect

  GetWindowTextA

  SetWindowLongA

  InvalidateRect

  GetWindowLongA

  ReleaseDC

  EnableMenuItem

  EmptyClipboard

  MonitorFromWindow

  GetDlgItem

  SetWindowPos

  GetMenuItemInfoA

  IsDlgButtonChecked

  DrawMenuBar

  GetMenuItemCount

  ClipCursor

  OpenClipboard

  UnhookWindowsHookEx

  InsertMenuA

  SetWindowTextA

  UpdateWindow

  SetClipboardData

  CallWindowProcA

  GetDlgItemTextA

  DrawFrameControl

  ModifyMenuA

  IsRectEmpty

  EndPaint

  DestroyWindow

  GetMessageA

  CreateDialogParamA

  InsertMenuItemA

  RegisterClassExA

  PostQuitMessage

  SetForegroundWindow

  LoadIconA

  SendMessageA

  BeginPaint

  IsDialogMessageA

  TranslateMessage

  TrackPopupMenuEx

  CreateWindowExA

  TranslateAcceleratorA

  EndDialog

  DefWindowProcA

  GetCursorPos

  LoadAcceleratorsA

  gdi32

  BitBlt

  PatBlt

  LineTo

  SetTextColor

  DeleteDC

  CreateDIBSection

  GetDeviceCaps

  GetDIBits

  SetBkColor

  ExcludeClipRect

  DeleteObject

  SelectObject

  CreateCompatibleDC

  CreateRectRgnIndirect

  CombineRgn

  CreateCompatibleBitmap

  Rectangle

  StartDocA

  OffsetRgn

  SetDCPenColor

  CreateRectRgn

  CreatePen

  GetStockObject

  ExtTextOutA

  CreateSolidBrush

  MoveToEx

  advapi32

  IsTextUnicode

  InitiateSystemShutdownA

  OpenProcessToken

  LookupPrivilegeValueA

  AdjustTokenPrivileges

  ImpersonateAnonymousToken

  IsTokenUntrusted

  ImpersonateNamedPipeClient

  ImpersonateLoggedOnUser

  ImpersonateSelf

  shell32

  SHBrowseForFolderA

  ShellExecuteA

  CommandLineToArgvW

  ExtractIconExA

  Shell_NotifyIconA

  ole32

  CoUninitialize

  CoRegisterClassObject

  CoRevokeClassObject

  CoInitialize

  StgCreateDocfile

  CreateStreamOnHGlobal

  oleaut32

  SafeArrayAccessData

  OleLoadPicture

  SafeArrayCreate

  VariantInit

  SafeArrayUnaccessData

  OleTranslateColor

  LoadTypeLibEx

  opengl32

  glClearColor

  glDepthFunc

  glTexImage2D

  glShadeModel

  glTexParameteri

  glEnable

  glTexGeni

  glHint

  glClearDepth

  glTexSubImage2D

  comctl32

  ImageList_DragMove

  shlwapi

  StrToIntExA

  PathFindFileNameA

  PathFileExistsA

  uxtheme

  DrawThemeBackground

  GetThemeInt

  msacm32

  acmDriverClose

  wtsapi32

  WTSQuerySessionInformationA

  msvfw32

  DrawDibDraw

  DrawDibOpen

  avifil32

  AVIStreamLength

  AVIStreamGetFrameOpen

  AVIStreamOpenFromFileA

  AVIStreamSampleToTime

  AVIStreamInfoA

  AVIFileInit

  AVIStreamGetFrame

  activeds

  ord24

  ord22

  authz

  AuthzInitializeResourceManager

  ntdsapi

  DsWriteAccountSpnA

  wldap32

  ord143

  ord211

  Sections

  .text

  Size: 209KB - Virtual size: 209KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 56KB - Virtual size: 55KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 9KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 165KB - Virtual size: 164KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ