General

Malware Config

Signatures

Files

• c1de864c681ef619954b3d328b040eb87b6ee435b05aa4ca920adb90cef92bad

  .exe windows x86

  20aee69d0b8fb0358cb53fd4082fba1f

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateNamedPipeA

  TerminateProcess

  DeactivateActCtx

  GetConsoleAliasesLengthW

  GetVersionExW

  GetConsoleOutputCP

  GetDefaultCommConfigW

  FindFirstFileExA

  GetDriveTypeA

  FreeEnvironmentStringsW

  SetProcessPriorityBoost

  SetVolumeMountPointW

  SetCurrentDirectoryA

  GetLongPathNameA

  TlsGetValue

  SetComputerNameExW

  FindAtomA

  BuildCommDCBAndTimeoutsA

  VirtualProtect

  GetModuleHandleA

  GlobalAlloc

  InitializeCriticalSection

  TlsSetValue

  GetCommandLineW

  InterlockedDecrement

  GetCalendarInfoA

  CopyFileW

  ZombifyActCtx

  OutputDebugStringW

  SetSystemTimeAdjustment

  GetPriorityClass

  WritePrivateProfileStringW

  GetProcessHeap

  GlobalWire

  HeapCompact

  GetStartupInfoA

  GetDiskFreeSpaceExA

  GetCPInfoExW

  GetWindowsDirectoryW

  GetSystemWow64DirectoryW

  SetLastError

  WriteProfileSectionW

  GetCalendarInfoW

  GetProfileStringA

  SetConsoleCursorPosition

  GetLastError

  DeleteVolumeMountPointA

  ContinueDebugEvent

  ReadFileScatter

  GetNumberOfConsoleInputEvents

  GetSystemWindowsDirectoryA

  GlobalFindAtomA

  FindNextChangeNotification

  CreateActCtxA

  GetMailslotInfo

  GetPrivateProfileIntA

  _lread

  InterlockedExchange

  DefineDosDeviceA

  SetVolumeMountPointA

  EndUpdateResourceA

  WriteConsoleW

  GetSystemTimeAdjustment

  GetPrivateProfileSectionA

  WritePrivateProfileSectionA

  GetPrivateProfileStructA

  TryEnterCriticalSection

  GetPrivateProfileSectionNamesW

  GetFileAttributesExW

  LocalFileTimeToFileTime

  MoveFileW

  GetVolumePathNameW

  HeapSetInformation

  GetComputerNameA

  FindActCtxSectionStringA

  SetThreadContext

  MoveFileExA

  GlobalCompact

  UnregisterWait

  BuildCommDCBW

  GlobalDeleteAtom

  GetShortPathNameA

  OpenEventA

  SetCommTimeouts

  WaitNamedPipeW

  CreateIoCompletionPort

  GetPrivateProfileSectionNamesA

  FindResourceExW

  GetSystemTimeAsFileTime

  GetSystemInfo

  GetLocalTime

  OpenSemaphoreA

  FreeEnvironmentStringsA

  lstrcmpW

  GetProcAddress

  SetFileShortNameW

  lstrcpyW

  VerLanguageNameA

  GetThreadSelectorEntry

  GetSystemTime

  UnlockFile

  GetConsoleCP

  GetConsoleAliasW

  SetConsoleScreenBufferSize

  GetAtomNameA

  GetConsoleAliasExesLengthA

  WriteConsoleInputW

  CreateMailslotA

  SetCommState

  SetHandleCount

  _lopen

  GetConsoleAliasExesLengthW

  ResetWriteWatch

  ClearCommBreak

  GetOverlappedResult

  EnumDateFormatsA

  GetModuleHandleW

  WriteConsoleOutputCharacterW

  HeapFree

  OpenMutexW

  GetStringTypeW

  SetFilePointer

  PostQueuedCompletionStatus

  AreFileApisANSI

  OpenWaitableTimerW

  GetCurrentProcess

  PeekNamedPipe

  GetCompressedFileSizeW

  FindNextVolumeMountPointA

  GetFullPathNameA

  WriteProfileStringW

  InitAtomTable

  GlobalAddAtomW

  TerminateJobObject

  SetFirmwareEnvironmentVariableA

  GetBinaryTypeW

  QueryDosDeviceA

  LeaveCriticalSection

  CreateFileA

  InterlockedIncrement

  Sleep

  DeleteCriticalSection

  EnterCriticalSection

  RaiseException

  RtlUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetModuleFileNameW

  MoveFileA

  GetCommandLineA

  WideCharToMultiByte

  MultiByteToWideChar

  LCMapStringA

  LCMapStringW

  GetCPInfo

  HeapValidate

  IsBadReadPtr

  TlsAlloc

  GetCurrentThreadId

  TlsFree

  DebugBreak

  GetStdHandle

  WriteFile

  OutputDebugStringA

  GetFileType

  ExitProcess

  LoadLibraryW

  CloseHandle

  GetACP

  GetOEMCP

  IsValidCodePage

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetModuleFileNameA

  GetEnvironmentStrings

  GetEnvironmentStringsW

  HeapDestroy

  HeapCreate

  VirtualFree

  GetLocaleInfoA

  GetStringTypeA

  HeapAlloc

  HeapSize

  HeapReAlloc

  VirtualAlloc

  IsValidLocale

  EnumSystemLocalesA

  GetUserDefaultLCID

  FlushFileBuffers

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  SetStdHandle

  GetLocaleInfoW

  WriteConsoleA

  user32

  OemToCharA

  msimg32

  AlphaBlend

  Sections

  .text

  Size: 227KB - Virtual size: 227KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 68KB - Virtual size: 221KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .lecuwit

  Size: 512B - Virtual size: 5B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 38KB - Virtual size: 37KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 17KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ