General

Malware Config

Signatures

Files

• dcbef6b0685947ef4d01b84be1212d5e5efcd4c7e4a015ddd2e1d4a9c0cffa74

  .exe windows x86

  c14fb83e6812e3d5bc69106771d695a2

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateNamedPipeA

  TerminateThread

  DeactivateActCtx

  GetConsoleAliasesLengthW

  GetVersionExW

  GetConsoleOutputCP

  GetDefaultCommConfigW

  FindFirstFileExW

  GetDriveTypeA

  FreeEnvironmentStringsW

  GetProcessPriorityBoost

  SetVolumeMountPointW

  SetCurrentDirectoryW

  GetLongPathNameA

  TlsGetValue

  SetComputerNameExW

  FindAtomA

  BuildCommDCBAndTimeoutsA

  VirtualProtect

  GetModuleHandleA

  GlobalAlloc

  InitializeCriticalSection

  TlsSetValue

  GetCommandLineA

  InterlockedDecrement

  GetCalendarInfoA

  CopyFileW

  ZombifyActCtx

  OutputDebugStringW

  GetSystemTimeAdjustment

  GetPriorityClass

  WritePrivateProfileStringW

  GetProcessHeap

  GlobalUnWire

  HeapCompact

  GetStartupInfoA

  GetDiskFreeSpaceExW

  GetCPInfoExW

  GetWindowsDirectoryA

  GetSystemWow64DirectoryW

  GetProfileStringW

  WriteProfileSectionW

  GetProfileStringA

  SetConsoleCursorPosition

  GetLastError

  DeleteVolumeMountPointA

  DebugBreak

  GetPrivateProfileSectionW

  ReadFileScatter

  GetNumberOfConsoleInputEvents

  GetSystemWindowsDirectoryW

  TerminateProcess

  GlobalFindAtomA

  FindCloseChangeNotification

  CreateActCtxA

  SetMailslotInfo

  InterlockedExchange

  DefineDosDeviceA

  SetVolumeMountPointA

  EndUpdateResourceA

  WriteConsoleW

  GetPrivateProfileSectionA

  WritePrivateProfileSectionW

  GetPrivateProfileStructA

  TryEnterCriticalSection

  GetFileAttributesExW

  LocalFileTimeToFileTime

  MoveFileW

  GetVolumePathNameW

  HeapSetInformation

  lstrcmpW

  GetComputerNameA

  FindActCtxSectionStringA

  SetThreadContext

  MoveFileExA

  GlobalUnlock

  UnregisterWait

  BuildCommDCBW

  GlobalDeleteAtom

  GetShortPathNameA

  OpenEventA

  SetCommTimeouts

  WaitNamedPipeW

  CreateIoCompletionPort

  FindResourceExW

  GetSystemTimeAsFileTime

  GetSystemInfo

  SetLocalTime

  OpenSemaphoreA

  FreeEnvironmentStringsA

  GetProcAddress

  GetPrivateProfileSectionNamesA

  SetFileShortNameW

  lstrcpyW

  VerLanguageNameA

  GetThreadSelectorEntry

  GetSystemTime

  UnlockFile

  GetConsoleCP

  GetConsoleAliasW

  SetConsoleScreenBufferSize

  GetAtomNameA

  WriteConsoleInputW

  TransactNamedPipe

  SetCommState

  SetHandleCount

  _lopen

  ResetWriteWatch

  ClearCommBreak

  GetModuleHandleW

  GetOverlappedResult

  EnumDateFormatsW

  GetConsoleAliasExesLengthA

  WriteConsoleOutputCharacterW

  HeapReAlloc

  OpenMutexA

  GetStringTypeW

  SetFilePointer

  PostQueuedCompletionStatus

  AreFileApisANSI

  CancelWaitableTimer

  GetCurrentProcess

  PeekNamedPipe

  GetCompressedFileSizeW

  FindNextVolumeMountPointA

  GetFullPathNameW

  WriteProfileStringW

  InitAtomTable

  GlobalAddAtomA

  TerminateJobObject

  SetFirmwareEnvironmentVariableA

  GetBinaryTypeW

  QueryDosDeviceW

  LeaveCriticalSection

  CreateFileA

  InterlockedIncrement

  WideCharToMultiByte

  MultiByteToWideChar

  InterlockedCompareExchange

  Sleep

  DeleteCriticalSection

  EnterCriticalSection

  RaiseException

  RtlUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetModuleFileNameW

  MoveFileA

  LCMapStringA

  LCMapStringW

  GetCPInfo

  HeapValidate

  IsBadReadPtr

  TlsAlloc

  GetCurrentThreadId

  TlsFree

  SetLastError

  GetStdHandle

  WriteFile

  OutputDebugStringA

  GetFileType

  ExitProcess

  LoadLibraryW

  CloseHandle

  GetACP

  GetOEMCP

  IsValidCodePage

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetModuleFileNameA

  GetEnvironmentStrings

  GetEnvironmentStringsW

  HeapDestroy

  HeapCreate

  HeapFree

  VirtualFree

  GetLocaleInfoA

  GetStringTypeA

  HeapAlloc

  HeapSize

  VirtualAlloc

  IsValidLocale

  EnumSystemLocalesA

  GetUserDefaultLCID

  FlushFileBuffers

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  SetStdHandle

  GetLocaleInfoW

  WriteConsoleA

  user32

  OemToCharA

  msimg32

  AlphaBlend

  Sections

  .text

  Size: 232KB - Virtual size: 232KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 178KB - Virtual size: 332KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .sonu

  Size: 512B - Virtual size: 5B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 38KB - Virtual size: 37KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 17KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ