General

Malware Config

Signatures

Files

• 2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8

  .exe windows x64

  6e4112b289e40bc30768760753501ed6

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  GetProcAddress

  GetModuleHandleA

  SetErrorMode

  LoadLibraryA

  user32

  IsWindow

  GetCursor

  GetDesktopWindow

  GetThreadDesktop

  EndMenu

  GetMessageExtraInfo

  GetDlgCtrlID

  CharLowerA

  CountClipboardFormats

  GetMenuContextHelpId

  IsCharUpperW

  GetClipboardOwner

  IsWindowEnabled

  LoadIconA

  CharUpperA

  gdi32

  EndDoc

  CreateSolidBrush

  UnrealizeObject

  FillPath

  AddFontResourceW

  GdiGetBatchLimit

  CreateCompatibleDC

  BeginPath

  CancelDC

  PathToRegion

  AbortPath

  GetBkColor

  GetTextColor

  advapi32

  RegQueryValueExW

  RegOpenKeyA

  Sections

  .text

  Size: 459KB - Virtual size: 459KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 144B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data2

  Size: 512B - Virtual size: 1B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 85KB - Virtual size: 85KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ