General

Malware Config

Signatures

Files

• ff37a6c3a4b5fbf3a25504f2ff6ffa37e1c4c26b606db769d0e09fb7ac041a6c

  .exe windows x86

  b8821a257fae3c8294a3054aae9f04e3

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  GetModuleHandleW

  GetFullPathNameW

  GetFileAttributesW

  GetVersionExA

  VerifyVersionInfoW

  InitializeCriticalSection

  DeleteCriticalSection

  RemoveDirectoryW

  WriteConsoleW

  SetStdHandle

  LCMapStringW

  CompareStringW

  VirtualQuery

  GetTimeZoneInformation

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetConsoleCtrlHandler

  GetStringTypeW

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  ReadConsoleW

  GetConsoleMode

  GetConsoleCP

  UnhandledExceptionFilter

  GetStartupInfoW

  GetFileType

  GetStdHandle

  IsProcessorFeaturePresent

  SetEnvironmentVariableW

  HeapReAlloc

  GetModuleHandleExW

  ExitProcess

  RtlUnwind

  AreFileApisANSI

  GetModuleFileNameW

  FindClose

  WriteFile

  GetFileSize

  SetLastError

  GetExitCodeProcess

  GetCurrentProcess

  OpenProcess

  LocalFree

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  InterlockedDecrement

  InterlockedIncrement

  VerSetConditionMask

  FreeLibrary

  LoadLibraryA

  Sleep

  InterlockedCompareExchange

  InterlockedExchange

  MoveFileExW

  CopyFileA

  CreateFileA

  GetTickCount

  GetLastError

  SetEnvironmentVariableA

  CreateProcessA

  GetModuleHandleA

  OpenEventA

  CloseHandle

  SetEvent

  SetErrorMode

  GetCurrentProcessId

  PostQueuedCompletionStatus

  CreateIoCompletionPort

  GetVersion

  GlobalFree

  GetDateFormatA

  GetTimeFormatA

  FileTimeToSystemTime

  GetLocalTime

  FileTimeToLocalFileTime

  SystemTimeToTzSpecificLocalTime

  FindFirstFileExW

  GetProcAddress

  WideCharToMultiByte

  MultiByteToWideChar

  DeviceIoControl

  SetProcessAffinityMask

  SetConsoleMode

  ReadConsoleInputA

  GetProcessHeaps

  DebugBreak

  HeapValidate

  HeapSize

  HeapFree

  HeapAlloc

  InterlockedExchangeAdd

  GetCurrentDirectoryA

  OutputDebugStringA

  LeaveCriticalSection

  EnterCriticalSection

  GetCurrentThreadId

  GlobalMemoryStatus

  FlushConsoleInputBuffer

  SetUnhandledExceptionFilter

  GetSystemInfo

  GetProcessAffinityMask

  GetCurrentDirectoryW

  SetCurrentDirectoryW

  OutputDebugStringW

  GetModuleFileNameA

  CreateEventA

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  WaitForSingleObject

  TryEnterCriticalSection

  InitializeCriticalSectionAndSpinCount

  ResumeThread

  SuspendThread

  GetExitCodeThread

  TerminateThread

  GetThreadPriority

  GetFullPathNameA

  PeekNamedPipe

  SetThreadPriority

  OpenThread

  SetThreadAffinityMask

  GetCurrentThread

  LoadLibraryW

  LoadLibraryExA

  LoadLibraryExW

  GetFileInformationByHandle

  GetFileSizeEx

  ReadFile

  FlushFileBuffers

  SetEndOfFile

  SetFilePointer

  SetFilePointerEx

  GetFileTime

  SetFileTime

  SleepEx

  GetDriveTypeW

  GetDiskFreeSpaceA

  GetDiskFreeSpaceExW

  CreateDirectoryW

  CreateFileW

  SetFileAttributesW

  GetFileAttributesExW

  DeleteFileW

  FindFirstFileW

  FindNextFileW

  GetTimeFormatW

  GetDateFormatW

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GlobalMemoryStatusEx

  GetProcessHeap

  HeapLock

  HeapUnlock

  HeapWalk

  HeapSetInformation

  HeapQueryInformation

  TerminateProcess

  GetCommandLineA

  IsDebuggerPresent

  RaiseException

  SwitchToThread

  CreateThread

  GetConsoleScreenBufferInfo

  PeekConsoleInputA

  FindFirstFileExA

  GetConsoleDisplayMode

  SetComputerNameW

  CreateFiber

  SetTapePosition

  SetThreadContext

  GetEnvironmentStringsA

  GetPrivateProfileSectionA

  GetConsoleAliasesLengthA

  GetProcessWorkingSetSize

  GetConsoleAliasExesLengthW

  GetPrivateProfileIntW

  ConnectNamedPipe

  GetSystemDirectoryW

  VirtualUnlock

  GetLocaleInfoA

  GetProfileSectionW

  BuildCommDCBA

  WaitNamedPipeW

  SetVolumeLabelA

  OpenWaitableTimerA

  GetTempFileNameA

  lstrcmp

  VirtualProtectEx

  GetNamedPipeInfo

  OpenFileMappingA

  MapUserPhysicalPages

  FreeConsole

  GetPrivateProfileSectionNamesW

  FindResourceA

  MapViewOfFileEx

  CreateFileMappingA

  DeleteFileA

  SetFileAttributesA

  LocalAlloc

  GetFileAttributesA

  GetComputerNameA

  GetSystemDirectoryA

  LoadResource

  UnmapViewOfFile

  GetStringTypeA

  VirtualProtect

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  SetHandleCount

  GetStartupInfoA

  HeapDestroy

  HeapCreate

  VirtualFree

  LCMapStringA

  user32

  LoadIconA

  LoadCursorFromFileW

  GetAsyncKeyState

  GetForegroundWindow

  GetKeyboardLayout

  GetDC

  GetSystemMetrics

  GetDlgCtrlID

  GetListBoxInfo

  GetThreadDesktop

  ShowCaret

  DestroyWindow

  GetClipboardViewer

  GetTopWindow

  CharLowerA

  IsWindow

  GetFocus

  GetOpenClipboardWindow

  CreateMenu

  GetCapture

  GetKBCodePage

  wsprintfA

  SetDlgItemInt

  GetMessageA

  TranslateMessage

  DispatchMessageA

  PeekMessageA

  SendMessageA

  PostMessageA

  DefWindowProcA

  RegisterClassExA

  CreateWindowExA

  SetWindowPos

  SetDlgItemTextA

  OpenClipboard

  CloseClipboard

  SetClipboardData

  EmptyClipboard

  GetWindowTextLengthA

  GetProcessWindowStation

  GetUserObjectInformationW

  ShowWindow

  GetWindowRect

  MessageBoxA

  GetDesktopWindow

  DialogBoxParamA

  EndDialog

  GetDlgItemInt

  GetDlgItem

  ReleaseDC

  GetWindowThreadProcessId

  EnumWindows

  IsWindowVisible

  GetMonitorInfoA

  MonitorFromWindow

  LoadCursorA

  SetClassLongA

  SetWindowLongA

  GetWindowLongA

  MessageBoxW

  SetWindowTextW

  RedrawWindow

  EndPaint

  BeginPaint

  UpdateWindow

  KillTimer

  SetTimer

  MsgWaitForMultipleObjects

  MoveWindow

  SetWindowRgn

  ExitWindowsEx

  DdeCreateStringHandleA

  DdeEnableCallback

  FindWindowW

  LoadCursorW

  PostMessageW

  MessageBeep

  GetMenuContextHelpId

  MonitorFromPoint

  CharPrevW

  GetMenuDefaultItem

  GetLastInputInfo

  MessageBoxExW

  CopyAcceleratorTableW

  GetGUIThreadInfo

  ClipCursor

  RegisterWindowMessageA

  GetWindowDC

  LoadMenuIndirectW

  CharToOemW

  EnumDisplayDevicesA

  UnloadKeyboardLayout

  GetSysColorBrush

  LoadImageW

  CharLowerBuffW

  WINNLSGetIMEHotkey

  EqualRect

  MapVirtualKeyExA

  LoadStringA

  gdi32

  GetStockObject

  CreateMetaFileA

  CreatePatternBrush

  GetPolyFillMode

  DeleteDC

  FillPath

  UnrealizeObject

  AddFontResourceA

  GetFontLanguageInfo

  TextOutW

  CreateDIBSection

  SetTextColor

  SetBkMode

  SetBkColor

  SelectObject

  RemoveFontMemResourceEx

  AddFontMemResourceEx

  GetTextExtentPoint32W

  DeleteObject

  CreateICA

  CreateFontA

  CreateCompatibleDC

  SwapBuffers

  SetPixelFormat

  ChoosePixelFormat

  GdiValidateHandle

  EngGetCurrentCodePage

  SetTextAlign

  GdiEntry11

  SetMiterLimit

  EngCreateBitmap

  OffsetRgn

  GdiReleaseLocalDC

  SetDIBColorTable

  DeviceCapabilitiesExA

  GetClipBox

  GetCharWidthInfo

  GetCharacterPlacementA

  EngDeletePalette

  GdiPlayScript

  GdiGetLocalFont

  EngAlphaBlend

  PolylineTo

  GdiArtificialDecrementDriver

  FixBrushOrgEx

  STROBJ_bEnumPositionsOnly

  GdiSetBatchLimit

  SetColorSpace

  GetTextCharacterExtra

  SetDeviceGammaRamp

  CreatePolyPolygonRgn

  CopyMetaFileW

  Rectangle

  GetTextCharset

  CreateDIBPatternBrush

  GdiPlayPrivatePageEMF

  GetCharABCWidthsA

  GdiEntry13

  GetGlyphOutline

  GdiEntry12

  GdiIsMetaFileDC

  GdiTransparentBlt

  GetObjectA

  advapi32

  RegOpenKeyA

  RegQueryValueExA

  RegCloseKey

  RegSetValueExA

  DeregisterEventSource

  RegisterEventSourceA

  ReportEventA

  RegQueryValueExW

  RegOpenKeyExA

  RegEnumKeyExA

  shell32

  SHGetFileInfoW

  SHQueryRecycleBinW

  SHBindToParent

  comctl32

  InitCommonControlsEx

  Sections

  .text

  Size: 2.2MB - Virtual size: 2.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ