General

Malware Config

Signatures

Files

• df4fb288356a3db73065c8da1245dc2548355a9b5168918846ddc4f3bdde1460

  .exe windows x86

  8d0f0930be45e07bd09e3da7526fd89b

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  GetModuleHandleW

  OpenProcess

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  WriteConsoleInputW

  FreeConsole

  lstrcpynA

  GetVolumeNameForVolumeMountPointA

  SetCriticalSectionSpinCount

  SetCommBreak

  FlushViewOfFile

  ScrollConsoleScreenBufferA

  GetPrivateProfileSectionNamesA

  DeviceIoControl

  Heap32ListNext

  VirtualProtect

  GetMailslotInfo

  GetProfileIntW

  VerLanguageNameA

  DebugActiveProcess

  SwitchToFiber

  GetLocaleInfoW

  FillConsoleOutputAttribute

  CreateMailslotW

  ReadConsoleA

  HeapFree

  LocalCompact

  SetTapeParameters

  SetMailslotInfo

  CallNamedPipeW

  CreateJobObjectW

  SetFileAttributesA

  Process32FirstW

  GetProcessAffinityMask

  CancelWaitableTimer

  FoldStringA

  GetPrivateProfileSectionW

  CreateThread

  SetComputerNameExA

  EnumCalendarInfoA

  IsDebuggerPresent

  GetSystemTimeAsFileTime

  HeapAlloc

  RtlUnwind

  HeapReAlloc

  RaiseException

  HeapSize

  VirtualQuery

  GetStdHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  GetCPInfo

  GetACP

  SetUnhandledExceptionFilter

  IsValidCodePage

  GetTimeZoneInformation

  GetTimeFormatA

  GetDateFormatA

  GetConsoleCP

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  CreateFileA

  SetEnvironmentVariableA

  UnhandledExceptionFilter

  TerminateProcess

  GetStartupInfoW

  GetTickCount

  GetFileTime

  GetFileSizeEx

  GetFileAttributesW

  FileTimeToLocalFileTime

  SetErrorMode

  FileTimeToSystemTime

  lstrlenA

  InterlockedIncrement

  TlsFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalHandle

  GlobalReAlloc

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  GlobalFlags

  CreateFileW

  GetFullPathNameW

  GetVolumeInformationW

  FindFirstFileW

  FindClose

  GetCurrentProcess

  DuplicateHandle

  GetFileSize

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  WriteFile

  ReadFile

  GetThreadLocale

  InterlockedDecrement

  GlobalFindAtomW

  GetVersionExW

  CompareStringW

  GetVersionExA

  MulDiv

  GetCurrentProcessId

  GlobalAddAtomW

  SetLastError

  GlobalUnlock

  lstrlenW

  WritePrivateProfileStringW

  FreeResource

  GlobalFree

  GlobalDeleteAtom

  GetCurrentThread

  GetCurrentThreadId

  ConvertDefaultLocale

  EnumResourceLanguagesW

  lstrcmpA

  LoadLibraryW

  CompareStringA

  InterlockedExchange

  GlobalLock

  lstrcmpW

  GlobalAlloc

  FreeLibrary

  ExpandEnvironmentStringsW

  GetSystemInfo

  GetProcAddress

  FormatMessageW

  Sleep

  MultiByteToWideChar

  WideCharToMultiByte

  CloseHandle

  GetLastError

  DeleteFileW

  GetCommandLineW

  FindResourceW

  LoadResource

  LockResource

  GetOEMCP

  SizeofResource

  user32

  LoadIconA

  CharNextW

  GetForegroundWindow

  SetWindowsHookW

  IMPSetIMEW

  KillTimer

  DrawFocusRect

  InvertRect

  GetMenuStringW

  CreateIconFromResourceEx

  CheckDlgButton

  EndMenu

  CreateDialogParamA

  SetWindowLongA

  GetDesktopWindow

  CreateMDIWindowW

  MonitorFromRect

  GetKBCodePage

  FindWindowW

  wvsprintfW

  DdeCreateStringHandleW

  GetListBoxInfo

  IsCharLowerA

  ModifyMenuW

  CopyIcon

  TrackPopupMenu

  CreateCursor

  DrawStateW

  CloseDesktop

  DestroyWindow

  SetProcessWindowStation

  GetClipCursor

  IsDialogMessage

  GetMenuItemRect

  ChangeMenuW

  GetLastInputInfo

  GetAltTabInfoA

  DdeImpersonateClient

  FindWindowExA

  GetNextDlgGroupItem

  CopyAcceleratorTableW

  SetMenuItemInfoA

  PostThreadMessageW

  MessageBeep

  InvalidateRgn

  InvalidateRect

  SetRect

  IsRectEmpty

  ReleaseCapture

  LoadCursorW

  SetCapture

  CharUpperW

  EndPaint

  BeginPaint

  GetWindowDC

  ClientToScreen

  GrayStringW

  DrawTextExW

  DrawTextW

  TabbedTextOutW

  DestroyMenu

  ShowWindow

  MoveWindow

  SetWindowTextW

  IsDialogMessageW

  RegisterWindowMessageW

  SendDlgItemMessageW

  SendDlgItemMessageA

  WinHelpW

  IsChild

  GetCapture

  GetClassLongW

  GetClassNameW

  SetPropW

  GetPropW

  RemovePropW

  SetFocus

  GetWindowTextLengthW

  GetWindowTextW

  GetTopWindow

  UnhookWindowsHookEx

  GetMessageTime

  GetMessagePos

  SetMenu

  SetForegroundWindow

  UpdateWindow

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  GetSysColor

  AdjustWindowRectEx

  EqualRect

  PtInRect

  GetDlgCtrlID

  DefWindowProcW

  CallWindowProcW

  GetMenu

  SetWindowLongW

  OffsetRect

  IntersectRect

  SystemParametersInfoA

  GetWindowPlacement

  GetWindowRect

  GetMenuItemID

  GetMenuItemCount

  GetSubMenu

  GetWindowThreadProcessId

  GetLastActivePopup

  SetCursor

  SetWindowsHookExW

  CallNextHookEx

  GetMessageW

  TranslateMessage

  IsWindowVisible

  GetKeyState

  GetCursorPos

  ValidateRect

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  LoadBitmapW

  RegisterClipboardFormatW

  GetFocus

  UnregisterClassW

  GetSysColorBrush

  GetMenuState

  EnableMenuItem

  CheckMenuItem

  ReleaseDC

  GetDC

  CopyRect

  GetActiveWindow

  SetActiveWindow

  CreateDialogIndirectParamW

  IsWindow

  GetWindowLongW

  GetDlgItem

  IsWindowEnabled

  GetNextDlgTabItem

  EndDialog

  GetWindow

  SetWindowContextHelpId

  GetParent

  MapDialogRect

  SetWindowPos

  PostQuitMessage

  PostMessageW

  MessageBoxW

  DispatchMessageW

  PeekMessageW

  MsgWaitForMultipleObjects

  DrawIcon

  GetClientRect

  GetSystemMetrics

  IsIconic

  SendMessageW

  AppendMenuW

  GetSystemMenu

  LoadIconW

  EnableWindow

  MapWindowPoints

  gdi32

  GetStockObject

  RealizePalette

  STROBJ_dwGetCodePage

  EngAcquireSemaphore

  AddFontResourceTracking

  SetColorSpace

  ResetDCW

  bMakePathNameW

  CreateDCW

  GdiResetDCEMF

  GdiFlush

  GetKerningPairsW

  GetBkColor

  EngWideCharToMultiByte

  GetDeviceGammaRamp

  RoundRect

  FONTOBJ_cGetGlyphs

  DeleteObject

  PtVisible

  GetRegionData

  CreatePolygonRgn

  SelectPalette

  STROBJ_bEnum

  EngDeleteClip

  GetFontUnicodeRanges

  EngTextOut

  FillRgn

  STROBJ_bEnumPositionsOnly

  SetMetaFileBitsEx

  CreateDIBPatternBrushPt

  DescribePixelFormat

  CreateEnhMetaFileA

  FONTOBJ_pvTrueTypeFontFile

  GetDCOrgEx

  LineTo

  GdiStartPageEMF

  SetTextAlign

  CreateRectRgn

  GdiPrinterThunk

  ExtSelectClipRgn

  GetMapMode

  DeleteDC

  GetTextColor

  GetWindowExtEx

  GetViewportExtEx

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SelectObject

  Escape

  TextOutW

  RectVisible

  GetRgnBox

  CreateRectRgnIndirect

  SetMapMode

  RestoreDC

  SaveDC

  ExtTextOutW

  GetObjectW

  SetBkColor

  SetTextColor

  GetClipBox

  GetDeviceCaps

  CreateBitmap

  comdlg32

  GetFileTitleW

  advapi32

  RegOpenKeyA

  RegQueryValueExA

  GetTokenInformation

  RegCreateKeyExW

  RegQueryValueW

  RegOpenKeyW

  RegEnumKeyW

  RegDeleteKeyW

  RegSetValueExW

  CryptAcquireContextW

  RegOpenKeyExW

  RegQueryValueExW

  RegCloseKey

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  shell32

  CommandLineToArgvW

  SHPathPrepareForWriteA

  SHGetSettings

  ExtractIconEx

  DragQueryFile

  DragQueryFileA

  SHGetPathFromIDListA

  SHCreateDirectoryExW

  SHGetSpecialFolderPathW

  SHBrowseForFolder

  ExtractIconExA

  SHInvokePrinterCommandW

  SHPathPrepareForWriteW

  SHBindToParent

  ExtractAssociatedIconExW

  ExtractIconW

  SHChangeNotify

  SHFileOperationW

  SHCreateProcessAsUserW

  SHGetSpecialFolderLocation

  SHBrowseForFolderW

  SHGetPathFromIDListW

  ShellExecuteW

  ole32

  OleInitialize

  CoFreeUnusedLibraries

  OleUninitialize

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CoGetClassObject

  OleFlushClipboard

  CoTaskMemAlloc

  CoTaskMemFree

  CLSIDFromString

  CLSIDFromProgID

  CoRegisterMessageFilter

  CoRevokeClassObject

  OleIsCurrentClipboard

  shlwapi

  StrRChrW

  StrChrW

  StrChrA

  PathFileExistsW

  PathFindExtensionW

  PathStripToRootW

  PathIsUNCW

  PathFindFileNameW

  comctl32

  InitCommonControlsEx

  Sections

  .text

  Size: 2.1MB - Virtual size: 2.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 15KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE