General

Malware Config

Signatures

Files

• dd4ce28811c332a025789d046b676085b038d524041e9388f4f0d4fbd6192386

  .exe windows x86

  5e839b3dda0d3e0674ebdf25ff000a31

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  GetModuleHandleW

  FlushFileBuffers

  GetEnvironmentStrings

  GetSystemInfo

  LocalFree

  GetCurrentProcess

  lstrcpyW

  ExpandEnvironmentStringsW

  LocalReAlloc

  LocalAlloc

  lstrlenW

  FindNextFileW

  CompareStringW

  FindClose

  lstrcmpiW

  GetLastError

  FindFirstFileW

  SetLastError

  LeaveCriticalSection

  EnterCriticalSection

  ExitThread

  GetEnvironmentVariableW

  SetEvent

  FindCloseChangeNotification

  Sleep

  WaitForMultipleObjects

  FindNextChangeNotification

  CloseHandle

  CreateEventW

  FindFirstChangeNotificationW

  ResumeThread

  SetThreadPriority

  CreateThread

  WaitForSingleObject

  InitializeCriticalSection

  SetProcessShutdownParameters

  OpenEventW

  QueryPerformanceCounter

  GetTickCount

  GetCurrentThreadId

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetStartupInfoA

  GetCommandLineA

  GetVersionExA

  ExitProcess

  GetProcAddress

  GetModuleHandleA

  WriteFile

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsA

  VirtualProtect

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  HeapDestroy

  HeapCreate

  VirtualFree

  HeapFree

  LoadLibraryA

  GetACP

  GetOEMCP

  GetCPInfo

  HeapAlloc

  HeapReAlloc

  RtlUnwind

  InterlockedExchange

  VirtualQuery

  SetFilePointer

  MultiByteToWideChar

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  SetStdHandle

  GetLocaleInfoA

  lstrcmp

  GetConsoleAliasesLengthW

  RemoveDirectoryW

  ReadFileEx

  EscapeCommFunction

  GetComputerNameW

  GlobalUnfix

  lstrcatA

  LocalHandle

  InitAtomTable

  OpenFile

  GetThreadLocale

  GlobalAlloc

  _lclose

  CreateProcessA

  GetExitCodeProcess

  CallNamedPipeA

  CreateMutexW

  CopyFileExW

  GetFileSizeEx

  UnregisterWaitEx

  GetStringTypeExA

  GetConsoleFontSize

  ReplaceFileA

  LocalCompact

  GetUserDefaultUILanguage

  EnumResourceTypesA

  WaitForSingleObjectEx

  GetFileInformationByHandle

  BuildCommDCBA

  EnumCalendarInfoExW

  ReadConsoleW

  RaiseException

  IsBadReadPtr

  lstrlenA

  lstrcpyA

  MulDiv

  OutputDebugStringA

  lstrcmpiA

  GlobalSize

  GlobalReAlloc

  GlobalLock

  GetLocalTime

  MoveFileA

  SetErrorMode

  GetSystemTime

  GetTimeZoneInformation

  WinExec

  GetSystemDefaultLangID

  GetSystemDirectoryA

  LockResource

  SizeofResource

  LoadResource

  FreeResource

  FindResourceA

  _lread

  SetEndOfFile

  _lwrite

  _llseek

  GetWindowsDirectoryA

  GlobalFlags

  FatalAppExitA

  SetEnvironmentVariableA

  LocalLock

  GlobalUnlock

  LocalUnlock

  GetVersion

  FreeLibrary

  GlobalHandle

  GetProfileStringA

  lstrcmpA

  IsDBCSLeadByte

  GlobalFree

  ReadFile

  CreateFileA

  CompareStringA

  user32

  LoadIconA

  CharLowerA

  CharNextA

  LoadCursorFromFileW

  GetParent

  ReleaseCapture

  GetKeyboardLayout

  GetDC

  IsClipboardFormatAvailable

  EndMenu

  GetMessageTime

  OpenIcon

  WindowFromDC

  CloseDesktop

  CharUpperW

  IsWindowVisible

  IsCharLowerW

  IsMenu

  EnumClipboardFormats

  IsCharUpperA

  GetCapture

  MsgWaitForMultipleObjectsEx

  SetMenuItemInfoA

  GetScrollPos

  SetForegroundWindow

  SetFocus

  RealChildWindowFromPoint

  SetWindowTextA

  GetWindowModuleFileNameA

  IsWindowEnabled

  UnhookWinEvent

  TileChildWindows

  GetClassInfoExA

  IsDialogMessageW

  SetClipboardData

  PostMessageA

  DrawCaption

  GetClipboardSequenceNumber

  IMPQueryIMEW

  SetMenu

  GetPropA

  SetCapture

  GetShellWindow

  MapVirtualKeyA

  FindWindowExA

  IsWindowUnicode

  WinHelpA

  GetMenuContextHelpId

  CreateIconFromResourceEx

  DefDlgProcA

  DefFrameProcW

  DragObject

  GetClientRect

  GetDlgCtrlID

  DdeAccessData

  SetWindowWord

  MapVirtualKeyExA

  RegisterHotKey

  RegisterClassA

  ToUnicodeEx

  TrackPopupMenuEx

  LoadAcceleratorsA

  DestroyAcceleratorTable

  InvalidateRect

  SendDlgItemMessageA

  GetDialogBaseUnits

  IsDlgButtonChecked

  CheckDlgButton

  GetNextDlgTabItem

  SetScrollRange

  SetDlgItemTextA

  GetDlgItemTextA

  MapWindowPoints

  CheckRadioButton

  GetDoubleClickTime

  RegisterClassW

  GetWindowTextA

  InvalidateRgn

  ScrollDC

  IsZoomed

  AppendMenuA

  GetSystemMenu

  GetClassLongA

  GetClassLongW

  DispatchMessageA

  DispatchMessageW

  GetMessageW

  GetMessageA

  DefWindowProcW

  VkKeyScanA

  LoadKeyboardLayoutA

  ActivateKeyboardLayout

  GetKeyboardLayoutList

  InvertRect

  GetMenuCheckMarkDimensions

  RegisterClipboardFormatA

  CloseClipboard

  EmptyClipboard

  OpenClipboard

  GetClipboardData

  HiliteMenuItem

  GetMenuState

  GetMenuItemID

  DeleteMenu

  DrawMenuBar

  EqualRect

  UnionRect

  GetDesktopWindow

  GetMessagePos

  SetParent

  GetClassInfoA

  SetWindowPos

  MessageBoxA

  DialogBoxParamA

  BringWindowToTop

  OffsetRect

  GetCaretBlinkTime

  SetTimer

  MessageBeep

  CreateDialogParamA

  SendMessageA

  GetAsyncKeyState

  EnableWindow

  GetScrollRange

  SetScrollPos

  SetCursor

  PtInRect

  ShowCursor

  GetMenuItemCount

  LoadStringA

  UpdateWindow

  GetMenu

  FindWindowA

  GetKeyState

  PeekMessageA

  KillTimer

  DefWindowProcA

  LoadCursorA

  IsDialogMessageA

  GetFocus

  BeginPaint

  EndPaint

  ScreenToClient

  SetRect

  FillRect

  IntersectRect

  CopyRect

  SetWindowLongA

  MoveWindow

  DestroyWindow

  CheckMenuItem

  SetRectEmpty

  RemoveMenu

  GetSubMenu

  CreateMenu

  EnableMenuItem

  GetMenuStringA

  ModifyMenuA

  InsertMenuA

  TranslateMessage

  PostQuitMessage

  CreateWindowExA

  LoadMenuA

  IsIconic

  GetWindowLongA

  ClientToScreen

  GetWindowRect

  GetClassNameA

  DestroyMenu

  IsRectEmpty

  IsWindow

  ShowWindow

  LoadBitmapA

  GetSysColor

  GetDlgItem

  DrawTextA

  wsprintfA

  GetSystemMetrics

  GetWindowDC

  ReleaseDC

  EndDialog

  InflateRect

  GetCursorPos

  GetActiveWindow

  MsgWaitForMultipleObjects

  RegisterClipboardFormatW

  wsprintfW

  AllowSetForegroundWindow

  EnumWindows

  GetClassNameW

  SetActiveWindow

  CheckMenuRadioItem

  GetWindowPlacement

  MonitorFromRect

  EnumThreadWindows

  UnregisterClassA

  SetMenuItemInfoW

  GetMenuItemInfoW

  IsChild

  AdjustWindowRect

  UnhookWindowsHookEx

  SetWindowsHookExW

  CallNextHookEx

  GetComboBoxInfo

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  DrawEdge

  DrawTextW

  LoadAcceleratorsW

  TranslateAcceleratorW

  MapDialogRect

  CharLowerW

  DialogBoxParamW

  SetWindowLongW

  SetLayeredWindowAttributes

  PostMessageW

  GetWindowLongW

  CallWindowProcW

  CreateWindowExW

  RegisterClassExW

  GetClassInfoExW

  LoadCursorW

  TrackPopupMenu

  DrawIconEx

  DestroyIcon

  LoadImageW

  GetScrollInfo

  CreateDialogParamW

  LoadIconW

  MessageBoxW

  SetWindowTextW

  EnumChildWindows

  UnregisterHotKey

  SetDlgItemTextW

  SendDlgItemMessageW

  MapVirtualKeyW

  CreatePopupMenu

  AppendMenuW

  MonitorFromPoint

  GetMonitorInfoW

  AdjustWindowRectEx

  GetWindowTextW

  WindowFromPoint

  GetWindowThreadProcessId

  RegisterShellHookWindow

  DeregisterShellHookWindow

  RegisterWindowMessageW

  UnregisterClassW

  PeekMessageW

  RedrawWindow

  IsCharAlphaW

  SendMessageW

  gdi32

  GetStockObject

  GetFontLanguageInfo

  GetTextCharacterExtra

  AbortDoc

  GdiGetBatchLimit

  EndPage

  SaveDC

  GetTextAlign

  AddFontResourceW

  AddFontResourceA

  GetBkMode

  GdiAddFontResourceW

  GetGlyphOutline

  AngleArc

  EngUnicodeToMultiByteN

  CreateMetaFileW

  SetColorSpace

  GetWorldTransform

  XLATEOBJ_cGetPalette

  AddFontMemResourceEx

  EngStretchBlt

  RoundRect

  CreateEnhMetaFileA

  SwapBuffers

  GetMetaFileA

  GetCharWidthFloatA

  SelectPalette

  GdiConvertBitmapV5

  CreateBrushIndirect

  GetTextExtentPointI

  GetSystemPaletteUse

  CombineTransform

  SetMetaFileBitsEx

  SetSystemPaletteUse

  CreateCompatibleBitmap

  CreateFontIndirectA

  LineTo

  SetBkMode

  CreatePen

  MoveToEx

  BitBlt

  DeleteMetaFile

  GetObjectA

  GetDeviceCaps

  SetBkColor

  CopyMetaFileA

  PatBlt

  CreatePatternBrush

  SetTextColor

  PtVisible

  GetTextFaceA

  CreateBitmap

  ExtTextOutA

  SetMapMode

  CreateFontA

  GetCharWidthA

  GetCharWidth32A

  GetMapMode

  GetCharWidth32W

  GetBitmapBits

  GetCharWidthW

  TextOutW

  SetTextAlign

  TextOutA

  Escape

  CreateICA

  GetTextMetricsA

  EnumFontFamiliesExA

  CreateSolidBrush

  EnumFontsA

  SelectClipRgn

  SetRectRgn

  CreateRectRgn

  GetClipBox

  RectVisible

  CreateRectRgnIndirect

  Ellipse

  Polygon

  SetROP2

  SetMapperFlags

  ExtTextOutW

  Arc

  SetWindowExtEx

  SetWindowOrgEx

  GetTextExtentPoint32A

  CloseMetaFile

  RestoreDC

  CreateMetaFileA

  StretchBlt

  EnumMetaFile

  PlayMetaFile

  SetViewportExtEx

  SetStretchBltMode

  FillRgn

  CombineRgn

  GetMetaFileBitsEx

  Rectangle

  DeleteDC

  CreateCompatibleDC

  DeleteObject

  SelectObject

  advapi32

  RegOpenKeyA

  RegQueryValueExA

  GetAce

  RegNotifyChangeKeyValue

  RegOpenKeyExW

  RegCloseKey

  RegQueryValueExW

  SetSecurityInfo

  GetSecurityInfo

  RegEnumKeyExA

  RegEnumValueA

  RegOpenKeyExA

  RegCreateKeyExA

  RegQueryInfoKeyA

  RegSetValueExA

  RegDeleteKeyA

  shell32

  SHGetDiskFreeSpaceExW

  SHGetSettings

  ShellHookProc

  SHGetDataFromIDListW

  SHCreateProcessAsUserW

  SHEmptyRecycleBinW

  DuplicateIcon

  SHGetIconOverlayIndexA

  ShellExecuteA

  SHGetMalloc

  SHGetPathFromIDListA

  DragFinish

  SHInvokePrinterCommandW

  SHIsFileAvailableOffline

  SHGetPathFromIDListW

  SHFileOperationW

  SHGetSpecialFolderLocation

  SHInvokePrinterCommandA

  Shell_NotifyIcon

  DragQueryFileW

  SHBrowseForFolderW

  DragQueryFileA

  ExtractAssociatedIconA

  SHGetPathFromIDList

  SHGetDataFromIDListA

  SHBrowseForFolderA

  SHCreateDirectoryExW

  SHEmptyRecycleBinA

  SHGetDesktopFolder

  SHQueryRecycleBinW

  SHGetFileInfoW

  DragAcceptFiles

  ole32

  CreateDataAdviseHolder

  StgCreateDocfileOnILockBytes

  CreateILockBytesOnHGlobal

  GetHGlobalFromILockBytes

  CoDisconnectObject

  CoLockObjectExternal

  OleUninitialize

  CoRegisterMessageFilter

  CoRevokeClassObject

  CoRegisterClassObject

  OleInitialize

  CreateOleAdviseHolder

  OleRegEnumFormatEtc

  ReleaseStgMedium

  WriteFmtUserTypeStg

  OleTranslateAccelerator

  OleCreateMenuDescriptor

  OleDestroyMenuDescriptor

  GetRunningObjectTable

  CoGetMalloc

  OleDuplicateData

  OleGetClipboard

  WriteClassStg

  OleFlushClipboard

  OleSetClipboard

  shlwapi

  StrStrA

  StrStrW

  StrRChrIW

  StrRStrIA

  StrRStrIW

  StrChrW

  StrRChrA

  Sections

  .text

  Size: 2.2MB - Virtual size: 2.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 87KB - Virtual size: 86KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ