General

Malware Config

Signatures

Files

• e4d08e043acee0101260fad44e81a9d2cc514fac6f3b2a92209c5eb59e6f1464

  .exe windows x86

  adea4567f5582afbf946cc655aab4617

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  IsDebuggerPresent

  GetSystemTimeAsFileTime

  HeapAlloc

  RtlUnwind

  ExitProcess

  HeapReAlloc

  RaiseException

  HeapSize

  VirtualProtect

  VirtualAlloc

  VirtualQuery

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  GetCPInfo

  GetACP

  SetUnhandledExceptionFilter

  IsValidCodePage

  GetTimeZoneInformation

  GetTimeFormatA

  GetDateFormatA

  GetConsoleCP

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  CreateFileA

  SetEnvironmentVariableA

  UnhandledExceptionFilter

  TerminateProcess

  HeapFree

  GetStartupInfoW

  GetTickCount

  GetFileTime

  GetFileSizeEx

  GetFileAttributesW

  FileTimeToLocalFileTime

  SetErrorMode

  FileTimeToSystemTime

  lstrlenA

  InterlockedIncrement

  TlsFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalHandle

  GlobalReAlloc

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  LocalAlloc

  GlobalFlags

  CreateFileW

  GetFullPathNameW

  GetVolumeInformationW

  FindFirstFileW

  FindClose

  GetCurrentProcess

  DuplicateHandle

  GetFileSize

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  WriteFile

  ReadFile

  GetThreadLocale

  GetModuleHandleA

  InterlockedDecrement

  GlobalFindAtomW

  GetVersionExW

  CompareStringW

  LoadLibraryA

  GetVersionExA

  MulDiv

  GetCurrentProcessId

  GlobalAddAtomW

  SetLastError

  GlobalUnlock

  lstrlenW

  WritePrivateProfileStringW

  FreeResource

  GlobalFree

  GlobalDeleteAtom

  GetCurrentThread

  GetCurrentThreadId

  ConvertDefaultLocale

  EnumResourceLanguagesW

  lstrcmpA

  GetLocaleInfoW

  LoadLibraryW

  CompareStringA

  InterlockedExchange

  GlobalLock

  lstrcmpW

  GlobalAlloc

  FreeLibrary

  GetModuleFileNameW

  ExpandEnvironmentStringsW

  GetSystemInfo

  GetModuleHandleW

  GetProcAddress

  LocalFree

  FormatMessageW

  Sleep

  CreateThread

  MultiByteToWideChar

  WideCharToMultiByte

  CloseHandle

  GetLastError

  DeleteFileW

  GetCommandLineW

  FindResourceW

  LoadResource

  LockResource

  GetOEMCP

  SizeofResource

  GetProcessIoCounters

  ProcessIdToSessionId

  GetProfileStringA

  TryEnterCriticalSection

  SetConsoleActiveScreenBuffer

  ReleaseMutex

  GetDefaultCommConfigA

  FreeLibraryAndExitThread

  DeleteFiber

  GlobalAddAtomA

  GetAtomNameA

  WritePrivateProfileSectionW

  GetProcessPriorityBoost

  VerSetConditionMask

  FindFirstChangeNotificationA

  SetConsoleCursorInfo

  SetDefaultCommConfigW

  lstrcat

  _lread

  VirtualLock

  _lopen

  GlobalUnfix

  SetVolumeLabelW

  FindFirstFileExW

  SleepEx

  WritePrivateProfileStringA

  IsValidLocale

  EnumDateFormatsA

  GetCommMask

  GetCurrencyFormatA

  EnumResourceNamesA

  GetSystemWindowsDirectoryW

  FreeConsole

  OpenEventA

  EnumCalendarInfoExA

  Process32FirstW

  EnumDateFormatsExW

  IsProcessorFeaturePresent

  PeekNamedPipe

  GetFileInformationByHandle

  GetWindowsDirectoryW

  HeapQueryInformation

  ExitThread

  GetDriveTypeW

  DecodePointer

  EncodePointer

  HeapSetInformation

  FindResourceExW

  SearchPathW

  GetProfileIntW

  GetNumberFormatW

  GetTempPathW

  GetTempFileNameW

  GetFileAttributesExW

  GetProcessHeap

  lstrcmpiW

  GlobalGetAtomNameW

  GetCurrentDirectoryW

  ReleaseActCtx

  CreateActCtxW

  WaitForSingleObject

  ResumeThread

  SetThreadPriority

  GlobalSize

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  lstrcpyW

  GetUserDefaultUILanguage

  GetSystemDefaultUILanguage

  ActivateActCtx

  DeactivateActCtx

  VerifyVersionInfoW

  GetNativeSystemInfo

  CopyFileW

  GetSystemDirectoryW

  user32

  PostThreadMessageW

  MessageBeep

  GetNextDlgGroupItem

  InvalidateRgn

  InvalidateRect

  SetRect

  IsRectEmpty

  CopyAcceleratorTableW

  CharNextW

  ReleaseCapture

  LoadCursorW

  SetCapture

  CharUpperW

  EndPaint

  BeginPaint

  GetWindowDC

  ClientToScreen

  GrayStringW

  DrawTextExW

  DrawTextW

  TabbedTextOutW

  DestroyMenu

  ShowWindow

  MoveWindow

  SetWindowTextW

  IsDialogMessageW

  RegisterWindowMessageW

  SendDlgItemMessageW

  SendDlgItemMessageA

  WinHelpW

  IsChild

  GetCapture

  GetClassLongW

  GetClassNameW

  SetPropW

  GetPropW

  RemovePropW

  SetFocus

  GetWindowTextLengthW

  GetWindowTextW

  GetForegroundWindow

  GetTopWindow

  UnhookWindowsHookEx

  GetMessageTime

  GetMessagePos

  SetMenu

  SetForegroundWindow

  UpdateWindow

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  GetSysColor

  AdjustWindowRectEx

  EqualRect

  PtInRect

  GetDlgCtrlID

  DefWindowProcW

  CallWindowProcW

  GetMenu

  SetWindowLongW

  OffsetRect

  IntersectRect

  SystemParametersInfoA

  GetWindowPlacement

  GetWindowRect

  GetMenuItemID

  GetMenuItemCount

  GetSubMenu

  GetWindowThreadProcessId

  GetLastActivePopup

  SetCursor

  SetWindowsHookExW

  CallNextHookEx

  GetMessageW

  TranslateMessage

  IsWindowVisible

  GetKeyState

  GetCursorPos

  ValidateRect

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  LoadBitmapW

  RegisterClipboardFormatW

  GetFocus

  ModifyMenuW

  UnregisterClassW

  GetSysColorBrush

  GetMenuState

  EnableMenuItem

  CheckMenuItem

  ReleaseDC

  GetDC

  CopyRect

  GetDesktopWindow

  GetActiveWindow

  SetActiveWindow

  CreateDialogIndirectParamW

  DestroyWindow

  IsWindow

  GetWindowLongW

  GetDlgItem

  IsWindowEnabled

  GetNextDlgTabItem

  EndDialog

  GetWindow

  SetWindowContextHelpId

  GetParent

  MapDialogRect

  SetWindowPos

  PostQuitMessage

  PostMessageW

  MessageBoxW

  DispatchMessageW

  PeekMessageW

  MsgWaitForMultipleObjects

  DrawIcon

  GetClientRect

  GetSystemMetrics

  IsIconic

  SendMessageW

  AppendMenuW

  GetSystemMenu

  LoadIconW

  EnableWindow

  MapWindowPoints

  DdeDisconnectList

  CheckMenuRadioItem

  WINNLSEnableIME

  GetClipboardFormatNameA

  EnumDisplaySettingsA

  LoadImageA

  GetAncestor

  EnumPropsA

  CopyIcon

  SetUserObjectInformationW

  WindowFromPoint

  GetLastInputInfo

  CallMsgFilterA

  DdeQueryConvInfo

  DlgDirSelectExW

  SetDlgItemTextW

  TrackPopupMenu

  SetCaretPos

  GetWindowModuleFileName

  CharLowerA

  SetCaretBlinkTime

  DefFrameProcA

  FindWindowExW

  VkKeyScanW

  PeekMessageA

  GetKBCodePage

  DialogBoxParamA

  SetSystemCursor

  ModifyMenuA

  GetWindowRgn

  EnumPropsW

  GetKeyNameTextW

  wvsprintfA

  CharUpperBuffW

  FrameRect

  EmptyClipboard

  CloseClipboard

  SetClipboardData

  OpenClipboard

  CopyImage

  GetIconInfo

  HideCaret

  InvertRect

  LockWindowUpdate

  SetCursorPos

  CreateAcceleratorTableW

  GetKeyboardState

  GetKeyboardLayout

  MapVirtualKeyW

  ToUnicodeEx

  DrawFocusRect

  DrawFrameControl

  DrawEdge

  DrawIconEx

  SetClassLongW

  DestroyAcceleratorTable

  SetParent

  UnpackDDElParam

  ReuseDDElParam

  LoadImageW

  LoadAcceleratorsW

  InsertMenuItemW

  BringWindowToTop

  TranslateAcceleratorW

  DestroyIcon

  GetMenuDefaultItem

  SetMenuDefaultItem

  GetMenuItemInfoW

  CreatePopupMenu

  IsMenu

  MonitorFromPoint

  UpdateLayeredWindow

  EnableScrollBar

  UnionRect

  IsZoomed

  GetAsyncKeyState

  NotifyWinEvent

  RedrawWindow

  SetWindowRgn

  LoadMenuW

  SetLayeredWindowAttributes

  EnumDisplayMonitors

  SystemParametersInfoW

  SetRectEmpty

  KillTimer

  SetTimer

  RealChildWindowFromPoint

  DeleteMenu

  WaitMessage

  DefFrameProcW

  CheckDlgButton

  BeginDeferWindowPos

  EndDeferWindowPos

  MonitorFromWindow

  GetMonitorInfoW

  ScrollWindow

  SetScrollRange

  GetScrollRange

  SetScrollPos

  GetScrollPos

  ShowScrollBar

  DeferWindowPos

  GetScrollInfo

  SetScrollInfo

  SetWindowPlacement

  DrawStateW

  ShowOwnedPopups

  DefMDIChildProcW

  DrawMenuBar

  TranslateMDISysAccel

  CreateMenu

  IsClipboardFormatAvailable

  GetUpdateRect

  GetDoubleClickTime

  IsCharLowerW

  MapVirtualKeyExW

  SubtractRect

  DestroyCursor

  ScreenToClient

  FillRect

  GetMenuStringW

  InsertMenuW

  RemoveMenu

  InflateRect

  LoadIconA

  GetThreadDesktop

  GetCaretBlinkTime

  CloseDesktop

  GetShellWindow

  ShowCaret

  GetListBoxInfo

  GetClipboardViewer

  gdi32

  GetStockObject

  GetBkColor

  ExtSelectClipRgn

  GetMapMode

  DeleteDC

  GetTextColor

  GetWindowExtEx

  GetViewportExtEx

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SelectObject

  Escape

  TextOutW

  RectVisible

  PtVisible

  GetRgnBox

  CreateRectRgnIndirect

  DeleteObject

  SetMapMode

  RestoreDC

  SaveDC

  ExtTextOutW

  GetObjectW

  SetBkColor

  SetTextColor

  GetClipBox

  GetDeviceCaps

  CreateBitmap

  EngAlphaBlend

  GetBoundsRect

  EngCreateSemaphore

  GetNearestColor

  LineDDA

  GetTextCharsetInfo

  GetTextExtentPoint32W

  SetRectRgn

  CombineRgn

  PatBlt

  DPtoLP

  CreateRoundRectRgn

  CreateDIBSection

  CreatePolygonRgn

  CreateEllipticRgn

  Polyline

  Ellipse

  Polygon

  CreatePalette

  GetPaletteEntries

  GetNearestPaletteIndex

  RealizePalette

  GetSystemPaletteEntries

  OffsetRgn

  SetDIBColorTable

  StretchBlt

  SetPixel

  EnumFontFamiliesW

  EnumFontFamiliesExW

  ExtFloodFill

  SetPaletteEntries

  LPtoDP

  GetWindowOrgEx

  GetViewportOrgEx

  PtInRegion

  FillRgn

  FrameRgn

  GetTextFaceW

  SetPixelV

  GetTextMetricsW

  CreateCompatibleBitmap

  CreateFontIndirectW

  CreateDIBitmap

  CreateHatchBrush

  CreateSolidBrush

  CreatePen

  GetObjectType

  SelectPalette

  CreateCompatibleDC

  CreatePatternBrush

  OffsetWindowOrgEx

  SetWindowOrgEx

  Rectangle

  GetPixel

  BitBlt

  CreateRectRgn

  SelectClipRgn

  SetLayout

  GetLayout

  SetTextAlign

  MoveToEx

  LineTo

  IntersectClipRect

  ExcludeClipRect

  SetROP2

  SetPolyFillMode

  SetBkMode

  CreateDCW

  CopyMetaFileW

  GetEnhMetaFileA

  UnrealizeObject

  CreateMetaFileW

  AddFontResourceW

  GetGraphicsMode

  GetSystemPaletteUse

  GetDCPenColor

  BeginPath

  EndPath

  GdiFlush

  CreateMetaFileA

  comdlg32

  GetFileTitleW

  advapi32

  RegCreateKeyExW

  RegQueryValueW

  RegOpenKeyW

  RegEnumKeyW

  RegDeleteKeyW

  RegSetValueExW

  CryptAcquireContextW

  RegOpenKeyExW

  RegQueryValueExW

  RegCloseKey

  CryptReleaseContext

  CryptDestroyHash

  CryptGetHashParam

  CryptHashData

  CryptCreateHash

  OpenSCManagerW

  CreateServiceW

  CloseServiceHandle

  AllocateAndInitializeSid

  CheckTokenMembership

  FreeSid

  RegEnumKeyExW

  RegEnumValueW

  RegDeleteValueW

  RegQueryValueExA

  shell32

  CommandLineToArgvW

  SHGetSpecialFolderLocation

  SHBrowseForFolderW

  SHGetPathFromIDListW

  SHCreateDirectoryExW

  ShellExecuteW

  SHGetIconOverlayIndexW

  ExtractAssociatedIconExA

  SHLoadNonloadedIconOverlayIdentifiers

  WOWShellExecute

  ExtractIconA

  DragFinish

  DragQueryFile

  SHFileOperation

  SHQueryRecycleBinA

  SHCreateProcessAsUserW

  SHAppBarMessage

  FindExecutableW

  ExtractIconW

  SHGetSpecialFolderPathW

  SHGetIconOverlayIndexA

  SHBrowseForFolderA

  SHGetSpecialFolderPathA

  ExtractIconExA

  ShellExecuteA

  SHChangeNotify

  SHInvokePrinterCommandA

  DragQueryPoint

  ExtractAssociatedIconExW

  SHFileOperationA

  SHAddToRecentDocs

  ExtractIconEx

  Shell_NotifyIconA

  SHIsFileAvailableOffline

  SHBindToParent

  ExtractAssociatedIconA

  SHGetFolderPathW

  DragQueryFileW

  SHGetMalloc

  SHGetDesktopFolder

  SHGetFileInfoW

  ole32

  OleInitialize

  CoFreeUnusedLibraries

  OleUninitialize

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CoGetClassObject

  OleFlushClipboard

  CoTaskMemAlloc

  CoTaskMemFree

  CLSIDFromString

  CLSIDFromProgID

  CoRegisterMessageFilter

  CoRevokeClassObject

  OleIsCurrentClipboard

  RevokeDragDrop

  CoLockObjectExternal

  RegisterDragDrop

  OleGetClipboard

  OleLockRunning

  IsAccelerator

  OleTranslateAccelerator

  OleDestroyMenuDescriptor

  OleCreateMenuDescriptor

  CoInitializeEx

  DoDragDrop

  CreateStreamOnHGlobal

  CoInitialize

  CoCreateInstance

  CoUninitialize

  OleDuplicateData

  ReleaseStgMedium

  CoCreateGuid

  shlwapi

  PathFileExistsW

  PathFindExtensionW

  PathStripToRootW

  PathIsUNCW

  PathFindFileNameW

  StrCmpNW

  StrCmpNIW

  StrRChrIW

  StrStrA

  StrRStrIW

  PathRemoveFileSpecW

  comctl32

  InitCommonControlsEx

  ImageList_GetIconSize

  imm32

  ImmGetOpenStatus

  ImmReleaseContext

  ImmGetContext

  Sections

  .text

  Size: 1.8MB - Virtual size: 1.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1024B - Virtual size: 555B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 126KB - Virtual size: 126KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ