General

Malware Config

Signatures

Files

• e19e5702b706ca6a9508d67a44379aaef9361111dcdcd99c65fac6e027534fa7

  .exe windows x86

  7e51d9833813c1a3fb57baba54855909

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  TlsGetValue

  GetCPInfo

  HeapAlloc

  InterlockedIncrement

  GetSystemWindowsDirectoryW

  SetEnvironmentVariableW

  QueryDosDeviceA

  GetNamedPipeHandleStateA

  SetHandleInformation

  SetConsoleScreenBufferSize

  UnlockFile

  BackupSeek

  FreeEnvironmentStringsA

  GetModuleHandleW

  IsBadReadPtr

  GetConsoleAliasesLengthA

  GetPrivateProfileStringW

  ReadConsoleW

  GetDriveTypeA

  ActivateActCtx

  GlobalAlloc

  GetPrivateProfileIntA

  GetSystemWow64DirectoryW

  GetVersionExW

  SetDllDirectoryA

  SetConsoleMode

  IsDBCSLeadByte

  GetSystemDirectoryA

  CreateActCtxA

  CompareStringW

  GetStartupInfoW

  WritePrivateProfileStringW

  VerifyVersionInfoW

  FindFirstFileExA

  GetLastError

  GetLongPathNameW

  SetLastError

  GetProcAddress

  FindVolumeMountPointClose

  WriteProfileSectionA

  GlobalGetAtomNameA

  FindClose

  OpenWaitableTimerA

  SetSystemTime

  GetModuleFileNameA

  SetConsoleCursorInfo

  FindFirstChangeNotificationA

  GetProcessShutdownParameters

  FreeEnvironmentStringsW

  BuildCommDCBA

  GetCurrentDirectoryA

  CompareStringA

  SetFileShortNameA

  ReadConsoleInputW

  TlsAlloc

  GetWindowsDirectoryW

  GetProfileSectionW

  AreFileApisANSI

  DeleteFileA

  LocalFileTimeToFileTime

  CloseHandle

  CreateFileW

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  WideCharToMultiByte

  MoveFileA

  GetCommandLineW

  HeapSetInformation

  InterlockedDecrement

  DecodePointer

  ExitProcess

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EncodePointer

  GetModuleFileNameW

  WriteFile

  GetStdHandle

  GetACP

  GetOEMCP

  IsValidCodePage

  TlsSetValue

  GetCurrentThreadId

  TlsFree

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  DeleteCriticalSection

  HeapValidate

  HeapCreate

  EnterCriticalSection

  LeaveCriticalSection

  LoadLibraryW

  OutputDebugStringA

  WriteConsoleW

  OutputDebugStringW

  RtlUnwind

  LCMapStringW

  MultiByteToWideChar

  GetStringTypeW

  RaiseException

  HeapReAlloc

  HeapSize

  HeapQueryInformation

  HeapFree

  SetFilePointer

  FlushFileBuffers

  user32

  GetMenuInfo

  GetMessagePos

  winhttp

  WinHttpCloseHandle

  Sections

  .text

  Size: 672KB - Virtual size: 671KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 4.6MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .sakadi

  Size: 1024B - Virtual size: 741B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 25KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ