General

Malware Config

Signatures

Files

• b4197abdbe29622df210260324de401562176ddd943b64c7a4a0439074889cf2

  .exe windows x86

  b2e29795cf26e2405a95e142d139ea34

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetDllDirectoryW

  InterlockedIncrement

  _lwrite

  SetFirmwareEnvironmentVariableA

  GetSystemWindowsDirectoryW

  GetNamedPipeHandleStateA

  SetHandleInformation

  GetComputerNameW

  GetModuleHandleW

  GetTickCount

  GetProcessHeap

  GetConsoleAliasesLengthA

  ConvertFiberToThread

  ReadConsoleW

  GetCompressedFileSizeW

  GetSystemWow64DirectoryA

  TlsSetValue

  LoadLibraryW

  GetConsoleMode

  CopyFileW

  SetVolumeMountPointA

  GetVersionExW

  HeapCreate

  HeapValidate

  GetModuleFileNameW

  CreateActCtxA

  GetACP

  GetStartupInfoW

  WritePrivateProfileStringW

  VerifyVersionInfoW

  FindFirstFileExA

  GetLastError

  IsDBCSLeadByteEx

  SetLastError

  SetWaitableTimer

  CreateNamedPipeA

  CopyFileA

  FindClose

  GetPrivateProfileStringA

  ProcessIdToSessionId

  LocalAlloc

  IsWow64Process

  SetCurrentDirectoryW

  GetVolumePathNamesForVolumeNameA

  GetModuleFileNameA

  SetConsoleCursorInfo

  GetProcessShutdownParameters

  FreeEnvironmentStringsW

  WriteProfileStringW

  BuildCommDCBA

  VirtualProtect

  CompareStringA

  GetSystemRegistryQuota

  ReadConsoleInputW

  FileTimeToLocalFileTime

  CreateWaitableTimerA

  GetSystemTime

  TlsFree

  CommConfigDialogW

  CloseHandle

  CreateFileW

  SetStdHandle

  GetConsoleCP

  SetFilePointer

  LCMapStringW

  OutputDebugStringW

  WriteConsoleW

  FlushFileBuffers

  GetLongPathNameA

  WriteConsoleInputW

  OutputDebugStringA

  InterlockedDecrement

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  EncodePointer

  DecodePointer

  GetCommandLineA

  HeapSetInformation

  IsBadReadPtr

  RaiseException

  RtlUnwind

  IsProcessorFeaturePresent

  InitializeCriticalSectionAndSpinCount

  SetUnhandledExceptionFilter

  QueryPerformanceCounter

  GetCurrentThreadId

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetProcAddress

  ExitProcess

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetStdHandle

  GetFileType

  TlsAlloc

  TlsGetValue

  WriteFile

  HeapAlloc

  HeapReAlloc

  HeapSize

  HeapQueryInformation

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  IsDebuggerPresent

  HeapFree

  GetOEMCP

  GetCPInfo

  IsValidCodePage

  GetStringTypeW

  MultiByteToWideChar

  user32

  GetMessageTime

  GetCaretBlinkTime

  GetMenuItemID

  GetMenuBarInfo

  GetMonitorInfoA

  GetCursorInfo

  GetListBoxInfo

  GetMenuInfo

  GetComboBoxInfo

  gdi32

  GetBitmapBits

  winhttp

  WinHttpWriteData

  msimg32

  GradientFill

  Sections

  .text

  Size: 342KB - Virtual size: 341KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 27.5MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 18KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 75KB - Virtual size: 74KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ