General

Malware Config

Signatures

Files

• tmp

  .exe windows x64

  8e573f3cfee760cfd23eb521b822dd97

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  FlushFileBuffers

  GetFullPathNameW

  GetVolumeInformationW

  WriteFile

  FileTimeToSystemTime

  SetErrorMode

  FileTimeToLocalFileTime

  GetFileAttributesExW

  SystemTimeToTzSpecificLocalTime

  ResetEvent

  WaitForSingleObjectEx

  RtlCaptureContext

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  FindFirstFileW

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  InitializeSListHead

  GetStartupInfoW

  WriteConsoleW

  SetFilePointerEx

  GetConsoleMode

  GetConsoleCP

  SetStdHandle

  SetEnvironmentVariableA

  FreeEnvironmentStringsW

  GetCPInfo

  IsValidCodePage

  FindNextFileW

  FindFirstFileExW

  GetTimeZoneInformation

  GetStringTypeW

  GetFileType

  LCMapStringW

  ExitProcess

  GetStdHandle

  HeapQueryInformation

  RtlUnwindEx

  RtlPcToFileHeader

  OutputDebugStringW

  CreateFileW

  DeleteFileW

  GlobalFlags

  GetLocaleInfoW

  CompareStringW

  LocalReAlloc

  LocalAlloc

  GlobalHandle

  GlobalReAlloc

  TlsFree

  TlsSetValue

  TlsGetValue

  InitializeCriticalSection

  LocalFree

  MulDiv

  GlobalFindAtomW

  GetSystemDirectoryW

  EncodePointer

  GetCurrentProcessId

  GlobalAddAtomW

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  GetPrivateProfileIntW

  GetProcAddress

  GetModuleHandleW

  CreateEventW

  SetEvent

  GlobalFree

  GlobalUnlock

  FreeResource

  lstrcmpW

  lstrcmpA

  GlobalDeleteAtom

  GlobalLock

  GlobalAlloc

  LoadLibraryExW

  FreeLibrary

  GetVersionExW

  QueryActCtxW

  FindActCtxSectionStringW

  DeactivateActCtx

  ActivateActCtx

  CreateActCtxW

  LoadLibraryW

  GetModuleHandleExW

  GetModuleFileNameW

  InitializeCriticalSectionAndSpinCount

  SetLastError

  OutputDebugStringA

  WideCharToMultiByte

  MultiByteToWideChar

  DeleteCriticalSection

  DecodePointer

  HeapAlloc

  HeapReAlloc

  HeapSize

  InitializeCriticalSectionEx

  LeaveCriticalSection

  EnterCriticalSection

  HeapFree

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  RaiseException

  GetThreadErrorMode

  VirtualAlloc

  SetFileApisToOEM

  GetThreadUILanguage

  GetErrorMode

  GetACP

  GetCommandLineA

  GetOEMCP

  GetLastError

  UnregisterApplicationRecoveryCallback

  GetCurrentThread

  IsSystemResumeAutomatic

  GetUserDefaultUILanguage

  GetCurrentThreadId

  IsDebuggerPresent

  GetCurrentProcessorNumber

  GetSystemDefaultUILanguage

  GetLargePageMinimum

  GetCommandLineW

  GetEnvironmentStringsW

  UnregisterApplicationRestart

  TlsAlloc

  FlushProcessWriteBuffers

  GetSystemDefaultLangID

  GetCurrentProcess

  GetProcessHeap

  GetTickCount64

  CloseHandle

  FindClose

  TerminateProcess

  user32

  GetMonitorInfoW

  MonitorFromWindow

  WinHelpW

  GetWindow

  GetTopWindow

  GetClassNameW

  GetClassLongPtrW

  SetWindowLongPtrW

  GetWindowLongPtrW

  SetWindowLongW

  PtInRect

  MapWindowPoints

  ScreenToClient

  AdjustWindowRectEx

  GetWindowRect

  GetWindowTextW

  RemovePropW

  GetPropW

  SetPropW

  GetScrollPos

  RedrawWindow

  EndPaint

  BeginPaint

  SetForegroundWindow

  UpdateWindow

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  SetMenu

  GetMenu

  SetFocus

  GetDlgCtrlID

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  SetWindowPos

  IsChild

  IsMenu

  CreateWindowExW

  DrawTextW

  GetClassInfoW

  RegisterClassW

  CallWindowProcW

  DefWindowProcW

  GetMessageTime

  GetMessagePos

  RegisterWindowMessageW

  CopyRect

  GetSysColor

  DestroyMenu

  GetLastActivePopup

  GetWindowThreadProcessId

  MessageBoxW

  SetCursor

  CallNextHookEx

  SetWindowsHookExW

  GetCursorPos

  ValidateRect

  GetKeyState

  IsWindowVisible

  PeekMessageW

  DispatchMessageW

  TranslateMessage

  GetMessageW

  LoadBitmapW

  SetMenuItemInfoW

  CloseClipboard

  GetFocus

  GetCursor

  IsWow64Message

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  EnableMenuItem

  CheckMenuItem

  GetWindowLongW

  SetActiveWindow

  IsWindowEnabled

  GetNextDlgTabItem

  GetDlgItem

  EndDialog

  CreateDialogIndirectParamW

  DestroyWindow

  IsWindow

  PostQuitMessage

  PostMessageW

  GetParent

  DrawTextExW

  GrayStringW

  TabbedTextOutW

  GetDC

  ReleaseDC

  ClientToScreen

  ShowWindow

  GetClassInfoExW

  EmptyClipboard

  InSendMessage

  GetOpenClipboardWindow

  GetClipboardSequenceNumber

  GetDesktopWindow

  CreateMenu

  AnyPopup

  IsProcessDPIAware

  GetKBCodePage

  GetForegroundWindow

  GetActiveWindow

  GetCapture

  GetProcessWindowStation

  GetShellWindow

  CountClipboardFormats

  DestroyCaret

  GetDialogBaseUnits

  LoadIconW

  GetSystemMenu

  AppendMenuW

  SendMessageW

  IsIconic

  GetSystemMetrics

  GetClientRect

  DrawIcon

  EnableWindow

  UnregisterClassW

  SendDlgItemMessageA

  SetRectEmpty

  OffsetRect

  CharUpperW

  GetSysColorBrush

  InvalidateRect

  KillTimer

  SetTimer

  RealChildWindowFromPoint

  LoadCursorW

  IsDialogMessageW

  SetWindowTextW

  UnhookWindowsHookEx

  gdi32

  Escape

  GetClipBox

  GetDeviceCaps

  GetStockObject

  PtVisible

  RectVisible

  RestoreDC

  SaveDC

  SelectObject

  SetMapMode

  DeleteObject

  TextOutW

  SetViewportExtEx

  SetViewportOrgEx

  SetWindowExtEx

  OffsetViewportOrgEx

  ScaleViewportExtEx

  ScaleWindowExtEx

  SetTextColor

  SetBkColor

  ExtTextOutW

  GetObjectW

  CreateBitmap

  GdiFlush

  DeleteDC

  winspool.drv

  DocumentPropertiesW

  ClosePrinter

  OpenPrinterW

  advapi32

  RegEnumValueW

  RegQueryValueW

  RegEnumKeyW

  RegSetValueExW

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  shell32

  ShellExecuteW

  InitNetworkAddressControl

  shlwapi

  PathFindFileNameW

  PathIsUNCW

  PathStripToRootW

  PathFindExtensionW

  ole32

  CoInitialize

  CoCreateInstance

  CoCreateGuid

  CoFreeUnusedLibraries

  CoUninitialize

  OleUninitialize

  CoTaskMemFree

  oleaut32

  VariantChangeType

  VariantClear

  VariantInit

  SysAllocString

  SysFreeString

  wininet

  InternetQueryDataAvailable

  oleacc

  LresultFromObject

  CreateStdAccessibleObject

  Sections

  .text

  Size: 265KB - Virtual size: 265KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 293KB - Virtual size: 293KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 16KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .gfids

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .giats

  Size: 512B - Virtual size: 4B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 105KB - Virtual size: 104KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ