General

Malware Config

Signatures

Files

• 6abc19500e1ffb620bbc0767aecd5de2b51054fe33d708bcb896d6630abc0808

  .exe windows x86

  0411b57bfa8ac6bc37c1d30ae226fbce

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetFileSize

  GetStartupInfoA

  GetModuleHandleA

  GetFileAttributesA

  lstrcpynA

  CreateDirectoryA

  GetACP

  GetOEMCP

  DeleteFileA

  lstrlenA

  WriteFile

  SetFilePointer

  ReadFile

  CreateFileA

  CloseHandle

  GetModuleFileNameA

  CopyFileA

  GetTempPathA

  GetTempFileNameA

  GetCurrentDirectoryA

  LoadLibraryA

  GetLastError

  GetProcAddress

  FreeLibrary

  lstrcpyA

  lstrcatA

  SetDefaultCommConfigA

  FindFirstVolumeA

  FindCloseChangeNotification

  CreateFileW

  GlobalGetAtomNameW

  LocalFree

  GetSystemWindowsDirectoryW

  Module32FirstW

  GetCalendarInfoW

  GetWriteWatch

  FindResourceExW

  LoadModule

  SetInformationJobObject

  _hwrite

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  VirtualFree

  VirtualAlloc

  LocalAlloc

  GetTickCount

  QueryPerformanceCounter

  GetVersion

  GetCurrentThreadId

  InterlockedDecrement

  InterlockedIncrement

  VirtualQuery

  WideCharToMultiByte

  MultiByteToWideChar

  LoadLibraryExA

  GetThreadLocale

  GetLocaleInfoA

  GetCommandLineA

  FindFirstFileA

  FindClose

  ExitProcess

  ExitThread

  CreateThread

  UnhandledExceptionFilter

  RtlUnwind

  RaiseException

  GetStdHandle

  TlsSetValue

  TlsGetValue

  lstrcmpA

  WritePrivateProfileStringA

  WaitForSingleObject

  Sleep

  SizeofResource

  SetThreadLocale

  SetEvent

  SetErrorMode

  SetEndOfFile

  ResumeThread

  ResetEvent

  QueryPerformanceFrequency

  MulDiv

  LockResource

  LoadResource

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalHandle

  GlobalLock

  GlobalFree

  GlobalFindAtomA

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomA

  GetVersionExA

  GetUserDefaultLCID

  GetSystemInfo

  GetStringTypeExA

  GetPrivateProfileStringA

  GetLocalTime

  GetFullPathNameA

  GetExitCodeThread

  GetDiskFreeSpaceA

  GetDateFormatA

  GetCurrentProcessId

  GetComputerNameA

  GetCPInfo

  FreeResource

  InterlockedExchange

  FormatMessageA

  FindResourceA

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsA

  EnumCalendarInfoA

  CreateProcessA

  CreateMutexA

  CreateEventA

  CompareStringA

  GetModuleHandleW

  LoadLibraryW

  user32

  GetCursorPos

  GetWindowRect

  GetActiveWindow

  SetClassLongA

  GetSystemMenu

  AppendMenuA

  LoadIconA

  wsprintfA

  EnableWindow

  SendMessageA

  DispatchMessageA

  TranslateMessage

  PeekMessageA

  PostQuitMessage

  MessageBoxA

  LoadStringA

  GetWindowLongA

  LoadCursorFromFileA

  SetMenu

  HiliteMenuItem

  OffsetRect

  TranslateMDISysAccel

  SetLastErrorEx

  RegisterShellHookWindow

  GetUpdateRgn

  DefDlgProcA

  DialogBoxIndirectParamW

  LockWindowUpdate

  CascadeWindows

  MsgWaitForMultipleObjects

  EnumPropsExA

  DdeSetQualityOfService

  MessageBoxIndirectW

  GetKeyboardType

  CharNextA

  CreateWindowExA

  WindowFromPoint

  WinHelpA

  WaitMessage

  UpdateWindow

  UnregisterClassA

  UnhookWindowsHookEx

  TrackPopupMenu

  SystemParametersInfoA

  ShowWindow

  ShowScrollBar

  ShowOwnedPopups

  ShowCursor

  SetWindowsHookExA

  SetWindowTextA

  SetWindowPos

  SetWindowPlacement

  SetWindowLongA

  SetTimer

  SetScrollRange

  SetScrollPos

  SetScrollInfo

  SetRect

  SetPropA

  SetParent

  SetMenuItemInfoA

  SetForegroundWindow

  SetFocus

  SetCursor

  SetClipboardData

  SetCapture

  SetActiveWindow

  ScrollWindow

  ScreenToClient

  RemovePropA

  RemoveMenu

  ReleaseDC

  ReleaseCapture

  RegisterWindowMessageA

  RegisterClipboardFormatA

  RegisterClassA

  RedrawWindow

  PtInRect

  PostMessageA

  OpenClipboard

  OemToCharA

  MessageBeep

  MapWindowPoints

  MapVirtualKeyA

  LoadKeyboardLayoutA

  LoadCursorA

  LoadBitmapA

  KillTimer

  IsZoomed

  IsWindowVisible

  IsWindowEnabled

  IsWindow

  IsRectEmpty

  IsIconic

  IsDialogMessageA

  IsClipboardFormatAvailable

  IsChild

  InvalidateRect

  IntersectRect

  InsertMenuItemA

  InsertMenuA

  InflateRect

  GetWindowThreadProcessId

  GetWindowTextA

  GetWindowPlacement

  GetWindowDC

  GetTopWindow

  GetSystemMetrics

  GetSysColorBrush

  GetSysColor

  GetSubMenu

  GetScrollRange

  GetScrollPos

  GetScrollInfo

  GetPropA

  GetParent

  GetWindow

  GetMessageTime

  GetMessagePos

  GetMenuStringA

  GetMenuState

  GetMenuItemInfoA

  GetMenuItemID

  GetMenuItemCount

  GetMenu

  GetLastActivePopup

  GetKeyboardState

  GetKeyboardLayoutList

  GetKeyboardLayout

  GetKeyState

  GetKeyNameTextA

  GetIconInfo

  GetForegroundWindow

  GetFocus

  GetDoubleClickTime

  GetDlgItem

  GetDesktopWindow

  GetDCEx

  GetDC

  GetCursor

  GetClipboardData

  GetClientRect

  GetClassNameA

  GetClassInfoA

  GetCapture

  GetAsyncKeyState

  FrameRect

  FindWindowA

  FillRect

  EqualRect

  EnumWindows

  EnumThreadWindows

  EnumClipboardFormats

  EndPaint

  EndDeferWindowPos

  EnableScrollBar

  EnableMenuItem

  EmptyClipboard

  DrawTextA

  DrawMenuBar

  DrawIconEx

  DrawIcon

  DrawFrameControl

  DrawFocusRect

  DrawEdge

  DestroyWindow

  DestroyMenu

  DestroyIcon

  DestroyCursor

  DeleteMenu

  DeferWindowPos

  DefWindowProcA

  DefMDIChildProcA

  DefFrameProcA

  CreatePopupMenu

  CreateMenu

  CreateIcon

  CloseClipboard

  ClientToScreen

  ChildWindowFromPoint

  CheckMenuItem

  CallWindowProcA

  CallNextHookEx

  BeginPaint

  BeginDeferWindowPos

  CharLowerBuffA

  CharLowerA

  CharUpperBuffA

  CharToOemA

  AdjustWindowRectEx

  ActivateKeyboardLayout

  LoadIconW

  gdi32

  Escape

  GdiCreateLocalMetaFilePict

  SetColorAdjustment

  SetFontEnumeration

  GdiEntry14

  GdiEntry4

  ResizePalette

  GetTextExtentPoint32A

  GetObjectType

  OffsetClipRgn

  GdiEntry16

  GetGlyphOutlineWow

  OffsetRgn

  SetBitmapBits

  RoundRect

  GetColorSpace

  GdiEntry12

  SetMapMode

  SetTextAlign

  CombineRgn

  GetLogColorSpaceW

  GetFontAssocStatus

  SetGraphicsMode

  GetDeviceCaps

  GetTextCharset

  InvertRgn

  GetCharABCWidthsI

  ExcludeClipRect

  EngStretchBltROP

  TextOutW

  EndPath

  GetAspectRatioFilterEx

  CheckColorsInGamut

  GdiDescribePixelFormat

  GdiGetSpoolMessage

  GetPaletteEntries

  GetWindowExtEx

  GdiConvertBrush

  GetETM

  bMakePathNameW

  Pie

  StartPage

  EngComputeGlyphSet

  SelectClipPath

  CreateRoundRectRgn

  EngCopyBits

  GetClipRgn

  UnrealizeObject

  StretchBlt

  SetWindowOrgEx

  SetWinMetaFileBits

  SetViewportOrgEx

  SetTextColor

  SetStretchBltMode

  SetROP2

  SetPixel

  SetEnhMetaFileBits

  SetDIBColorTable

  SetBrushOrgEx

  SetBkMode

  SetBkColor

  SelectPalette

  SelectObject

  SelectClipRgn

  SaveDC

  RestoreDC

  Rectangle

  RectVisible

  RealizePalette

  Polyline

  PlayEnhMetaFile

  PatBlt

  MoveToEx

  MaskBlt

  LineTo

  LPtoDP

  IntersectClipRect

  GetWindowOrgEx

  GetWinMetaFileBits

  GetTextMetricsA

  GetSystemPaletteEntries

  GetStockObject

  GetRgnBox

  GetPixel

  GetObjectA

  GetFontLanguageInfo

  GetEnhMetaFilePaletteEntries

  GetEnhMetaFileHeader

  GetEnhMetaFileDescriptionA

  GetEnhMetaFileBits

  GetDIBits

  GetDIBColorTable

  GetDCOrgEx

  GetCurrentPositionEx

  GetClipBox

  GetBrushOrgEx

  GetBitmapBits

  ExtTextOutA

  Ellipse

  DeleteObject

  DeleteEnhMetaFile

  DeleteDC

  CreateSolidBrush

  CreateRectRgn

  CreatePenIndirect

  CreatePalette

  CreateHalftonePalette

  CreateFontIndirectA

  CreateEnhMetaFileA

  CreateDIBitmap

  CreateDIBSection

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBrushIndirect

  CreateBitmap

  CopyEnhMetaFileA

  CloseEnhMetaFile

  BitBlt

  GetEnhMetaFileA

  comdlg32

  ChooseColorA

  GetSaveFileNameA

  GetOpenFileNameA

  advapi32

  RegDeleteKeyA

  RegCreateKeyExA

  RegQueryValueExA

  RegOpenKeyExA

  RegSetValueExA

  RegCloseKey

  RegEnumValueA

  RegDeleteValueA

  CryptDestroyHash

  CryptHashData

  CryptCreateHash

  CryptDecrypt

  CryptEncrypt

  CryptDestroyKey

  CryptDeriveKey

  CryptReleaseContext

  CryptAcquireContextA

  shell32

  SHGetSpecialFolderLocation

  SHGetPathFromIDListA

  ExtractAssociatedIconA

  FindExecutableW

  SHGetDesktopFolder

  SHGetFolderLocation

  DragQueryFile

  SHInvokePrinterCommandW

  SHIsFileAvailableOffline

  ExtractIconExW

  ExtractIconA

  ShellExecuteEx

  ExtractAssociatedIconW

  SHEmptyRecycleBinW

  WOWShellExecute

  SHGetIconOverlayIndexW

  SHGetSpecialFolderPathA

  ShellExecuteW

  SHGetMalloc

  Shell_NotifyIcon

  DragFinish

  SHCreateDirectoryExW

  ExtractIconW

  DuplicateIcon

  SHBrowseForFolderA

  SHGetInstanceExplorer

  SHGetFileInfoW

  Shell_NotifyIconA

  ShellExecuteA

  ole32

  CoTaskMemFree

  StringFromCLSID

  CreateStreamOnHGlobal

  IsAccelerator

  OleDraw

  OleSetMenuDescriptor

  CoTaskMemAlloc

  CoCreateGuid

  ProgIDFromCLSID

  CoCreateInstance

  CoInitializeSecurity

  CoGetClassObject

  CoUninitialize

  CoInitialize

  IsEqualGUID

  shlwapi

  StrRStrIW

  StrRChrA

  StrCmpNA

  StrRChrIW

  comctl32

  ImageList_SetIconSize

  ImageList_GetIconSize

  ImageList_Write

  ImageList_Read

  ImageList_GetDragImage

  ImageList_DragShowNolock

  ImageList_SetDragCursorImage

  ImageList_DragMove

  ImageList_DragLeave

  ImageList_DragEnter

  ImageList_EndDrag

  ImageList_BeginDrag

  ImageList_GetIcon

  ImageList_Remove

  ImageList_DrawEx

  ImageList_Replace

  ImageList_Draw

  ImageList_GetBkColor

  ImageList_SetBkColor

  ImageList_ReplaceIcon

  ImageList_Add

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  ord17

  Sections

  .text

  Size: 1.8MB - Virtual size: 1.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1024B - Virtual size: 555B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 122KB - Virtual size: 121KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ