General

Malware Config

Signatures

Files

• f9c07b91ad38a008ddc0f2655c9195961320c71160f9cfaec6af99f27a213b90

  .dll windows x86

  8f1b0d9e7b3572ed3091652043ea2e65

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  GetModuleHandleW

  GetLastError

  LoadLibraryExW

  CloseHandle

  WaitForSingleObject

  CreateEventW

  FreeResource

  GlobalFree

  WideCharToMultiByte

  GetVersionExW

  FindNextFileW

  FindClose

  lstrlenA

  GetFullPathNameW

  FindFirstFileW

  FlushFileBuffers

  WriteFile

  CreateFileW

  ReadFile

  GetFileSize

  WritePrivateProfileStringW

  GetPrivateProfileStringW

  lstrcmpA

  GetTickCount

  GetStringTypeExW

  GetProcessHeap

  HeapAlloc

  HeapFree

  HeapReAlloc

  SetFileTime

  LocalFileTimeToFileTime

  SystemTimeToFileTime

  DeleteFileW

  CreateDirectoryW

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  GetFileTime

  Sleep

  WriteProcessMemory

  ReadProcessMemory

  VirtualProtect

  IsBadCodePtr

  IsBadReadPtr

  SetEnvironmentVariableA

  CompareStringW

  CompareStringA

  CreateFileA

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  SetStdHandle

  MultiByteToWideChar

  GetStringTypeA

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  GetCurrentProcessId

  QueryPerformanceCounter

  GetStartupInfoA

  GetFileType

  SetHandleCount

  GetCommandLineW

  GetCommandLineA

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  LCMapStringW

  LCMapStringA

  IsValidCodePage

  GetOEMCP

  GetCPInfo

  GetTimeZoneInformation

  GetModuleFileNameA

  GetStdHandle

  HeapCreate

  ExitProcess

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GetStartupInfoW

  VirtualQuery

  GetSystemInfo

  GetModuleHandleA

  GetSystemTimeAsFileTime

  CreateThread

  ExitThread

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  RtlUnwind

  GetThreadLocale

  GetLocaleInfoA

  GetACP

  InterlockedExchange

  HeapSize

  HeapDestroy

  VirtualFree

  IsProcessorFeaturePresent

  LoadLibraryA

  InterlockedCompareExchange

  GetVersionExA

  SetEvent

  LoadLibraryW

  GetProcAddress

  OutputDebugStringW

  FreeLibrary

  InterlockedDecrement

  InterlockedIncrement

  GetModuleFileNameW

  MulDiv

  lstrcmpW

  DeleteCriticalSection

  InitializeCriticalSection

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  lstrcmpiW

  SetLastError

  GetCurrentThreadId

  GetCurrentProcess

  FlushInstructionCache

  lstrlenW

  FindResourceExW

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  RaiseException

  LeaveCriticalSection

  EnterCriticalSection

  GetStringTypeW

  DnsHostnameToComputerNameA

  VerifyVersionInfoW

  AddConsoleAliasW

  SetCalendarInfoW

  lstrcmpiA

  LocalFree

  LocalAlloc

  SwitchToThread

  GetVersion

  lstrcpynW

  IsValidLocale

  GetSystemDefaultUILanguage

  GetUserDefaultUILanguage

  GetLocaleInfoW

  lstrcpyW

  WaitForMultipleObjectsEx

  VirtualQueryEx

  TerminateThread

  SystemTimeToTzSpecificLocalTime

  SuspendThread

  SetThreadPriority

  SetThreadLocale

  SetErrorMode

  SetEndOfFile

  ResumeThread

  ResetEvent

  RemoveDirectoryW

  GlobalFindAtomW

  GlobalDeleteAtom

  GlobalAddAtomW

  GetWindowsDirectoryW

  GetThreadPriority

  GetTempPathW

  GetLocalTime

  GetFileAttributesExW

  GetFileAttributesW

  GetExitCodeThread

  GetEnvironmentVariableW

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetDateFormatW

  GetCurrentThread

  GetCPInfoExW

  InterlockedExchangeAdd

  FormatMessageW

  FileTimeToDosDateTime

  ExpandEnvironmentStringsW

  EnumSystemLocalesW

  EnumCalendarInfoW

  DeviceIoControl

  CreateProcessW

  CopyFileW

  user32

  LoadCursorA

  CharLowerW

  DialogBoxParamW

  GetActiveWindow

  AppendMenuW

  RemoveMenu

  DestroyWindow

  EndDialog

  SetWindowLongW

  CreatePopupMenu

  SetWindowPos

  GetClientRect

  CharNextA

  GetParent

  GetDlgItem

  MapWindowPoints

  SystemParametersInfoW

  GetWindowRect

  GetWindow

  MessageBoxW

  LoadStringW

  SetMenuDefaultItem

  PostQuitMessage

  LoadStringA

  TrackPopupMenuEx

  MessageBeep

  PtInRect

  CheckDlgButton

  GetDlgItemInt

  IsDlgButtonChecked

  SetDlgItemInt

  EnableWindow

  IsWindowEnabled

  DrawTextW

  CopyRect

  InflateRect

  GetWindowLongW

  CharLowerBuffW

  TranslateAcceleratorW

  IsWindowVisible

  SetMenu

  SetRect

  SetMenuItemInfoW

  SetDlgItemTextW

  CreateDialogParamW

  GetWindowTextW

  GetWindowTextLengthW

  PostMessageW

  ShowWindow

  SendMessageW

  GetClassInfoExW

  LoadCursorW

  DefWindowProcW

  SetWindowTextW

  CallWindowProcW

  RegisterClassExW

  RegisterWindowMessageW

  CreateWindowExW

  GetSysColor

  CharNextW

  MoveWindow

  ClientToScreen

  ScreenToClient

  GetDC

  ReleaseDC

  InvalidateRect

  InvalidateRgn

  UnregisterClassA

  RedrawWindow

  SetCapture

  IsChild

  GetClassNameW

  ReleaseCapture

  FillRect

  EndPaint

  BeginPaint

  GetDesktopWindow

  DestroyAcceleratorTable

  SetFocus

  GetFocus

  IsWindow

  CreateAcceleratorTableW

  wvsprintfW

  DispatchMessageW

  GetMenuItemID

  IsMenu

  GetMenuItemInfoW

  GetMenuItemCount

  GetSubMenu

  TrackPopupMenu

  MonitorFromPoint

  GetMonitorInfoW

  DestroyMenu

  PostThreadMessageW

  LoadMenuW

  LoadAcceleratorsW

  LoadImageW

  PeekMessageW

  GetMessageW

  TranslateMessage

  CloseDesktop

  MessageBoxA

  WindowFromPoint

  WaitMessage

  UpdateWindow

  UnregisterClassW

  UnhookWindowsHookEx

  TranslateMDISysAccel

  TabbedTextOutW

  ShowScrollBar

  ShowOwnedPopups

  ShowCaret

  SetWindowRgn

  SetWindowsHookExW

  SetWindowPlacement

  SetTimer

  SetScrollRange

  SetScrollPos

  SetScrollInfo

  SetPropW

  SetParent

  SetKeyboardState

  SetForegroundWindow

  SetCursorPos

  SetCursor

  SetClipboardData

  SetClassLongW

  SetActiveWindow

  SendMessageA

  ScrollWindow

  RemovePropW

  RegisterClipboardFormatW

  RegisterClassW

  PeekMessageA

  OpenClipboard

  OffsetRect

  MsgWaitForMultipleObjectsEx

  MsgWaitForMultipleObjects

  MapVirtualKeyW

  LoadKeyboardLayoutW

  LoadIconW

  LoadBitmapW

  KillTimer

  IsZoomed

  IsWindowUnicode

  IsRectEmpty

  IsIconic

  IsDialogMessageA

  IsDialogMessageW

  IsClipboardFormatAvailable

  IsCharAlphaNumericW

  IsCharAlphaW

  IntersectRect

  InsertMenuItemW

  InsertMenuW

  HideCaret

  GetWindowThreadProcessId

  GetWindowPlacement

  GetWindowDC

  GetUpdateRect

  GetTopWindow

  GetSystemMetrics

  GetSystemMenu

  GetSysColorBrush

  GetScrollRange

  GetScrollPos

  GetScrollInfo

  GetPropW

  GetMessagePos

  GetMessageExtraInfo

  GetMenuStringW

  GetMenuState

  GetMenuDefaultItem

  GetMenu

  GetLastActivePopup

  GetKeyboardState

  GetKeyboardLayoutNameW

  GetKeyboardLayoutList

  GetKeyboardLayout

  GetKeyState

  GetKeyNameTextW

  GetIconInfo

  GetForegroundWindow

  GetDoubleClickTime

  GetDlgCtrlID

  GetDCEx

  GetCursorPos

  GetCursor

  GetClipboardData

  GetClassLongW

  GetClassInfoW

  GetCapture

  GetAsyncKeyState

  FrameRect

  FindWindowExW

  FindWindowW

  EnumWindows

  EnumThreadWindows

  EnumClipboardFormats

  EnumChildWindows

  EnableScrollBar

  EnableMenuItem

  EmptyClipboard

  DrawTextExW

  DrawMenuBar

  DrawIconEx

  DrawIcon

  DrawFrameControl

  DrawFocusRect

  DrawEdge

  DispatchMessageA

  DestroyIcon

  DestroyCursor

  DeleteMenu

  DefMDIChildProcW

  DefFrameProcW

  CreateMenu

  CreateIconIndirect

  CreateIcon

  CountClipboardFormats

  CopyImage

  CloseClipboard

  ChildWindowFromPoint

  CheckMenuItem

  CharUpperBuffW

  CharUpperW

  CallNextHookEx

  AdjustWindowRectEx

  ActivateKeyboardLayout

  EnumDisplayMonitors

  MonitorFromWindow

  gdi32

  GetEnhMetaFileA

  GetEnhMetaFileBits

  ColorMatchToTarget

  GetCharWidthI

  SaveDC

  BitBlt

  GetTextCharset

  GetRegionData

  GetTextMetricsA

  UpdateICMRegKeyW

  EnumFontsA

  GdiGetDevmodeForPage

  EqualRgn

  CreateDiscardableBitmap

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  advapi32

  RegOpenKeyA

  RegQueryValueExA

  RegDeleteKeyW

  RegCloseKey

  RegCreateKeyExW

  RegOpenKeyExW

  RegSetValueExW

  RegQueryValueExW

  RegEnumKeyExW

  RegQueryInfoKeyW

  RegDeleteValueW

  RegFlushKey

  RegEnumValueW

  shell32

  ShellExecuteW

  SHGetFileInfoW

  SHFileOperationW

  SHGetFolderPathW

  SHFormatDrive

  SHGetDiskFreeSpaceA

  ExtractIconExA

  DragQueryFileA

  SHGetFolderPathA

  SHFileOperation

  Shell_NotifyIconW

  DuplicateIcon

  ExtractAssociatedIconA

  DoEnvironmentSubstA

  DragQueryFile

  SHGetSpecialFolderLocation

  SHFileOperationA

  WOWShellExecute

  SHGetFileInfoA

  SHIsFileAvailableOffline

  DragQueryFileAorW

  SHLoadNonloadedIconOverlayIdentifiers

  SHFreeNameMappings

  SHInvokePrinterCommandA

  Shell_NotifyIconA

  SHGetDiskFreeSpaceExW

  DragFinish

  SHBrowseForFolder

  SHEmptyRecycleBinA

  DoEnvironmentSubstW

  SHGetDataFromIDListA

  SHInvokePrinterCommandW

  SHGetDiskFreeSpaceExA

  DragQueryFileW

  SHBindToParent

  ord680

  ord153

  ord16

  ord24

  ord25

  ord18

  SHGetPathFromIDListW

  SHGetDesktopFolder

  SHGetDataFromIDListW

  SHChangeNotify

  ole32

  CoInitialize

  CoTaskMemFree

  CoTaskMemRealloc

  CoTaskMemAlloc

  CoCreateInstance

  CLSIDFromString

  CLSIDFromProgID

  CoGetClassObject

  OleLockRunning

  OleUninitialize

  OleInitialize

  CreateStreamOnHGlobal

  StringFromGUID2

  CoUninitialize

  ReleaseStgMedium

  DoDragDrop

  RevokeDragDrop

  RegisterDragDrop

  StringFromCLSID

  CoInitializeEx

  IsEqualGUID

  shlwapi

  StrCmpNIA

  StrStrIA

  StrCmpNA

  StrChrIW

  comctl32

  InitializeFlatSB

  FlatSB_SetScrollProp

  FlatSB_SetScrollPos

  FlatSB_SetScrollInfo

  FlatSB_GetScrollPos

  FlatSB_GetScrollInfo

  _TrackMouseEvent

  ImageList_SetIconSize

  ImageList_GetIconSize

  ImageList_Write

  ImageList_Read

  ImageList_GetDragImage

  ImageList_DragShowNolock

  ImageList_DragMove

  ImageList_DragLeave

  ImageList_DragEnter

  ImageList_EndDrag

  ImageList_BeginDrag

  ImageList_Copy

  ImageList_GetIcon

  ImageList_Remove

  ImageList_DrawEx

  ImageList_Replace

  ImageList_Draw

  ImageList_GetBkColor

  ImageList_SetBkColor

  ImageList_ReplaceIcon

  ImageList_Add

  ImageList_SetImageCount

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  ord17

  Sections

  .text

  Size: 261KB - Virtual size: 261KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 225B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 28KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata2

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 111KB - Virtual size: 111KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ