General

Malware Config

Signatures

Files

• 6892216c058be384f29e90bed5ed565ba874fccbcf5a2cb7117ff4d76299a53c

  .exe windows x86

  b4cd127bd6d17b8d4d2f972aa130bcba

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetStdHandle

  GetVersionExW

  ExitProcess

  GetUserDefaultUILanguage

  GetModuleHandleW

  WriteConsoleW

  GetStdHandle

  GetCommandLineW

  HeapAlloc

  GetProcessHeap

  GetFullPathNameW

  HeapFree

  GetFileAttributesW

  LoadLibraryW

  GetProcAddress

  CreateFileW

  InitializeCriticalSection

  GetLastError

  DuplicateHandle

  GetCurrentProcess

  EnterCriticalSection

  LeaveCriticalSection

  GetFileType

  GetCommandLineA

  GetStartupInfoA

  CloseHandle

  SetHandleCount

  DeleteCriticalSection

  Sleep

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  SetLastError

  InitializeCriticalSectionAndSpinCount

  WriteFile

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  GetCurrentThreadId

  InterlockedDecrement

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  HeapReAlloc

  RtlUnwind

  LoadLibraryA

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  VirtualAlloc

  HeapSize

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  GetLocaleInfoA

  LCMapStringA

  MultiByteToWideChar

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  WriteConsoleA

  GetConsoleOutputCP

  SetFilePointer

  CreateFileA

  GetModuleFileNameW

  GetVolumeInformationW

  WriteConsoleInputA

  Process32First

  SetupComm

  lstrcmp

  GetSystemDirectoryA

  GetModuleHandleA

  user32

  FindWindowA

  ShowWindow

  MessageBoxExW

  MessageBoxExA

  ChangeDisplaySettingsExA

  GetClipboardData

  HiliteMenuItem

  MapDialogRect

  GetMenuInfo

  CascadeChildWindows

  CreateCursor

  SetClipboardData

  SwapMouseButton

  IsDlgButtonChecked

  EnumDesktopsA

  DdeUnaccessData

  GetAltTabInfoW

  IsDialogMessageA

  GetDlgItemInt

  MessageBoxIndirectW

  DestroyAcceleratorTable

  ScrollWindow

  DdeConnect

  CharLowerBuffA

  SetCapture

  DestroyCaret

  PostQuitMessage

  DrawIcon

  AppendMenuA

  InsertMenuItemA

  GetDoubleClickTime

  LoadCursorW

  GetForegroundWindow

  gdi32

  RoundRect

  SetDIBColorTable

  GdiGradientFill

  GdiCreateLocalEnhMetaFile

  CheckColorsInGamut

  EngUnlockSurface

  GdiPlayPageEMF

  CreateHatchBrush

  GetGlyphOutlineWow

  GetGraphicsMode

  EngCreateDeviceSurface

  EnumFontFamiliesExA

  AddFontMemResourceEx

  SetColorSpace

  GetTextExtentPointW

  GdiDeleteLocalDC

  CreateFontIndirectW

  GetCharABCWidthsA

  Escape

  CreatePolyPolygonRgn

  FONTOBJ_pQueryGlyphAttrs

  GdiConvertBrush

  QueryFontAssocStatus

  FONTOBJ_pvTrueTypeFontFile

  SetGraphicsMode

  EnumFontFamiliesExW

  XLATEOBJ_iXlate

  EngStrokeAndFillPath

  GetSystemPaletteEntries

  SelectBrushLocal

  GdiGetCharDimensions

  GetTextExtentPoint32A

  GetEnhMetaFileDescriptionA

  GdiAlphaBlend

  SelectClipPath

  ExtCreatePen

  EnumICMProfilesW

  GdiStartPageEMF

  GetCharWidth32W

  SelectObject

  EngPlgBlt

  StartPage

  GetDCPenColor

  GetRasterizerCaps

  RectVisible

  GetLayout

  GetEnhMetaFileW

  GetStockObject

  AddFontResourceW

  RealizePalette

  GetEnhMetaFileA

  advapi32

  RegOpenKeyW

  shell32

  CommandLineToArgvW

  DuplicateIcon

  SHLoadNonloadedIconOverlayIdentifiers

  ShellExecuteExW

  shlwapi

  PathAppendW

  StrCmpW

  PathRemoveFileSpecW

  StrRChrA

  Sections

  .text

  Size: 276KB - Virtual size: 276KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 450B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .text4

  Size: 107KB - Virtual size: 107KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .text3

  Size: 107KB - Virtual size: 107KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .text12

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .text2

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 26KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data3

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 168KB - Virtual size: 167KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ