General

Malware Config

Signatures

Files

• fc8a589a472b3c37bf0ce3d266108e7f51dcaa2493e5f250f1af8c3e2c795c92

  .exe windows x86

  3e960be8eda70801665d22b1c143e813

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  user32

  GetForegroundWindow

  GetCursorPos

  MessageBoxA

  CreateWindowExA

  GetWindowRect

  SetWindowPos

  LoadBitmapA

  CallWindowProcA

  GetDlgItemTextA

  PeekMessageA

  CreateDialogParamA

  SetWindowTextA

  ShowWindow

  BeginPaint

  EndPaint

  wininet

  InternetOpenA

  InternetOpenUrlA

  InternetReadFile

  InternetConnectA

  HttpOpenRequestA

  HttpSendRequestA

  InternetCloseHandle

  shell32

  IsUserAnAdmin

  advapi32

  OpenProcessToken

  AllocateAndInitializeSid

  GetTokenInformation

  EqualSid

  GetUserNameA

  RegOpenKeyA

  RegDeleteValueA

  RegCloseKey

  FreeSid

  msvcrt

  strcat

  strcpy

  sprintf

  strlen

  fopen

  fseek

  ftell

  fread

  fwrite

  fclose

  memset

  time

  gmtime

  memcpy

  free

  malloc

  kernel32

  GetTickCount

  Sleep

  VirtualProtect

  ExitProcess

  ExpandEnvironmentStringsA

  GetModuleFileNameA

  CreateDirectoryA

  GetTempPathA

  GetTempFileNameA

  FindFirstFileA

  GetSystemWow64DirectoryA

  GetVersionExA

  GetCurrentProcessId

  OpenProcess

  MultiByteToWideChar

  WideCharToMultiByte

  RtlZeroMemory

  CreatePipe

  GetStartupInfoA

  CreateProcessA

  PeekNamedPipe

  ReadFile

  CreateFileA

  SetFilePointer

  GetFileSize

  CloseHandle

  GetVolumeInformationA

  GetComputerNameA

  GetModuleHandleA

  GetProcAddress

  Sections

  code

  Size: 27KB - Virtual size: 28KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 7KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE