General

Malware Config

Signatures

Files

• 6f20bc878b65135cf35ff7461e520933368b09c27f52ed39e1d697b4e33473ce

  .exe windows x86

  4c9c1b40fb51794a5a992db381718cb9

  
  

  Code Sign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetProcAddress

  GetShortPathNameA

  GetShortPathNameW

  GetStringTypeExW

  GetSystemDirectoryA

  GetSystemTime

  GetSystemTimeAsFileTime

  GetTempFileNameA

  GetTempFileNameW

  GetTempPathA

  GetTempPathW

  GetThreadLocale

  GetTickCount

  GetVersion

  GetWindowsDirectoryA

  GlobalAlloc

  GlobalFree

  GlobalLock

  GlobalSize

  GlobalUnlock

  Heap32First

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  LoadLibraryExA

  MoveFileA

  MulDiv

  MultiByteToWideChar

  OpenProcess

  OpenThread

  OpenWaitableTimerW

  QueryPerformanceCounter

  ReadFile

  RemoveDirectoryA

  SearchPathA

  SetCommMask

  SetCurrentDirectoryA

  SetFileAttributesA

  SetFilePointer

  SetFileTime

  SetLastError

  SetPriorityClass

  SetUnhandledExceptionFilter

  SetVolumeLabelW

  Sleep

  TerminateProcess

  TlsFree

  UnhandledExceptionFilter

  WaitForMultipleObjects

  WaitForSingleObject

  WriteFile

  WritePrivateProfileStringA

  lstrcatA

  lstrcmpA

  GetPrivateProfileStructW

  lstrcpynA

  lstrlenA

  lstrlenW

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  GetLocaleInfoA

  HeapSize

  RtlUnwind

  HeapReAlloc

  HeapAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  IsDebuggerPresent

  EnterCriticalSection

  LeaveCriticalSection

  HeapFree

  VirtualFree

  HeapCreate

  InterlockedDecrement

  InterlockedIncrement

  TlsSetValue

  TlsAlloc

  TlsGetValue

  DeleteCriticalSection

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetStdHandle

  GetModuleHandleW

  GetStartupInfoA

  GetPrivateProfileStringW

  GetPrivateProfileStringA

  GetModuleFileNameA

  GetLastError

  GetFullPathNameA

  GetFileSize

  GetFileAttributesW

  GetFileAttributesA

  GetExitCodeProcess

  GetDiskFreeSpaceA

  GetDefaultCommConfigW

  GetCurrentThreadId

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleOutputCP

  GetCommandLineA

  FreeLibrary

  FindNextFileA

  FindFirstFileA

  FindClose

  ExpandEnvironmentStringsW

  ExpandEnvironmentStringsA

  ExitProcess

  EraseTape

  EnumSystemCodePagesW

  DeleteFileW

  DeleteFileA

  CreateTimerQueueTimer

  CreateThread

  CreateProcessW

  CreateProcessA

  CreateMutexA

  CreateIoCompletionPort

  CreateFileW

  CreateFileA

  CreateDirectoryA

  CopyFileA

  CompareStringA

  CompareFileTime

  CloseHandle

  GetModuleHandleA

  SetErrorMode

  lstrcmpiA

  VirtualAlloc

  user32

  SetWindowLongA

  SetTimer

  SetThreadDesktop

  SetForegroundWindow

  SetDlgItemTextA

  SetCursor

  SetClipboardData

  SetClassLongA

  SendMessageTimeoutA

  SendMessageA

  ScreenToClient

  RegisterClassA

  PostQuitMessage

  PeekMessageA

  SetWindowPos

  MessageBoxIndirectA

  LoadImageA

  LoadCursorA

  LoadBitmapA

  IsWindowVisible

  IsWindowEnabled

  IsWindow

  InvalidateRect

  GetWindowRect

  GetWindowLongA

  GetWindowInfo

  GetSystemMenu

  GetSysColor

  GetQueueStatus

  SetWindowTextA

  ShowWindow

  SystemParametersInfoA

  TrackPopupMenu

  wsprintfA

  OpenClipboard

  GetClipboardViewer

  CharLowerA

  ShowCaret

  GetKeyboardLayout

  GetMessagePos

  GetKBCodePage

  InSendMessage

  GetNextDlgTabItem

  GetDlgItemTextA

  GetDlgItem

  GetDC

  GetClipboardOwner

  GetClassInfoA

  FindWindowExA

  FillRect

  ExitWindowsEx

  EnumDisplaySettingsW

  EndPaint

  EndDialog

  EnableWindow

  EnableMenuItem

  EmptyClipboard

  DrawTextA

  DispatchMessageA

  DialogBoxParamA

  DestroyWindow

  DefWindowProcA

  CreateWindowExA

  CreateDialogParamW

  CreateDialogParamA

  CreateDesktopA

  CloseClipboard

  CheckDlgButton

  CharPrevA

  CallWindowProcA

  BeginPaint

  AppendMenuA

  LoadIconA

  CharUpperW

  GetClipboardSequenceNumber

  CopyIcon

  CreatePopupMenu

  GetMessageTime

  GetActiveWindow

  GetParent

  GetMenuCheckMarkDimensions

  GetSystemMetrics

  CharNextA

  LoadCursorFromFileW

  GetMenuItemCount

  GetTopWindow

  GetDialogBaseUnits

  GetClientRect

  gdi32

  SetBkColor

  SetBkMode

  SetDIBColorTable

  SelectObject

  SetTextColor

  StretchDIBits

  GetRandomRgn

  GetDeviceCaps

  GdiTransparentBlt

  GdiEntry6

  GdiEntry16

  EngStrokeAndFillPath

  DeleteObject

  CreateFontIndirectA

  CreateBrushIndirect

  GetTextAlign

  FlattenPath

  FillPath

  EndPath

  WidenPath

  GetColorSpace

  CreateHalftonePalette

  SetFontEnumeration

  DeleteColorSpace

  RealizePalette

  advapi32

  RegEnumValueA

  RegOpenKeyExW

  RegCloseKey

  RegSetValueExW

  RegSetValueExA

  RegQueryValueExW

  RegOpenKeyExA

  RegQueryValueExA

  RegEnumKeyA

  RegDeleteValueA

  RegDeleteKeyA

  RegCreateKeyExW

  RegCreateKeyExA

  shell32

  SHFileOperationA

  SHGetFileInfoA

  SHGetPathFromIDListA

  SHGetSpecialFolderLocation

  ShellExecuteA

  SHBrowseForFolderA

  ole32

  OleInitialize

  CoUninitialize

  CoTaskMemFree

  CoInitializeEx

  CoCreateInstance

  OleUninitialize

  comctl32

  ImageList_Create

  ImageList_AddMasked

  ImageList_Destroy

  Sections

  .text

  Size: 1.8MB - Virtual size: 1.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 13KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ