General

Malware Config

Signatures

Files

• 621a3272c3aa5bafce9b7a7341928ec49d7e04554b444ada2fbffe3f220eedc5

  .exe windows x86

  9e7e6a58d12d17a624b7df5a8eb6ec6c

  
  

  Code Sign

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CloseHandle

  WaitForSingleObject

  CreateEventA

  GetCurrentProcessId

  OpenProcess

  GetLocalTime

  GetTickCount

  VirtualAlloc

  WaitForMultipleObjects

  SystemTimeToTzSpecificLocalTime

  GetTimeZoneInformation

  GetDateFormatA

  GetSystemDefaultLangID

  K32EnumProcesses

  K32EnumProcessModules

  K32GetModuleFileNameExA

  GetVolumeNameForVolumeMountPointW

  ReadFile

  SetEndOfFile

  HeapReAlloc

  HeapSize

  WriteConsoleW

  SetFilePointerEx

  FlushFileBuffers

  CreateFileW

  GetProcessHeap

  GetStringTypeW

  GetFileType

  SetStdHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  GetTempPathW

  GetTempFileNameW

  GetLogicalDrives

  GetFileSizeEx

  GetDriveTypeW

  FindVolumeClose

  FindNextVolumeW

  FindNextFileW

  FindFirstVolumeW

  FindFirstFileW

  ReadConsoleW

  FindClose

  GetCommandLineA

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RaiseException

  RtlUnwind

  GetLastError

  SetLastError

  EncodePointer

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  ExitProcess

  GetModuleHandleExW

  GetStdHandle

  WriteFile

  GetModuleFileNameA

  MultiByteToWideChar

  WideCharToMultiByte

  GetACP

  HeapFree

  HeapAlloc

  LCMapStringW

  GetConsoleCP

  GetConsoleMode

  FindFirstFileExA

  FindNextFileA

  DecodePointer

  user32

  UpdateWindow

  GetWindowThreadProcessId

  SetParent

  SetClassWord

  GetWindowLongA

  SetWindowContextHelpId

  GetWindowTextA

  GetWindowDC

  EnumWindowStationsA

  GetForegroundWindow

  GetSystemMetrics

  IsWindowUnicode

  KillTimer

  GetClipboardFormatNameA

  IsZoomed

  IsWindowVisible

  IsChild

  SendMessageA

  advapi32

  GetNamedSecurityInfoA

  ImpersonateLoggedOnUser

  ImpersonateAnonymousToken

  GetTokenInformation

  GetSidSubAuthorityCount

  GetSidLengthRequired

  GetSidIdentifierAuthority

  GetLengthSid

  GetAclInformation

  DuplicateToken

  ConvertStringSidToSidA

  ole32

  CoInitialize

  oleaut32

  VariantInit

  Sections

  .text

  Size: 150KB - Virtual size: 149KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 25KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 268B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 170KB - Virtual size: 170KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ