General

Malware Config

Signatures

Files

• 07bb57628ec61e0bddcfd621e11069974f4fc3635a3b4990c600fd7d927220e6

  .exe windows x86

  672ede16a1c897b41b5a51aadbc9bd74

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetDefaultCommConfigA

  lstrlenA

  WritePrivateProfileStructA

  TlsGetValue

  SetLocalTime

  MoveFileExA

  _llseek

  GetNumberOfConsoleInputEvents

  CallNamedPipeA

  DeleteVolumeMountPointA

  WriteTapemark

  InterlockedIncrement

  ReadConsoleA

  CompareFileTime

  WaitForSingleObject

  _lclose

  GetModuleHandleW

  CreateNamedPipeW

  VirtualFree

  GetSystemTimeAsFileTime

  WriteFile

  FindResourceExA

  GlobalAlloc

  Sleep

  LeaveCriticalSection

  GetFileAttributesW

  IsDBCSLeadByte

  GetOverlappedResult

  GetACP

  DeactivateActCtx

  ReleaseActCtx

  GetLastError

  IsDBCSLeadByteEx

  GetProcAddress

  GetTapeStatus

  SetVolumeLabelA

  LocalLock

  ReadFileEx

  SearchPathA

  LoadLibraryA

  WriteConsoleA

  InterlockedExchangeAdd

  SetCalendarInfoW

  IsSystemResumeAutomatic

  SetConsoleDisplayMode

  GetProfileStringA

  SetFileApisToANSI

  WriteProfileSectionW

  GetTapeParameters

  SetNamedPipeHandleState

  SetSystemTime

  EnumDateFormatsA

  GetThreadPriority

  WaitCommEvent

  LoadLibraryExA

  ContinueDebugEvent

  CreateMutexA

  VirtualProtect

  PurgeComm

  CompareStringA

  GetConsoleCursorInfo

  ScrollConsoleScreenBufferA

  OpenSemaphoreW

  GetVersionExA

  DeleteFileW

  DebugBreak

  FindActCtxSectionStringW

  lstrcpyW

  CopyFileExA

  GetPrivateProfileSectionNamesW

  BeginUpdateResourceW

  GetSystemDefaultLangID

  InterlockedDecrement

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  GetStartupInfoW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  HeapFree

  RtlUnwind

  RaiseException

  HeapAlloc

  TerminateProcess

  GetCurrentProcess

  IsDebuggerPresent

  ExitProcess

  GetStdHandle

  GetModuleFileNameA

  GetModuleFileNameW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  GetCurrentThreadId

  HeapCreate

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  HeapSize

  VirtualAlloc

  HeapReAlloc

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  GetLocaleInfoA

  GetStringTypeA

  MultiByteToWideChar

  GetStringTypeW

  InitializeCriticalSectionAndSpinCount

  LCMapStringA

  WideCharToMultiByte

  LCMapStringW

  GetModuleHandleA

  gdi32

  GetBoundsRect

  GetBitmapDimensionEx

  Exports

  Exports

  _geek@8

  _gekkko@8

  Sections

  .text

  Size: 133KB - Virtual size: 133KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 21KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 43.5MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ