General

Malware Config

Signatures

Files

• SEPAgent.exe

  .exe windows x86

  6f6de48e51a4349057ed02913ab74db1

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FreeLibrary

  GetProcAddress

  FlushInstructionCache

  GetCurrentProcess

  RaiseException

  CreateThread

  GetCurrentThreadId

  SetLastError

  ResumeThread

  LoadResource

  SizeofResource

  lstrcmpiW

  lstrlenW

  LoadLibraryExW

  GetModuleHandleW

  FindResourceW

  GetVersionExW

  MultiByteToWideChar

  VirtualFree

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  InitializeSListHead

  InterlockedCompareExchange

  SetEndOfFile

  WriteConsoleW

  SetStdHandle

  ReadConsoleW

  LoadLibraryW

  OutputDebugStringW

  FreeEnvironmentStringsW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  QueryPerformanceCounter

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  GetFileType

  HeapReAlloc

  GetProcessHeap

  InterlockedExchange

  GetACP

  IsValidCodePage

  GetStdHandle

  HeapSize

  GetModuleHandleExW

  ExitProcess

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCommandLineW

  VirtualQuery

  VirtualProtect

  VirtualAlloc

  GetSystemInfo

  HeapAlloc

  GetCPInfo

  IsProcessorFeaturePresent

  IsDebuggerPresent

  HeapFree

  RtlUnwind

  DecodePointer

  EncodePointer

  Sleep

  GetStringTypeW

  InterlockedDecrement

  InterlockedIncrement

  DeleteFileW

  OpenEventW

  CreateEventW

  FormatMessageA

  WriteFile

  WaitForSingleObject

  GetExitCodeProcess

  LocalFree

  CreateDirectoryW

  GetTempPathW

  GetModuleFileNameW

  GetLastError

  GetEnvironmentStringsW

  CreateFileW

  CloseHandle

  SetFilePointerEx

  SetFilePointer

  ReadFile

  GetFileSizeEx

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  WideCharToMultiByte

  EnterCriticalSection

  GetOEMCP

  user32

  PeekMessageW

  SendMessageW

  PostMessageW

  DefWindowProcW

  DispatchMessageW

  TranslateMessage

  PostQuitMessage

  CallWindowProcW

  GetMessageW

  GetClassInfoExW

  CreateWindowExW

  IsWindow

  IsMenu

  DestroyWindow

  ShowWindow

  SetWindowPos

  CharNextW

  SetFocus

  SetTimer

  KillTimer

  LoadAcceleratorsW

  TranslateAcceleratorW

  LoadMenuW

  CreatePopupMenu

  DestroyMenu

  CheckMenuItem

  RegisterClassExW

  GetMonitorInfoW

  MonitorFromWindow

  MonitorFromPoint

  SystemParametersInfoW

  GetScrollInfo

  SetScrollInfo

  LoadStringW

  LoadStringA

  LoadImageW

  LoadCursorW

  CheckMenuRadioItem

  GetWindow

  GetParent

  SetWindowLongW

  GetWindowLongW

  PtInRect

  OffsetRect

  FillRect

  MapWindowPoints

  GetCursorPos

  MessageBeep

  MessageBoxW

  GetWindowRect

  GetClientRect

  SetScrollPos

  InvalidateRect

  EndPaint

  BeginPaint

  UpdateWindow

  SetMenuDefaultItem

  SetMenuItemInfoW

  GetMenuItemInfoW

  TrackPopupMenuEx

  TrackPopupMenu

  RemoveMenu

  AppendMenuW

  GetMenuItemCount

  EnableMenuItem

  UnregisterClassW

  gdi32

  SetWindowOrgEx

  SetViewportOrgEx

  LPtoDP

  DPtoLP

  GetObjectW

  CreateDIBSection

  StretchBlt

  SelectObject

  GetStockObject

  GetClipBox

  DeleteObject

  DeleteDC

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  SetDIBColorTable

  advapi32

  RegOpenKeyExW

  RegCreateKeyExW

  RegSetValueExW

  RegQueryInfoKeyW

  RegCloseKey

  RegEnumKeyExW

  RegDeleteValueW

  RegDeleteKeyW

  shell32

  ShellExecuteExW

  ShellExecuteW

  CommandLineToArgvW

  ole32

  CoTaskMemRealloc

  CoTaskMemAlloc

  CoCreateInstance

  CoInitializeEx

  CoUninitialize

  CoTaskMemFree

  oleaut32

  VarUI4FromStr

  shlwapi

  PathQuoteSpacesW

  PathFileExistsW

  comctl32

  InitCommonControlsEx

  gdiplus

  GdipDrawImageI

  GdipDeleteGraphics

  GdipBitmapUnlockBits

  GdipBitmapLockBits

  GdipCreateBitmapFromScan0

  GdipCreateBitmapFromFile

  GdipGetImagePaletteSize

  GdipGetImagePalette

  GdipGetImagePixelFormat

  GdipGetImageHeight

  GdipGetImageWidth

  GdipGetImageGraphicsContext

  GdipDisposeImage

  GdipCloneImage

  GdiplusShutdown

  GdiplusStartup

  GdipFree

  GdipAlloc

  Sections

  .text

  Size: 219KB - Virtual size: 218KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 63KB - Virtual size: 62KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 9KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 27KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 49KB - Virtual size: 48KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ