General

Malware Config

Signatures

Files

• 65edcfa02ed54445bd9a4efa1586cee02712271155b669cffb3db35c5a252097

  .exe windows x86

  32d5539abbac406d62a4b869ffbe6068

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetLastError

  VirtualAlloc

  GetModuleHandleA

  GetConsoleScreenBufferInfo

  HeapWalk

  WriteConsoleOutputCharacterW

  PurgeComm

  GetThreadLocale

  GetStringTypeW

  InitializeCriticalSection

  GetPrivateProfileStringW

  AddConsoleAliasW

  FlushFileBuffers

  MultiByteToWideChar

  lstrlenA

  LocalFree

  WriteConsoleW

  GetStdHandle

  FormatMessageW

  CloseHandle

  WaitForMultipleObjects

  CreateThread

  lstrcmpW

  lstrcatW

  lstrlenW

  lstrcmpiW

  GetConsoleOutputCP

  QueryPerformanceCounter

  GetTickCount

  GetCurrentThreadId

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  user32

  LoadCursorW

  CreateWindowExA

  CreateWindowExW

  WindowFromPoint

  WaitForInputIdle

  TranslateMessage

  SystemParametersInfoW

  AnimateWindow

  ShowWindow

  ShowOwnedPopups

  SetWindowRgn

  SetWindowTextA

  SetWindowPos

  SetWindowPlacement

  SetWindowLongA

  SetWindowLongW

  SetTimer

  SetRect

  SetPropA

  SetParent

  SetForegroundWindow

  SetFocus

  SetCursorPos

  SetCursor

  SetClipboardData

  SetClassLongW

  SetCapture

  SetActiveWindow

  SendNotifyMessageW

  SendMessageTimeoutA

  SendMessageTimeoutW

  SendMessageCallbackA

  SendMessageA

  SendMessageW

  ScreenToClient

  RemovePropA

  RemoveMenu

  ReleaseDC

  ReleaseCapture

  RegisterWindowMessageW

  RegisterClassA

  PostThreadMessageA

  PostThreadMessageW

  PostQuitMessage

  PostMessageA

  PostMessageW

  PeekMessageA

  PeekMessageW

  OpenClipboard

  OffsetRect

  MsgWaitForMultipleObjects

  MessageBoxA

  MessageBoxW

  MessageBeep

  LoadImageA

  LoadImageW

  LoadIconW

  LoadBitmapW

  KillTimer

  IsZoomed

  IsWindowVisible

  IsWindowUnicode

  IsWindowEnabled

  IsWindow

  IsIconic

  IsDialogMessageW

  InvalidateRect

  InsertMenuW

  InflateRect

  GetWindowThreadProcessId

  GetWindowTextA

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetWindowDC

  GetUserObjectInformationW

  GetTopWindow

  GetThreadDesktop

  GetSystemMetrics

  GetSystemMenu

  GetSysColorBrush

  GetSysColor

  GetPropA

  GetParent

  GetWindow

  GetMessageA

  GetMessageW

  GetMenu

  GetKeyState

  GetIconInfo

  GetForegroundWindow

  GetFocus

  GetDC

  GetCursorPos

  GetCursor

  GetClientRect

  GetClassNameA

  GetClassLongW

  GetCapture

  GetAsyncKeyState

  FrameRect

  FindWindowExA

  FindWindowExW

  FindWindowW

  FillRect

  EnumWindows

  EnumThreadWindows

  EndPaint

  EnableWindow

  EnableMenuItem

  EmptyClipboard

  DrawTextA

  DrawTextW

  DrawMenuBar

  DrawIconEx

  DrawFrameControl

  DrawFocusRect

  DispatchMessageW

  DestroyWindow

  DestroyIcon

  DefWindowProcA

  DefWindowProcW

  CreateIconFromResource

  CloseClipboard

  ChildWindowFromPointEx

  CharUpperW

  CharLowerW

  CallWindowProcW

  BringWindowToTop

  BeginPaint

  AttachThreadInput

  AdjustWindowRectEx

  DdeInitializeW

  EnumChildWindows

  MenuItemFromPoint

  GetAltTabInfoA

  IsCharAlphaNumericW

  SwitchToThisWindow

  SendMessageCallbackW

  SetWindowsHookA

  SetMenuItemBitmaps

  DdeCreateStringHandleA

  GetKeyboardLayoutNameW

  GetMenuStringA

  UnregisterDeviceNotification

  IsHungAppWindow

  SetScrollPos

  IsDialogMessage

  DialogBoxParamA

  DrawCaption

  RealGetWindowClassW

  EndMenu

  wvsprintfW

  DdeClientTransaction

  EnumClipboardFormats

  DdeKeepStringHandle

  SetThreadDesktop

  PackDDElParam

  VkKeyScanW

  EndTask

  GetMenuItemCount

  DeregisterShellHookWindow

  CreateIcon

  LoadStringW

  gdi32

  GetEnhMetaFileBits

  GetStockObject

  TranslateCharsetInfo

  TextOutA

  StretchDIBits

  StretchBlt

  StartPage

  StartDocA

  SetTextColor

  SetStretchBltMode

  SetMapMode

  SetBkMode

  SetBkColor

  SelectObject

  SelectClipRgn

  MoveToEx

  LineTo

  GetTextMetricsW

  GetTextFaceA

  GetTextExtentPointW

  GetTextExtentPoint32A

  GetTextExtentPoint32W

  GetRgnBox

  GetPaletteEntries

  GetObjectW

  GetNearestPaletteIndex

  GetDeviceCaps

  GetDIBits

  GdiFlush

  EndPage

  EndDoc

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreateRoundRectRgn

  CreateRectRgnIndirect

  CreateRectRgn

  CreatePen

  CreatePalette

  CreateFontIndirectW

  CreateFontA

  CreateFontW

  CreateDIBitmap

  CreateDIBSection

  CreateDCW

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBitmap

  CombineRgn

  BitBlt

  UnrealizeObject

  PlayMetaFile

  CreateMetaFileA

  GetPath

  GdiGetDevmodeForPage

  GdiConvertBitmapV5

  GdiFixUpHandle

  FONTOBJ_pvTrueTypeFontFile

  AddFontResourceExA

  EngPlgBlt

  GetCharABCWidthsI

  GetGlyphOutlineW

  InvertRgn

  GdiCleanCacheDC

  GetCharWidthW

  EngGetPrinterDataFileName

  STROBJ_dwGetCodePage

  CopyMetaFileW

  EngDeleteSemaphore

  ResizePalette

  GetCurrentObject

  SetDIBitsToDevice

  DeleteMetaFile

  GetCharABCWidthsW

  CombineTransform

  Rectangle

  STROBJ_vEnumStart

  GdiArtificialDecrementDriver

  comdlg32

  PrintDlgW

  GetSaveFileNameA

  GetSaveFileNameW

  GetOpenFileNameW

  advapi32

  RegOpenKeyW

  RegQueryValueExA

  SetSecurityDescriptorDacl

  ReportEventW

  RegisterEventSourceW

  RegUnLoadKeyW

  RegSetValueExA

  RegSetValueExW

  RegQueryValueExW

  RegQueryInfoKeyW

  RegOpenKeyExA

  RegOpenKeyExW

  RegLoadKeyW

  RegEnumKeyA

  RegDeleteValueA

  RegCreateKeyExA

  RegCreateKeyExW

  RegCloseKey

  OpenProcessToken

  LookupAccountSidA

  LookupAccountSidW

  InitializeSecurityDescriptor

  GetUserNameA

  GetTokenInformation

  GetLengthSid

  FreeSid

  AllocateAndInitializeSid

  GetUserNameW

  GetKernelObjectSecurity

  StartServiceA

  StartServiceW

  QueryServiceStatus

  OpenServiceA

  OpenServiceW

  OpenSCManagerW

  ControlService

  CloseServiceHandle

  CryptSetProvParam

  CryptGetProvParam

  CryptDestroyHash

  CryptSignHashA

  CryptSetHashParam

  CryptCreateHash

  CryptImportKey

  CryptExportKey

  CryptReleaseContext

  CryptDestroyKey

  CryptGetUserKey

  CryptAcquireContextA

  CryptDecrypt

  shell32

  SHGetFileInfoA

  ShellExecuteExA

  ShellExecuteA

  ShellExecuteW

  Shell_NotifyIconW

  DragQueryFileW

  DragFinish

  SHGetFolderPathA

  SHGetFolderPathW

  SHGetSpecialFolderLocation

  SHGetPathFromIDListA

  SHGetPathFromIDListW

  SHGetMalloc

  ExtractIconEx

  ExtractAssociatedIconExW

  Shell_NotifyIcon

  SHChangeNotify

  ExtractIconA

  ShellExecuteEx

  WOWShellExecute

  DoEnvironmentSubstW

  SHGetFileInfo

  ExtractIconExW

  SHAddToRecentDocs

  SHPathPrepareForWriteW

  ole32

  CreateStreamOnHGlobal

  OleUninitialize

  CoTaskMemFree

  CoCreateInstance

  CoUninitialize

  CoInitialize

  GetHGlobalFromStream

  CoCreateGuid

  shlwapi

  StrRStrIA

  StrRChrW

  comctl32

  ImageList_GetIconSize

  ImageList_Write

  ImageList_Read

  ImageList_GetIcon

  ImageList_ReplaceIcon

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  ord17

  Sections

  .text

  Size: 261KB - Virtual size: 260KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 266B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 30KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 140KB - Virtual size: 139KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ