General

Malware Config

Signatures

Files

• 7696dc4cf76ec19ea14c00e31269a2caabc64c49e3c33e98ab14bb09783bc74e

  .exe windows x86

  fa946e88327a89bdac99be875a4fd807

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryA

  VirtualAlloc

  VirtualFree

  VirtualProtect

  GetProcAddress

  GetCurrentThread

  GetCurrentProcess

  GetConsoleCP

  lstrlenA

  lstrcatA

  GetCurrentThreadId

  GetACP

  SetLastError

  GetDefaultCommConfigA

  WriteProfileStringW

  WriteConsoleOutputW

  VerLanguageNameW

  MoveFileWithProgressA

  SetThreadContext

  user32

  GetCursorPos

  GetGUIThreadInfo

  SetFocus

  GetCapture

  GetCaretBlinkTime

  GetCursorInfo

  ShowWindow

  SetCursor

  GetKeyboardType

  SetWindowPos

  ShowCursor

  TranslateAccelerator

  OemToCharBuffA

  OemToCharA

  GetWindowPlacement

  DdeReconnect

  SwitchDesktop

  SendMessageCallbackA

  SetClassWord

  GetTabbedTextExtentW

  IMPGetIMEA

  DrawCaption

  CallNextHookEx

  CharUpperBuffW

  CloseDesktop

  WaitForInputIdle

  ImpersonateDdeClientWindow

  LockWindowStation

  GetComboBoxInfo

  oleaut32

  VarDateFromR4

  VarI2FromUI1

  VarI1FromBool

  VarUI1FromUI2

  VarI1FromUI8

  VarAnd

  VarBstrCat

  OleSavePictureFile

  VarI4FromUI2

  CreateTypeLib2

  VarNot

  SafeArrayGetElemsize

  RegisterTypeLib

  LoadTypeLibEx

  VarBoolFromI8

  VarI2FromCy

  SafeArrayCreateVectorEx

  OACreateTypeLib2

  imagehlp

  SymGetTypeFromName

  RemovePrivateCvSymbolicEx

  ImageNtHeader

  SymGetLineNext

  GetTimestampForLoadedLibrary

  FindDebugInfoFileEx

  SymEnumTypes

  BindImage

  ImageAddCertificate

  ImageRemoveCertificate

  UpdateDebugInfoFile

  ImageLoad

  ImageDirectoryEntryToDataEx

  GetImageConfigInformation

  ImageEnumerateCertificates

  SymGetLineFromAddr64

  version

  VerQueryValueW

  VerQueryValueA

  VerInstallFileA

  GetFileVersionInfoSizeW

  GetFileVersionInfoSizeA

  VerFindFileA

  ole32

  CoSetCancelObject

  CoGetContextToken

  DllRegisterServer

  CoImpersonateClient

  StgConvertVariantToProperty

  CoDosDateTimeToFileTime

  WdtpInterfacePointer_UserSize

  DllGetClassObject

  ComPs_NdrDllUnregisterProxy

  StgSetTimes

  CoMarshalInterThreadInterfaceInStream

  UtConvertDvtd16toDvtd32

  HENHMETAFILE_UserMarshal

  OleIsCurrentClipboard

  UtGetDvtd16Info

  HWND_UserSize

  HGLOBAL_UserFree

  StgIsStorageFile

  HDC_UserFree

  OleBuildVersion

  HMETAFILEPICT_UserFree

  CoPopServiceDomain

  StgOpenAsyncDocfileOnIFillLockBytes

  CoFreeLibrary

  winspool.drv

  SplDriverUnloadComplete

  OpenPrinterA

  AddFormA

  EnumPrintProcessorDatatypesW

  ConvertUnicodeDevModeToAnsiDevmode

  SetFormW

  StartDocPrinterW

  EnumPrinterDriversA

  DocumentEvent

  DeletePrinterKeyW

  CommitSpoolData

  XcvDataW

  IsValidDevmodeA

  SetPortA

  FlushPrinter

  IsValidDevmodeW

  shell32

  SHSetInstanceExplorer

  StrStrA

  StrRChrIW

  RestartDialog

  Options_RunDLLW

  SheChangeDirExW

  SHCreateShellFolderView

  ExtractAssociatedIconA

  SHChangeNotification_Lock

  OpenAs_RunDLLW

  StrRStrW

  StrChrW

  SHQueryRecycleBinA

  ShellExecuteEx

  StrStrIW

  StrCmpNIW

  SHStartNetConnectionDialogW

  ExtractAssociatedIconExA

  PickIconDlg

  gdiplus

  GdipCreateTextureIA

  GdipCreateHICONFromBitmap

  GdipSetClipRegion

  GdipSetPathGradientFocusScales

  GdipGetPropertySize

  GdipDrawCurve2I

  GdipFillRegion

  GdipBitmapLockBits

  GdipSetImageAttributesOutputChannel

  GdipGetLineTransform

  GdipSetPenWidth

  GdipGetGenericFontFamilyMonospace

  GdipCreatePath2

  GdipGetPathGradientGammaCorrection

  GdipGetPageUnit

  GdipDeleteMatrix

  GdipGetPenDashStyle

  GdipAddPathPie

  GdipGetWorldTransform

  GdipWarpPath

  oledlg

  OleUIInsertObjectA

  OleUIPromptUserW

  OleUIAddVerbMenuW

  OleUIUpdateLinksA

  OleUIUpdateLinksW

  OleUIPromptUserA

  OleUIChangeIconA

  OleUIEditLinksW

  OleUIConvertA

  OleUIAddVerbMenuA

  OleUIBusyW

  OleUIPasteSpecialW

  comctl32

  ImageList_BeginDrag

  DSA_DeleteAllItems

  DPA_SetPtr

  CreateStatusWindow

  ImageList_SetDragCursorImage

  DllGetVersion

  FlatSB_GetScrollProp

  MakeDragList

  ImageList_GetBkColor

  ImageList_Destroy

  PropertySheetA

  CreateStatusWindowW

  RemoveWindowSubclass

  FlatSB_GetScrollPos

  ImageList_GetImageInfo

  ImageList_Merge

  winmm

  DriverCallback

  waveOutWrite

  midiOutShortMsg

  joySetThreshold

  mmTaskSignal

  midiInGetDevCapsA

  mmioStringToFOURCCA

  wid32Message

  waveOutBreakLoop

  waveInGetNumDevs

  waveOutOpen

  PlaySoundA

  waveInOpen

  waveOutReset

  mciDriverYield

  waveInReset

  mmioAscend

  midiOutOpen

  shlwapi

  ColorAdjustLuma

  PathIsLFNFileSpecA

  PathUnquoteSpacesA

  PathStripToRootA

  SHCreateStreamOnFileEx

  SHRegOpenUSKeyW

  PathIsLFNFileSpecW

  PathIsUNCServerW

  PathMakePrettyA

  SHCreateThread

  SHRegCloseUSKey

  PathMatchSpecA

  PathAddBackslashW

  Sections

  .text

  Size: 372KB - Virtual size: 371KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 7KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 484B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ