General

Malware Config

Signatures

Files

• f51f0d16811fcec281c57895d839e2c4a7b52ee4957221c23e8781200c3f7c33

  .exe windows x86

  76c66085b0c168dd03b5f48928cc6f4b

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  TlsSetValue

  TlsGetValue

  LocalAlloc

  GetModuleHandleW

  lstrlenW

  lstrcmpA

  WriteProcessMemory

  WriteFile

  WideCharToMultiByte

  WaitForSingleObject

  WaitForMultipleObjectsEx

  VirtualQueryEx

  VirtualQuery

  VirtualProtectEx

  VirtualProtect

  VirtualFree

  VirtualAlloc

  UnmapViewOfFile

  TerminateThread

  TerminateProcess

  SystemTimeToFileTime

  SuspendThread

  Sleep

  SizeofResource

  SetVolumeLabelW

  SetThreadPriority

  SetThreadContext

  SetThreadAffinityMask

  SetPriorityClass

  SetLastError

  SetFilePointer

  SetEvent

  SetErrorMode

  SetEndOfFile

  ResumeThread

  ResetEvent

  ReleaseSemaphore

  ReleaseMutex

  ReadProcessMemory

  ReadFile

  QueryPerformanceFrequency

  QueryPerformanceCounter

  PulseEvent

  OutputDebugStringW

  OpenProcess

  OpenMutexW

  OpenFileMappingA

  OpenEventA

  MultiByteToWideChar

  MulDiv

  MapViewOfFile

  LockResource

  LocalFree

  LocalFileTimeToFileTime

  LoadResource

  LoadLibraryExA

  LoadLibraryExW

  LoadLibraryA

  LoadLibraryW

  LeaveCriticalSection

  InitializeCriticalSection

  GlobalUnlock

  GlobalSize

  GlobalReAlloc

  GlobalHandle

  GlobalLock

  GlobalFree

  GlobalFindAtomW

  GlobalDeleteAtom

  GlobalAlloc

  GlobalAddAtomW

  GetWindowsDirectoryA

  GetWindowsDirectoryW

  GetVolumeInformationA

  GetVolumeInformationW

  GetVersionExA

  GetVersionExW

  GetVersion

  GetUserDefaultLCID

  GetTickCount

  GetThreadPriority

  GetThreadLocale

  GetThreadContext

  GetTempPathW

  GetTempFileNameW

  GetSystemTime

  GetSystemDirectoryA

  GetSystemDirectoryW

  GetStartupInfoW

  GetProcessVersion

  GetProcessAffinityMask

  GetProcAddress

  GetPriorityClass

  GetModuleHandleA

  GetModuleFileNameA

  GetModuleFileNameW

  GetLogicalDrives

  GetLocaleInfoW

  GetLocalTime

  GetLastError

  GetFileSize

  GetFileInformationByHandle

  GetFileAttributesA

  GetFileAttributesW

  GetExitCodeThread

  GetExitCodeProcess

  GetDriveTypeW

  GetDiskFreeSpaceW

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetCommandLineA

  GetCPInfo

  FreeResource

  InterlockedIncrement

  InterlockedExchange

  InterlockedDecrement

  FreeLibrary

  FormatMessageA

  FormatMessageW

  FlushFileBuffers

  FindResourceA

  FindResourceW

  FindNextFileW

  FindFirstFileA

  FindFirstFileW

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExitProcess

  EnumResourceNamesW

  EnterCriticalSection

  DuplicateHandle

  DosDateTimeToFileTime

  DisconnectNamedPipe

  DeleteFileW

  DeleteCriticalSection

  CreateThread

  CreateSemaphoreW

  CreateNamedPipeW

  CreateMutexA

  CreateMutexW

  CreateFileMappingA

  CreateFileMappingW

  CreateFileA

  CreateFileW

  CreateEventA

  CreateEventW

  CreateDirectoryW

  ConnectNamedPipe

  CompareStringW

  CompareFileTime

  CloseHandle

  CancelIo

  GetProcessHeaps

  GetFullPathNameW

  LocalSize

  SetSystemPowerState

  SetTapePosition

  CommConfigDialogW

  GetVolumeNameForVolumeMountPointA

  CreateRemoteThread

  EnumSystemLocalesA

  GetConsoleDisplayMode

  SetComputerNameExA

  GetFileAttributesExW

  HeapCreate

  DeviceIoControl

  GetLocaleInfoA

  GetCompressedFileSizeA

  WaitForDebugEvent

  SetHandleInformation

  QueryInformationJobObject

  SetInformationJobObject

  HeapWalk

  GetDateFormatA

  lstrlen

  SleepEx

  _lopen

  user32

  WaitForInputIdle

  TranslateMessage

  SystemParametersInfoW

  AnimateWindow

  ShowWindow

  ShowOwnedPopups

  SetWindowRgn

  SetWindowPos

  SetWindowPlacement

  SetWindowLongW

  SetTimer

  SetRect

  SetPropA

  SetParent

  SetForegroundWindow

  SetCursorPos

  SetClassLongW

  SendNotifyMessageW

  SendMessageTimeoutA

  SendMessageTimeoutW

  SendMessageCallbackA

  SendMessageA

  SendMessageW

  RemovePropA

  ReleaseDC

  RegisterWindowMessageW

  PostThreadMessageA

  PostThreadMessageW

  PostMessageA

  PostMessageW

  OffsetRect

  MsgWaitForMultipleObjects

  MessageBoxW

  MessageBeep

  LoadImageW

  LoadIconW

  LoadCursorW

  LoadBitmapW

  KillTimer

  IsZoomed

  IsWindowVisible

  IsWindowUnicode

  IsWindowEnabled

  IsWindow

  IsIconic

  InvalidateRect

  InsertMenuW

  InflateRect

  GetWindowThreadProcessId

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetUserObjectInformationW

  GetTopWindow

  GetThreadDesktop

  GetSystemMetrics

  GetSystemMenu

  GetPropA

  GetParent

  GetWindow

  GetMessageW

  GetMenu

  GetIconInfo

  GetForegroundWindow

  GetDC

  GetClientRect

  GetClassNameA

  GetClassLongW

  GetAsyncKeyState

  GetActiveWindow

  FrameRect

  FindWindowExA

  FindWindowExW

  FindWindowW

  EnumWindows

  EnumThreadWindows

  EnableWindow

  EnableMenuItem

  DrawTextW

  DrawMenuBar

  DrawFrameControl

  DrawFocusRect

  DispatchMessageW

  DestroyWindow

  DestroyIcon

  DefWindowProcW

  CreateIconFromResource

  ChildWindowFromPointEx

  CharUpperW

  CharNextExA

  CharLowerW

  BringWindowToTop

  AttachThreadInput

  AdjustWindowRectEx

  CallNextHookEx

  MapDialogRect

  DrawTextExA

  FlashWindow

  WindowFromDC

  SetClassWord

  EndDialog

  UserHandleGrantAccess

  IsCharLowerA

  SetMenu

  CreateMDIWindowW

  BroadcastSystemMessageW

  GetMessageExtraInfo

  SetMenuItemBitmaps

  CheckMenuRadioItem

  GetDlgCtrlID

  DragObject

  DdeSetQualityOfService

  SendIMEMessageExW

  GetClassLongA

  GetMessageA

  GetCursorPos

  GetDoubleClickTime

  GetKeyboardLayout

  GetShellWindow

  GetListBoxInfo

  CloseDesktop

  GetWindowContextHelpId

  IsCharAlphaNumericA

  IsCharUpperA

  GetDesktopWindow

  IsMenu

  ReleaseCapture

  GetClipboardOwner

  LoadCursorFromFileA

  GetProcessWindowStation

  gdi32

  TranslateCharsetInfo

  StretchDIBits

  StretchBlt

  SetStretchBltMode

  SetBkMode

  SetBkColor

  SelectObject

  SelectClipRgn

  GetTextExtentPointW

  GetTextExtentPoint32W

  GetPaletteEntries

  GetObjectW

  GetNearestPaletteIndex

  GetDeviceCaps

  GetDIBits

  DeleteObject

  DeleteDC

  CreateRoundRectRgn

  CreateRectRgn

  CreatePalette

  CreateFontIndirectW

  CreateDIBitmap

  CreateDIBSection

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBitmap

  BitBlt

  EngDeletePath

  GetDCBrushColor

  STROBJ_bEnumPositionsOnly

  CreateDCW

  GdiEntry2

  GdiGetPageCount

  GdiEntry15

  EqualRgn

  CreateScalableFontResourceA

  SetPixelFormat

  EndPath

  EngMarkBandingSurface

  GdiConsoleTextOut

  FloodFill

  GdiFlush

  GetCharacterPlacementA

  CreatePolygonRgn

  GetTextFaceA

  EngDeleteClip

  DescribePixelFormat

  GdiSwapBuffers

  Pie

  CLIPOBJ_cEnumStart

  FillRgn

  GetObjectType

  EndDoc

  FillPath

  EndPage

  GetBkMode

  SetMetaRgn

  CreatePatternBrush

  GetTextColor

  GetPixelFormat

  AbortDoc

  BeginPath

  GetStretchBltMode

  GetEnhMetaFileW

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  advapi32

  SetSecurityDescriptorDacl

  ReportEventW

  RegisterEventSourceW

  RegUnLoadKeyW

  RegOpenKeyExA

  RegLoadKeyW

  RegCloseKey

  OpenProcessToken

  LookupAccountSidA

  LookupAccountSidW

  InitializeSecurityDescriptor

  GetTokenInformation

  GetLengthSid

  GetUserNameW

  GetKernelObjectSecurity

  CryptSetProvParam

  CryptGetProvParam

  CryptDestroyHash

  CryptSignHashA

  CryptSetHashParam

  CryptCreateHash

  CryptImportKey

  CryptExportKey

  CryptReleaseContext

  CryptDestroyKey

  CryptGetUserKey

  CryptAcquireContextA

  CryptDecrypt

  RegSetValueW

  RegQueryValueExW

  RegOpenKeyW

  RegDeleteKeyW

  shell32

  SHGetFileInfoA

  SHFileOperationW

  ShellExecuteW

  Shell_NotifyIconW

  DragQueryFileW

  DragFinish

  SHGetFolderPathA

  SHGetFolderPathW

  SHGetSpecialFolderLocation

  SHGetPathFromIDListA

  SHGetPathFromIDListW

  SHBrowseForFolderW

  ole32

  CreateStreamOnHGlobal

  OleUninitialize

  CoTaskMemFree

  CoCreateGuid

  CoCreateInstance

  CoUninitialize

  CoInitializeEx

  CoInitialize

  GetHGlobalFromStream

  OleInitialize

  StringFromCLSID

  comctl32

  ImageList_GetIconSize

  ImageList_Write

  ImageList_Read

  ImageList_GetIcon

  ImageList_ReplaceIcon

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  Sections

  .text

  Size: 1.8MB - Virtual size: 1.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 217KB - Virtual size: 216KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ