General

Malware Config

Signatures

Files

• 00dae3b8c11ec21ffa25d9c4044f909422f96a8ec31d71786d01dd5595f4a179

  .exe windows x86

  3bb01b0abe7d06eebea34caccaf544ee

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  UnhandledExceptionFilter

  UnregisterWait

  VirtualProtect

  VirtualQuery

  WideCharToMultiByte

  WriteFile

  WritePrivateProfileStringW

  WriteProcessMemory

  _lclose

  _lcreat

  _llseek

  _lopen

  _lread

  _lwrite

  lstrcatA

  lstrcatW

  lstrcmpA

  lstrcmpW

  lstrcmpiA

  lstrcmpiW

  lstrcpyA

  lstrcpyW

  lstrcpynA

  lstrcpynW

  lstrlenA

  lstrlenW

  Toolhelp32ReadProcessMemory

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  GetLocaleInfoA

  HeapSize

  RtlUnwind

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  InitializeCriticalSectionAndSpinCount

  VirtualFree

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetModuleFileNameA

  GetStdHandle

  GetCommandLineA

  TlsSetValue

  TlsGetValue

  TlsFree

  TlsAlloc

  TerminateProcess

  SwitchToFiber

  Sleep

  SizeofResource

  SetUnhandledExceptionFilter

  SetThreadLocale

  SetProcessWorkingSetSize

  SetLastError

  SetFileTime

  SetCommConfig

  ReadProcessMemory

  QueryPerformanceCounter

  ProcessIdToSessionId

  OutputDebugStringW

  OpenProcess

  MultiByteToWideChar

  MulDiv

  LockResource

  LocalSize

  LocalFree

  LocalFileTimeToFileTime

  LocalAlloc

  LoadResource

  LoadLibraryW

  LoadLibraryA

  LeaveCriticalSection

  IsDebuggerPresent

  IsDBCSLeadByteEx

  IsDBCSLeadByte

  IsBadWritePtr

  IsBadStringPtrW

  IsBadReadPtr

  InterlockedIncrement

  InterlockedExchangeAdd

  InterlockedExchange

  InterlockedDecrement

  InterlockedCompareExchange

  InitializeCriticalSection

  HeapSetInformation

  HeapReAlloc

  HeapFree

  HeapDestroy

  HeapCreate

  HeapAlloc

  GlobalFree

  GlobalFindAtomW

  GlobalAlloc

  GetWindowsDirectoryW

  GetVersionExW

  GetVersionExA

  GetUserDefaultUILanguage

  GetTickCount

  GetThreadLocale

  GetTempPathW

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemInfo

  GetSystemDirectoryW

  GetSystemDefaultLangID

  GetStringTypeW

  GetStartupInfoA

  GetShortPathNameW

  GetProcAddress

  GetPrivateProfileStringW

  GetModuleHandleW

  GetModuleFileNameW

  GetLocaleInfoW

  GetLastError

  GetFullPathNameA

  GetFileTime

  GetFileSize

  GetFileAttributesA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleOutputCP

  GetComputerNameW

  GetCommandLineW

  GetAtomNameW

  FreeLibrary

  FlushInstructionCache

  FindResourceW

  FindAtomW

  ExpandEnvironmentStringsW

  ExitProcess

  EnumResourceLanguagesW

  EnterCriticalSection

  DosDateTimeToFileTime

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  DeleteAtom

  CreateThread

  CreateSemaphoreW

  CreateMutexW

  CreateFileW

  CreateFileA

  CloseHandle

  AddAtomW

  AddAtomA

  GetModuleHandleA

  SetErrorMode

  VirtualAlloc

  user32

  MessageBoxW

  MessageBoxIndirectW

  MessageBoxIndirectA

  MapWindowPoints

  MapVirtualKeyExW

  MapVirtualKeyA

  LookupIconIdFromDirectory

  LockWorkStation

  LoadImageW

  LoadCursorW

  LoadCursorFromFileA

  LoadBitmapA

  IsWindowVisible

  IsIconic

  InvalidateRect

  InflateRect

  IMPSetIMEA

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetWindowDC

  GetScrollRange

  GetScrollPos

  GetScrollInfo

  GetKeyboardType

  GetIconInfo

  GetCursorPos

  GetComboBoxInfo

  GetClientRect

  GetClassNameW

  GetCapture

  MonitorFromWindow

  FillRect

  EnumWindowStationsW

  EnumDisplayMonitors

  EnumDesktopsA

  EndPaint

  DrawTextW

  DrawFrameControl

  DefWindowProcW

  DefWindowProcA

  DefMDIChildProcW

  DdeQueryStringW

  DdeQueryNextServer

  CreateMDIWindowW

  CreateAcceleratorTableW

  CheckMenuRadioItem

  CharPrevA

  CharNextExA

  CallWindowProcW

  BeginPaint

  ArrangeIconicWindows

  AdjustWindowRect

  LoadIconA

  IsGUIThread

  IsMenu

  GetMenuCheckMarkDimensions

  GetDlgCtrlID

  IsCharAlphaNumericW

  GetAsyncKeyState

  IsWindowEnabled

  OpenDesktopW

  PeekMessageW

  PostMessageA

  PostMessageW

  RedrawWindow

  RegisterClassA

  RegisterClassExW

  RegisterClipboardFormatW

  ReleaseCapture

  ReleaseDC

  RemovePropW

  ScreenToClient

  SendInput

  SendMessageW

  SetMenuInfo

  SetMenuItemBitmaps

  SetPropW

  SetScrollInfo

  SetTimer

  SetUserObjectInformationA

  SetWindowLongW

  SetWindowPos

  GetMessagePos

  GetCursor

  SetWindowRgn

  ShowWindow

  SystemParametersInfoW

  TranslateAccelerator

  UpdateWindow

  FrameRect

  DrawMenuBar

  GetOpenClipboardWindow

  IsWindowUnicode

  DestroyIcon

  GetDoubleClickTime

  GetForegroundWindow

  CloseClipboard

  CopyIcon

  GetActiveWindow

  GetParent

  GetSystemMetrics

  CharNextA

  GetMenuItemCount

  GetTopWindow

  GetDialogBaseUnits

  InSendMessage

  GetKBCodePage

  ShowCaret

  GetClipboardViewer

  GetClipboardData

  GetDC

  CreatePopupMenu

  GetListBoxInfo

  WindowFromDC

  GetDesktopWindow

  GetMessageTime

  GetKeyboardLayout

  GetShellWindow

  DestroyCursor

  CharLowerA

  LoadCursorFromFileW

  KillTimer

  gdi32

  DeleteDC

  GetObjectType

  UnrealizeObject

  GetTextColor

  CreatePatternBrush

  FlattenPath

  GetTextAlign

  AbortDoc

  AddFontResourceW

  EndPage

  BitBlt

  CheckColorsInGamut

  CombineRgn

  CreateBrushIndirect

  CreateColorSpaceW

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateDIBSection

  CreatePalette

  CreateRectRgn

  CreateSolidBrush

  DeleteObject

  EnableEUDC

  EngCreateSemaphore

  EngQueryLocalTime

  EnumFontsW

  ExcludeClipRect

  FONTOBJ_pifi

  FONTOBJ_vGetInfo

  FrameRgn

  GdiAddGlsRecord

  GdiAlphaBlend

  GdiComment

  GdiConvertDC

  GdiConvertRegion

  GdiGetLocalBrush

  GdiGetPageCount

  GdiGetSpoolMessage

  GetBrushOrgEx

  GetCharWidthI

  GetClipBox

  GetCurrentObject

  StrokePath

  GetDeviceCaps

  GetEnhMetaFileA

  GetFontUnicodeRanges

  GetGlyphOutlineA

  GetHFONT

  GetICMProfileW

  GetLogColorSpaceW

  GetNearestPaletteIndex

  GetObjectW

  GetPaletteEntries

  GetPath

  GetStockObject

  GetTextMetricsW

  GetViewportOrgEx

  GetWindowExtEx

  IntersectClipRect

  PolyBezierTo

  PolyDraw

  PolyPolyline

  PolyTextOutW

  RectVisible

  RemoveFontMemResourceEx

  ResizePalette

  RestoreDC

  STROBJ_dwGetCodePage

  SaveDC

  SelectClipRgn

  SelectObject

  SelectPalette

  SetBkColor

  SetBkMode

  SetDeviceGammaRamp

  SetICMProfileW

  SetMiterLimit

  SetPaletteEntries

  SetROP2

  SetStretchBltMode

  SetTextColor

  SetViewportOrgEx

  StretchBlt

  StretchDIBits

  TextOutW

  GetBkColor

  GetPolyFillMode

  GetROP2

  GetFontLanguageInfo

  GetColorSpace

  CreateHalftonePalette

  RealizePalette

  DeleteColorSpace

  WidenPath

  GetDIBits

  FillPath

  EndPath

  advapi32

  OpenProcessToken

  RevertToSelf

  RegQueryValueExW

  RegOpenKeyExW

  RegQueryValueExA

  ImpersonateLoggedOnUser

  GetUserNameW

  RegOpenKeyW

  shell32

  SHFreeNameMappings

  Shell_NotifyIconA

  ShellExecuteW

  ShellAboutA

  SHLoadInProc

  SHIsFileAvailableOffline

  DragAcceptFiles

  DragQueryFileA

  DragQueryPoint

  ExtractIconExA

  ord680

  SHCreateDirectoryExW

  SHEmptyRecycleBinA

  WOWShellExecute

  SHGetDiskFreeSpaceA

  SHGetFolderLocation

  SHGetIconOverlayIndexA

  SHGetMalloc

  SHGetPathFromIDList

  SHGetSpecialFolderPathA

  SHGetSpecialFolderPathW

  ole32

  CoCreateInstance

  shlwapi

  StrCmpNIW

  StrRChrIA

  StrRStrIA

  StrRStrIW

  StrChrIW

  StrStrW

  comctl32

  _TrackMouseEvent

  wininet

  InternetConnectW

  InternetCloseHandle

  FtpPutFileW

  InternetOpenW

  Sections

  .text

  Size: 1.7MB - Virtual size: 1.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 34KB - Virtual size: 33KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ