General

Malware Config

Signatures

Files

• 0f1d79b7bebfb7bcfab9823392e986f982d869ba36928bd5f3d61af536ec5a00

  .exe windows x86

  a54a1b228944683726c5c15a3545fff1

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  uxtheme

  GetThemeFont

  GetCurrentThemeName

  IsThemeActive

  DrawThemeEdge

  CloseThemeData

  SetWindowTheme

  GetThemeInt

  GetThemeBool

  GetThemeEnumValue

  GetWindowTheme

  GetThemeColor

  GetThemeTextMetrics

  kernel32

  lstrcpynW

  GetProcessHeap

  QueryDosDeviceW

  ReplaceFileA

  CreateMutexW

  FileTimeToSystemTime

  FindNextFileA

  GetBinaryTypeA

  DeleteFileW

  WriteConsoleW

  WriteFile

  CreateFileA

  ReadFile

  GetProcAddress

  GetVersion

  OpenJobObjectA

  GetModuleHandleA

  CopyFileA

  GetDriveTypeW

  CreateHardLinkA

  GetLocaleInfoW

  WaitForSingleObjectEx

  lstrcatA

  GetFileSize

  wtsapi32

  WTSVirtualChannelPurgeInput

  WTSFreeMemory

  WTSSendMessageA

  WTSEnumerateSessionsA

  WTSWaitSystemEvent

  WTSVirtualChannelOpen

  WTSTerminateProcess

  WTSSetUserConfigA

  WTSEnumerateProcessesA

  WTSRegisterSessionNotification

  WTSOpenServerA

  WTSDisconnectSession

  WTSVirtualChannelWrite

  WTSUnRegisterSessionNotification

  WTSQuerySessionInformationA

  dhcpcsvc

  DhcpEnumClasses

  McastApiCleanup

  Sections

  .text

  Size: 96KB - Virtual size: 95KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 144B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ