General

Malware Config

Signatures

Files

• 1c7dfbd2d886ecd2ebfa7f4c6f6e4b9e4fd0f87f628effbfd62a53c3070861b1

  .exe windows x86

  e8f166a7db37a0993158607baffdd6c2

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  clbcatq

  DowngradeAPL

  SetSetupOpen

  ComPlusMigrate

  SetSetupSave

  cmpbk32

  PhoneBookEnumCountries

  PhoneBookEnumNumbers

  PhoneBookCopyFilter

  PhoneBookFreeFilter

  PhoneBookLoad

  kernel32

  CreateSemaphoreA

  GetModuleHandleW

  GetExitCodeProcess

  GetLocalTime

  GetWindowsDirectoryW

  EnterCriticalSection

  GetVersionExA

  CreateFileMappingW

  LoadLibraryA

  WriteConsoleW

  FindResourceA

  CreateEventA

  GetStartupInfoA

  LoadLibraryExW

  GetDateFormatA

  GetProcAddress

  WaitNamedPipeW

  OpenFileMappingA

  HeapAlloc

  OpenWaitableTimerW

  user32

  LoadIconA

  DispatchMessageA

  LoadBitmapW

  GetPropW

  DialogBoxParamA

  CreateDesktopW

  FlashWindow

  PostMessageW

  DrawStateA

  LoadMenuW

  Sections

  text

  Size: 21KB - Virtual size: 21KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .jdata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .jdata

  Size: 1024B - Virtual size: 704B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 75KB - Virtual size: 75KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ