General

Malware Config

Signatures

Files

• 1b51cfbc5d317f8391c06d9b12f1bae49933a4d2ed2bf02e2bbe50adebfefbdb

  .exe windows x86

  8f89d4e8967d55a632cd9e1158c00783

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetTimeZoneInformation

  SetFilePointerEx

  GetConsoleMode

  GetConsoleCP

  GetOEMCP

  GetACP

  IsValidCodePage

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetModuleFileNameA

  GetFileType

  GetProcessHeap

  IsDebuggerPresent

  HeapSize

  GetModuleHandleExW

  ExitProcess

  GetModuleFileNameW

  HeapReAlloc

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  IsProcessorFeaturePresent

  GetModuleHandleW

  SetLastError

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  HeapAlloc

  GetCPInfo

  GetCommandLineA

  LoadLibraryExW

  ExitThread

  CreateThread

  HeapFree

  RtlUnwind

  RaiseException

  GetDiskFreeSpaceW

  GetDiskFreeSpaceA

  GetFullPathNameW

  OutputDebugStringW

  FormatMessageA

  LockFileEx

  SetStdHandle

  WriteConsoleW

  ReadConsoleW

  lstrlenA

  GetConsoleWindow

  EnumSystemGeoID

  MultiByteToWideChar

  CreateFileA

  CreateEventA

  DeviceIoControl

  GetLastError

  VirtualAlloc

  GetSystemTime

  GetTickCount

  QueryPerformanceCounter

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  LoadLibraryA

  DeleteFileA

  GetFileAttributesA

  LockFile

  UnlockFile

  GetFileSize

  FlushFileBuffers

  AreFileApisANSI

  LocalFree

  GlobalAlloc

  OutputDebugStringA

  CloseHandle

  WaitForSingleObject

  ResetEvent

  GetTempFileNameA

  InterlockedCompareExchange

  InitializeCriticalSection

  GetTempPathA

  GetStartupInfoA

  GetModuleHandleA

  lstrcmpiA

  GetStringTypeW

  DecodePointer

  EncodePointer

  GetVersionExA

  SetEnvironmentVariableA

  SetFilePointer

  SetEndOfFile

  GetFileAttributesW

  DeleteFileW

  CreateFileW

  FormatMessageW

  InterlockedDecrement

  lstrcmpA

  Sleep

  GetFullPathNameA

  EnterCriticalSection

  LeaveCriticalSection

  InterlockedIncrement

  GetSystemTimeAsFileTime

  GetStdHandle

  GetCurrentProcess

  GetCurrentProcessId

  TerminateProcess

  GetStartupInfoW

  SetEvent

  GetCurrentThreadId

  SetThreadPriority

  GetExitCodeThread

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  CreateEventW

  ReadFile

  WriteFile

  GetTempPathW

  WideCharToMultiByte

  user32

  PostQuitMessage

  RegisterClassExA

  CreateWindowExA

  DispatchMessageA

  ShowWindow

  DefWindowProcA

  DialogBoxParamA

  EndDialog

  SetFocus

  LoadAcceleratorsA

  TranslateMessage

  PostMessageA

  IsWindowVisible

  SendMessageA

  GetMessageA

  TranslateAcceleratorA

  UpdateWindow

  BeginPaint

  EndPaint

  GetWindowTextA

  GetClientRect

  GetWindowRect

  DestroyWindow

  GetForegroundWindow

  LoadImageA

  UnhookWindowsHookEx

  ScreenToClient

  HideCaret

  GetCursorPos

  SetWindowTextA

  InvalidateRect

  GetWindowRgn

  MessageBoxA

  GetDC

  SetForegroundWindow

  SetWindowRgn

  SetMenuItemInfoA

  GetMenuItemCount

  GetMenu

  CreateAcceleratorTableA

  EnableWindow

  SendInput

  SetKeyboardState

  GetKeyboardState

  IsDlgButtonChecked

  SetDlgItemTextA

  GetDlgItem

  DialogBoxIndirectParamA

  CreateDialogParamA

  SetWindowPos

  LoadStringA

  LoadIconA

  LoadCursorA

  EnumWindows

  FindWindowA

  EnumChildWindows

  gdi32

  CreateSolidBrush

  DeleteObject

  DescribePixelFormat

  CombineRgn

  CreatePen

  CreateRectRgn

  SetViewportOrgEx

  SelectObject

  comdlg32

  GetOpenFileNameA

  advapi32

  LsaQueryInformationPolicy

  LsaFreeMemory

  shell32

  SHGetSpecialFolderLocation

  ole32

  RevokeDragDrop

  StringFromGUID2

  CoCreateInstance

  CoInitialize

  CoLockObjectExternal

  CoUninitialize

  oleaut32

  VariantInit

  VariantClear

  VarDecSu

  OleTranslateColor

  SysAllocString

  glu32

  gluScaleImage

  comctl32

  ImageList_ReplaceIcon

  ImageList_Destroy

  ImageList_Create

  ord17

  winmm

  mmioStringToFOURCCA

  imm32

  ImmGetStatusWindowPos

  ImmGetVirtualKey

  ImmIsIME

  ws2_32

  WSAWaitForMultipleEvents

  WSASetEvent

  WSASendDisconnect

  recv

  WSAStartup

  WSACleanup

  accept

  bind

  closesocket

  WSAResetEvent

  listen

  htons

  shutdown

  socket

  WSACloseEvent

  WSACreateEvent

  WSAEnumNetworkEvents

  WSAEventSelect

  shlwapi

  ord14

  ord176

  msimg32

  GradientFill

  uxtheme

  GetThemeInt

  DrawThemeBackground

  netapi32

  NetWkstaGetInfo

  NetApiBufferFree

  avifil32

  AVIStreamStart

  AVIStreamLength

  Sections

  .text

  Size: 446KB - Virtual size: 445KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 103KB - Virtual size: 103KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 117KB - Virtual size: 117KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ