General

Malware Config

Signatures

Files

• 1dd04f68980746cb71556b2b6c5bebf0f8d120051d1a76888d9c7af522f06642

  .exe windows x86

  762b1304908e7dde82961ff6a397e37e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  rpcrt4

  RpcServerRegisterIfEx

  advapi32

  FreeSid

  user32

  SetWindowRgn

  SetWindowContextHelpId

  CallNextHookEx

  SetCaretBlinkTime

  SetCursor

  oleaut32

  VarI8FromR4

  kernel32

  DeleteVolumeMountPointW

  GetCurrentProcess

  LocalFlags

  SetHandleInformation

  LocalSize

  GetStdHandle

  GetExitCodeThread

  GetCommandLineA

  GetProcessVersion

  LocalReAlloc

  GetCurrentThread

  psapi

  GetModuleFileNameExW

  esent

  JetEndSession

  Sections

  .text

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 56KB - Virtual size: 55KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 842B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  aei

  Size: 36KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  9B|PsbB+

  Size: 84KB - Virtual size: 82KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 845B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ