General

Malware Config

Signatures

Files

• 2391d4e6b02d6ba9ce47ca34a88260c83c2f72a0886932be5a63c117a31c9488

  .exe windows x86

  a878771c0ee24546c95273f00a472466

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  resutils

  ResUtilGetBinaryValue

  ClusWorkerStart

  ResUtilDupString

  ClusWorkerTerminate

  cfgmgr32

  CM_Add_Empty_Log_Conf

  CMP_Report_LogOn

  CMP_Init_Detection

  CM_Add_Range

  advapi32

  ReadEventLogA

  RegUnLoadKeyW

  RegRestoreKeyW

  RegCreateKeyExW

  RegLoadKeyW

  OpenEventLogA

  RegOpenKeyA

  RegSaveKeyA

  LogonUserA

  RegEnumKeyA

  RegDeleteValueW

  kernel32

  EnterCriticalSection

  LoadLibraryExW

  Sleep

  OpenFileMappingA

  lstrlen

  GetDateFormatA

  GetCommandLineA

  GetModuleHandleA

  GetShortPathNameA

  GetCurrentThreadId

  WaitForSingleObject

  lstrcat

  Sleep

  CreateMailslotW

  GetProcAddress

  GetSystemDirectoryW

  user32

  LoadMenuA

  GetDlgItemTextA

  GetPropW

  DrawStateW

  LoadBitmapW

  LoadIconA

  CharToOemW

  FindWindowA

  InsertMenuW

  LoadCursorA

  wsprintfA

  DialogBoxParamA

  IsCharLowerA

  CreateWindowExW

  PeekMessageW

  cmutil

  CmMalloc

  CmRealloc

  Sections

  .text

  Size: 123KB - Virtual size: 122KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 693B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ