General

Malware Config

Signatures

Files

• 229b6c4fa6bf3086364bbb00da7199f5e5c006062b8d986aebc6a68efe28516f

  .exe windows x86

  7d89350d578678f9d7c2fc2565db7108

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetSystemDirectoryA

  MapViewOfFile

  GetVersionExA

  GetEnvironmentVariableA

  GetModuleHandleW

  EnterCriticalSection

  CreateFileMappingA

  OpenFileMappingA

  GetProcAddress

  CreateEventA

  GetFileSize

  CreateJobObjectW

  CreateMutexA

  LoadLibraryExW

  LoadLibraryA

  lstrcat

  ReadFile

  GetOEMCP

  CopyFileExW

  CreateFileW

  GetExitCodeProcess

  DeleteFileW

  WriteConsoleA

  CloseHandle

  GetLogicalDriveStringsA

  CreateSemaphoreW

  GetDateFormatA

  GetCommandLineA

  CompareStringA

  SetLocalTime

  cmpbk32

  PhoneBookLoad

  PhoneBookEnumNumbers

  user32

  LoadCursorW

  IsDialogMessageA

  PostMessageA

  LoadMenuW

  LoadIconW

  PeekMessageW

  GetPropA

  LoadBitmapA

  DialogBoxParamW

  InsertMenuW

  FindWindowA

  CharToOemW

  DispatchMessageA

  IsCharLowerA

  GetDlgItemTextA

  wsprintfW

  Sections

  text

  Size: 18KB - Virtual size: 17KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .zdata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .zdata

  Size: 1024B - Virtual size: 710B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 74KB - Virtual size: 74KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ