General

Malware Config

Signatures

Files

• e19c56c5979310b9db0c48a70ce4e2fb5d72472150d0108d9ea79e70f47256f9

  .exe windows x86

  53cf06e69ab6814920d9046a288a6256

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleFileNameA

  InterlockedDecrement

  GetLocaleInfoA

  InterlockedIncrement

  _lwrite

  SetCommTimeouts

  GetSystemDirectoryA

  MoveFileExW

  CreateEventW

  WriteConsoleW

  VerifyVersionInfoW

  WaitNamedPipeW

  BuildCommDCBW

  LoadLibraryA

  FindResourceExA

  DeleteTimerQueue

  GetFirmwareEnvironmentVariableW

  GetConsoleAliasExesLengthA

  EnumTimeFormatsW

  CopyFileA

  ReadConsoleOutputCharacterW

  GetConsoleAliasesLengthA

  LocalAlloc

  GetProcAddress

  UnhandledExceptionFilter

  SetConsoleDisplayMode

  GetSystemWindowsDirectoryW

  LoadResource

  EndUpdateResourceW

  WritePrivateProfileStringA

  EnumResourceNamesA

  LocalReAlloc

  SetFileAttributesA

  AreFileApisANSI

  GetCurrentDirectoryW

  GetConsoleAliasesLengthW

  GetAtomNameA

  GetFileAttributesW

  SetConsoleTitleW

  VerSetConditionMask

  SetProcessWorkingSetSize

  GetLongPathNameA

  GetThreadLocale

  GetProcessHandleCount

  GetSystemDefaultLCID

  GetCurrentProcessId

  GetLastError

  SetCommBreak

  BuildCommDCBAndTimeoutsW

  OpenJobObjectA

  EnterCriticalSection

  EnumCalendarInfoExA

  SetConsoleMode

  GetDiskFreeSpaceA

  GetConsoleAliasExesA

  GlobalMemoryStatusEx

  WriteConsoleOutputCharacterA

  IsDBCSLeadByte

  WriteConsoleOutputCharacterW

  SetLastError

  SetEndOfFile

  CreateFileW

  GetUserDefaultLangID

  LoadLibraryW

  HeapReAlloc

  HeapFree

  HeapAlloc

  RaiseException

  RtlUnwind

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  EncodePointer

  DecodePointer

  IsProcessorFeaturePresent

  LeaveCriticalSection

  SetHandleCount

  GetStdHandle

  InitializeCriticalSectionAndSpinCount

  GetFileType

  DeleteCriticalSection

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  TerminateProcess

  GetCurrentProcess

  SetFilePointer

  HeapCreate

  GetModuleHandleW

  ExitProcess

  WriteFile

  GetModuleFileNameW

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetCurrentThreadId

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  WideCharToMultiByte

  GetConsoleCP

  GetConsoleMode

  CloseHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  Sleep

  SetStdHandle

  FlushFileBuffers

  HeapSize

  LCMapStringW

  MultiByteToWideChar

  GetStringTypeW

  ReadFile

  CreateFileA

  GetProcessHeap

  user32

  ClientToScreen

  gdi32

  GetTextExtentPoint32A

  winhttp

  WinHttpCloseHandle

  Sections

  .text

  Size: 258KB - Virtual size: 258KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 40.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .kov

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .kabu

  Size: 1024B - Virtual size: 624B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .gepifo

  Size: 512B - Virtual size: 23B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .demoma

  Size: 1024B - Virtual size: 963B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 120KB - Virtual size: 120KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ