General

Malware Config

Signatures

Files

• f3abcc258143d2a399f92aa58531fd2c13e5d16c7fa7ea351d08108a5b35da92

  .exe windows x86

  34bfe2a3b2e75366758fa87d7b6da46f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetOEMCP

  SetErrorMode

  FileTimeToLocalFileTime

  GetFileSizeEx

  GetFileTime

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  FindNextFileA

  ExitThread

  CreateThread

  GetFileType

  GetConsoleCP

  GetConsoleMode

  GetCommandLineA

  GetStartupInfoA

  RtlUnwind

  RaiseException

  VirtualProtect

  VirtualQuery

  ExitProcess

  GetCPInfo

  IsValidCodePage

  VirtualFree

  GetStdHandle

  SetHandleCount

  LCMapStringA

  LCMapStringW

  GetTimeZoneInformation

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  InitializeCriticalSectionAndSpinCount

  GetStringTypeA

  GetStringTypeW

  CompareStringW

  SetEnvironmentVariableA

  InterlockedIncrement

  GetModuleHandleW

  TlsFree

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  GlobalHandle

  TlsGetValue

  FileTimeToSystemTime

  GlobalFlags

  GetCurrentThread

  ConvertDefaultLocale

  EnumResourceLanguagesA

  GetLocaleInfoA

  InterlockedExchange

  GetModuleFileNameW

  FindFirstFileA

  FindClose

  DuplicateHandle

  GetThreadLocale

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  CompareStringA

  lstrcmpW

  MulDiv

  FreeResource

  SetLastError

  InterlockedDecrement

  CopyFileA

  AreFileApisANSI

  GetSystemTime

  GetTempPathA

  GetCurrentProcessId

  DeleteFileW

  OutputDebugStringA

  GetCurrentThreadId

  DeleteCriticalSection

  GetFileAttributesExW

  GetSystemInfo

  GetDiskFreeSpaceA

  CreateFileMappingW

  GetDiskFreeSpaceW

  EnterCriticalSection

  LockFileEx

  HeapSize

  GetTempPathW

  FlushFileBuffers

  CreateFileW

  GetFileAttributesW

  HeapValidate

  HeapCreate

  GetFileAttributesA

  LeaveCriticalSection

  HeapDestroy

  GetVersionExW

  FormatMessageW

  Sleep

  InitializeCriticalSection

  WriteFile

  GetSystemTimeAsFileTime

  GetProcessHeap

  UnlockFileEx

  GetTickCount

  OutputDebugStringW

  WaitForSingleObjectEx

  LockFile

  FlushViewOfFile

  UnlockFile

  InterlockedCompareExchange

  HeapFree

  QueryPerformanceCounter

  SystemTimeToFileTime

  HeapAlloc

  SetEndOfFile

  TryEnterCriticalSection

  HeapCompact

  CreateMutexW

  HeapReAlloc

  GetFullPathNameA

  GetFullPathNameW

  CreateFileMappingA

  UnmapViewOfFile

  MapViewOfFile

  LocalAlloc

  WritePrivateProfileStringA

  GetSystemDirectoryA

  GetVersion

  GetModuleHandleA

  FormatMessageA

  VirtualAlloc

  GetVolumeInformationA

  GetDriveTypeA

  lstrcmpiA

  GetPrivateProfileIntA

  GetModuleFileNameA

  CreateProcessA

  WaitForSingleObject

  DeleteFileA

  GetLastError

  SetFilePointer

  GetFileSize

  lstrlenA

  lstrcmpA

  LoadLibraryA

  ReadFile

  CreateFileA

  GlobalReAlloc

  GlobalFree

  GlobalUnlock

  GlobalAlloc

  GlobalLock

  GetWindowsDirectoryA

  GetPrivateProfileSectionNamesA

  GetPrivateProfileStringA

  lstrcpyA

  LocalFree

  CloseHandle

  GetVersionExA

  GetProcAddress

  MultiByteToWideChar

  LoadLibraryW

  GetCurrentProcess

  FreeLibrary

  GetEnvironmentVariableA

  LockResource

  SizeofResource

  WideCharToMultiByte

  LoadResource

  GetACP

  FindResourceA

  user32

  ReleaseCapture

  UnregisterClassA

  GetSysColorBrush

  WindowFromPoint

  DestroyMenu

  GetMessageA

  TranslateMessage

  GetCursorPos

  ValidateRect

  SetWindowContextHelpId

  MapDialogRect

  PostQuitMessage

  SetRectEmpty

  GetWindowDC

  ReleaseDC

  GetDC

  ClientToScreen

  GrayStringA

  DrawTextExA

  DrawTextA

  TabbedTextOutA

  CharUpperA

  GetWindowThreadProcessId

  ShowWindow

  MoveWindow

  SetWindowTextA

  IsDialogMessageA

  SendDlgItemMessageA

  WinHelpA

  IsChild

  GetCapture

  SetWindowsHookExA

  CallNextHookEx

  GetClassLongA

  SetPropA

  GetPropA

  RemovePropA

  GetLastActivePopup

  DispatchMessageA

  GetTopWindow

  UnhookWindowsHookEx

  GetMessageTime

  GetMessagePos

  PeekMessageA

  TrackPopupMenu

  GetKeyState

  SetMenu

  EnableWindow

  RegisterWindowMessageA

  SetTimer

  KillTimer

  SetForegroundWindow

  UpdateWindow

  PostMessageA

  CreateWindowExA

  GetClassInfoExA

  GetClassInfoA

  RegisterClassA

  ScreenToClient

  EqualRect

  PtInRect

  GetDlgCtrlID

  DefWindowProcA

  CallWindowProcA

  GetMenu

  SetWindowLongA

  SetWindowPos

  SystemParametersInfoA

  GetWindowPlacement

  GetMenuItemID

  GetMenuItemCount

  GetDesktopWindow

  GetActiveWindow

  SetActiveWindow

  CreateDialogIndirectParamA

  DestroyWindow

  IsWindowEnabled

  GetNextDlgTabItem

  EndDialog

  GetWindowTextLengthA

  GetWindowTextA

  SetCapture

  CharNextA

  CopyAcceleratorTableA

  IsRectEmpty

  SetFocus

  SetMenuItemBitmaps

  InvalidateRgn

  GetNextDlgGroupItem

  MessageBeep

  RegisterClipboardFormatA

  PostThreadMessageA

  GetForegroundWindow

  SetRect

  LoadBitmapA

  wsprintfA

  MessageBoxA

  GetSysColor

  GetClientRect

  GetWindow

  GetSystemMetrics

  GetDlgItem

  OffsetRect

  SendMessageA

  DrawIcon

  LoadIconA

  LoadMenuA

  GetSubMenu

  IsIconic

  GetWindowRect

  InvalidateRect

  DrawStateA

  GetParent

  MapWindowPoints

  IsWindowVisible

  IsWindow

  BeginPaint

  SetWindowRgn

  EndPaint

  EndDeferWindowPos

  BeginDeferWindowPos

  DeferWindowPos

  AdjustWindowRectEx

  WindowFromDC

  GetWindowRgn

  GetWindowLongA

  GetScrollInfo

  IntersectRect

  GetMenuCheckMarkDimensions

  ModifyMenuA

  GetMenuState

  EnableMenuItem

  CheckMenuItem

  CharToOemA

  SetCursor

  GetFocus

  LoadCursorA

  CopyRect

  IsZoomed

  GetClassNameA

  IsMenu

  gdi32

  GetRgnBox

  GetTextColor

  GetBkColor

  GetTextMetricsA

  GetMapMode

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  ExtTextOutA

  TextOutA

  RectVisible

  PtVisible

  GetWindowExtEx

  GetViewportExtEx

  IntersectClipRect

  ExcludeClipRect

  SetMapMode

  SetBkMode

  RestoreDC

  SaveDC

  SetBkColor

  SetTextColor

  GetClipBox

  GetDeviceCaps

  GetClipRgn

  SelectClipRgn

  SetRectRgn

  CreateRectRgnIndirect

  OffsetRgn

  ExtSelectClipRgn

  CreatePolygonRgn

  CreateBitmap

  CreateCompatibleBitmap

  CreateRectRgn

  GetTextExtentPoint32A

  CreateFontIndirectA

  GetStockObject

  CreateSolidBrush

  CreateFontA

  BitBlt

  DeleteDC

  DeleteObject

  SelectObject

  GetObjectA

  GetPixel

  CombineRgn

  CreateCompatibleDC

  comdlg32

  GetFileTitleA

  winspool.drv

  DocumentPropertiesA

  ClosePrinter

  OpenPrinterA

  advapi32

  CryptCreateHash

  RegQueryValueExA

  RegOpenKeyExA

  RegEnumValueA

  RegOpenKeyA

  RegDeleteValueA

  RegSetValueExA

  RegCreateKeyExA

  RegQueryValueA

  RegDeleteKeyA

  GetUserNameA

  RegLoadKeyA

  RegUnLoadKeyA

  CryptGetHashParam

  CryptDestroyHash

  CryptDestroyKey

  CryptReleaseContext

  LookupAccountSidA

  GetTokenInformation

  CryptHashData

  CryptDecrypt

  RegEnumKeyA

  CryptAcquireContextA

  CryptDeriveKey

  RegEnumKeyExA

  LsaFreeMemory

  LsaRetrievePrivateData

  LsaClose

  LookupAccountNameA

  LsaOpenPolicy

  ConvertSidToStringSidA

  AdjustTokenPrivileges

  LookupPrivilegeValueA

  OpenProcessToken

  RegCloseKey

  shell32

  SHGetSpecialFolderPathA

  ShellExecuteA

  comctl32

  InitCommonControlsEx

  _TrackMouseEvent

  shlwapi

  PathFileExistsA

  StrStrIA

  PathStripToRootA

  PathIsUNCA

  PathFindExtensionA

  PathRemoveFileSpecW

  PathFindFileNameA

  oledlg

  ord8

  ole32

  CoRevokeClassObject

  OleInitialize

  CoFreeUnusedLibraries

  OleUninitialize

  CreateILockBytesOnHGlobal

  StgCreateDocfileOnILockBytes

  StgOpenStorageOnILockBytes

  CoGetClassObject

  CoInitializeEx

  CLSIDFromString

  CLSIDFromProgID

  OleIsCurrentClipboard

  OleRun

  CoInitialize

  CoUninitialize

  CoCreateInstance

  CoTaskMemFree

  StgOpenStorageEx

  OleFlushClipboard

  CoRegisterMessageFilter

  CoTaskMemAlloc

  oleaut32

  SysAllocStringByteLen

  SysStringByteLen

  SysFreeString

  SysStringLen

  VariantChangeType

  VariantInit

  SysAllocStringLen

  VariantCopy

  VariantClear

  SafeArrayDestroy

  VariantTimeToSystemTime

  OleCreateFontIndirect

  SysAllocString

  SystemTimeToVariantTime

  GetErrorInfo

  crypt32

  CryptUnprotectData

  netapi32

  NetUserEnum

  NetApiBufferFree

  rasapi32

  RasGetEntryPropertiesA

  RasGetEntryDialParamsA

  RasEnumEntriesA

  rpcrt4

  UuidToStringA

  RpcStringFreeA

  Exports

  Exports

  OPENSSL_Applink

  Sections

  .text

  Size: 1.3MB - Virtual size: 1.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 269KB - Virtual size: 269KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 74KB - Virtual size: 96KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 484KB - Virtual size: 484KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rmnet

  Size: 56KB - Virtual size: 60KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE