General

Malware Config

Signatures

Files

• 3a25ac74307f2358212c1cf753a9ae3ff548737ee6c6c0a789ca07464038bb5a

  .exe windows x86

  d98668b33e79fc5e98bf5fa12c79b6bf

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  MultiByteToWideChar

  OpenEventA

  OpenFile

  OpenFileMappingA

  OpenJobObjectA

  OpenProcess

  PeekConsoleInputW

  QueryPerformanceCounter

  RaiseException

  ReadFile

  ReadFileEx

  ReleaseSemaphore

  ResetEvent

  ResumeThread

  SetConsoleTitleA

  SetEvent

  SetFilePointer

  SetProcessWorkingSetSize

  MapViewOfFile

  SetVolumeLabelA

  SleepEx

  SystemTimeToFileTime

  TerminateProcess

  Thread32Next

  UnhandledExceptionFilter

  UnmapViewOfFile

  WaitForMultipleObjects

  WaitForSingleObject

  WaitNamedPipeA

  WideCharToMultiByte

  WriteFile

  _hwrite

  lstrcmpi

  lstrcpy

  lstrcpyn

  LocalFree

  LocalCompact

  LocalAlloc

  HeapAlloc

  LoadLibraryExW

  LeaveCriticalSection

  IsValidLanguageGroup

  IsBadWritePtr

  IsBadReadPtr

  InterlockedIncrement

  InterlockedExchangeAdd

  InterlockedDecrement

  InitializeCriticalSection

  HeapSize

  HeapFree

  HeapDestroy

  HeapCreate

  Heap32First

  GlobalUnfix

  GlobalFindAtomW

  GetVersionExA

  GetTimeFormatW

  GetTempPathA

  GetTempFileNameW

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemDirectoryW

  GetStringTypeExW

  GetStdHandle

  GetProcessHeaps

  GetModuleFileNameW

  GetLogicalDrives

  GetLogicalDriveStringsW

  GetLocalTime

  GetFileAttributesExW

  GetDiskFreeSpaceA

  GetCurrentProcess

  GetConsoleCursorInfo

  GetConsoleAliasesLengthA

  GetComputerNameA

  GetCPInfoExW

  GetACP

  FreeLibrary

  FormatMessageW

  FormatMessageA

  FlushViewOfFile

  FlushFileBuffers

  FindFirstFileW

  FillConsoleOutputAttribute

  ExpandEnvironmentStringsW

  ExitProcess

  EnterCriticalSection

  DuplicateHandle

  DisableThreadLibraryCalls

  DeleteCriticalSection

  CreateThread

  CreateSemaphoreA

  CreateProcessW

  CreateNamedPipeA

  CreateHardLinkW

  CreateFileW

  CreateFileMappingA

  CreateFileA

  CreateEventA

  CreateDirectoryW

  ConvertDefaultLocale

  ConnectNamedPipe

  CompareFileTime

  CloseHandle

  BuildCommDCBAndTimeoutsA

  GetProcAddress

  lstrlenA

  GetCurrentProcessId

  GetDriveTypeW

  GetModuleHandleA

  GetFileAttributesW

  GlobalAlloc

  GetStartupInfoA

  GetCommandLineW

  LoadLibraryA

  GetModuleHandleW

  GetFileAttributesA

  GetDriveTypeA

  LoadLibraryW

  GetCommandLineA

  GetTickCount

  GetProcessHeap

  GetLastError

  GetVersion

  lstrlenW

  GetCurrentThreadId

  SetUnhandledExceptionFilter

  user32

  SetWindowsHookW

  SendDlgItemMessageW

  RegisterClassA

  RedrawWindow

  PostThreadMessageA

  PostQuitMessage

  PackDDElParam

  OemToCharBuffA

  ModifyMenuW

  MessageBeep

  LoadCursorFromFileW

  IsCharAlphaA

  InvertRect

  GetWindowModuleFileNameW

  GetWindowModuleFileNameA

  GetMessageA

  GetKeyboardLayoutList

  GetKeyNameTextW

  GetClipboardViewer

  EnumWindows

  EditWndProc

  DragObject

  DlgDirSelectComboBoxExW

  DlgDirSelectComboBoxExA

  DispatchMessageA

  DestroyMenu

  DefDlgProcW

  DdeSetUserHandle

  DdeImpersonateClient

  CreateWindowStationW

  CreateWindowExA

  CopyIcon

  CloseWindowStation

  CheckRadioButton

  CheckMenuRadioItem

  CharPrevW

  CharNextW

  ChangeMenuA

  IsDlgButtonChecked

  SetWindowLongW

  UpdateWindow

  ShowWindow

  IsWindowVisible

  LoadIconA

  GetMenu

  EnableMenuItem

  LoadBitmapA

  GetDlgItem

  GetDC

  LoadBitmapW

  DestroyWindow

  SendMessageA

  GetSysColor

  DestroyIcon

  GetParent

  LoadIconW

  IsWindow

  GetSystemMetrics

  SendMessageW

  GetKeyState

  DefWindowProcA

  gdi32

  SetTextAlign

  DeleteDC

  CancelDC

  GetLayout

  GetDCPenColor

  DeleteEnhMetaFile

  GdiFlush

  SetTextColor

  FlattenPath

  DeleteMetaFile

  AbortPath

  CloseMetaFile

  AddFontResourceW

  CreatePatternBrush

  DeleteColorSpace

  SetBkMode

  CreateSolidBrush

  AbortDoc

  GetBkColor

  CloseFigure

  SelectObject

  GetGraphicsMode

  AddFontResourceA

  FillPath

  CreateMetaFileA

  EndPath

  BeginPath

  CreateMetaFileW

  EndDoc

  DeleteObject

  GetEnhMetaFileA

  GetBkMode

  EndPage

  GetEnhMetaFileW

  CreateDIBPatternBrushPt

  CreateRectRgn

  EngDeleteSemaphore

  EngDeleteSurface

  EngMultiByteToWideChar

  ExcludeClipRect

  ExtFloodFill

  ExtTextOutA

  GdiComment

  GdiConvertPalette

  GetEnhMetaFilePixelFormat

  GetPixelFormat

  GetRelAbs

  GetTextExtentExPointWPri

  GetTextExtentPointI

  Polyline

  SetColorAdjustment

  SetFontEnumeration

  SetICMProfileA

  StartDocW

  XLATEOBJ_iXlate

  GdiGetBatchLimit

  CreateCompatibleDC

  CloseEnhMetaFile

  SaveDC

  GetColorSpace

  CreateHalftonePalette

  GetDCBrushColor

  GetFontLanguageInfo

  advapi32

  CryptReleaseContext

  CryptAcquireContextA

  CloseServiceHandle

  CheckTokenMembership

  AllocateAndInitializeSid

  AddAccessAllowedAce

  RegQueryValueExW

  StartServiceCtrlDispatcherA

  SetServiceStatus

  SetSecurityDescriptorDacl

  ReportEventA

  RegisterServiceCtrlHandlerExA

  RegisterEventSourceA

  RegSetValueExA

  RegQueryValueExA

  RegOpenKeyExW

  RegOpenKeyExA

  RegNotifyChangeKeyValue

  RegCloseKey

  QueryServiceStatus

  OpenServiceA

  OpenSCManagerA

  InitializeSecurityDescriptor

  InitializeAcl

  GetLengthSid

  FreeSid

  CryptGenRandom

  shell32

  Shell_NotifyIconW

  Shell_NotifyIconA

  SHQueryRecycleBinA

  SHPathPrepareForWriteW

  SHIsFileAvailableOffline

  SHGetPathFromIDListA

  SHGetMalloc

  SHGetInstanceExplorer

  SHGetIconOverlayIndexW

  SHGetFolderPathW

  SHGetFileInfoW

  SHGetDiskFreeSpaceExW

  SHGetDiskFreeSpaceExA

  SHGetDiskFreeSpaceA

  SHFormatDrive

  SHFileOperation

  SHEmptyRecycleBinW

  SHCreateProcessAsUserW

  SHCreateDirectoryExW

  SHCreateDirectoryExA

  SHBrowseForFolderW

  SHBrowseForFolderA

  SHBindToParent

  SHAppBarMessage

  ExtractIconExW

  ExtractIconExA

  ExtractIconEx

  ExtractAssociatedIconW

  ExtractAssociatedIconExW

  ExtractAssociatedIconA

  DragQueryFileW

  DragQueryFileAorW

  DragQueryFile

  DoEnvironmentSubstA

  ole32

  CoInitialize

  CoUninitialize

  CoCreateInstance

  shlwapi

  StrRChrW

  StrCmpNIW

  StrChrA

  StrCmpNA

  StrRChrIW

  StrCmpNIA

  winmm

  timeGetTime

  msvcrt

  wcsrchr

  wcsstr

  wcstok

  _strnicmp

  _XcptFilter

  __getmainargs

  __initenv

  __p__commode

  __p__fmode

  __set_app_type

  __setusermatherr

  _acmdln

  _adjust_fdiv

  _c_exit

  _cexit

  _controlfp

  _except_handler3

  _exit

  _ftol

  _initterm

  _iob

  _snprintf

  _snwprintf

  _stricmp

  _vsnprintf

  _wcsicmp

  _wtol

  atoi

  exit

  floor

  fprintf

  free

  malloc

  memmove

  perror

  rand

  sprintf

  strncpy

  strtoul

  wcscat

  wcschr

  wcscmp

  wcscpy

  wcslen

  wcsncat

  Sections

  .text

  Size: 284KB - Virtual size: 284KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 13KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 55KB - Virtual size: 54KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ