General

Malware Config

Signatures

Files

• 86afff66a5a14f4d4c2da65a8c2cc50b84069db52dc9ea33aa640c8dc53bcb7b

  .exe windows x86

  688e092bbc71499faef90e22429b9010

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FindNextChangeNotification

  GetNamedPipeHandleStateW

  GetQueuedCompletionStatus

  ExitProcess

  GetProcessId

  VerifyVersionInfoA

  EnumDateFormatsA

  FillConsoleOutputCharacterA

  FindNextFileA

  CopyFileExW

  BuildCommDCBAndTimeoutsW

  VirtualUnlock

  WriteProfileStringW

  VerifyVersionInfoW

  GetDriveTypeA

  GetFileType

  DeleteFileW

  FindNextVolumeMountPointW

  OutputDebugStringA

  ResetWriteWatch

  WriteConsoleInputW

  GetConsoleTitleA

  GetComputerNameExW

  GetTimeZoneInformation

  GetThreadPriority

  CallNamedPipeA

  LoadLibraryA

  GetSystemDirectoryA

  GetDriveTypeW

  BuildCommDCBAndTimeoutsA

  ReleaseActCtx

  GetProfileSectionW

  GetCommandLineW

  InterlockedIncrement

  AddRefActCtx

  FindResourceW

  FormatMessageA

  GetModuleFileNameA

  CreateJobObjectA

  InitializeCriticalSection

  SetFirmwareEnvironmentVariableW

  FindNextVolumeA

  GetExitCodeThread

  CreateNamedPipeW

  WritePrivateProfileStringW

  GetConsoleAliasesLengthA

  WriteProfileSectionW

  AddAtomW

  InterlockedDecrement

  GetVersionExW

  HeapFree

  _hwrite

  GetStartupInfoA

  ConnectNamedPipe

  GetCPInfoExW

  GetSystemWow64DirectoryW

  GetLastError

  GetPrivateProfileIntA

  GetConsoleAliasExesA

  DebugBreak

  EndUpdateResourceW

  GetTickCount

  InterlockedExchangeAdd

  GetStringTypeExA

  DeleteVolumeMountPointW

  GetModuleHandleA

  SetDefaultCommConfigA

  lstrcpyA

  GetSystemWindowsDirectoryA

  TerminateThread

  GetOEMCP

  _lwrite

  GetNamedPipeHandleStateA

  GetDiskFreeSpaceExW

  IsProcessInJob

  WriteConsoleA

  VirtualProtect

  ReadConsoleOutputA

  SetThreadContext

  BuildCommDCBW

  FoldStringA

  GetHandleInformation

  WritePrivateProfileSectionA

  DeleteCriticalSection

  GetFileAttributesA

  OpenWaitableTimerW

  CopyFileW

  MoveFileW

  GlobalMemoryStatus

  ResetEvent

  UnlockFile

  DisableThreadLibraryCalls

  GetOverlappedResult

  ChangeTimerQueueTimer

  MoveFileA

  GlobalAlloc

  SetCommMask

  SetFileShortNameW

  GetFileAttributesW

  FreeEnvironmentStringsA

  ActivateActCtx

  GetProfileStringA

  GetConsoleAliasesA

  ReadConsoleInputW

  CreateMailslotW

  EnumDateFormatsW

  SetConsoleOutputCP

  GetStdHandle

  SetLocalTime

  FoldStringW

  CallNamedPipeW

  GetConsoleAliasExesLengthW

  GetCurrentActCtx

  OpenSemaphoreW

  GetModuleHandleExA

  AddAtomA

  LoadLibraryW

  SetComputerNameW

  LocalFlags

  FindFirstVolumeW

  CancelDeviceWakeupRequest

  SetFileTime

  lstrcatW

  OpenWaitableTimerA

  EnumResourceNamesW

  OpenFileMappingA

  GetFileSize

  UnregisterWait

  UnhandledExceptionFilter

  SetProcessShutdownParameters

  lstrcpynW

  GlobalUnWire

  FillConsoleOutputCharacterW

  GetCompressedFileSizeW

  ReadConsoleW

  FreeUserPhysicalPages

  WriteConsoleOutputCharacterW

  TerminateJobObject

  SetLastError

  Sleep

  EnterCriticalSection

  LeaveCriticalSection

  RaiseException

  RtlUnwind

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetModuleFileNameW

  WideCharToMultiByte

  GetCommandLineA

  HeapValidate

  IsBadReadPtr

  GetProcAddress

  TlsGetValue

  GetModuleHandleW

  TlsAlloc

  TlsSetValue

  GetCurrentThreadId

  TlsFree

  WriteFile

  WriteConsoleW

  OutputDebugStringW

  GetACP

  GetCPInfo

  IsValidCodePage

  CloseHandle

  SetStdHandle

  GetConsoleCP

  GetConsoleMode

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  HeapDestroy

  HeapCreate

  VirtualFree

  FlushFileBuffers

  HeapAlloc

  HeapSize

  HeapReAlloc

  VirtualAlloc

  InitializeCriticalSectionAndSpinCount

  MultiByteToWideChar

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  GetConsoleOutputCP

  SetFilePointer

  CreateFileA

  DeleteFileA

  Sections

  .text

  Size: 191KB - Virtual size: 191KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 71KB - Virtual size: 7.0MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .jeze

  Size: 512B - Virtual size: 75B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .coxowu

  Size: 512B - Virtual size: 74B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ