General

Malware Config

Signatures

Files

• 3f6fb13462259057e08c219d56d73a41d7ecd6c5e473fe5a22b7e295003e43cc

  .exe windows x86

  948cc67f21407b85a1406a2b8918fa4f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrcpyA

  DebugActiveProcessStop

  GetLocalTime

  OutputDebugStringA

  VirtualAlloc

  GetModuleHandleA

  GetProcAddress

  GetFileAttributesA

  GetCurrentProcess

  EnumDateFormatsA

  GetLogicalDrives

  GetWindowsDirectoryW

  GetLogicalDriveStringsA

  GetVolumeNameForVolumeMountPointA

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindNextVolumeMountPointA

  FindFirstVolumeMountPointA

  FindVolumeMountPointClose

  CreateEventA

  GetCurrentThread

  QueueUserAPC

  SleepEx

  CloseHandle

  CreateMutexA

  CopyFileW

  GetVersionExA

  GetSystemInfo

  GlobalFree

  GlobalAlloc

  WaitForSingleObject

  Sleep

  ReleaseMutex

  SetEvent

  GetStringTypeExA

  lstrlenA

  lstrcmpiA

  CompareStringW

  CompareStringA

  GetVersion

  GetLastError

  WideCharToMultiByte

  MultiByteToWideChar

  InterlockedExchange

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  SetStdHandle

  SetEnvironmentVariableA

  GetConsoleMode

  GetConsoleCP

  GetStringTypeW

  GetStringTypeA

  GetTimeZoneInformation

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetFileType

  SetHandleCount

  LCMapStringW

  LCMapStringA

  IsValidCodePage

  GetACP

  GetStdHandle

  HeapCreate

  HeapDestroy

  VirtualFree

  HeapSize

  GetStartupInfoA

  GetProcessHeap

  GetCommandLineA

  ExitProcess

  CreateThread

  ExitThread

  RaiseException

  IsDebuggerPresent

  SizeofResource

  LockResource

  LoadResource

  FindResourceA

  SetLastError

  GlobalAddAtomA

  GlobalGetAtomNameA

  LoadLibraryA

  GetCurrentProcessId

  GlobalUnlock

  GlobalLock

  MulDiv

  LocalFree

  FormatMessageA

  FreeResource

  lstrcmpW

  FreeLibrary

  GlobalDeleteAtom

  GlobalFindAtomA

  GetCurrentThreadId

  SetFileTime

  GetFileTime

  GetTempFileNameA

  GetFullPathNameA

  GetDiskFreeSpaceA

  InterlockedIncrement

  InterlockedDecrement

  GetModuleFileNameW

  lstrcmpA

  GetLocaleInfoA

  EnumResourceLanguagesA

  GetModuleFileNameA

  ConvertDefaultLocale

  GetTickCount

  GlobalFlags

  LocalAlloc

  LeaveCriticalSection

  TlsGetValue

  EnterCriticalSection

  GlobalReAlloc

  GlobalHandle

  InitializeCriticalSection

  TlsAlloc

  TlsSetValue

  LocalReAlloc

  DeleteCriticalSection

  TlsFree

  GetCPInfo

  GetOEMCP

  MoveFileA

  DeleteFileA

  GetThreadLocale

  ReadFile

  WriteFile

  SetFilePointer

  FlushFileBuffers

  LockFile

  UnlockFile

  SetEndOfFile

  GetFileSize

  DuplicateHandle

  FindClose

  FindFirstFileA

  GetVolumeInformationA

  GetShortPathNameA

  CreateFileA

  LocalFileTimeToFileTime

  SystemTimeToFileTime

  GetPrivateProfileIntA

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  GetCurrentDirectoryA

  SetErrorMode

  HeapAlloc

  HeapFree

  RtlUnwind

  HeapReAlloc

  VirtualProtect

  VirtualQuery

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  user32

  WinHelpA

  DestroyMenu

  LoadMenuA

  ReuseDDElParam

  UnpackDDElParam

  GetSysColor

  GetClassNameA

  RegisterWindowMessageA

  InsertMenuA

  AppendMenuA

  GetMenuStringA

  GetMenuState

  ReleaseDC

  GetSystemMetrics

  PtInRect

  IsZoomed

  GetWindowPlacement

  SystemParametersInfoA

  CallWindowProcA

  DefWindowProcA

  DeferWindowPos

  RegisterClassA

  GetClassInfoExA

  SetForegroundWindow

  MapWindowPoints

  GetMessagePos

  GetMessageTime

  UnhookWindowsHookEx

  GetTopWindow

  EndDeferWindowPos

  BeginDeferWindowPos

  GetForegroundWindow

  GetWindowTextA

  GetWindowTextLengthA

  RemovePropA

  GetPropA

  SetPropA

  GetClassLongA

  CallNextHookEx

  SetWindowsHookExA

  IsChild

  CheckMenuItem

  EnableMenuItem

  ModifyMenuA

  LoadBitmapA

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  IsDialogMessageA

  IsRectEmpty

  DeleteMenu

  GetSystemMenu

  SetParent

  PostQuitMessage

  GetNextDlgTabItem

  CreateDialogIndirectParamA

  ValidateRect

  ShowOwnedPopups

  RegisterClipboardFormatA

  FillRect

  TabbedTextOutA

  DrawTextA

  DrawTextExA

  GrayStringA

  BeginPaint

  EndPaint

  GetMenuItemInfoA

  GetSysColorBrush

  SetRect

  SetTimer

  KillTimer

  WindowFromPoint

  GetDCEx

  LockWindowUpdate

  SetCapture

  UnregisterClassA

  SetWindowPos

  PostThreadMessageA

  SetFocus

  GetWindowThreadProcessId

  GetActiveWindow

  EqualRect

  GetKeyState

  GetDlgCtrlID

  LoadIconA

  GetCapture

  ReleaseCapture

  LoadAcceleratorsA

  IsWindow

  GetWindow

  BringWindowToTop

  GetParent

  IsWindowVisible

  InvalidateRect

  IsIconic

  InsertMenuItemA

  GetLastActivePopup

  SetRectEmpty

  GetClipboardData

  GetAncestor

  CheckMenuRadioItem

  GetCursorPos

  InflateRect

  wsprintfA

  LoadCursorA

  RegisterClassExA

  CreateWindowExA

  DispatchMessageA

  GetMessageA

  SetWindowTextA

  GetDesktopWindow

  SetActiveWindow

  ClientToScreen

  SendDlgItemMessageA

  LoadImageA

  TrackPopupMenu

  EndDialog

  ScreenToClient

  ShowWindow

  SetDlgItemTextA

  GetDlgItemTextA

  DestroyWindow

  CreateMenu

  AppendMenuW

  SetMenu

  EnumDisplaySettingsA

  ChangeDisplaySettingsA

  CreatePopupMenu

  CreateDialogParamW

  SetWindowLongA

  SetCursor

  SetScrollPos

  GetClientRect

  GetWindowDC

  IsWindowEnabled

  GetFocus

  GetWindowRect

  GetDlgItem

  SendMessageA

  PostMessageA

  DialogBoxParamA

  GetMenu

  GetSubMenu

  GetWindowLongA

  AdjustWindowRectEx

  MoveWindow

  CopyRect

  PeekMessageA

  TranslateAcceleratorA

  OffsetRect

  IntersectRect

  GetClassInfoA

  GetMenuItemCount

  GetMenuItemID

  TranslateMDISysAccel

  TranslateMessage

  WaitMessage

  MessageBoxA

  DestroyIcon

  GetDC

  CreateIconIndirect

  UpdateWindow

  MessageBeep

  EnableWindow

  CharUpperA

  gdi32

  SetBkMode

  RestoreDC

  SaveDC

  CreateBitmap

  SetMapMode

  GetStockObject

  CreateDIBSection

  GetClipBox

  GetTextCharsetInfo

  GetDeviceCaps

  SetBkColor

  ExtTextOutA

  SetStretchBltMode

  StretchBlt

  SetTextColor

  SetTextAlign

  MoveToEx

  CreateCompatibleDC

  CreateCompatibleBitmap

  SelectObject

  CreateSolidBrush

  PatBlt

  DeleteObject

  CreateEllipticRgn

  FillRgn

  GetTextExtentPoint32A

  GetTextMetricsA

  GetStretchBltMode

  StretchDIBits

  GetObjectA

  CreateFontA

  GetCharWidthA

  GetPixel

  GetBkColor

  CombineRgn

  SetRectRgn

  CreateRectRgnIndirect

  CreateFontIndirectA

  CreatePatternBrush

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  Escape

  TextOutA

  RectVisible

  PtVisible

  BitBlt

  CreateRectRgn

  SelectClipRgn

  IntersectClipRect

  ExcludeClipRect

  DeleteDC

  comdlg32

  GetOpenFileNameA

  GetFileTitleA

  advapi32

  RegCloseKey

  RegOpenKeyA

  SetFileSecurityA

  GetFileSecurityA

  RegOpenKeyExA

  RegQueryValueExA

  RegDeleteKeyA

  RegEnumKeyA

  RegQueryValueA

  RegSetValueExA

  RegDeleteValueA

  RegCreateKeyExA

  RegCreateKeyA

  RegSetValueA

  RegisterEventSourceA

  GetLengthSid

  ConvertStringSidToSidA

  shell32

  SHGetFolderPathA

  DragQueryFileA

  SHGetFileInfoA

  DragFinish

  ExtractIconA

  SHGetSpecialFolderLocation

  ole32

  CoDisconnectObject

  OleInitialize

  CoFreeUnusedLibraries

  RegisterDragDrop

  CoLockObjectExternal

  CoTaskMemFree

  OleUninitialize

  CoRevokeClassObject

  CoRegisterClassObject

  CoTaskMemAlloc

  StringFromCLSID

  CoRegisterMessageFilter

  OleFlushClipboard

  OleIsCurrentClipboard

  oleaut32

  SystemTimeToVariantTime

  SysAllocStringLen

  VariantClear

  VariantChangeType

  VariantInit

  VariantCopy

  LoadTypeLi

  SysAllocStringByteLen

  SysStringLen

  SysFreeString

  SysAllocString

  SysStringByteLen

  msimg32

  GradientFill

  comctl32

  ord17

  CreateStatusWindowW

  ImageList_Create

  shlwapi

  PathIsUNCA

  PathFindFileNameA

  PathAppendW

  PathCompactPathA

  PathFindExtensionA

  PathStripToRootA

  oledlg

  ord8

  urlmon

  ObtainUserAgentString

  wininet

  InternetOpenA

  InternetConnectA

  ws2_32

  htonl

  WSAGetLastError

  WSACleanup

  WSASocketA

  WSAStartup

  msi

  ord17

  ord8

  ord64

  msvfw32

  ICCompressorChoose

  winmm

  mciSendStringA

  waveInGetDevCapsA

  pdh

  PdhOpenQueryA

  PdhGetFormattedCounterValue

  rpcrt4

  UuidCreate

  UuidToStringW

  dbghelp

  EnumerateLoadedModules

  uxtheme

  IsThemeBackgroundPartiallyTransparent

  DrawThemeParentBackground

  rasapi32

  RasDialA

  RasDeleteSubEntryA

  RasHangUpA

  RasGetErrorStringA

  tapi32

  phoneGetLamp

  winspool.drv

  OpenPrinterA

  ClosePrinter

  DocumentPropertiesA

  Sections

  .text

  Size: 288KB - Virtual size: 284KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 80KB - Virtual size: 79KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 20KB - Virtual size: 31KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 552KB - Virtual size: 548KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ