General

Malware Config

Signatures

Files

• File.exe

  .exe windows x86

  8c4105a8833eb6f5aff1196f6e0fcdfb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVolumePathNameW

  GetLocaleInfoW

  IsProcessInJob

  SizeofResource

  GetConsoleAliasExesLengthW

  GetSystemTimeAdjustment

  LeaveCriticalSection

  GetFileAttributesA

  GetFileAttributesW

  ReadFile

  GetCompressedFileSizeA

  GetTimeZoneInformation

  lstrcatA

  GetEnvironmentVariableA

  SetConsoleTitleA

  WritePrivateProfileStringW

  CreateJobObjectA

  GetHandleInformation

  GetLastError

  GetLongPathNameW

  GetPriorityClass

  BeginUpdateResourceW

  EnumDateFormatsExA

  CreateMemoryResourceNotification

  DisableThreadLibraryCalls

  GetAtomNameA

  LoadLibraryA

  LocalAlloc

  SetCalendarInfoW

  GetProfileStringA

  SetCommMask

  GetModuleFileNameA

  GetModuleHandleA

  VirtualProtect

  GetCurrentDirectoryA

  WaitForDebugEvent

  GetCurrentProcessId

  SetFileAttributesW

  LCMapStringW

  SetEnvironmentVariableA

  CompareStringW

  GetModuleHandleW

  FreeEnvironmentStringsA

  InitializeSListHead

  WriteConsoleOutputCharacterA

  SetFilePointer

  SetDefaultCommConfigA

  HeapSize

  LocalUnlock

  Sleep

  GetProcAddress

  ExitProcess

  GetStartupInfoW

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  SetStdHandle

  EnterCriticalSection

  GetFileType

  WriteFile

  WideCharToMultiByte

  GetConsoleCP

  GetConsoleMode

  HeapAlloc

  RtlUnwind

  HeapFree

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  SetLastError

  GetCurrentThreadId

  InterlockedDecrement

  GetCurrentThread

  GetStdHandle

  DeleteCriticalSection

  FatalAppExitA

  SetConsoleCtrlHandler

  FreeLibrary

  InterlockedExchange

  InitializeCriticalSectionAndSpinCount

  GetModuleFileNameW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetStartupInfoA

  HeapCreate

  HeapDestroy

  VirtualFree

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  MultiByteToWideChar

  VirtualAlloc

  HeapReAlloc

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  CloseHandle

  CreateFileA

  GetLocaleInfoA

  LCMapStringA

  GetStringTypeA

  GetStringTypeW

  GetTimeFormatA

  GetDateFormatA

  GetUserDefaultLCID

  EnumSystemLocalesA

  IsValidLocale

  FlushFileBuffers

  SetEndOfFile

  GetProcessHeap

  CompareStringA

  RaiseException

  user32

  GetProcessDefaultLayout

  advapi32

  OpenEventLogA

  RegCreateKeyA

  GetPrivateObjectSecurity

  EqualPrefixSid

  EqualSid

  GetServiceKeyNameW

  PrivilegedServiceAuditAlarmW

  Sections

  .text

  Size: 232KB - Virtual size: 232KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 15KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 9KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .sutidu

  Size: 1024B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ