General

Malware Config

Signatures

Files

• b58ce9efc60bf3b96e5ae33f0ff0d5db.exe

  .exe windows x86

  fc255539af112dfe6f163215bbc89ca2

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FindNextChangeNotification

  GetNamedPipeHandleStateW

  GetQueuedCompletionStatus

  ExitProcess

  GetProcessId

  GetVersionExA

  VerifyVersionInfoA

  GetPrivateProfileStringW

  EnumDateFormatsA

  FillConsoleOutputCharacterA

  FindNextFileA

  CopyFileExW

  BuildCommDCBAndTimeoutsW

  VirtualLock

  WriteProfileStringW

  VerifyVersionInfoW

  GetDriveTypeA

  GetFileType

  DeleteFileW

  FindNextVolumeMountPointW

  OutputDebugStringA

  ResetWriteWatch

  WriteConsoleInputW

  GetConsoleTitleW

  GetComputerNameExW

  GetTimeZoneInformation

  GetThreadPriority

  CallNamedPipeA

  LoadLibraryA

  GetSystemDirectoryA

  GetDriveTypeW

  BuildCommDCBAndTimeoutsA

  ReleaseActCtx

  GetProfileSectionW

  GetCommandLineA

  InterlockedIncrement

  AddRefActCtx

  FindResourceW

  FormatMessageA

  GetModuleFileNameA

  CreateJobObjectA

  InitializeCriticalSection

  SetFirmwareEnvironmentVariableA

  FindNextVolumeA

  GetExitCodeThread

  CreateNamedPipeW

  WritePrivateProfileStringW

  GetConsoleAliasesLengthA

  WriteProfileSectionA

  AddAtomW

  InterlockedDecrement

  GetVersionExW

  HeapFree

  _hwrite

  GetStartupInfoW

  ConnectNamedPipe

  GetCPInfoExW

  GetSystemWow64DirectoryW

  GetLastError

  GetPrivateProfileIntA

  GetConsoleAliasExesA

  DebugBreak

  EndUpdateResourceA

  GetTickCount

  InterlockedExchangeAdd

  GetStringTypeExA

  DeleteVolumeMountPointW

  OpenFileMappingA

  GetModuleHandleA

  SetDefaultCommConfigA

  lstrcpyA

  GetSystemWindowsDirectoryA

  TerminateThread

  GetOEMCP

  _lwrite

  GetNamedPipeHandleStateA

  GetDiskFreeSpaceExW

  IsProcessInJob

  WriteConsoleW

  VirtualProtect

  ReadConsoleOutputA

  SetThreadContext

  FoldStringA

  WritePrivateProfileStringA

  GetHandleInformation

  WritePrivateProfileSectionA

  DeleteCriticalSection

  GetFileAttributesA

  OpenWaitableTimerW

  CopyFileW

  MoveFileW

  GlobalMemoryStatus

  ResetEvent

  UnlockFile

  DisableThreadLibraryCalls

  GetOverlappedResult

  SetCommTimeouts

  InterlockedCompareExchange

  MoveFileA

  LocalAlloc

  SetCommMask

  SetFileShortNameW

  GetFileAttributesW

  FreeEnvironmentStringsA

  GetProfileStringA

  SetComputerNameW

  GetConsoleAliasesA

  ReadConsoleInputW

  CreateMailslotW

  EnumDateFormatsW

  SetConsoleOutputCP

  GetStdHandle

  GetLocalTime

  FoldStringW

  CallNamedPipeW

  GetConsoleAliasExesLengthW

  OpenSemaphoreW

  GetModuleHandleExA

  AddAtomA

  LoadLibraryW

  ActivateActCtx

  UnhandledExceptionFilter

  SetProcessShutdownParameters

  lstrcpynW

  GlobalUnWire

  FillConsoleOutputCharacterW

  GetCompressedFileSizeW

  ReadConsoleW

  FreeUserPhysicalPages

  WriteConsoleOutputCharacterW

  TerminateJobObject

  CreateFileW

  DeactivateActCtx

  SetLastError

  Sleep

  EnterCriticalSection

  LeaveCriticalSection

  RaiseException

  RtlUnwind

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetModuleFileNameW

  WideCharToMultiByte

  GetStartupInfoA

  HeapValidate

  IsBadReadPtr

  GetProcAddress

  TlsGetValue

  GetModuleHandleW

  TlsAlloc

  TlsSetValue

  GetCurrentThreadId

  TlsFree

  WriteFile

  OutputDebugStringW

  GetACP

  GetCPInfo

  IsValidCodePage

  CloseHandle

  SetStdHandle

  GetConsoleCP

  GetConsoleMode

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  HeapDestroy

  HeapCreate

  VirtualFree

  FlushFileBuffers

  HeapAlloc

  HeapSize

  HeapReAlloc

  VirtualAlloc

  InitializeCriticalSectionAndSpinCount

  MultiByteToWideChar

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  WriteConsoleA

  GetConsoleOutputCP

  SetFilePointer

  CreateFileA

  ReadFile

  DeleteFileA

  Sections

  .text

  Size: 198KB - Virtual size: 198KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 1.5MB - Virtual size: 7.7MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .potu

  Size: 512B - Virtual size: 75B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .sigalir

  Size: 512B - Virtual size: 74B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 17KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ