General

Malware Config

Signatures

Files

• 3cc7971bfd563bc45ae27b1d077990952827b3ff9833015bc3b5e675a7699296

  .exe windows x86

  f7ba8fc61353a4191c8f3823350f034e

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Imports

  oleaut32

  SysFreeString

  SysReAllocStringLen

  SysAllocStringLen

  advapi32

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  CryptDestroyKey

  CryptDestroyHash

  CryptDecrypt

  CryptCreateHash

  user32

  CharNextW

  LoadStringW

  MessageBoxW

  LoadStringW

  GetSystemMetrics

  CharUpperBuffW

  CharUpperW

  CharLowerBuffW

  kernel32

  Sleep

  VirtualFree

  VirtualAlloc

  lstrlenW

  VirtualQuery

  GetTickCount

  GetSystemInfo

  GetVersion

  CompareStringW

  IsValidLocale

  SetThreadLocale

  GetSystemDefaultUILanguage

  GetUserDefaultUILanguage

  GetLocaleInfoW

  WideCharToMultiByte

  MultiByteToWideChar

  GetACP

  LoadLibraryExW

  GetStartupInfoW

  GetProcAddress

  GetModuleHandleW

  GetModuleFileNameW

  GetCommandLineW

  FreeLibrary

  GetLastError

  UnhandledExceptionFilter

  RtlUnwind

  RaiseException

  ExitProcess

  SwitchToThread

  GetCurrentThreadId

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  FindFirstFileW

  FindClose

  WriteFile

  GetStdHandle

  CloseHandle

  GetProcAddress

  RaiseException

  LoadLibraryA

  GetLastError

  TlsSetValue

  TlsGetValue

  LocalFree

  LocalAlloc

  GetModuleHandleW

  FreeLibrary

  WriteFile

  WideCharToMultiByte

  WaitForSingleObject

  VirtualQuery

  VerSetConditionMask

  VerifyVersionInfoW

  SetEvent

  ResetEvent

  IsValidLocale

  GetVersionExW

  GetThreadLocale

  GetStdHandle

  GetProcAddress

  GetModuleHandleW

  GetModuleFileNameW

  GetLocaleInfoW

  GetLocalTime

  GetDiskFreeSpaceW

  GetCPInfo

  FreeLibrary

  EnumSystemLocalesW

  EnumCalendarInfoW

  CreateEventW

  CompareStringW

  CloseHandle

  LockResource

  GetShortPathNameW

  CloseHandle

  CreateFileW

  version

  VerQueryValueW

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  netapi32

  NetApiBufferFree

  NetWkstaGetInfo

  Exports

  Exports

  __dbk_fcall_wrapper

  dbkFCallWrapperAddr

  Sections

  .text

  Size: 156KB - Virtual size: 155KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .itext

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .bss

  Size: - Virtual size: 22KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .didata

  Size: 512B - Virtual size: 456B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .edata

  Size: 512B - Virtual size: 109B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .tls

  Size: - Virtual size: 20B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 92B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 13KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 493KB - Virtual size: 493KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ