General

Malware Config

Signatures

Files

• 3c9223d92c40760077983ab7eeb7509d92ec5400ef0c26151021dda113ce27d1

  .exe windows x86

  a8a5d926d7cfba96c16f72d8072f0022

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  comsvcs

  CoCreateActivity

  RecycleSurrogate

  advapi32

  RegCreateKeyExA

  CryptSignHashW

  RegSaveKeyA

  InitializeAcl

  GetUserNameA

  RegOpenKeyW

  RegDeleteValueA

  RegRestoreKeyW

  RegCloseKey

  OpenEventLogW

  RegEnumKeyA

  untfs

  Format

  FormatEx

  Chkdsk

  Extend

  Recover

  clbcatq

  CoRegCleanup

  ComPlusMigrate

  SetSetupSave

  kernel32

  FreeConsole

  CreateFileA

  ExitProcess

  VirtualAlloc

  WaitForSingleObject

  OpenWaitableTimerA

  LoadLibraryA

  LoadLibraryExA

  CloseHandle

  GetACP

  WriteFile

  SetCurrentDirectoryA

  GetFileAttributesA

  VirtualQuery

  GetCurrentDirectoryA

  OpenSemaphoreA

  GetShortPathNameA

  CreateJobObjectA

  cfgmgr32

  CM_Add_Empty_Log_Conf

  CMP_Report_LogOn

  CMP_Init_Detection

  CM_Add_IDA

  Sections

  .text

  Size: 27KB - Virtual size: 26KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .udata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .adata

  Size: 75KB - Virtual size: 74KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .relo�

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ