General

Malware Config

Signatures

Files

• 3c8a7a527c80dcd95acab4fceba6f00079757f907636f1caba50021c29cb866a

  .exe windows x86

  bd08c222ce2006005e8a380d6a24336b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleHandleA

  LoadLibraryA

  MultiByteToWideChar

  GetEnvironmentStrings

  GetComputerNameExW

  CreateEventA

  GetTimeZoneInformation

  CompareStringW

  GetDateFormatA

  GetTimeFormatA

  GetProcessHeap

  SetEndOfFile

  CreateFileW

  SetStdHandle

  WriteConsoleW

  LoadLibraryW

  IsValidLocale

  EnumSystemLocalesA

  FreeLibrary

  GetUserDefaultLCID

  HeapReAlloc

  GetStringTypeW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  HeapSize

  IsValidCodePage

  GetOEMCP

  GetACP

  SetFilePointer

  ReadFile

  FlushFileBuffers

  GetConsoleMode

  GetConsoleCP

  ExitProcess

  GetCurrentProcess

  GetProcAddress

  GlobalAlloc

  GetFullPathNameW

  FormatMessageW

  CreateThread

  WaitForSingleObject

  VirtualAlloc

  GetModuleFileNameW

  QueryPerformanceCounter

  OpenProcess

  FormatMessageA

  LocalFree

  GetCurrentDirectoryA

  SetCurrentDirectoryA

  FindFirstFileA

  FindNextFileA

  CopyFileA

  CreateDirectoryA

  CreateFileA

  CloseHandle

  GetLocaleInfoA

  GetLastError

  TerminateProcess

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetFileType

  InitializeCriticalSectionAndSpinCount

  SetHandleCount

  GetCurrentThreadId

  SetLastError

  GetModuleHandleW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  SetEnvironmentVariableA

  HeapCreate

  GetLocaleInfoW

  GetStdHandle

  WriteFile

  IsProcessorFeaturePresent

  GetCPInfo

  LCMapStringW

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  HeapAlloc

  RtlUnwind

  RaiseException

  HeapFree

  DecodePointer

  EncodePointer

  LeaveCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  Sleep

  WideCharToMultiByte

  InterlockedIncrement

  InterlockedDecrement

  InterlockedCompareExchange

  InterlockedExchange

  user32

  SendDlgItemMessageA

  MessageBoxA

  GetWindowRect

  DefWindowProcA

  EndPaint

  wsprintfA

  BeginPaint

  GetForegroundWindow

  WaitForInputIdle

  GetClientRect

  CharUpperA

  GetWindowThreadProcessId

  GetWindowLongA

  SendInput

  InvalidateRect

  PostMessageA

  SetRect

  ClientToScreen

  ReleaseDC

  GetMenu

  GetMenuItemInfoA

  GetCursorPos

  GetWindowDC

  SetWindowTextA

  CheckMenuRadioItem

  GetSystemMetrics

  SystemParametersInfoA

  SetWindowPos

  EnumDisplayMonitors

  SendMessageA

  DialogBoxIndirectParamA

  GetDC

  FillRect

  OffsetRect

  gdi32

  CreateSolidBrush

  CreateCompatibleDC

  CreateCompatibleBitmap

  DeleteDC

  SaveDC

  GetDeviceCaps

  CreateFontA

  SelectObject

  TextOutA

  DeleteObject

  RestoreDC

  GetTextExtentPoint32A

  CreateEllipticRgn

  SetBkColor

  Rectangle

  GetObjectA

  BitBlt

  CreateFontIndirectA

  SetBkMode

  SetTextColor

  CreateMetaFileA

  shell32

  ShellExecuteA

  ole32

  StgCreateDocfile

  CoTaskMemFree

  CreateStreamOnHGlobal

  oleaut32

  VarDecFromR8

  VarDecFromR4

  VarDecFromI4

  dwmapi

  DwmIsCompositionEnabled

  ws2_32

  listen

  accept

  closesocket

  socket

  htons

  bind

  psapi

  EnumProcesses

  GetModuleFileNameExW

  winmm

  waveOutOpen

  waveOutPrepareHeader

  mmioStringToFOURCCA

  shlwapi

  PathIsSameRootW

  secur32

  SetContextAttributesA

  GetComputerObjectNameW

  setupapi

  SetupDiGetClassDevsA

  SetupDiDestroyDeviceInfoList

  SetupDiEnumDeviceInterfaces

  snmpapi

  SnmpUtilMemAlloc

  SnmpUtilMemFree

  Sections

  .text

  Size: 348KB - Virtual size: 347KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 59KB - Virtual size: 59KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 22KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 242KB - Virtual size: 242KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ