General

Malware Config

Signatures

Files

• 9ed26b1b676b9fc84650652b92963b6e

  .eml
• Shipping Info.pdf.001

  .rar
• Shipping Info.pdf.js

  .js
• email-html-1.txt
• order.pdf.001

  .rar
• order.pdf.exe

  .exe regsvr32 windows x86

  5aa5a97f8faac088f1943e9a52ad1c96

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetProcAddress

  DeleteCriticalSection

  GetProcessHeap

  GetModuleHandleW

  WideCharToMultiByte

  VirtualProtect

  SetLastError

  VirtualAlloc

  GetCurrentThreadId

  Sleep

  IsDebuggerPresent

  OutputDebugStringW

  InitializeSListHead

  InterlockedPopEntrySList

  InterlockedPushEntrySList

  GetCurrentProcess

  FlushInstructionCache

  IsProcessorFeaturePresent

  VirtualFree

  LoadLibraryExA

  CreateFileW

  SetFilePointerEx

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  SetStdHandle

  DecodePointer

  GetEnvironmentStringsW

  GetCommandLineW

  GetCommandLineA

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  FindNextFileA

  FindFirstFileExA

  FindClose

  GetStringTypeW

  GetFileType

  LCMapStringW

  HeapAlloc

  RaiseException

  HeapReAlloc

  GetLastError

  MultiByteToWideChar

  GetACP

  WriteFile

  GetStdHandle

  WriteConsoleW

  GetModuleHandleExW

  ExitProcess

  VirtualQuery

  GetSystemInfo

  LoadLibraryExW

  HeapSize

  GetModuleHandleA

  InitializeCriticalSectionEx

  LeaveCriticalSection

  EncodePointer

  GetThreadLocale

  EnterCriticalSection

  HeapFree

  SetThreadLocale

  FreeEnvironmentStringsW

  GetModuleFileNameA

  CloseHandle

  InitializeCriticalSectionAndSpinCount

  CreateEventW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  TerminateProcess

  GetStartupInfoW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  RtlUnwind

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  user32

  ClientToScreen

  UnregisterClassA

  EndDialog

  GetDlgItemTextA

  SetDlgItemTextA

  GetDlgItem

  EnableWindow

  GetFocus

  GetDC

  SetWindowPos

  FillRect

  DialogBoxParamA

  CharNextW

  GetActiveWindow

  SetTimer

  SetWindowLongA

  IsChild

  MessageBoxA

  DestroyMenu

  SendMessageA

  TrackPopupMenuEx

  GetClientRect

  PeekMessageA

  KillTimer

  InvalidateRect

  ReleaseDC

  BeginPaint

  EndPaint

  CharNextA

  advapi32

  RegOpenKeyExA

  RegDeleteKeyA

  RegCloseKey

  RegQueryInfoKeyA

  ole32

  StringFromGUID2

  CoCreateInstance

  oleaut32

  LoadTypeLi

  SysFreeString

  RegisterTypeLi

  SysStringLen

  UnRegisterTypeLi

  SysAllocString

  gdi32

  SelectPalette

  CreateCompatibleDC

  DeleteObject

  CreateSolidBrush

  DeleteDC

  RealizePalette

  CreateDIBSection

  SelectObject

  CreatePalette

  BitBlt

  Exports

  Exports

  DllCanUnloadNow

  DllGetClassObject

  DllRegisterServer

  DllUnregisterServer

  Sections

  .text

  Size: 81KB - Virtual size: 80KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 31KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1.2MB - Virtual size: 1.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ