General

Malware Config

Signatures

Files

• c3c986d91d89bb66a99e6de6f19b1590a4e56534724c0a453b482c8f68886c94

  .exe windows x86

  c55d3b1108334dbc363288ef56ea8bff

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetLastError

  LocalFree

  FormatMessageW

  CloseHandle

  GetCurrentProcess

  CreateHardLinkW

  SetFileTime

  DeleteFileW

  RemoveDirectoryW

  DeviceIoControl

  CreateDirectoryW

  CreateFileW

  MoveFileW

  GetShortPathNameW

  GetLongPathNameW

  SetFilePointer

  SetEndOfFile

  ReadFile

  FlushFileBuffers

  GetDriveTypeW

  GetDiskFreeSpaceExW

  GetVolumeInformationW

  GetFileAttributesW

  SetFileAttributesW

  ExpandEnvironmentStringsW

  FindClose

  FindNextFileW

  FindFirstFileW

  GetVersionExW

  GetModuleFileNameW

  GetCurrentDirectoryW

  GetFullPathNameW

  GetModuleHandleW

  SetErrorMode

  FreeLibrary

  LoadLibraryW

  LoadLibraryExW

  GetProcAddress

  GetCurrentProcessId

  GetLastError

  SetThreadPriority

  GetCurrentThread

  SetPriorityClass

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  CreateThread

  WaitForSingleObject

  GetProcessAffinityMask

  CreateEventW

  CreateSemaphoreW

  ReleaseSemaphore

  ResetEvent

  SetEvent

  SystemTimeToFileTime

  GetSystemTime

  SystemTimeToTzSpecificLocalTime

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  TzSpecificLocalTimeToSystemTime

  LocalFileTimeToFileTime

  WideCharToMultiByte

  MultiByteToWideChar

  CompareStringW

  IsDBCSLeadByte

  GetCPInfo

  CreateFileA

  GetConsoleOutputCP

  WriteConsoleA

  SetEnvironmentVariableA

  GetLocaleInfoA

  SetConsoleCtrlHandler

  Sleep

  WriteFile

  WriteConsoleW

  SetConsoleMode

  ReadConsoleW

  GetStdHandle

  GetFileType

  GetConsoleMode

  CompareStringA

  GetCommandLineW

  GetStringTypeW

  GetStringTypeA

  GetTickCount

  QueryPerformanceCounter

  RtlUnwind

  HeapFree

  HeapReAlloc

  HeapAlloc

  GetSystemTimeAsFileTime

  ExitProcess

  RaiseException

  GetCommandLineA

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  GetCurrentThreadId

  InterlockedDecrement

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  HeapCreate

  VirtualFree

  VirtualAlloc

  GetModuleFileNameA

  GetACP

  GetOEMCP

  IsValidCodePage

  SetHandleCount

  GetStartupInfoA

  SetStdHandle

  GetConsoleCP

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  HeapSize

  LCMapStringA

  LCMapStringW

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  user32

  CharUpperW

  CharLowerW

  MessageBeep

  ExitWindowsEx

  LoadStringW

  CharToOemBuffW

  OemToCharBuffA

  OemToCharA

  CharToOemA

  advapi32

  RegQueryValueExW

  RegCloseKey

  SetFileSecurityW

  OpenProcessToken

  LookupPrivilegeValueW

  AdjustTokenPrivileges

  RegOpenKeyExW

  shell32

  SHGetMalloc

  SHGetSpecialFolderLocation

  SHGetPathFromIDListW

  Sections

  .text

  Size: 229KB - Virtual size: 229KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 90KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 19KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rmnet

  Size: 56KB - Virtual size: 60KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE