General

Malware Config

Signatures

Files

• 2218554f8a68852689a385cb97d5dfd9.exe

  .exe windows x86

  a6d633771d73322fef384734c7d3a286

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  CreateIoCompletionPort

  FillConsoleOutputCharacterW

  EnumSystemCodePagesW

  LocalSize

  WriteConsoleInputW

  EnumDateFormatsW

  FindNextFileA

  CopyFileExA

  SetupComm

  VerifyVersionInfoA

  VirtualLock

  SetVolumeLabelW

  LockFile

  GetProfileSectionW

  VerifyVersionInfoW

  RequestWakeupLatency

  GetProcessPriorityBoost

  GetDriveTypeA

  GlobalGetAtomNameW

  DeleteFileA

  FindNextVolumeMountPointA

  TlsSetValue

  LoadResource

  WriteConsoleInputA

  GetConsoleTitleW

  GetComputerNameExW

  OpenEventW

  GetModuleHandleA

  GetSystemDirectoryW

  GetDriveTypeW

  BuildCommDCBAndTimeoutsA

  GetShortPathNameW

  ReleaseActCtx

  GetCommandLineW

  InterlockedExchange

  CopyFileW

  CreateActCtxW

  FormatMessageW

  EnterCriticalSection

  FindNextVolumeA

  GetQueuedCompletionStatus

  GetExitCodeThread

  LoadLibraryA

  CreateNamedPipeA

  GetUserDefaultLCID

  GetConsoleAliasesLengthW

  WriteProfileSectionA

  AddAtomA

  InterlockedDecrement

  HeapFree

  _hread

  InterlockedExchangeAdd

  GetStartupInfoA

  CreateMailslotW

  GetCPInfoExA

  GetSystemWow64DirectoryW

  GetPrivateProfileIntA

  GetConsoleAliasExesLengthW

  DebugBreak

  EndUpdateResourceA

  SetLastError

  ExitThread

  GetACP

  GetDiskFreeSpaceExW

  DefineDosDeviceW

  TerminateProcess

  EnumResourceLanguagesW

  GetCPInfoExW

  GetNamedPipeHandleStateW

  IsProcessInJob

  MoveFileA

  lstrcpynW

  WriteConsoleW

  GetProcAddress

  lstrcatA

  ReadConsoleOutputA

  SetHandleInformation

  SetCriticalSectionSpinCount

  GetComputerNameW

  CreatePipe

  WritePrivateProfileSectionA

  WritePrivateProfileStructW

  GetPrivateProfileSectionNamesW

  FileTimeToSystemTime

  CopyFileA

  GetComputerNameExA

  GlobalMemoryStatus

  SetTapeParameters

  lstrcmpW

  SetEvent

  MoveFileW

  FreeLibrary

  GetCommState

  EnumDateFormatsA

  GetConsoleFontSize

  GetOverlappedResult

  LocalAlloc

  SetThreadPriorityBoost

  SetFileShortNameW

  lstrcpyW

  HeapWalk

  GetFileAttributesA

  SetCalendarInfoA

  SetComputerNameA

  GetConsoleAliasesA

  EnumDateFormatsExW

  GetTimeZoneInformation

  GetConsoleOutputCP

  GetStdHandle

  GetLocalTime

  GetStringTypeW

  EnumSystemLocalesA

  FindActCtxSectionStringA

  OpenSemaphoreW

  GetModuleHandleExA

  LoadLibraryW

  GetBinaryTypeA

  DeleteFiber

  GetSystemWindowsDirectoryA

  SetFileTime

  GetFileType

  GetNamedPipeHandleStateA

  UnhandledExceptionFilter

  SetProcessShutdownParameters

  lstrcpynA

  GlobalUnWire

  GetCompressedFileSizeA

  GetFullPathNameA

  ReadConsoleW

  MapUserPhysicalPages

  WriteConsoleOutputCharacterW

  OpenJobObjectA

  CreateFileW

  DeleteTimerQueueTimer

  SetConsoleTextAttribute

  OpenMutexA

  CreateFileA

  RaiseException

  GetCommandLineA

  HeapValidate

  IsBadReadPtr

  DeleteCriticalSection

  LeaveCriticalSection

  GetModuleFileNameW

  GetCurrentProcess

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetLastError

  CloseHandle

  InterlockedIncrement

  GetOEMCP

  GetCPInfo

  IsValidCodePage

  TlsGetValue

  GetModuleHandleW

  TlsAlloc

  GetCurrentThreadId

  TlsFree

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  Sleep

  ExitProcess

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  HeapDestroy

  HeapCreate

  VirtualFree

  WriteFile

  HeapAlloc

  HeapSize

  HeapReAlloc

  VirtualAlloc

  RtlUnwind

  InitializeCriticalSectionAndSpinCount

  OutputDebugStringA

  OutputDebugStringW

  SetStdHandle

  FlushFileBuffers

  GetConsoleCP

  GetConsoleMode

  MultiByteToWideChar

  GetStringTypeA

  LCMapStringA

  LCMapStringW

  GetLocaleInfoA

  WriteConsoleA

  SetFilePointer

  user32

  GetMenuItemID

  CharUpperA

  gdi32

  GetBoundsRect

  winhttp

  WinHttpQueryOption

  Sections

  .text

  Size: 201KB - Virtual size: 200KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 69KB - Virtual size: 85KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ