General

Malware Config

Signatures

Files

• 5ba70f3254c52fc2b0dbc6520c443d3b4bd0bc593c2aebe1d3f3402ebc9194f0

  .exe windows x86

  cfda8ad498ab2b27e80355cf2dc5de7d

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  DeleteFileA

  SetFilePointer

  GetCurrentProcess

  SetErrorMode

  HeapAlloc

  HeapFree

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  HeapReAlloc

  RtlUnwind

  GetCommandLineA

  GetProcessHeap

  GetStartupInfoA

  ExitProcess

  HeapSize

  VirtualFree

  HeapDestroy

  HeapCreate

  GetStdHandle

  GetACP

  IsValidCodePage

  SetHandleCount

  GetFileType

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  GetConsoleCP

  GetConsoleMode

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  WritePrivateProfileStringA

  GetThreadLocale

  GetOEMCP

  GetCPInfo

  InterlockedIncrement

  GlobalFlags

  TlsFree

  DeleteCriticalSection

  LocalReAlloc

  TlsSetValue

  TlsAlloc

  InitializeCriticalSection

  GlobalHandle

  GlobalReAlloc

  EnterCriticalSection

  TlsGetValue

  LeaveCriticalSection

  LocalAlloc

  GetCurrentThread

  ConvertDefaultLocale

  EnumResourceLanguagesA

  GetLocaleInfoA

  lstrcmpA

  CreateEventA

  SuspendThread

  SetEvent

  SetThreadPriority

  FreeResource

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  LoadLibraryA

  lstrcmpW

  GetVersionExA

  MulDiv

  FreeLibrary

  InterlockedDecrement

  GetModuleFileNameW

  SetLastError

  GetModuleFileNameA

  GlobalLock

  GlobalUnlock

  FindResourceA

  SizeofResource

  LoadResource

  LockResource

  WriteFile

  FlushFileBuffers

  CreateDirectoryA

  FindFirstFileA

  lstrcpyA

  lstrcatA

  CopyFileA

  GetFileAttributesA

  SetFileAttributesA

  FindNextFileA

  FindClose

  CreateConsoleScreenBuffer

  RemoveDirectoryA

  CreateFileA

  SetupComm

  SetCommState

  GetCommTimeouts

  SetCommTimeouts

  VirtualAlloc

  CreateIoCompletionPort

  GlobalAlloc

  GlobalFree

  FormatMessageA

  ReadFile

  GetTempPathW

  CreateToolhelp32Snapshot

  Module32FirstW

  Module32NextW

  CloseHandle

  GetFullPathNameW

  FormatMessageW

  LocalFree

  ResumeThread

  GetExitCodeProcess

  CreateTimerQueueTimer

  DeleteTimerQueueTimer

  CreateThread

  WaitForSingleObject

  GetExitCodeThread

  GetProcAddress

  GetCurrentProcessId

  GetTickCount

  lstrlenA

  CompareStringA

  GetCurrentThreadId

  InterlockedExchange

  GetModuleHandleA

  ExitThread

  Sleep

  GetVersion

  GetLastError

  RaiseException

  WideCharToMultiByte

  MultiByteToWideChar

  user32

  RegisterWindowMessageA

  LoadIconA

  SendDlgItemMessageA

  WinHelpA

  GetCapture

  SetWindowsHookExA

  CallNextHookEx

  GetClassLongA

  SetPropA

  GetPropA

  RemovePropA

  GetWindowTextA

  GetForegroundWindow

  GetLastActivePopup

  SetActiveWindow

  DispatchMessageA

  GetTopWindow

  GetMessageTime

  GetMessagePos

  PeekMessageA

  MapWindowPoints

  GetKeyState

  SetForegroundWindow

  IsWindowVisible

  UpdateWindow

  GetMenu

  PostMessageA

  GetMenuItemID

  GetMenuItemCount

  MessageBoxA

  GetClassInfoExA

  GetClassInfoA

  RegisterClassA

  AdjustWindowRectEx

  CopyRect

  PtInRect

  GetDlgCtrlID

  SystemParametersInfoA

  GetWindowPlacement

  GetSystemMetrics

  EndPaint

  BeginPaint

  GrayStringA

  DrawTextExA

  DrawTextA

  TabbedTextOutA

  UnhookWindowsHookEx

  LoadBitmapA

  LoadMenuA

  GetSubMenu

  TrackPopupMenu

  DestroyMenu

  GetFocus

  DrawFocusRect

  SetFocus

  GetIconInfo

  PostQuitMessage

  SetWindowTextA

  GetDlgItemTextA

  SetCursor

  LoadImageA

  GetParent

  MessageBoxW

  GetDesktopWindow

  ReleaseDC

  GetClientRect

  GetSysColor

  FillRect

  EndDialog

  GetDlgItem

  GetWindowTextLengthA

  PostThreadMessageW

  GetWindowLongA

  SetWindowLongA

  CallWindowProcA

  EnableWindow

  GetDC

  GetWindow

  GetWindowRect

  ClientToScreen

  ScreenToClient

  DefWindowProcA

  LoadCursorA

  RegisterClassExA

  CreateWindowExA

  DestroyWindow

  UnregisterClassA

  ShowWindow

  IsWindow

  SetWindowPos

  SendMessageA

  IsIconic

  GetSysColorBrush

  GetWindowThreadProcessId

  IsDialogMessageA

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  ModifyMenuA

  GetMenuState

  EnableMenuItem

  CheckMenuItem

  CreateDialogIndirectParamA

  IsWindowEnabled

  GetNextDlgTabItem

  GetMessageA

  TranslateMessage

  GetActiveWindow

  GetCursorPos

  ValidateRect

  GetClassNameA

  gdi32

  GetWinMetaFileBits

  GetEnhMetaFileA

  GetDeviceCaps

  GdiFlush

  SetWindowExtEx

  SetMapMode

  EndDoc

  EndPage

  TextOutA

  Ellipse

  StartPage

  StartDocA

  CreateDCA

  BitBlt

  GetObjectA

  SaveDC

  RestoreDC

  SetBkColor

  SetTextColor

  GetClipBox

  SetMetaFileBitsEx

  PtVisible

  RectVisible

  ExtTextOutA

  Escape

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  ScaleWindowExtEx

  CreateBitmap

  GetStockObject

  PlayMetaFile

  CopyMetaFileA

  DeleteMetaFile

  DeleteEnhMetaFile

  CreateSolidBrush

  ExcludeClipRect

  CreateDIBSection

  CreateCompatibleDC

  CreateCompatibleBitmap

  SelectObject

  DeleteDC

  DeleteObject

  winspool.drv

  OpenPrinterA

  DocumentPropertiesA

  ClosePrinter

  advapi32

  RegSetValueExA

  RegCreateKeyExA

  RegQueryValueA

  RegOpenKeyA

  RegEnumKeyA

  RegDeleteKeyA

  RegOpenKeyExA

  RegQueryValueExA

  RegCloseKey

  shell32

  SHGetFolderPathA

  shlwapi

  UrlUnescapeW

  ord14

  PathFindExtensionA

  PathFindFileNameA

  PathFileExistsW

  ole32

  CreateStreamOnHGlobal

  oleaut32

  VariantInit

  VariantChangeType

  VariantClear

  SysAllocStringLen

  opengl32

  wglShareLists

  gdiplus

  GdipDrawImageI

  GdipDrawLineI

  GdipSetSmoothingMode

  GdipCreateFromHDC

  GdipCreateBitmapFromHBITMAP

  GdipGetImageHeight

  GdipCloneImage

  GdipLoadImageFromStream

  GdipDrawImageRectI

  GdipFree

  GdipAlloc

  GdipCreatePen1

  GdipDeletePen

  GdipDeleteGraphics

  GdipDisposeImage

  GdipGetImageWidth

  wininet

  FtpSetCurrentDirectoryA

  ws2_32

  WSASocketA

  closesocket

  shutdown

  imm32

  ImmGetDefaultIMEWnd

  Sections

  .text

  Size: 208KB - Virtual size: 206KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 44KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 284KB - Virtual size: 283KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ