General

Malware Config

Signatures

Files

• 3e746e06092153b15b351a6802926a92

  .exe windows x86

  b93b08c09c6ba27179a4d93b87db25db

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  UnhandledExceptionFilter

  GetLocaleInfoW

  _lwrite

  GetCommTimeouts

  GetSystemDirectoryW

  CreateEventA

  WriteConsoleW

  VerifyVersionInfoA

  BuildCommDCBA

  AddConsoleAliasW

  HeapLock

  PeekConsoleInputW

  EnumDateFormatsW

  ResetEvent

  UnregisterWaitEx

  LoadLibraryA

  InterlockedDecrement

  WaitNamedPipeW

  FindResourceExW

  VirtualQuery

  GetFirmwareEnvironmentVariableW

  GetModuleFileNameW

  BeginUpdateResourceW

  GetConsoleAliasExesLengthW

  EnumTimeFormatsA

  WriteConsoleOutputCharacterW

  WriteConsoleA

  LocalAlloc

  GetProcAddress

  GetConsoleAliasesLengthA

  GetSystemWindowsDirectoryA

  FindFirstChangeNotificationW

  GlobalAddAtomW

  WritePrivateProfileStringA

  EnumResourceNamesW

  SearchPathW

  CreateDirectoryA

  RemoveDirectoryW

  SetFileApisToOEM

  GetCurrentDirectoryA

  SetFileAttributesW

  CreateMutexA

  GetNumaHighestNodeNumber

  GetLongPathNameA

  VirtualProtect

  GetUserDefaultLangID

  SetLastError

  GetCurrentProcessId

  GetComputerNameExA

  FindFirstFileW

  BuildCommDCBAndTimeoutsW

  EnterCriticalSection

  EnumCalendarInfoA

  _lopen

  GetConsoleAliasExesW

  GlobalMemoryStatus

  ReadConsoleOutputCharacterW

  EnumSystemLocalesW

  GetComputerNameA

  GetLastError

  DeleteFileA

  LoadLibraryW

  HeapReAlloc

  HeapFree

  HeapAlloc

  GetModuleHandleW

  ExitProcess

  DecodePointer

  GetCommandLineW

  HeapSetInformation

  GetStartupInfoW

  IsProcessorFeaturePresent

  SetFilePointer

  LeaveCriticalSection

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EncodePointer

  TerminateProcess

  GetCurrentProcess

  InitializeCriticalSectionAndSpinCount

  RtlUnwind

  HeapCreate

  WriteFile

  GetStdHandle

  DeleteCriticalSection

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  InterlockedIncrement

  GetCurrentThreadId

  ReadFile

  WideCharToMultiByte

  GetConsoleCP

  GetConsoleMode

  SetHandleCount

  GetFileType

  CloseHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  SetStdHandle

  FlushFileBuffers

  Sleep

  CreateFileA

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  HeapSize

  MultiByteToWideChar

  SetEndOfFile

  GetProcessHeap

  LCMapStringW

  GetStringTypeW

  CreateFileW

  gdi32

  GetTextExtentExPointW

  Sections

  .text

  Size: 233KB - Virtual size: 233KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 2.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .hewav

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .devi

  Size: 1024B - Virtual size: 624B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 57KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ