General

Malware Config

Signatures

Files

• a63f4d6f5c791eb5980c96087d1902670c9cbea15f02306ad363ef187810c7b4

  .dll windows x86

  51ae4608c0195fcc9bd5a71a1e87606f

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleHandleA

  VirtualAlloc

  LoadLibraryA

  GetProcAddress

  user32

  IsCharAlphaNumericA

  GetKBCodePage

  GetMenuContextHelpId

  VkKeyScanW

  AnyPopup

  GetMessageTime

  GetDesktopWindow

  GetQueueStatus

  PaintDesktop

  EnumClipboardFormats

  GetProcessWindowStation

  GetListBoxInfo

  GetParent

  GetMenu

  IsClipboardFormatAvailable

  LoadCursorFromFileW

  gdi32

  GetStockObject

  GetPolyFillMode

  DeleteDC

  CreateMetaFileA

  CreatePatternBrush

  CloseMetaFile

  DeleteColorSpace

  GetEnhMetaFileA

  GetBkMode

  WidenPath

  CloseFigure

  CloseEnhMetaFile

  DeleteMetaFile

  GetMapMode

  EndDoc

  CreateCompatibleDC

  CreateHalftonePalette

  Sections

  .text

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 292B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 59KB - Virtual size: 58KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 148KB - Virtual size: 148KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 408B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ