General

Malware Config

Signatures

Files

• 560c2b56abc7854631568fda3564a898927a840cf0f65e21e192c7159b9b97c5

  .exe windows x86

  b5b8affad393f493d57aeedfa97b767b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  TranslateMessage

  SetWindowLongA

  PeekMessageA

  MsgWaitForMultipleObjects

  MessageBoxA

  LoadStringA

  ExitWindowsEx

  DispatchMessageA

  DestroyWindow

  CreateWindowExA

  CallWindowProcA

  CharPrevA

  GetGUIThreadInfo

  MapVirtualKeyW

  TrackPopupMenuEx

  IsZoomed

  IsDlgButtonChecked

  GetClassWord

  GetForegroundWindow

  GetMenuContextHelpId

  GetAltTabInfoA

  IsWindow

  advapi32

  LookupPrivilegeValueA

  RegCloseKey

  RegOpenKeyExA

  RegQueryValueExA

  OpenProcessToken

  gdi32

  GetEnhMetaFilePixelFormat

  Chord

  GetMetaFileBitsEx

  SelectClipPath

  FloodFill

  EnumMetaFile

  SetArcDirection

  SetViewportOrgEx

  GetMapMode

  CloseMetaFile

  GdiGetBatchLimit

  netapi32

  NetServerTransportAddEx

  kernel32

  VirtualProtect

  Sleep

  VirtualQuery

  SetErrorMode

  RemoveDirectoryA

  TerminateProcess

  GetModuleHandleW

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  InterlockedIncrement

  InterlockedDecrement

  GetTickCount

  SizeofResource

  GetTimeFormatA

  LockResource

  LoadResource

  FlushViewOfFile

  EscapeCommFunction

  ClearCommBreak

  RemoveVectoredExceptionHandler

  GetThreadPriorityBoost

  SetHandleInformation

  WTSGetActiveConsoleSessionId

  ResetEvent

  lstrcmpiA

  OpenThread

  GetExitCodeThread

  CompareStringA

  SetEnvironmentVariableA

  CompareStringW

  HeapSize

  GetProcessHeap

  SetEndOfFile

  FlushFileBuffers

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  GetConsoleOutputCP

  WriteConsoleA

  InitializeCriticalSectionAndSpinCount

  IsValidCodePage

  GetOEMCP

  VirtualAlloc

  QueryPerformanceCounter

  VirtualFree

  HeapDestroy

  HeapCreate

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GetStartupInfoA

  SetHandleCount

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetStdHandle

  GetTimeZoneInformation

  GetCurrentProcessId

  SetStdHandle

  GetFileType

  GetCPInfo

  HeapReAlloc

  GetDateFormatA

  GetConsoleMode

  GetConsoleCP

  GetSystemTimeAsFileTime

  ExitProcess

  HeapAlloc

  RaiseException

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  HeapFree

  RtlUnwind

  GetStartupInfoW

  GetLocaleInfoA

  CreateFileA

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  LeaveCriticalSection

  FindResourceExA

  GetFileSize

  SetFilePointer

  ReadFile

  EndUpdateResourceW

  GetCurrentThreadId

  MultiByteToWideChar

  GetACP

  WideCharToMultiByte

  CreateFileMappingA

  MapViewOfFile

  UnmapViewOfFile

  WriteConsoleW

  SetLastError

  UpdateResourceW

  BeginUpdateResourceW

  SetFileAttributesW

  GetFileAttributesW

  RemoveDirectoryW

  GetDriveTypeW

  FindFirstFileW

  GetFullPathNameW

  LoadLibraryA

  CreateFileW

  CloseHandle

  GetSystemTime

  WriteFile

  GetCommandLineA

  GetLastError

  GetModuleHandleA

  LocalAlloc

  LocalFree

  CreateDirectoryA

  CreateProcessA

  DeleteFileA

  FindResourceA

  FormatMessageA

  GetCurrentProcess

  GetEnvironmentVariableA

  GetExitCodeProcess

  GetFileAttributesA

  GetFullPathNameA

  GetProcAddress

  GetSystemDefaultLCID

  GetSystemInfo

  GetUserDefaultLangID

  GetVersionExA

  GetWindowsDirectoryA

  IsDBCSLeadByte

  Sections

  .text

  Size: 87KB - Virtual size: 86KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 29KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 22KB - Virtual size: 349KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 195KB - Virtual size: 194KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ