General

Malware Config

Signatures

Files

• 55e1c4d76da8b185f8a68481bcbcdec3ed44f75dc04845e4a2a66ac0e5f6140e

  .exe windows x86

  be2b18d63889dc7ce90802b57ac517da

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  gdi32

  MoveToEx

  CloseFigure

  GetObjectW

  EnumMetaFile

  GdiFlush

  UnrealizeObject

  GetTextExtentPoint32A

  SetDeviceGammaRamp

  CreateEnhMetaFileW

  SetGraphicsMode

  GetWorldTransform

  GetBitmapBits

  ExtTextOutA

  SetStretchBltMode

  SetTextColor

  AbortDoc

  EnumFontFamiliesA

  CreatePolygonRgn

  GetBkMode

  BitBlt

  SaveDC

  SetTextAlign

  CreateSolidBrush

  CreateICW

  GetDIBits

  GetBrushOrgEx

  EndPath

  FillPath

  GetTextExtentPointA

  GetObjectA

  GetTextAlign

  EnumFontsA

  SetColorAdjustment

  ScaleViewportExtEx

  DeleteDC

  RealizePalette

  SetBkMode

  GetEnhMetaFileBits

  GetTextColor

  PolyDraw

  SetPixel

  GetMapMode

  SetDIBColorTable

  GetPolyFillMode

  CreateEnhMetaFileA

  OffsetWindowOrgEx

  Escape

  GetGlyphOutlineW

  GetEnhMetaFilePaletteEntries

  CombineRgn

  GetMetaFileBitsEx

  CombineTransform

  PolyBezierTo

  StrokePath

  RestoreDC

  LPtoDP

  imm32

  ImmGetCandidateListCountA

  ImmGetConversionStatus

  ImmGetCompositionStringA

  ImmSetCompositionWindow

  ImmGetCompositionFontA

  ImmGetCompositionWindow

  ImmCreateContext

  ImmGetDefaultIMEWnd

  ImmSetStatusWindowPos

  ImmGetGuideLineA

  ImmIsUIMessageA

  ImmGetRegisterWordStyleA

  ImmUnregisterWordA

  user32

  CopyIcon

  SetScrollPos

  SystemParametersInfoA

  ShowWindow

  DispatchMessageA

  GetWindowWord

  FlashWindow

  SetWindowPos

  DrawTextW

  InvalidateRgn

  SendMessageA

  LoadIconA

  DrawIcon

  GetClientRect

  GetCaretPos

  WaitMessage

  OemToCharBuffA

  GetProcessWindowStation

  GetWindowTextA

  IntersectRect

  CharNextW

  SetParent

  GetSysColor

  IsCharAlphaNumericA

  ShowOwnedPopups

  GetClassInfoA

  WinHelpW

  ChangeDisplaySettingsA

  SendNotifyMessageW

  GetCursor

  PostQuitMessage

  PostMessageA

  DeferWindowPos

  IsCharAlphaW

  MoveWindow

  RegisterClassExW

  ChildWindowFromPointEx

  IsWindowVisible

  IsIconic

  DrawCaption

  ClientToScreen

  GetKeyboardLayoutList

  RegisterWindowMessageA

  GetKeyNameTextW

  SetClassLongA

  AppendMenuW

  RegisterClipboardFormatW

  CloseWindow

  GetOpenClipboardWindow

  CharLowerBuffA

  GetClipboardData

  GetPropA

  BeginPaint

  OffsetRect

  GetKeyState

  SetActiveWindow

  CharUpperW

  SetRect

  IsWindow

  GetUpdateRgn

  NotifyWinEvent

  GetWindowThreadProcessId

  UnhookWindowsHook

  GetWindowRect

  GetDlgItemInt

  SetRectEmpty

  TranslateAcceleratorA

  GetClassInfoExW

  SetWindowRgn

  MessageBoxExW

  GetNextDlgTabItem

  CharNextA

  MapDialogRect

  DragDetect

  keybd_event

  DestroyMenu

  GetSysColorBrush

  EnumDisplaySettingsA

  SetWindowTextW

  DrawFrameControl

  InvalidateRect

  ShowCaret

  GetClipboardFormatNameW

  GetScrollPos

  LockWindowUpdate

  CreateIconFromResource

  CreateDialogIndirectParamW

  CheckRadioButton

  GetDlgCtrlID

  DrawTextExA

  EnableWindow

  SetClipboardData

  GetLastActivePopup

  LoadBitmapA

  GetScrollInfo

  CreateMenu

  GetCapture

  IsMenu

  GetWindowLongW

  TranslateAcceleratorW

  GetDlgItemTextA

  GetDC

  VkKeyScanExW

  BeginDeferWindowPos

  OpenClipboard

  IsCharLowerA

  DdeAccessData

  GetWindow

  CreateDesktopW

  LoadCursorFromFileA

  BlockInput

  CharUpperA

  GrayStringW

  GetForegroundWindow

  CharLowerA

  UnhookWinEvent

  GetGUIThreadInfo

  DefWindowProcA

  GetMessageW

  ValidateRgn

  MapVirtualKeyExW

  DefDlgProcA

  ToAscii

  TrackPopupMenu

  LoadMenuA

  SetCursor

  IsChild

  InsertMenuA

  PaintDesktop

  ModifyMenuW

  GetParent

  ChangeDisplaySettingsW

  ReleaseDC

  MapWindowPoints

  GetMessagePos

  GetClipCursor

  EnableScrollBar

  SetKeyboardState

  UnpackDDElParam

  LoadImageA

  FindWindowExA

  GetWindowTextLengthA

  DestroyCursor

  ReuseDDElParam

  GetKeyboardLayoutNameW

  GetSystemMetrics

  WinHelpA

  GetMenuItemID

  SetWindowPlacement

  ToAsciiEx

  GetClassLongA

  SetWinEventHook

  SetMenu

  AttachThreadInput

  DrawTextA

  SetWindowTextA

  FindWindowW

  EnableMenuItem

  CloseDesktop

  ScreenToClient

  IsWindowEnabled

  ChangeClipboardChain

  LoadBitmapW

  GetMessageExtraInfo

  GetFocus

  ClipCursor

  PtInRect

  GetDoubleClickTime

  DefFrameProcW

  SendInput

  CopyImage

  GetScrollRange

  GetDlgItem

  InsertMenuW

  IsDlgButtonChecked

  DispatchMessageW

  CharPrevA

  DrawStateA

  SystemParametersInfoW

  SetForegroundWindow

  CreateCursor

  FindWindowA

  EnumWindows

  PostThreadMessageA

  ModifyMenuA

  PostMessageW

  ScrollWindow

  GetKeyboardLayout

  SetClassLongW

  SendDlgItemMessageA

  DestroyAcceleratorTable

  EmptyClipboard

  DdeFreeStringHandle

  GetMenu

  PostThreadMessageW

  SetCaretPos

  GetMenuState

  ExitWindowsEx

  DrawAnimatedRects

  LoadCursorFromFileW

  PackDDElParam

  CreateDialogIndirectParamA

  SetScrollRange

  CharLowerW

  IsCharUpperA

  FindWindowExW

  SetWindowLongW

  MessageBeep

  GetMessageA

  MapVirtualKeyW

  GetKeyboardState

  RemovePropA

  CharUpperBuffW

  MessageBoxIndirectA

  TranslateMDISysAccel

  ShowCursor

  GetMenuItemRect

  KillTimer

  DialogBoxIndirectParamW

  FrameRect

  GetClassInfoW

  RegisterHotKey

  OemToCharA

  MessageBoxA

  IsClipboardFormatAvailable

  FillRect

  CreateDialogParamA

  CharToOemBuffA

  LoadKeyboardLayoutW

  MapVirtualKeyExA

  advapi32

  AdjustTokenPrivileges

  InitializeSid

  CreateProcessAsUserA

  CopySid

  RegCreateKeyW

  ChangeServiceConfigW

  StartServiceCtrlDispatcherA

  QueryServiceStatus

  EnumServicesStatusA

  ChangeServiceConfigA

  RegSetValueA

  RegSetValueExW

  RegisterEventSourceA

  RegisterServiceCtrlHandlerA

  SetSecurityDescriptorSacl

  SetNamedSecurityInfoW

  ReportEventW

  GetSidSubAuthorityCount

  AddAce

  RegLoadKeyA

  DeleteService

  LsaFreeMemory

  GetAclInformation

  ChangeServiceConfig2A

  RegRestoreKeyW

  LookupPrivilegeValueW

  RegisterServiceCtrlHandlerW

  LsaRetrievePrivateData

  RegUnLoadKeyW

  OpenEventLogW

  SetFileSecurityA

  RegEnumKeyExA

  GetAce

  RegQueryInfoKeyA

  GetLengthSid

  RegCreateKeyA

  DeleteAce

  LookupAccountNameW

  SetEntriesInAclA

  RegQueryInfoKeyW

  SetKernelObjectSecurity

  GetFileSecurityW

  RegQueryValueW

  RegCreateKeyExW

  LogonUserA

  OpenSCManagerW

  SetEntriesInAclW

  GetKernelObjectSecurity

  LsaQueryInformationPolicy

  CloseServiceHandle

  QueryServiceConfigA

  RevertToSelf

  SetSecurityDescriptorOwner

  OpenThreadToken

  CreateProcessAsUserW

  RegDeleteKeyA

  GetServiceDisplayNameW

  RegSetKeySecurity

  InitializeSecurityDescriptor

  LsaOpenPolicy

  GetServiceKeyNameW

  RegCreateKeyExA

  StartServiceA

  ControlService

  ChangeServiceConfig2W

  SetFileSecurityW

  ReadEventLogW

  FreeSid

  QueryServiceConfigW

  RegQueryValueA

  RegEnumKeyW

  RegReplaceKeyA

  ReportEventA

  StartServiceCtrlDispatcherW

  OpenProcessToken

  SetSecurityDescriptorGroup

  DecryptFileW

  EncryptFileW

  RegSetValueExA

  AllocateAndInitializeSid

  SetServiceObjectSecurity

  InitiateSystemShutdownA

  CreateServiceW

  RegCloseKey

  GetSidIdentifierAuthority

  AddAccessAllowedAce

  LookupPrivilegeValueA

  MakeSelfRelativeSD

  EnumDependentServicesW

  RegSetValueW

  GetEffectiveRightsFromAclW

  SetThreadToken

  MakeAbsoluteSD

  SetServiceStatus

  EnumDependentServicesA

  RegOpenKeyExW

  RegOpenKeyExA

  GetUserNameW

  InitializeAcl

  QueryServiceLockStatusA

  GetSidLengthRequired

  GetSecurityDescriptorDacl

  RegNotifyChangeKeyValue

  LockServiceDatabase

  RegDeleteValueW

  OpenSCManagerA

  ImpersonateSelf

  GetUserNameA

  QueryServiceLockStatusW

  RegConnectRegistryA

  RegFlushKey

  OpenServiceA

  msvcrt

  _setmbcp

  getc

  __set_app_type

  __p__fmode

  __p__commode

  _adjust_fdiv

  __setusermatherr

  _initterm

  __getmainargs

  _acmdln

  tan

  iswalnum

  fgets

  _onexit

  __dllonexit

  __iob_func

  is_wctype

  _controlfp

  kernel32

  GetStartupInfoA

  GetModuleHandleA

  mfc42

  ord2725

  ord1068

  ord5307

  ord1065

  ord5714

  ord2982

  ord1029

  ord3259

  ord4465

  ord1050

  ord3262

  ord2985

  ord3081

  ord2976

  ord3830

  ord3831

  ord3825

  ord3079

  ord4080

  ord1044

  ord4424

  ord3738

  ord561

  ord815

  ord2514

  ord641

  ord5265

  ord4376

  ord4853

  ord4998

  ord6052

  ord5302

  ord1775

  ord4407

  ord1004

  ord2385

  ord5163

  ord6374

  ord4353

  ord5280

  ord3798

  ord4837

  ord4441

  ord1064

  ord2055

  ord6376

  ord3749

  ord5065

  ord1727

  ord5261

  ord1085

  ord1017

  ord1052

  ord4627

  ord4425

  ord1066

  ord324

  ord4234

  ord4710

  ord1168

  ord1047

  ord755

  ord470

  ord1058

  ord1078

  ord3346

  ord2396

  ord1037

  ord1089

  ord3922

  ord5731

  ord1576

  ord1084

  ord2554

  ord4486

  ord6375

  ord4274

  ord1098

  ord4078

  ord4698

  Sections

  .text

  Size: 364KB - Virtual size: 360KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 40KB - Virtual size: 37KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 3.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 204KB - Virtual size: 200KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ