General

Malware Config

Signatures

Files

• 5c0bbadb83ab868f075ea81609918255842f7933582232afb321b0489ca08d0a

  .exe windows x86

  1497ad87fa95acf652a13699507998b6

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_AGGRESIVE_WS_TRIM

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DEBUG_STRIPPED

  IMAGE_FILE_SYSTEM

  IMAGE_FILE_UP_SYSTEM_ONLY

  Imports

  kernel32

  RaiseException

  CreateFileW

  SetEnvironmentVariableA

  CompareStringW

  GetStringTypeW

  LCMapStringW

  GetLastError

  MultiByteToWideChar

  SetStdHandle

  RtlUnwind

  LoadLibraryW

  OutputDebugStringW

  WriteConsoleW

  OutputDebugStringA

  CreateProcessA

  WaitForSingleObject

  GetExitCodeProcess

  CloseHandle

  IsValidCodePage

  GlobalAlloc

  SetEvent

  lstrcatA

  GetProcAddress

  GetVolumeInformationA

  HeapAlloc

  FreeLibrary

  lstrcpyW

  lstrlenW

  EnumDateFormatsA

  CreateFileA

  GetModuleHandleA

  ReadFile

  SetFilePointer

  LoadLibraryA

  GetCPInfo

  GetOEMCP

  GetACP

  HeapFree

  HeapQueryInformation

  HeapSize

  HeapReAlloc

  HeapCreate

  SetLastError

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetSystemTimeAsFileTime

  EnterCriticalSection

  LeaveCriticalSection

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  HeapValidate

  IsBadReadPtr

  GetModuleFileNameW

  GetFileAttributesA

  DecodePointer

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EncodePointer

  FlushFileBuffers

  WriteFile

  WideCharToMultiByte

  GetConsoleCP

  GetConsoleMode

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  SetHandleCount

  GetStdHandle

  GetFileType

  InterlockedIncrement

  InterlockedDecrement

  GetModuleHandleW

  ExitProcess

  IsProcessorFeaturePresent

  QueryPerformanceCounter

  GetTickCount

  GetCurrentThreadId

  GetCurrentProcessId

  user32

  GetClientRect

  GetDC

  CreateWindowExA

  DrawFrameControl

  SystemParametersInfoA

  GetSystemMetrics

  FindWindowW

  SendMessageA

  CreateWindowExW

  DdeInitializeA

  DdeCreateStringHandleW

  SetWindowRgn

  LoadIconA

  LoadCursorA

  RegisterClassA

  ShowWindow

  UpdateWindow

  IsIconic

  InvalidateRect

  RegisterClassExA

  GetWindowLongA

  SetWindowLongA

  SetTimer

  KillTimer

  gdi32

  CombineRgn

  DeleteObject

  CreateCompatibleDC

  CreateCompatibleBitmap

  SelectObject

  GetStockObject

  GetObjectA

  CreateFontIndirectA

  DeleteDC

  CreateSolidBrush

  CreateFontA

  CreateEllipticRgn

  comdlg32

  GetOpenFileNameA

  shell32

  SHGetMalloc

  SHGetDesktopFolder

  ole32

  CoGetMalloc

  CoInitialize

  CreateBindCtx

  rpcrt4

  RpcStringFreeA

  UuidToStringW

  UuidCreate

  gdiplus

  GdiplusShutdown

  sensapi

  IsNetworkAlive

  eappcfg

  EapHostPeerGetMethods

  EapHostPeerFreeErrorMemory

  EapHostPeerFreeMemory

  Sections

  .text

  Size: 427KB - Virtual size: 426KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 40KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .bdata

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 46KB - Virtual size: 45KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ