General

Malware Config

Signatures

Files

• 59be2ebcf6516dd07ee5df8eae402523.exe

  .exe windows x86

  504d97a665c5990d2e90f1479886157c

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetNamedPipeHandleStateW

  LocalFree

  WriteConsoleInputA

  EnumDateFormatsW

  CopyFileExW

  DnsHostnameToComputerNameW

  VerifyVersionInfoA

  FindNextFileW

  VirtualUnlock

  LockFile

  GetProfileSectionW

  RequestWakeupLatency

  SetProcessPriorityBoost

  GlobalGetAtomNameW

  DeleteFileW

  FindNextVolumeMountPointA

  TlsSetValue

  LoadResource

  WriteConsoleInputW

  GetConsoleTitleA

  GetComputerNameExW

  OpenEventW

  CallNamedPipeW

  GetModuleHandleA

  GetSystemDirectoryA

  GetDriveTypeA

  BuildCommDCBAndTimeoutsW

  GetProcAddress

  GetShortPathNameA

  ZombifyActCtx

  DeleteFileA

  GetCommandLineW

  InterlockedIncrement

  GetConsoleTitleW

  CopyFileW

  CreateActCtxW

  FormatMessageA

  EnterCriticalSection

  FindNextVolumeA

  CreateIoCompletionPort

  LoadLibraryA

  CreateNamedPipeA

  GetSystemDefaultLCID

  GetConsoleAliasesLengthW

  WriteProfileSectionA

  AddAtomW

  InterlockedDecrement

  HeapFree

  _hread

  InterlockedCompareExchange

  GetStartupInfoW

  CreateMailslotA

  GetCPInfoExA

  GetSystemWow64DirectoryW

  GetLastError

  GetPrivateProfileIntA

  GetConsoleAliasExesLengthW

  WaitForDebugEvent

  EndUpdateResourceA

  SetLastError

  LoadLibraryW

  ExitThread

  GetACP

  lstrcatW

  GetConsoleAliasA

  GetDiskFreeSpaceExA

  DefineDosDeviceA

  TerminateProcess

  EnumResourceLanguagesW

  GetCPInfoExW

  SetConsoleTextAttribute

  CreateJobSet

  WriteConsoleW

  SetCriticalSectionSpinCount

  GetComputerNameW

  EnumSystemLocalesA

  WritePrivateProfileSectionA

  WritePrivateProfileStructA

  GetPrivateProfileSectionNamesW

  FileTimeToSystemTime

  SetTapeParameters

  lstrcmpW

  SetEvent

  FreeLibrary

  FindResourceW

  SetCommState

  FormatMessageW

  CreateFiber

  EnumDateFormatsA

  GetConsoleFontSize

  MoveFileA

  LocalAlloc

  SetFileShortNameW

  lstrcpyA

  HeapUnlock

  SetCalendarInfoW

  SetComputerNameW

  GetConsoleAliasesW

  EnumDateFormatsExA

  GetConsoleOutputCP

  LocalSize

  SetStdHandle

  GetLocalTime

  GetStringTypeA

  FindActCtxSectionStringA

  FreeEnvironmentStringsA

  GetModuleHandleExW

  GetBinaryTypeA

  GetFileAttributesA

  GetSystemWindowsDirectoryW

  LocalFlags

  GetSystemTimeAdjustment

  SetProcessShutdownParameters

  lstrcpynA

  GlobalWire

  FillConsoleOutputCharacterA

  GetCompressedFileSizeA

  GetFullPathNameW

  ReadConsoleW

  FreeUserPhysicalPages

  WriteConsoleOutputCharacterA

  OpenJobObjectW

  CreateFileW

  DeleteTimerQueueTimer

  SetCurrentDirectoryW

  GetNamedPipeHandleStateA

  CreateFileA

  WideCharToMultiByte

  RaiseException

  HeapValidate

  IsBadReadPtr

  DeleteCriticalSection

  LeaveCriticalSection

  GetModuleFileNameW

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  RtlUnwind

  GetOEMCP

  GetCPInfo

  IsValidCodePage

  TlsGetValue

  GetModuleHandleW

  TlsAlloc

  GetCurrentThreadId

  TlsFree

  SetFilePointer

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  Sleep

  ExitProcess

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  GetStdHandle

  GetFileType

  GetStartupInfoA

  HeapDestroy

  HeapCreate

  VirtualFree

  GetModuleFileNameA

  WriteFile

  HeapAlloc

  HeapSize

  HeapReAlloc

  VirtualAlloc

  InitializeCriticalSectionAndSpinCount

  DebugBreak

  OutputDebugStringA

  OutputDebugStringW

  MultiByteToWideChar

  GetStringTypeW

  GetLocaleInfoA

  LCMapStringA

  LCMapStringW

  FlushFileBuffers

  GetConsoleCP

  GetConsoleMode

  WriteConsoleA

  CloseHandle

  user32

  LoadMenuW

  CharUpperW

  GetMenuInfo

  msimg32

  AlphaBlend

  Sections

  .text

  Size: 168KB - Virtual size: 167KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 153KB - Virtual size: 183KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vure

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .foy

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pom

  Size: 512B - Virtual size: 150B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 61KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ