General

Malware Config

Signatures

Files

• f2a34f1f595895b0aea0a10941cb026bf195a629daef7fccc7b5aa4c91767f08

  .exe windows x86

  e5075836f15a9aaa49430c72bffdeefe

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  winmm

  midiStreamOut

  ws2_32

  send

  rasapi32

  RasGetConnectStatusA

  kernel32

  GetFileSize

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  SetScrollRange

  gdi32

  DeleteDC

  winspool.drv

  DocumentPropertiesA

  advapi32

  RegCreateKeyExA

  shell32

  Shell_NotifyIconA

  ole32

  CLSIDFromString

  oleaut32

  SafeArrayDestroy

  comctl32

  ord17

  wininet

  HttpOpenRequestA

  comdlg32

  GetSaveFileNameA

  Exports

  Exports

  ���jI5�������C����$B��� Y�`4����^h��F_�C��,n�.��7���S�E�4�$R?���e7�{�i_����������4Xn��̲t$.�"������.�5,t����$� ��a��{�$}���!Gd�e�o9?����u�Y�1�D�&��1�/Z-u$�:�2�SW�- Eϔ�$�����Yi���#��V6J�}R��y��z�k��D���t&-��0�I��t�Ƥ�;������3�����sI��ɱ���uR<�!�����$�)�˞3���})U�"�h��=���c��o "��ΐ��a�>' k�h!�DY�=*Q�(���}�`؁.. ������'��h��9�@�)�7~��E{w�'=���9㗂��>��+Ӡd�7�(�����r��OJx�(~ؠ����wߙ��{��a����蛍x�H�H,����b��5tf�(��frJ�ӹ����{<�9GDf}X�d�d�[�fI)~ ���fI����ڌF��XS*��]�B�S=|�n������%��P����UӾ�0O�(�E���[�V���P���o}�(h� ,��Gշ59����༸wUŔSl��~����� �h���tq�[�=�#�Kf-��ω=t�����d��Є�0/�*(��=�k?�Q.���U
  
  � k�H�����x����r���-�[i>��R�"#��H�\�4��=��?���>��'�B�� ���E��m+�?�!8Jn�c��#�^�g����B-�Ul4�˲� �r�>a�,�ؓ�D ]ʐvz����mK�m�d�b2Z�g��� xF�|�����ĝ5����T xԅ�n�����k��"ZK���f��K>ܣ�� �K�$R�9��J2|!�����- ��'4��o���ݨ�M�[�
  �-,b�r�
  dF�����U���7UG����i�#�
  tT�hvR>�U�tNhUv<����O�P�r+� oS�ۖ������P/0��4��d�ذE���``j�D�e<ѹ��6Tf�b��͐��i�o<�**v �>K���x<�@������O���J.��t�:aH��
  ��pX�?�����c�(ng�4�m7}P��L��I*u��U���J����7�9q��M �;^�W(�� ��q~7�էC��UK�|(d�'6�2s]$�XI�ʧ��MNiU<�)pC'�h�d<����7,PD��~�%�m�`af��CȤt��Ŗ�1��8�k�!����s���:+�I�v"7 `;���@�.���7�#3����{��6$a�w�<�=~� U�i��ڢ�N�z�ڇ�8'R�9 � �8��30u ]�D�N&"1kN�Z�zf�W����=N��o�3�*(��J�J$��X<d��5B%]c�·���� �ȪC�i4ߐ|��@��a›%�M�i{̢��(���$ն�Ed *(o��ju�b6�&M(~yq�6K���wR7r���sn.�(� &L�����GP�3,���ŭ)F����v�m4�ħm�����7��c x8YkU��ύ�R��
  70k�'�V�;�����mІA��
  �kj��k����^r�j[5 �K���и��@�TR�2�p4%H��pQ��������텷��L^ݕ�}n
  ����h���ufD�-����_�6�Wȍ�|sN�ZAp:*jh<�����7:&�_�����'E����1�ŭ�0��5���D�pZ9<r���������y{�t;q4Y:�_�^��}>�r���,߸8*X��SɏX�U�NJ$�C���M`|=�K����8�����M�O梞n��Z�R�����9gM?"�#� a���mg|��a(��ps7��F�l:Z��}�l����6������Yj�w��#�?:�P��5Ø��5�V����ID���tY �+I+@�\Uc���5Ї�p�'>mX���o��lBV `;�Żk�-o��v��I�Wp�,ܽ��?dF��s�)�H�����/p�h�99�����`�}`�l��q'�#��p��P:�N�u�R�6��0���YU�cnѵF��a��mnf�\���'��������k1Q1$����~%��"�tj<͓�|��W?>: [)8����`�HwSM�㊡���)�^��2��g��Q9ʜ�W/�g�l,J•؇����"nSL�˙�6斎| N=, ��k����w�z3vg)���>��p�D������5xg�|^������0�����������k�"��Q<.�9}+�/!��$���g>Ħ��KE����P%�D��/�/������3.nS���^?����[�`��1V�[r��f�[����vx ��M�����A��P��� �uuy�6��GV�p��T�>-u��'_�d,!]��r۸��f'S�.���{������.Fɯ>"�k��AqK���& �բ����)}����M�]-�Ւ�qYv���ڽH��wL��W ; ��^�ښtõA8z>H��������T�*���sjR���R�8V�� ��ۮ�۴��j����E� :��Ac@�3Gy�,Вp�����V�
  Ѳ6�TR�{�Ȝ�y�N�Ȁ�~�Y~�w�)`?k��e,��q�S%ޗ�jF㭹���D���ћ���ë�8�RY�AX]���.qJ]�*9_Q���\���#��xL�c��SUi��L�[û�M Qs�[n��8��[���فLa�v�g��*H��||��ۙ��_��X��
  �}��B!����e��4���� +9C��ݡ��HU��+���q-�;B�,��G���w�斖O��0}�꺃�f�O>�l�b̵��G�{�>r�Y���)�,�=4J����_����ͻC���������l"Z�JOؚ/����f��r���8���s��(����Cp?�8 �9��'���)���˱�Pi�C�q7є�T�^��94��4('{G<&��Y�3�&�=;��=(@���VoH1�<MRs��0���^1l9<ᢋ�W���B�{�ڰ*�v�>��j�v��.f���r+��[�� }�������|��Mz�[� f=�ą�s��4

  Sections

  .text

  Size: - Virtual size: 1.3MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 582KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 427KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 921KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 4KB - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp1

  Size: 1.9MB - Virtual size: 1.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ