General

Malware Config

Signatures

Files

• 0049054e585f7114573046856dfe81d666c9556d9a16aa6239d47304ead89a4e

  .exe windows x86

  b86c86d7615e2990b32d4759626ec528

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  EnumDateFormatsW

  FindNextFileW

  CopyFileExA

  DnsHostnameToComputerNameW

  VerifyVersionInfoA

  ReadConsoleOutputCharacterW

  FlushConsoleInputBuffer

  LockFile

  GetProfileSectionA

  QueryDosDeviceW

  IsSystemResumeAutomatic

  SetProcessPriorityBoost

  GlobalGetAtomNameW

  lstrlenA

  FindNextVolumeMountPointW

  GlobalDeleteAtom

  WriteConsoleInputA

  FindResourceA

  GetComputerNameExW

  OpenEventA

  CallNamedPipeA

  GetModuleHandleA

  GetSystemDirectoryA

  SetCurrentDirectoryW

  BuildCommDCBAndTimeoutsA

  GetProcAddress

  LoadLibraryA

  MoveFileWithProgressW

  GetCommandLineA

  InterlockedDecrement

  GetCalendarInfoW

  SearchPathA

  CreateActCtxA

  FormatMessageA

  EnterCriticalSection

  GetSystemDefaultLangID

  GetConsoleAliasesLengthA

  WriteProfileSectionA

  AddAtomA

  InterlockedIncrement

  HeapSize

  _hread

  InterlockedCompareExchange

  GetStartupInfoA

  CreateMailslotW

  IsDBCSLeadByte

  GetSystemWow64DirectoryA

  GetLastError

  GetPrivateProfileIntA

  GetConsoleAliasExesLengthW

  DebugBreak

  WriteConsoleInputW

  LoadLibraryW

  GetModuleHandleW

  VirtualAlloc

  GetOEMCP

  lstrcpyW

  GetMailslotInfo

  GetDiskFreeSpaceExA

  WriteConsoleW

  EnumSystemLocalesA

  LocalFileTimeToFileTime

  SearchPathW

  GetComputerNameExA

  FindNextFileA

  ResetEvent

  CreateMutexA

  FindResourceW

  SetCommState

  InterlockedExchangeAdd

  CreateFiber

  GetConsoleSelectionInfo

  LocalAlloc

  lstrcpyA

  HeapAlloc

  GetFileAttributesA

  GetSystemWindowsDirectoryA

  GetAtomNameA

  ReadConsoleInputA

  GetComputerNameW

  GetPrivateProfileStructW

  _hwrite

  LocalUnlock

  OpenWaitableTimerA

  FillConsoleOutputCharacterW

  FindNextVolumeMountPointA

  GetFullPathNameW

  GetThreadPriority

  MapUserPhysicalPages

  WriteConsoleOutputCharacterA

  OpenJobObjectW

  CreateFileW

  BuildCommDCBAndTimeoutsW

  SetCalendarInfoW

  GetFileSizeEx

  GetDefaultCommConfigA

  GetConsoleAliasesLengthW

  LocalFlags

  GetTickCount

  lstrcatA

  WideCharToMultiByte

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  RaiseException

  HeapValidate

  IsBadReadPtr

  DeleteCriticalSection

  LeaveCriticalSection

  GetModuleFileNameW

  TerminateProcess

  GetCurrentProcess

  IsDebuggerPresent

  RtlUnwind

  GetACP

  GetCPInfo

  IsValidCodePage

  TlsGetValue

  TlsAlloc

  TlsSetValue

  GetCurrentThreadId

  TlsFree

  SetLastError

  CloseHandle

  Sleep

  ExitProcess

  GetModuleFileNameA

  WriteFile

  GetStdHandle

  SetHandleCount

  GetFileType

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  HeapDestroy

  HeapCreate

  HeapFree

  VirtualFree

  HeapReAlloc

  InitializeCriticalSectionAndSpinCount

  OutputDebugStringA

  OutputDebugStringW

  MultiByteToWideChar

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  LCMapStringA

  LCMapStringW

  SetStdHandle

  FlushFileBuffers

  GetConsoleCP

  GetConsoleMode

  SetFilePointer

  WriteConsoleA

  GetConsoleOutputCP

  ReadFile

  CreateFileA

  DeleteFileA

  user32

  GetListBoxInfo

  LoadMenuW

  CharUpperW

  GetCursorInfo

  advapi32

  RevertToSelf

  AbortSystemShutdownA

  Sections

  .text

  Size: 163KB - Virtual size: 162KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 171KB - Virtual size: 260KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 11KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ