General

Malware Config

Signatures

Files

• badf1a99a053035a6ed6543ec7486585

  .exe windows x86

  7424917d4dd697ad5c3599c23a9b6aa5

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  winmm

  timeSetEvent

  timeGetTime

  kernel32

  FindFirstFileW

  MultiByteToWideChar

  FreeLibrary

  CloseHandle

  SetEvent

  CreateThread

  CreateEventA

  GetProcAddress

  GetModuleHandleA

  GetCurrentThreadId

  GetStdHandle

  AllocConsole

  GetLongPathNameA

  GetTempPathA

  GetDriveTypeA

  GetLogicalDrives

  GetFileSize

  UnmapViewOfFile

  IsBadWritePtr

  InterlockedIncrement

  InterlockedDecrement

  ReadFile

  MapViewOfFile

  CreateFileMappingA

  CreateFileA

  GetLastError

  CreateFileW

  OutputDebugStringA

  GetTickCount

  WriteFile

  ResetEvent

  GetOverlappedResult

  SetFilePointer

  LoadLibraryA

  SetProcessAffinityMask

  GetProcessAffinityMask

  GetCurrentProcess

  GetVersion

  GlobalUnlock

  GlobalSize

  GlobalLock

  GlobalFree

  GlobalAlloc

  GetDiskFreeSpaceA

  SystemTimeToFileTime

  GetSystemTime

  InterlockedExchangeAdd

  ReleaseMutex

  DeleteFileA

  CreateMutexA

  GetCurrentProcessId

  WaitForMultipleObjects

  SetCurrentDirectoryA

  SetCurrentDirectoryW

  RemoveDirectoryA

  RemoveDirectoryW

  LoadLibraryW

  CreateDirectoryA

  CreateDirectoryW

  DeleteFileW

  MoveFileA

  MoveFileW

  CopyFileA

  CopyFileW

  FindFirstFileA

  GetModuleFileNameW

  GetCurrentDirectoryA

  GetCurrentDirectoryW

  GetCommandLineW

  GetComputerNameA

  GetComputerNameW

  GetPrivateProfileIntA

  GetPrivateProfileIntW

  GetPrivateProfileStringA

  GetPrivateProfileStringW

  WritePrivateProfileStringA

  WritePrivateProfileStringW

  GetPrivateProfileStructA

  GetPrivateProfileStructW

  WritePrivateProfileStructA

  WritePrivateProfileStructW

  CreateProcessA

  CreateProcessW

  ReleaseSemaphore

  GetSystemInfo

  VirtualFree

  DuplicateHandle

  CreateSemaphoreA

  VirtualAlloc

  InterlockedExchange

  SetThreadPriority

  GetThreadPriority

  GetCurrentThread

  GetVersionExA

  GetStartupInfoA

  GetProcessHeap

  GetCommandLineA

  GetDriveTypeW

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  RaiseException

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  GetDateFormatA

  GetTimeFormatA

  ExitThread

  GetFileType

  SetStdHandle

  SetConsoleCtrlHandler

  GetSystemTimeAsFileTime

  RtlUnwind

  HeapReAlloc

  HeapAlloc

  HeapFree

  HeapCreate

  WaitForSingleObject

  WideCharToMultiByte

  FindClose

  FindNextFileW

  FindNextFileA

  FatalAppExitA

  ExitProcess

  HeapSize

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  GetCPInfo

  Sleep

  GetACP

  GetOEMCP

  IsValidCodePage

  SetHandleCount

  QueryPerformanceFrequency

  QueryPerformanceCounter

  LeaveCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  GetConsoleMode

  GetTimeZoneInformation

  VirtualQuery

  LCMapStringA

  LCMapStringW

  GetConsoleCP

  FlushFileBuffers

  GetFullPathNameA

  GetFullPathNameW

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetLocaleInfoA

  GetLocaleInfoW

  GetStringTypeA

  GetStringTypeW

  GetUserDefaultLCID

  EnumSystemLocalesA

  IsValidLocale

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetEndOfFile

  CompareStringA

  CompareStringW

  SetEnvironmentVariableA

  lstrlenW

  GetModuleFileNameA

  HeapDestroy

  user32

  SetMenuItemInfoA

  SetMenuItemInfoW

  GetMenuItemInfoA

  GetMenuItemInfoW

  GetKeyNameTextA

  GetKeyNameTextW

  CallWindowProcW

  GetWindowLongW

  InvalidateRgn

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  MsgWaitForMultipleObjects

  PostThreadMessageA

  RegisterWindowMessageA

  GetQueueStatus

  GetClassWord

  FindWindowExA

  GetWindowTextLengthW

  GetWindowTextW

  GetWindowTextA

  SetParent

  GetKeyboardState

  MapVirtualKeyA

  ToAscii

  ClientToScreen

  EnumWindows

  GetCursorPos

  IsWindowVisible

  InsertMenuItemW

  GetDC

  ReleaseDC

  GetCursorInfo

  GetMenuItemCount

  SetPropA

  GetPropA

  GetWindow

  IntersectRect

  CallWindowProcA

  RemovePropA

  EmptyClipboard

  SetClipboardData

  GetClipboardData

  CloseClipboard

  OpenClipboard

  SystemParametersInfoA

  SetWindowPos

  GetCapture

  ReleaseCapture

  SetFocus

  SetCapture

  CheckMenuItem

  CreatePopupMenu

  EnableWindow

  BeginPaint

  FillRect

  DrawTextA

  EndPaint

  InvalidateRect

  UpdateWindow

  CreateDialogParamA

  InsertMenuItemA

  InsertMenuW

  InsertMenuA

  DrawTextW

  MessageBoxW

  MessageBoxA

  GetWindowThreadProcessId

  DefWindowProcW

  SetWindowTextW

  GetFocus

  SetWindowTextA

  SetWindowLongA

  ShowWindow

  LoadMenuA

  GetSubMenu

  TrackPopupMenu

  DestroyMenu

  IsDlgButtonChecked

  CheckDlgButton

  DestroyWindow

  WindowFromPoint

  IsChild

  GetWindowLongA

  GetParent

  SendDlgItemMessageA

  GetAsyncKeyState

  GetSysColor

  GetClassInfoExA

  LoadImageA

  RegisterClassExA

  DialogBoxParamA

  EndDialog

  GetDesktopWindow

  LoadCursorA

  RegisterClassA

  CreateWindowExA

  PeekMessageA

  TranslateMessage

  DispatchMessageA

  KillTimer

  DefWindowProcA

  SetTimer

  EnumChildWindows

  GetWindowRect

  ScreenToClient

  PtInRect

  GetDlgItem

  GetWindowTextLengthA

  wsprintfA

  SendMessageA

  GetClientRect

  PostMessageA

  EnableMenuItem

  gdi32

  DPtoLP

  GetObjectA

  RoundRect

  GetTextColor

  ExcludeClipRect

  GetDeviceCaps

  CombineRgn

  SetMapMode

  CreateBitmap

  SelectClipRgn

  IntersectClipRect

  GetClipRgn

  CreateRectRgn

  GetTextMetricsA

  SetBkColor

  CreateCompatibleBitmap

  CreatePen

  RectInRegion

  GetMapMode

  MoveToEx

  SelectObject

  CreateDIBSection

  DeleteObject

  CreateRectRgnIndirect

  DeleteDC

  CreateFontIndirectA

  CreateSolidBrush

  SetBkMode

  SetTextColor

  BitBlt

  CreateCompatibleDC

  LineTo

  advapi32

  GetUserNameA

  RegQueryValueExW

  RegOpenKeyExA

  RegEnumKeyA

  RegOpenKeyA

  RegQueryValueA

  RegCloseKey

  GetUserNameW

  shell32

  ShellExecuteW

  SHBrowseForFolderW

  SHBrowseForFolderA

  SHGetPathFromIDListW

  SHGetPathFromIDListA

  SHGetSpecialFolderPathW

  SHGetSpecialFolderPathA

  DragQueryFileW

  DragQueryFileA

  ShellExecuteA

  ole32

  CoFreeUnusedLibraries

  CLSIDFromString

  CoTaskMemFree

  StringFromCLSID

  CoInitialize

  CoUninitialize

  CoCreateInstance

  CreateStreamOnHGlobal

  IIDFromString

  CoGetMalloc

  CoCreateGuid

  CoTaskMemAlloc

  oleaut32

  VariantClear

  VariantInit

  SysAllocString

  SysFreeString

  GetErrorInfo

  VariantChangeType

  SetErrorInfo

  CreateErrorInfo

  Sections

  .text

  Size: 1.1MB - Virtual size: 1.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 169KB - Virtual size: 169KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 19KB - Virtual size: 456KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 280KB - Virtual size: 279KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  oflnum

  Size: 208KB - Virtual size: 208KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .carry

  Size: 512B - Virtual size: 512B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ