General

Malware Config

Signatures

Files

• 9a70854d5fcb0ef15d0b37d19d5cf642fb6d9de626c8c482978119ef682d8eb3

  .exe windows x86

  df0ad4dac89183bb06da26af2e5c4463

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  GetModuleHandleA

  FormatMessageA

  GetLastError

  HeapCreate

  FindResourceA

  WriteConsoleW

  GetFileSize

  GetFileTime

  SetFileAttributesA

  CreateMutexA

  GetStartupInfoA

  GetCurrentDirectoryW

  ReleaseMutex

  lstrcpyA

  lstrcpyW

  WriteConsoleW

  IsValidLocale

  CloseHandle

  WriteConsoleW

  IsBadStringPtrW

  ReadFile

  msi

  MsiAdvertiseProductA

  MsiCloseHandle

  MsiCreateRecord

  MsiCloseAllHandles

  user32

  PostMessageW

  SetCursorPos

  IsDialogMessageA

  PeekMessageW

  GetWindowTextA

  IsCharLowerA

  DispatchMessageA

  GetWindowLongW

  IsWindow

  IsZoomed

  wsprintfW

  SetFocus

  LoadCursorW

  wldap32

  ldap_add

  Sections

  .text

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 105KB - Virtual size: 104KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .text1

  Size: 1024B - Virtual size: 263B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data1

  Size: 512B - Virtual size: 224B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE