General

Malware Config

Signatures

Files

• 69babaee812629ee7509d0d3112e5ac8fe1e14a8d4320921a7a967970bc0c33e

  .exe windows x86

  2fc3c405c5674aad0ea0d4dccffddeea

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  FindAtomW

  PulseEvent

  GetPrivateProfileSectionA

  GetLastError

  CloseHandle

  SearchPathA

  GetLogicalDrives

  HeapSize

  VirtualProtectEx

  lstrlenA

  ReadConsoleA

  LoadLibraryW

  Sleep

  GetStringTypeW

  ReleaseMutex

  TlsGetValue

  ReadConsoleA

  ReadConsoleA

  GetDriveTypeA

  GetStartupInfoA

  DeleteFileW

  uxtheme

  DrawThemeBackground

  GetThemeSysSize

  CloseThemeData

  GetWindowTheme

  DrawThemeEdge

  GetThemeColor

  GetThemeTextMetrics

  SetWindowTheme

  GetThemeTextExtent

  GetThemeBool

  IsThemeActive

  CloseThemeData

  OpenThemeData

  gpedit

  BrowseForGPO

  ExportRSoPData

  DllCanUnloadNow

  DllGetClassObject

  Sections

  .text

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 320B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 114KB - Virtual size: 114KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .import

  Size: 512B - Virtual size: 289B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .orpc

  Size: 512B - Virtual size: 136B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE