General

Malware Config

Signatures

Files

• 92fa967b880035072db26c33f6d5f724c813c5fbc6436778577d43b69144c8f9

  .exe windows x86

  1fc3f9ea33549f1af6a51096418b8b2b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  LoadImageW

  SystemParametersInfoW

  DrawMenuBar

  OpenClipboard

  SetWindowTextA

  TabbedTextOutA

  DestroyWindow

  LoadIconA

  KillTimer

  SetTimer

  GetDlgItem

  EndDialog

  PostMessageA

  SendMessageA

  MessageBoxW

  SetWindowTextW

  GetClipboardViewer

  LoadStringW

  LoadStringA

  GetWindowLongA

  DialogBoxParamW

  DialogBoxParamA

  ShowWindow

  CharLowerW

  CharLowerA

  CharUpperW

  CharUpperA

  SetWindowLongA

  PtInRect

  WinHelpA

  CreateMenu

  GetSubMenu

  SetFocus

  SetForegroundWindow

  IsWindowEnabled

  MapWindowPoints

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  shell32

  ShellExecuteA

  ole32

  OleUninitialize

  advapi32

  RegDeleteKeyW

  RegOpenKeyA

  RegEnumValueW

  RegEnumKeyW

  RegOpenKeyExW

  RegCloseKey

  RegDeleteValueA

  RegDeleteValueW

  RegCreateKeyExW

  RegSetValueExW

  RegQueryValueExW

  gdi32

  CreateRectRgnIndirect

  ExcludeClipRect

  GetSystemPaletteUse

  StrokeAndFillPath

  SetMapperFlags

  GetLogColorSpaceA

  GdiTransparentBlt

  SetTextColor

  crypt32

  CertOIDToAlgId

  comctl32

  ImageList_Destroy

  ImageList_Create

  ImageList_AddMasked

  version

  GetFileVersionInfoSizeA

  mpr

  WNetEnumResourceA

  WNetOpenEnumA

  WNetGetUniversalNameA

  WNetGetConnectionA

  WNetCloseEnum

  winspool.drv

  DocumentPropertiesW

  kernel32

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  HeapReAlloc

  GetFileType

  InitializeCriticalSectionAndSpinCount

  GetOEMCP

  SetHandleCount

  IsValidCodePage

  InterlockedDecrement

  GetEnvironmentStrings

  RtlUnwind

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  HeapSize

  HeapCreate

  HeapFree

  LeaveCriticalSection

  EnterCriticalSection

  GetCPInfo

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  HeapAlloc

  CompareStringW

  SetEnvironmentVariableA

  DeleteCriticalSection

  GetCurrentProcess

  FreeEnvironmentStringsA

  IsDebuggerPresent

  UnhandledExceptionFilter

  GetStartupInfoA

  lstrcmpA

  WriteProfileStringA

  WritePrivateProfileStringA

  VirtualFree

  VirtualAlloc

  UnmapViewOfFile

  MapUserPhysicalPagesScatter

  GetProcessTimes

  ClearCommError

  LocalAlloc

  GetCurrentDirectoryA

  GetExitCodeThread

  CreateProcessW

  BeginUpdateResourceW

  GetPrivateProfileStringA

  GetStdHandle

  GetFileAttributesW

  GetVersionExA

  ReleaseSemaphore

  SetUnhandledExceptionFilter

  GetTimeZoneInformation

  IsBadWritePtr

  CreateProcessA

  FindNextFileA

  EndUpdateResourceW

  lstrcpynA

  DeleteFileW

  FindFirstFileW

  FindNextFileW

  FindClose

  SetFilePointer

  MultiByteToWideChar

  ReadFile

  WriteFile

  MulDiv

  lstrlenA

  WideCharToMultiByte

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  FreeLibrary

  LoadLibraryExW

  GetModuleHandleW

  GlobalFree

  GetExitCodeProcess

  WaitForSingleObject

  GlobalAlloc

  ExpandEnvironmentStringsW

  GetTempFileNameW

  lstrcmpiA

  LoadLibraryW

  CreateThread

  GlobalLock

  GlobalUnlock

  GetDiskFreeSpaceW

  lstrcpynW

  lstrlenW

  CloseHandle

  SetErrorMode

  GetCommandLineW

  GetTempPathW

  GetWindowsDirectoryW

  ExitProcess

  CopyFileW

  GetModuleFileNameW

  GetFileSize

  CreateFileW

  GetTickCount

  Sleep

  SetFileAttributesW

  CreateDirectoryW

  GetLastError

  SetCurrentDirectoryW

  MoveFileW

  GetFullPathNameW

  GetShortPathNameW

  SearchPathW

  CompareFileTime

  SetFileTime

  CompareStringA

  CopyFileA

  CreateDirectoryA

  CreateEventA

  CreateFileA

  CreateFileMappingA

  CreateMutexA

  CreateNamedPipeA

  DeleteFileA

  DeviceIoControl

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  FindFirstFileA

  FindResourceA

  FlushFileBuffers

  FormatMessageA

  FreeResource

  GetACP

  GetCommandLineA

  GetComputerNameA

  GetCurrentProcessId

  GetCurrentThread

  GetCurrentThreadId

  GetDiskFreeSpaceA

  GetDriveTypeA

  GetEnvironmentVariableA

  GetFileAttributesA

  GetFullPathNameA

  GetLocalTime

  GetLocaleInfoA

  GetLogicalDrives

  GetModuleFileNameA

  GetModuleHandleA

  GetOverlappedResult

  GetProcAddress

  GetProfileStringA

  GetShortPathNameA

  GetSystemDefaultLCID

  GetSystemDirectoryA

  GetSystemInfo

  GetSystemTimeAsFileTime

  GetUserDefaultLangID

  GetVersion

  GetWindowsDirectoryA

  GlobalAddAtomA

  GlobalDeleteAtom

  GlobalHandle

  GlobalReAlloc

  IsDBCSLeadByte

  LoadLibraryA

  LoadLibraryExA

  LoadResource

  LocalFileTimeToFileTime

  LocalFree

  LockResource

  MapViewOfFile

  MoveFileA

  MoveFileExA

  OpenMutexA

  OpenProcess

  QueryPerformanceCounter

  ReleaseMutex

  RemoveDirectoryA

  SetCurrentDirectoryA

  SetEndOfFile

  SetFileAttributesA

  SetLastError

  SetNamedPipeHandleState

  SizeofResource

  TerminateProcess

  TerminateThread

  TransactNamedPipe

  Sections

  .text

  Size: 142KB - Virtual size: 142KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 13KB - Virtual size: 141KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 325KB - Virtual size: 324KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ