General

Malware Config

Signatures

Files

• 82803396d79a5a11d5a41b1bce41151521c266e9a6f01d634bdb721b45e07e89

  .exe windows x86

  be9ebcf02911770b45e77b6617c0df5a

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  LoadLibraryW

  PulseEvent

  ReadConsoleA

  FindAtomW

  HeapFree

  GetDriveTypeA

  GetVolumePathNameW

  VirtualProtect

  CloseHandle

  TlsGetValue

  GetStringTypeW

  GetLogicalDrives

  GetStartupInfoA

  DeleteFileW

  ReadConsoleA

  Sleep

  ReadConsoleA

  GetLastError

  GetPrivateProfileSectionA

  lstrlenA

  ReleaseMutex

  clbcatq

  ComPlusMigrate

  DllGetClassObject

  CheckMemoryGates

  ComPlusMigrate

  CheckMemoryGates

  ComPlusMigrate

  CheckMemoryGates

  SetupOpen

  SetupOpen

  DllGetClassObject

  CheckMemoryGates

  SetupOpen

  CheckMemoryGates

  gpedit

  DllCanUnloadNow

  ExportRSoPData

  DllGetClassObject

  BrowseForGPO

  Sections

  .text

  Size: 1024B - Virtual size: 1024B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 320B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 113KB - Virtual size: 112KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .orpc

  Size: 512B - Virtual size: 289B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .import

  Size: 512B - Virtual size: 38B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE