General

Malware Config

Signatures

Files

• 18a2e53028f323ca5465d6acd67da7859370cd4f132f6d1a39dc08e89f88de78.exe

  .exe windows x86

  bed56fcc334b35bbcbc5c3e5d6f4e894

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  HeapLock

  GetExitCodeProcess

  DeactivateActCtx

  GetVersionExW

  GetConsoleCP

  GetConsoleAliasesLengthA

  GetDefaultCommConfigA

  FindFirstFileExA

  GetDriveTypeA

  FreeEnvironmentStringsW

  SetProcessPriorityBoost

  SetVolumeMountPointW

  SetCurrentDirectoryW

  GetLongPathNameA

  CopyFileW

  TlsGetValue

  GetConsoleCursorInfo

  SetComputerNameExW

  SystemTimeToTzSpecificLocalTime

  FindAtomA

  ReleaseSemaphore

  CallNamedPipeW

  CreateMailslotW

  BuildCommDCBAndTimeoutsA

  VirtualProtect

  LoadLibraryA

  LocalAlloc

  TryEnterCriticalSection

  GetCommandLineA

  InterlockedDecrement

  GetCalendarInfoW

  DeleteFileA

  CreateActCtxW

  OutputDebugStringA

  SetSystemTimeAdjustment

  SetPriorityClass

  WritePrivateProfileStringW

  GetProcessHeaps

  GlobalUnWire

  GetProcessHeap

  GetStartupInfoW

  GetDiskFreeSpaceExW

  GetCPInfoExW

  GetWindowsDirectoryA

  GetSystemWow64DirectoryW

  GetProfileStringA

  WriteProfileSectionA

  GetProfileStringW

  SetLastError

  DeleteVolumeMountPointW

  DebugBreak

  GetPrivateProfileSectionW

  lstrcmpA

  ReadFileScatter

  GetSystemWindowsDirectoryA

  TerminateProcess

  GlobalFindAtomW

  FindCloseChangeNotification

  SetTapeParameters

  SetMailslotInfo

  InterlockedExchange

  DefineDosDeviceW

  FindVolumeMountPointClose

  EndUpdateResourceA

  WriteConsoleA

  GetSystemTimeAdjustment

  GetPrivateProfileSectionA

  WritePrivateProfileSectionA

  GetPrivateProfileStructW

  GetFileAttributesExW

  FileTimeToLocalFileTime

  MoveFileA

  GetVolumePathNameA

  HeapUnlock

  lstrcmpW

  SetDefaultCommConfigA

  FindActCtxSectionGuid

  SetThreadContext

  MoveFileExW

  GlobalUnlock

  UnregisterWaitEx

  BuildCommDCBA

  PeekConsoleInputW

  OpenEventW

  TransmitCommChar

  WaitNamedPipeA

  GetPrivateProfileSectionNamesW

  FindResourceExA

  EnumTimeFormatsW

  GetLocalTime

  SetLocalTime

  OpenSemaphoreA

  GetProcAddress

  SetFileShortNameA

  lstrcpyW

  VerLanguageNameW

  SetThreadExecutionState

  SetSystemTime

  SetConsoleCP

  GetConsoleAliasW

  FlushConsoleInputBuffer

  AllocConsole

  GetAtomNameW

  WriteConsoleInputA

  TransactNamedPipe

  EnumDateFormatsW

  GetCommState

  LockFile

  _lopen

  GetWriteWatch

  SetConsoleMode

  GetModuleHandleA

  WriteConsoleOutputCharacterA

  GetConsoleAliasExesLengthA

  HeapReAlloc

  GetLastError

  GetCommMask

  SetFilePointer

  CancelWaitableTimer

  GetProcessHandleCount

  GetCurrentProcessId

  SetNamedPipeHandleState

  GetCompressedFileSizeA

  FindNextVolumeMountPointW

  GetFullPathNameA

  WriteProfileStringA

  DeleteAtom

  GlobalAddAtomW

  AssignProcessToJobObject

  QueryDosDeviceW

  InitializeCriticalSection

  Process32FirstW

  GetBinaryTypeA

  CreateIoCompletionPort

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  RaiseException

  GetStartupInfoA

  HeapValidate

  IsBadReadPtr

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  GetModuleFileNameW

  GetCurrentProcess

  IsDebuggerPresent

  GetModuleHandleW

  Sleep

  InterlockedIncrement

  ExitProcess

  GetModuleFileNameA

  WriteFile

  GetStdHandle

  SetHandleCount

  GetFileType

  QueryPerformanceCounter

  GetTickCount

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  WideCharToMultiByte

  GetEnvironmentStringsW

  TlsAlloc

  TlsSetValue

  TlsFree

  HeapDestroy

  HeapCreate

  HeapFree

  VirtualFree

  HeapAlloc

  HeapSize

  VirtualAlloc

  GetACP

  GetOEMCP

  GetCPInfo

  IsValidCodePage

  RtlUnwind

  InitializeCriticalSectionAndSpinCount

  WriteConsoleW

  OutputDebugStringW

  LoadLibraryW

  GetConsoleMode

  MultiByteToWideChar

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  FlushFileBuffers

  SetStdHandle

  GetConsoleOutputCP

  CloseHandle

  CreateFileA

  user32

  OemToCharW

  Sections

  .text

  Size: 154KB - Virtual size: 154KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 172KB - Virtual size: 1.7MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rotuce

  Size: 512B - Virtual size: 5B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .baxohen

  Size: 512B - Virtual size: 34B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 36KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 18KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ