General

Malware Config

Signatures

Files

• 7d189af5f05f4b2eaa219018b7d6a5efadc8bbb15a7afd2a586ee01b74847a46

  .exe windows x86

  fec1e110dbe6bd6c79a497204f4e5191

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mpr

  WNetAddConnectionW

  advapi32

  GetLengthSid

  GetAclInformation

  RegDeleteKeyA

  StartServiceCtrlDispatcherA

  RegOpenKeyExW

  AllocateAndInitializeSid

  GetUserNameW

  LogonUserA

  OpenProcessToken

  ChangeServiceConfigW

  ControlService

  EnumDependentServicesA

  GetSidLengthRequired

  SetSecurityDescriptorOwner

  RevertToSelf

  LookupAccountNameW

  RegRestoreKeyW

  RegCreateKeyExA

  RegCreateKeyExW

  RegNotifyChangeKeyValue

  RegQueryValueA

  GetSidSubAuthorityCount

  RegQueryInfoKeyW

  LookupPrivilegeValueW

  RegCloseKey

  CreateServiceW

  LsaQueryInformationPolicy

  GetEffectiveRightsFromAclW

  SetKernelObjectSecurity

  SetSecurityDescriptorGroup

  DeleteService

  QueryServiceConfigW

  FreeSid

  msvcrt

  __p__commode

  __setusermatherr

  _initterm

  __p__fmode

  __set_app_type

  cosh

  _controlfp

  __getmainargs

  _acmdln

  asin

  _safe_fprem

  _itow

  _adjust_fdiv

  gdi32

  SetPixelV

  GetClipRgn

  BeginPath

  GetEnhMetaFilePaletteEntries

  Ellipse

  GetKerningPairsA

  ResizePalette

  SetTextColor

  GetEnhMetaFileBits

  ExtCreateRegion

  GetPixel

  ScaleViewportExtEx

  OffsetClipRgn

  Arc

  GetDIBColorTable

  CreateDCW

  CombineRgn

  EnumFontFamiliesA

  SetWorldTransform

  GetRgnBox

  Polyline

  RestoreDC

  GetStockObject

  OffsetRgn

  PtVisible

  Pie

  GetROP2

  GetWindowOrgEx

  UnrealizeObject

  CreateDIBPatternBrushPt

  CreateFontA

  GdiFlush

  GetFontData

  BitBlt

  GetTextExtentPoint32W

  ExtEscape

  GetDeviceCaps

  CreateFontIndirectA

  SetBkColor

  EnumMetaFile

  EndDoc

  SetBkMode

  SetPolyFillMode

  OffsetWindowOrgEx

  OffsetViewportOrgEx

  GetEnhMetaFileHeader

  GetTextColor

  PlayEnhMetaFileRecord

  SetRectRgn

  CreateDIBSection

  SetMapMode

  DeleteDC

  StretchBlt

  GetWinMetaFileBits

  FillPath

  SetTextCharacterExtra

  Polygon

  SetStretchBltMode

  shlwapi

  PathIsPrefixW

  PathCombineA

  PathFindNextComponentA

  StrToIntA

  PathRemoveBackslashW

  PathRenameExtensionA

  StrNCatA

  PathMakeSystemFolderA

  StrNCatW

  PathIsUNCW

  SHRegDeleteEmptyUSKeyW

  PathIsDirectoryA

  StrDupA

  StrSpnW

  PathIsDirectoryW

  StrCSpnA

  SHQueryInfoKeyW

  PathIsUNCServerShareW

  StrSpnA

  SHRegEnumUSKeyW

  PathRemoveBlanksA

  PathBuildRootW

  PathGetDriveNumberA

  PathRemoveArgsW

  PathAppendA

  PathQuoteSpacesA

  PathSearchAndQualifyW

  PathFindOnPathW

  PathIsRootA

  SHRegDeleteUSValueW

  SHGetValueA

  SHQueryValueExA

  SHDeleteKeyW

  PathIsFileSpecW

  SHRegWriteUSValueW

  SHEnumValueW

  PathIsURLA

  StrPBrkW

  SHDeleteValueW

  StrCSpnW

  PathRelativePathToW

  SHEnumKeyExW

  PathAddExtensionA

  PathMakePrettyW

  PathQuoteSpacesW

  PathRemoveExtensionW

  StrCmpW

  PathIsPrefixA

  PathFindExtensionW

  SHSetValueA

  SHRegOpenUSKeyW

  PathParseIconLocationW

  PathRelativePathToA

  StrDupW

  PathMatchSpecW

  PathFindFileNameA

  StrTrimW

  SHRegCreateUSKeyW

  PathRenameExtensionW

  StrTrimA

  StrFromTimeIntervalW

  PathIsUNCServerShareA

  PathCanonicalizeW

  PathIsRootW

  SHCreateShellPalette

  PathRemoveBackslashA

  StrToIntExA

  PathRemoveFileSpecA

  PathFindOnPathA

  PathAppendW

  PathIsContentTypeW

  PathSkipRootW

  PathIsUNCA

  PathFindFileNameW

  PathCanonicalizeA

  version

  VerQueryValueW

  GetFileVersionInfoA

  VerInstallFileW

  VerQueryValueA

  imm32

  ImmSetCandidateWindow

  ImmSetCompositionFontW

  ImmGetCompositionFontA

  ImmSetCompositionStringW

  ImmGetProperty

  ImmAssociateContext

  ImmGetCandidateListA

  ImmSetStatusWindowPos

  ImmGetCandidateListCountA

  ImmGetCompositionWindow

  ImmInstallIMEA

  ImmEnumRegisterWordW

  ImmNotifyIME

  ImmSetCompositionWindow

  ImmGetStatusWindowPos

  ImmSimulateHotKey

  ImmGetCompositionStringW

  ImmGetCompositionStringA

  ImmGetDefaultIMEWnd

  ImmGetConversionListW

  ImmGetGuideLineW

  ImmGetCandidateWindow

  ImmEscapeW

  ImmGetDescriptionW

  ImmSetConversionStatus

  ImmReleaseContext

  user32

  DrawStateA

  CharPrevW

  CheckMenuItem

  GetMessageExtraInfo

  TrackPopupMenu

  SetScrollPos

  CreateMenu

  CreateCursor

  GetMessageA

  SetCaretPos

  GetFocus

  WaitMessage

  ReuseDDElParam

  CloseClipboard

  DrawIcon

  LoadMenuW

  SetCursor

  TranslateAcceleratorA

  RegisterClipboardFormatA

  GetSysColorBrush

  DdeQueryStringA

  WindowFromPoint

  SetRect

  GetLastActivePopup

  GetMenuItemID

  kernel32

  LoadLibraryW

  GetNumberFormatW

  CreateRemoteThread

  GetModuleFileNameW

  GlobalCompact

  GetModuleFileNameA

  FileTimeToSystemTime

  SizeofResource

  GlobalSize

  Sections

  .text

  Size: 100KB - Virtual size: 97KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 8KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 126KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 8KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ