General

Malware Config

Signatures

Files

• 1f9c7b98485c5f1072970ecdd733096b8d4b37891b80ff92a9fa35b6c4018d97

  .exe windows x86

  79a495b2d377200108e5509c9bdb02eb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetVolumeMountPointW

  GetLongPathNameW

  GetStringTypeExW

  GetComputerNameW

  BuildCommDCBAndTimeoutsW

  GetStartupInfoA

  lstrcpyA

  SetConsoleMode

  CloseHandle

  CreateFileA

  GetFileType

  GetFileSize

  GetStdHandle

  RaiseException

  ReadFile

  RtlUnwind

  SetEndOfFile

  SetFilePointer

  UnhandledExceptionFilter

  WriteFile

  ExitProcess

  FindClose

  FindFirstFileA

  FreeLibrary

  GetCommandLineA

  GetLastError

  GetLocaleInfoA

  GetModuleFileNameA

  GetModuleHandleA

  GetProcAddress

  GetThreadLocale

  LoadLibraryExA

  lstrcpynA

  lstrlenA

  MultiByteToWideChar

  SetCurrentDirectoryA

  WideCharToMultiByte

  VirtualQuery

  GetCurrentThreadId

  LocalAlloc

  LocalFree

  VirtualAlloc

  VirtualFree

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  TlsGetValue

  TlsSetValue

  CompareStringA

  CopyFileA

  CreateEventA

  CreateProcessA

  CreateThread

  EnumCalendarInfoA

  FindResourceA

  FormatMessageA

  FreeResource

  GetACP

  GetCPInfo

  GetCurrentProcessId

  GetDiskFreeSpaceA

  GetStringTypeExA

  GetSystemInfo

  GetTempPathA

  GetTickCount

  GetVersion

  GetVersionExA

  GlobalAddAtomA

  GlobalAlloc

  GlobalDeleteAtom

  GlobalFindAtomA

  GlobalFree

  GlobalLock

  GlobalHandle

  GlobalReAlloc

  GlobalUnlock

  LoadLibraryA

  LoadResource

  LockResource

  MulDiv

  ResetEvent

  SetErrorMode

  SetEvent

  SetThreadLocale

  SizeofResource

  Sleep

  WaitForSingleObject

  GetSystemTimeAsFileTime

  GetModuleHandleW

  TlsAlloc

  TlsFree

  InterlockedIncrement

  SetLastError

  InterlockedDecrement

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  HeapCreate

  HeapFree

  QueryPerformanceCounter

  GetOEMCP

  IsValidCodePage

  InitializeCriticalSectionAndSpinCount

  HeapAlloc

  HeapReAlloc

  GetStringTypeA

  GetStringTypeW

  LCMapStringA

  LCMapStringW

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  HeapSize

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  Sections

  .text

  Size: 61KB - Virtual size: 61KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 9KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 121.4MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 128KB - Virtual size: 127KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ