General

Malware Config

Signatures

Files

• 859aeab73bdbd801a1a9bf80f83587a3e18558de9112535a9ff476eb762d7f73

  .exe windows x86

  2e48e33dcddc4bb04755da9dcffae56d

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  dhcpcsvc

  DhcpEnumClasses

  DhcpFreeMem

  McastApiStartup

  McastApiCleanup

  McastGenUID

  kernel32

  ReadConsoleA

  GetCurrentProcess

  ReadFile

  CreateWaitableTimerA

  CompareStringW

  WaitForSingleObject

  FormatMessageA

  GetLocaleInfoW

  InitializeCriticalSection

  GetLogicalDriveStringsA

  GetProcAddress

  GetModuleHandleA

  GetCommandLineA

  SetErrorMode

  CreateSemaphoreW

  wtsapi32

  WTSUnRegisterSessionNotification

  WTSQuerySessionInformationA

  WTSEnumerateServersA

  WTSVirtualChannelPurgeInput

  WTSSetSessionInformationA

  WTSEnumerateProcessesA

  WTSSendMessageA

  WTSVirtualChannelWrite

  WTSVirtualChannelRead

  WTSRegisterSessionNotification

  WTSWaitSystemEvent

  WTSFreeMemory

  WTSOpenServerA

  WTSVirtualChannelClose

  user32

  MessageBoxExA

  DrawStateA

  PostMessageA

  DialogBoxParamW

  GetCursorPos

  EnumWindows

  LoadImageA

  IsDialogMessageW

  LoadBitmapA

  CreateWindowExA

  LoadCursorA

  SetFocus

  CharToOemW

  InsertMenuA

  EndDialog

  GetTopWindow

  wsprintfW

  CreateDialogParamA

  msimg32

  AlphaBlend

  vSetDdrawflag

  TransparentBlt

  Sections

  .text

  Size: 16KB - Virtual size: 12KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 220KB - Virtual size: 216KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ