General

Malware Config

Signatures

Files

• 21a1575646d545219ba6813d316cdf388f05c2d45d0b0011a5bfb77b1e2ca2cd

  .exe windows x86

  9c38d4f44f037b0a039e25ed3dc6c284

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

  Imports

  kernel32

  CloseHandle

  RaiseException

  SetStdHandle

  SetFilePointer

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  GetStringTypeW

  LCMapStringW

  IsProcessorFeaturePresent

  RtlUnwind

  OutputDebugStringW

  WriteConsoleW

  OutputDebugStringA

  IsValidCodePage

  GetCPInfo

  GetOEMCP

  GetACP

  HeapFree

  HeapQueryInformation

  HeapSize

  HeapReAlloc

  HeapAlloc

  HeapCreate

  SetLastError

  LoadLibraryA

  GetProcAddress

  GetLastError

  InterlockedExchange

  MultiByteToWideChar

  lstrcatA

  GetConsoleWindow

  LoadLibraryW

  InitializeCriticalSection

  WriteFile

  GetLogicalDrives

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  DeleteCriticalSection

  GetFileType

  InitializeCriticalSectionAndSpinCount

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetModuleFileNameA

  ExitProcess

  GetModuleHandleW

  InterlockedDecrement

  InterlockedIncrement

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetCurrentThreadId

  GetTickCount

  QueryPerformanceCounter

  GetModuleFileNameW

  EncodePointer

  IsDebuggerPresent

  CreateFileW

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  DecodePointer

  LeaveCriticalSection

  EnterCriticalSection

  IsBadReadPtr

  HeapValidate

  CreateFileA

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  user32

  GetSystemMetrics

  EndDialog

  GetDlgItem

  GetWindow

  DispatchMessageW

  DefWindowProcA

  SetWindowTextA

  DrawTextA

  ReleaseDC

  GetWindowLongA

  EndPaint

  DestroyWindow

  UpdateLayeredWindow

  SetTimer

  GetWindowRect

  GetMessageW

  PostQuitMessage

  IsIconic

  KillTimer

  InvalidateRect

  LoadStringA

  GetParent

  wsprintfA

  GetClientRect

  GetWindowTextLengthA

  SendMessageA

  BeginPaint

  GetDC

  TranslateMessage

  GetWindowTextA

  SetWindowLongA

  CreateWindowExA

  gdi32

  CreateFontIndirectA

  SetTextColor

  DeleteDC

  CreateDIBSection

  CreateFontA

  CreateSolidBrush

  DeleteObject

  SelectObject

  CreateCompatibleDC

  SwapBuffers

  oleaut32

  SysAllocStringLen

  shlwapi

  StrStrIA

  SHCreateStreamOnFileA

  PathCompactPathA

  gdiplus

  GdipDeleteGraphics

  GdipCreateFromHDC

  opengl32

  glLoadIdentity

  wglDeleteContext

  glColor3f

  glFlush

  glEnable

  glLightfv

  glLineWidth

  glMatrixMode

  glBlendFunc

  wglMakeCurrent

  wglGetCurrentDC

  glBegin

  glVertex2d

  glEnd

  glOrtho

  glClear

  wglCreateContext

  glViewport

  imm32

  ImmAssociateContext

  Sections

  .text

  Size: 854KB - Virtual size: 853KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 44KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 100KB - Virtual size: 100KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ