General

Malware Config

Signatures

Files

• a1b6e7058b45dcf73e569ffd1559fb167a48fb4526d180213f25e517a6141700

  .exe windows x86

  3a435f2f18772646016dedc8d8331d9a

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  msvcrt

  malloc

  _initterm

  wcscmp

  free

  strcpy

  strcat

  strlen

  strchr

  strcmp

  _stricmp

  _snprintf

  sscanf

  memset

  sprintf

  strrchr

  kernel32

  GetPrivateProfileSectionA

  WideCharToMultiByte

  CloseHandle

  GetSystemInfo

  WaitForSingleObject

  GetPrivateProfileStringA

  MoveFileA

  GetLastError

  CreateDirectoryA

  GetVersion

  LoadLibraryA

  RemoveDirectoryA

  DeleteFileA

  GetWindowsDirectoryA

  FreeLibrary

  CreateProcessA

  GetProcAddress

  LoadLibraryW

  GetCurrentThreadId

  user32

  LoadBitmapA

  GetKeyboardType

  MessageBoxA

  advapi32

  RegEnumKeyExA

  RegOpenKeyExA

  RegCreateKeyExA

  RegCloseKey

  RegQueryValueExA

  RegSetValueExA

  RegDeleteValueA

  RegOpenKeyA

  ole32

  CoInitialize

  CoCreateInstance

  CoUninitialize

  setupapi

  SetupGetStringFieldA

  SetupAddInstallSectionToDiskSpaceListA

  SetupFindFirstLineA

  SetupOpenInfFileA

  SetupSetDirectoryIdExA

  SetupSetDirectoryIdA

  SetupCloseInfFile

  SetupInstallFilesFromInfSectionA

  SetupGetTargetPathA

  SetupFindNextLine

  SetupQueueDeleteA

  SetupRemoveInstallSectionFromDiskSpaceListA

  Sections

  .text

  Size: 19KB - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 25KB - Virtual size: 104KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 382KB - Virtual size: 382KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ