General

Malware Config

Signatures

Files

• aa0f8c325ee6381888c4c0740ab420245f64442ff5741728d5cce86128df5f52

  .exe windows x86

  d7f67989335cdc390147532a247a2982

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  gdiplus

  GdipGetImageWidth

  GdipDisposeImage

  kernel32

  CloseHandle

  FindNextFileW

  FreeLibrary

  FindClose

  SetPriorityClass

  ReadFile

  GetModuleFileNameA

  GetTempPathW

  GetCurrentDirectoryW

  WideCharToMultiByte

  lstrlenA

  GetModuleFileNameW

  SetFileAttributesW

  LocalFree

  DeleteFileW

  SetCurrentDirectoryW

  DisableThreadLibraryCalls

  CreateDirectoryA

  GetTempPathA

  GetLastError

  SetErrorMode

  EnumResourceTypesW

  GetFileAttributesW

  GetTempFileNameW

  FindFirstFileW

  CopyFileA

  GetPrivateProfileStringA

  InterlockedDecrement

  GetFileSize

  CreateFileA

  MultiByteToWideChar

  WaitForSingleObject

  GetExitCodeThread

  GetFileAttributesA

  DeleteFileA

  SetFileAttributesA

  lstrcmpA

  InterlockedIncrement

  FindNextFileA

  LocalAlloc

  GetVersionExA

  GetTempFileNameA

  ole32

  CoMarshalHresult

  CLSIDFromString

  CreateItemMoniker

  StringFromCLSID

  GetRunningObjectTable

  CoInitializeEx

  CoCreateInstance

  CoInitialize

  CoRevokeClassObject

  CoRegisterClassObject

  CoTaskMemFree

  StringFromGUID2

  CreateStreamOnHGlobal

  CoFreeUnusedLibraries

  CoUninitialize

  CoTaskMemAlloc

  Sections

  .text

  Size: 119KB - Virtual size: 118KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .tls

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 71KB - Virtual size: 71KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 1024B - Virtual size: 252KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ