General

Malware Config

Signatures

Files

• 4e1361e09b7cf61a5b2ef9f98ceb093842b3736548bae4abbcdead22cdd108e9

  .exe windows x86

  24ab8cfbd7a9db34d76ea139e619af3c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  CreateAcceleratorTableW

  UnhookWindowsHook

  ValidateRgn

  RegisterWindowMessageW

  MoveWindow

  GetClassNameW

  CharUpperA

  GetDesktopWindow

  DefWindowProcA

  FindWindowExA

  kernel32

  lstrcmpiA

  SetCommTimeouts

  EnumTimeFormatsW

  DeleteCriticalSection

  WriteFile

  ExitProcess

  DeleteFiber

  PeekConsoleInputW

  GetProcessHeap

  EndUpdateResourceA

  GetPrivateProfileStringW

  ReadConsoleA

  SetTimeZoneInformation

  ExitThread

  PurgeComm

  PulseEvent

  RaiseException

  EnumResourceLanguagesW

  GlobalDeleteAtom

  ReadDirectoryChangesW

  GetSystemTimeAsFileTime

  WriteProcessMemory

  GlobalFindAtomA

  GetLocaleInfoW

  GlobalFree

  GetTapeStatus

  lstrcmpiW

  VirtualQueryEx

  ReleaseMutex

  IsBadWritePtr

  EnumResourceNamesA

  TlsGetValue

  GetProfileStringA

  IsValidLocale

  GetConsoleCursorInfo

  GetHandleInformation

  GetThreadPriority

  ws2_32

  WSALookupServiceEnd

  getservbyname

  gethostbyaddr

  select

  shutdown

  gdi32

  SetPolyFillMode

  PolylineTo

  CombineRgn

  AddFontResourceW

  Sections

  .text

  Size: 305KB - Virtual size: 304KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 333KB - Virtual size: 333KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ