General

Malware Config

Signatures

Files

• cec9eea6f3035265eddcad12afb578e24e0493410dcd8b3c99f350b0a137ce8b

  .exe windows x86

  7924309211bb57f26ae3495819fb8433

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  CloseHandle

  CreateFileA

  ExitProcess

  GetACP

  GetCPInfo

  GetCommandLineA

  GetCompressedFileSizeW

  GetCurrentThreadId

  GetEnvironmentStrings

  GetFileType

  GetLastError

  GetLocalTime

  GetModuleFileNameA

  GetModuleHandleA

  GetOEMCP

  GetProcAddress

  GetProcessHeap

  GetStartupInfoA

  GetStdHandle

  GetStringTypeW

  GetVersion

  GetVersionExA

  GlobalMemoryStatus

  HeapAlloc

  HeapFree

  LoadLibraryA

  RaiseException

  RtlUnwind

  SetConsoleCtrlHandler

  SetFilePointer

  SetHandleCount

  TlsAlloc

  TlsFree

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  VirtualAlloc

  VirtualFree

  WriteFile

  user32

  EnumThreadWindows

  MessageBoxA

  wsprintfA

  Exports

  Exports

  __GetExceptDLLinfo

  ___CPPdebugHook

  Sections

  .text

  Size: 33KB - Virtual size: 36KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 14KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 1KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .edata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 16KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 2KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ