General

Malware Config

Signatures

Files

• a8905925337dece841b89481d8a01ad95eb53952f02db260ac11634f2ab4a78c

  .exe windows x86

  ceff0a91baa363321ee912e484a7035f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  ExitWindowsEx

  DispatchMessageA

  DestroyWindow

  CreateWindowExA

  CallWindowProcA

  LoadStringA

  MsgWaitForMultipleObjects

  PeekMessageA

  SetWindowLongA

  TranslateMessage

  MessageBoxA

  ChildWindowFromPointEx

  OpenDesktopW

  IsRectEmpty

  CharPrevA

  wsprintfA

  MapVirtualKeyExA

  CreateAcceleratorTableA

  GetDlgItemTextW

  DialogBoxParamA

  RegisterWindowMessageA

  LockWindowUpdate

  OemKeyScan

  ole32

  CoBuildVersion

  WriteFmtUserTypeStg

  ReleaseStgMedium

  OleGetClipboard

  CoMarshalInterThreadInterfaceInStream

  OleLoadFromStream

  CreatePointerMoniker

  advapi32

  OpenProcessToken

  RegCloseKey

  RegOpenKeyExA

  RegQueryValueExA

  LookupPrivilegeValueA

  gdi32

  ColorMatchToTarget

  CreateColorSpaceA

  AddFontResourceA

  CloseEnhMetaFile

  CreateDCW

  ArcTo

  opengl32

  glTexEnviv

  glInitNames

  glVertex4iv

  glRotated

  glScaled

  glRasterPos2i

  glColorMask

  dbghelp

  SymGetModuleInfoW64

  StackWalk

  SymGetSearchPath

  SymGetLineFromAddr

  SymLoadModuleEx

  FindFileInPath

  kernel32

  TerminateProcess

  GetStringTypeW

  GetStringTypeA

  UnhandledExceptionFilter

  LCMapStringA

  FlushFileBuffers

  GetConsoleMode

  GetConsoleCP

  HeapReAlloc

  VirtualAlloc

  InitializeCriticalSection

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  VirtualProtect

  VirtualQuery

  LCMapStringW

  CloseHandle

  RtlUnwind

  GetOEMCP

  GetCPInfo

  HeapAlloc

  GetCurrentProcessId

  QueryPerformanceCounter

  HeapFree

  VirtualFree

  HeapCreate

  HeapDestroy

  GetCurrentThreadId

  InterlockedDecrement

  SetLastError

  GetTempPathA

  FindFirstFileA

  FindNextFileA

  FindClose

  SetFilePointer

  MulDiv

  ReadFile

  WriteFile

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  MultiByteToWideChar

  FreeLibrary

  LoadLibraryExA

  WaitForSingleObject

  GlobalAlloc

  GlobalFree

  ExpandEnvironmentStringsA

  lstrcmpA

  lstrcmpiA

  GetVersion

  GetSystemDirectoryA

  lstrcatA

  lstrlenA

  GetTempFileNameA

  RemoveDirectoryA

  CreateThread

  GlobalLock

  GlobalUnlock

  GetDiskFreeSpaceA

  lstrcpynA

  LoadLibraryA

  SetErrorMode

  SetFileTime

  ExitProcess

  CopyFileA

  GetTickCount

  Sleep

  SetFileAttributesA

  SetCurrentDirectoryA

  MoveFileA

  GetShortPathNameA

  SearchPathA

  CompareFileTime

  CreateDirectoryA

  CreateFileA

  CreateProcessA

  DeleteFileA

  FindResourceA

  FormatMessageA

  GetACP

  GetCommandLineA

  GetCurrentProcess

  GetEnvironmentVariableA

  GetExitCodeProcess

  GetFileAttributesA

  GetFileSize

  GetFullPathNameA

  GetLastError

  GetLocaleInfoA

  GetModuleFileNameA

  GetModuleHandleA

  GetProcAddress

  GetSystemDefaultLCID

  GetSystemInfo

  GetUserDefaultLangID

  GetVersionExA

  GetWindowsDirectoryA

  IsDBCSLeadByte

  SetWaitableTimer

  CreateWaitableTimerA

  CreateMailslotW

  lstrcmpiW

  SetCalendarInfoW

  SetupComm

  SizeofResource

  BuildCommDCBA

  GetSystemTimeAsFileTime

  GetStartupInfoA

  EnterCriticalSection

  LeaveCriticalSection

  OutputDebugStringA

  RaiseException

  SetUnhandledExceptionFilter

  GetStdHandle

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  DeleteCriticalSection

  GetModuleHandleW

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  Sections

  .text

  Size: 104KB - Virtual size: 103KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 37KB - Virtual size: 47KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 33KB - Virtual size: 32KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ