General

Malware Config

Signatures

Files

• 9b877f4fd3d4aa077c070ea8abd66562bf91c6ece15991543e7dfbb1c5d8ae11

  .exe windows x86

  a6a3e504826b201c1dee9d56008ee78e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LocalFree

  TlsAlloc

  WriteConsoleW

  ReadFile

  SetEndOfFile

  SetStdHandle

  FlushFileBuffers

  HeapReAlloc

  LoadLibraryW

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  GetStringTypeW

  LCMapStringW

  CreateFileW

  CloseHandle

  HeapSize

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetStdHandle

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetLastError

  EnumDateFormatsA

  GetDefaultCommConfigA

  Sleep

  DeleteCriticalSection

  lstrcatA

  lstrlenA

  HeapCreate

  WideCharToMultiByte

  GlobalAlloc

  FormatMessageA

  GetProcessHeap

  SetEvent

  GetFileType

  SetHandleCount

  GetModuleFileNameW

  WriteFile

  ExitProcess

  IsProcessorFeaturePresent

  GetProcAddress

  GetCurrentThreadId

  SetLastError

  GetModuleHandleW

  TlsFree

  TlsSetValue

  IsValidCodePage

  GetOEMCP

  GetACP

  InterlockedIncrement

  GetCPInfo

  TerminateProcess

  IsDebuggerPresent

  GetCurrentProcess

  InterlockedDecrement

  HeapAlloc

  GetTickCount

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  MultiByteToWideChar

  HeapFree

  EnterCriticalSection

  LeaveCriticalSection

  GetLocalTime

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  RaiseException

  RtlUnwind

  EncodePointer

  DecodePointer

  InitializeCriticalSectionAndSpinCount

  TlsGetValue

  user32

  AdjustWindowRectEx

  DispatchMessageA

  IsWindow

  GetSystemMetrics

  WindowFromDC

  CreateDialogParamW

  IsDlgButtonChecked

  IsWindowVisible

  GetDlgItemTextA

  EnableScrollBar

  SendDlgItemMessageW

  EndDialog

  RegisterClassExA

  GetClassInfoExA

  GetFocus

  LoadBitmapA

  GetParent

  FindWindowW

  GetClientRect

  SendMessageA

  GetDC

  TranslateMessage

  SetRect

  SetWindowLongA

  MessageBoxA

  InvalidateRect

  CreateWindowExA

  PeekMessageA

  GetClassNameW

  EnableMenuItem

  GetDlgItem

  gdi32

  DeleteObject

  AddFontResourceA

  GetBkMode

  CreateDIBSection

  winspool.drv

  ord201

  advapi32

  GetTokenInformation

  LookupAccountSidA

  RegQueryValueExW

  ConvertStringSidToSidW

  RegCloseKey

  RegOpenKeyExW

  OpenProcessToken

  shell32

  Shell_NotifyIconA

  SHGetFileInfoW

  ole32

  CoCreateInstance

  CoSetProxyBlanket

  CoUninitialize

  StringFromCLSID

  CoInitializeSecurity

  CoInitialize

  CoGetObjectContext

  CoInitializeEx

  CreateFileMoniker

  oleaut32

  GetErrorInfo

  VariantClear

  SysAllocString

  VariantInit

  SysFreeString

  comctl32

  ImageList_Create

  ImageList_Add

  ord17

  oleacc

  AccessibleObjectFromWindow

  Sections

  .text

  Size: 89KB - Virtual size: 88KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ