General

Malware Config

Signatures

Files

• 945325c717a4a160ab6a0a64e216fbc86b229996bf90f438f9b49a9fb51643bd

  .exe windows x86

  d193838ecdd973eadde0ff03b273c761

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  DispatchMessageA

  DestroyWindow

  CreateWindowExA

  CallWindowProcA

  MessageBoxW

  ExitWindowsEx

  LoadStringA

  MsgWaitForMultipleObjects

  PeekMessageA

  SetWindowLongA

  TranslateMessage

  MessageBoxA

  MapVirtualKeyExA

  CharPrevA

  LookupIconIdFromDirectoryEx

  IsCharAlphaA

  EnumDesktopsA

  GetDialogBaseUnits

  SwapMouseButton

  GetTopWindow

  FlashWindow

  CloseWindowStation

  GetScrollBarInfo

  SetCursor

  ole32

  CoLoadLibrary

  CoRegisterPSClsid

  CLSIDFromString

  ProgIDFromCLSID

  CoRevokeMallocSpy

  CoCreateInstanceEx

  advapi32

  OpenProcessToken

  RegCloseKey

  RegOpenKeyExA

  RegQueryValueExA

  LookupPrivilegeValueA

  gdi32

  ArcTo

  CreateDCA

  AddFontMemResourceEx

  CombineRgn

  CopyEnhMetaFileA

  opengl32

  glColor3f

  wglSetLayerPaletteEntries

  glVertex2d

  glTexCoord3s

  glStencilFunc

  wglCreateLayerContext

  glFogfv

  glVertex3iv

  dbghelp

  SymMatchString

  SymGetLinePrev64

  SymFindFileInPath

  SymSetContext

  SymGetModuleBase64

  kernel32

  UnhandledExceptionFilter

  TerminateProcess

  GetStringTypeW

  GetStringTypeA

  WriteConsoleA

  LCMapStringA

  FlushFileBuffers

  GetConsoleMode

  GetConsoleCP

  HeapReAlloc

  VirtualAlloc

  InitializeCriticalSection

  RtlUnwind

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  VirtualProtect

  VirtualQuery

  LCMapStringW

  CompareFileTime

  GetOEMCP

  GetCPInfo

  HeapAlloc

  GetCurrentProcessId

  QueryPerformanceCounter

  HeapFree

  VirtualFree

  HeapCreate

  HeapDestroy

  GetCurrentThreadId

  InterlockedDecrement

  InterlockedIncrement

  TlsFree

  GetTempPathA

  FindFirstFileA

  FindNextFileA

  FindClose

  SetFilePointer

  MulDiv

  ReadFile

  WriteFile

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  MultiByteToWideChar

  FreeLibrary

  LoadLibraryExA

  WaitForSingleObject

  GlobalAlloc

  GlobalFree

  ExpandEnvironmentStringsA

  lstrcmpA

  lstrcmpiA

  GetVersion

  GetSystemDirectoryA

  lstrcatA

  lstrlenA

  GetTempFileNameA

  RemoveDirectoryA

  CreateThread

  GlobalLock

  GlobalUnlock

  GetDiskFreeSpaceA

  lstrcpynA

  LoadLibraryA

  SetErrorMode

  SetFileTime

  ExitProcess

  CopyFileA

  GetTickCount

  Sleep

  SetFileAttributesA

  SetCurrentDirectoryA

  MoveFileA

  GetShortPathNameA

  SearchPathA

  CloseHandle

  CreateDirectoryA

  CreateFileA

  CreateProcessA

  DeleteFileA

  FindResourceA

  FormatMessageA

  GetACP

  GetCommandLineA

  GetCurrentProcess

  GetEnvironmentVariableA

  GetExitCodeProcess

  GetFileAttributesA

  GetFileSize

  GetFullPathNameA

  GetLastError

  GetLocaleInfoA

  GetModuleFileNameA

  GetModuleHandleA

  GetProcAddress

  GetSystemDefaultLCID

  GetSystemInfo

  GetUserDefaultLangID

  GetVersionExA

  GetWindowsDirectoryA

  IsDBCSLeadByte

  SetWaitableTimer

  CreateWaitableTimerA

  SetLastError

  CreateMutexA

  LocalSize

  FreeUserPhysicalPages

  FillConsoleOutputCharacterA

  EnumSystemLocalesA

  GetSystemTimeAsFileTime

  GetStartupInfoA

  EnterCriticalSection

  LeaveCriticalSection

  OutputDebugStringA

  RaiseException

  SetUnhandledExceptionFilter

  GetStdHandle

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  DeleteCriticalSection

  GetModuleHandleW

  TlsGetValue

  TlsAlloc

  TlsSetValue

  Sections

  .text

  Size: 104KB - Virtual size: 103KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 37KB - Virtual size: 47KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 29KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ