General

Malware Config

Signatures

Files

• 932a64337784ca39c0a50e1c57b6a7ef5a33f1bd454986986914f4baaf7c6282

  .exe windows x86

  67541f74ac099b898b8189435192421d

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  DebugBreak

  TlsSetValue

  OutputDebugStringA

  LCMapStringA

  IsValidCodePage

  OutputDebugStringW

  LCMapStringW

  EnumSystemLanguageGroupsW

  GetLocaleInfoA

  GetTimeZoneInformation

  WriteConsoleW

  GetStringTypeW

  HeapReAlloc

  CompareFileTime

  GetStringTypeA

  GetCPInfo

  winmm

  sndPlaySoundA

  oleacc

  CreateStdAccessibleObject

  ObjectFromLresult

  oledlg

  OleUIBusyW

  advapi32

  GetUserNameA

  IsValidSecurityDescriptor

  DuplicateTokenEx

  GetSecurityDescriptorLength

  LookupAccountSidA

  AddAce

  QueryServiceStatus

  InitializeSecurityDescriptor

  PrivilegeCheck

  SetSecurityDescriptorOwner

  RegOpenKeyExW

  shell32

  SHChangeNotify

  SHGetMalloc

  SHGetPathFromIDListW

  Sections

  .text

  Size: 83KB - Virtual size: 82KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 129KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 114KB - Virtual size: 113KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ