General

Malware Config

Signatures

Files

• 2f9ca514375d3d060d375c500a948bf4d80e2d83b08c82cc4a33f532b77b67fe

  .exe windows x86

  015036c16ea20ea392e6b1bb61f77ccb

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  mouse_event

  GetWindowDC

  CallWindowProcW

  SetWindowRgn

  CheckMenuItem

  IntersectRect

  EnumDisplayDevicesW

  GetClipCursor

  EnumDesktopsW

  CallNextHookEx

  MsgWaitForMultipleObjects

  GetLayeredWindowAttributes

  DefDlgProcA

  GetWindowModuleFileNameA

  GetRawInputDeviceInfoA

  GetClassLongW

  GetTopWindow

  SetDoubleClickTime

  TrackMouseEvent

  VkKeyScanExW

  GetMessagePos

  EndDeferWindowPos

  EnumChildWindows

  GetProcessWindowStation

  SetMessageQueue

  IsCharAlphaA

  ScrollWindow

  IsWindowEnabled

  IsZoomed

  shell32

  ord131

  gdi32

  SetBkColor

  SelectObject

  SetWindowOrgEx

  CreateCompatibleBitmap

  GetClipBox

  BitBlt

  DeleteObject

  DeleteDC

  DPtoLP

  LPtoDP

  CreateSolidBrush

  GetStockObject

  Polyline

  CreatePen

  StretchBlt

  GetObjectA

  CreateCompatibleDC

  CreateDIBSection

  AnimatePalette

  ChoosePixelFormat

  CreateColorSpaceA

  CombineRgn

  Chord

  ColorMatchToTarget

  GetClipRgn

  SetBkMode

  GetArcDirection

  GetPixel

  SetBitmapBits

  GetFontLanguageInfo

  SetViewportOrgEx

  SetColorAdjustment

  ResetDCW

  GetGraphicsMode

  GetROP2

  GetTextAlign

  WidenPath

  CopyMetaFileW

  GetCharABCWidthsFloatA

  shlwapi

  GetMenuPosFromID

  PathGetCharTypeW

  ord29

  PathGetCharTypeA

  ColorHLSToRGB

  kernel32

  SetLastError

  InterlockedDecrement

  GetCurrentThreadId

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  LeaveCriticalSection

  EnterCriticalSection

  OutputDebugStringA

  LoadLibraryExA

  InitializeCriticalSection

  HeapReAlloc

  GetLocaleInfoA

  VirtualProtect

  GetSystemInfo

  VirtualQuery

  FreeEnvironmentStringsW

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsAlloc

  TlsGetValue

  GetModuleHandleW

  GlobalUnWire

  GetLogicalDrives

  FlushFileBuffers

  GetCommTimeouts

  SetCommState

  CloseHandle

  GetMailslotInfo

  CreateFileMappingW

  InitAtomTable

  GetWriteWatch

  GetNamedPipeHandleStateW

  HeapAlloc

  HeapFree

  GetModuleHandleA

  GetCommandLineA

  GetVersion

  HeapDestroy

  HeapCreate

  VirtualFree

  VirtualAlloc

  WideCharToMultiByte

  GetStringTypeA

  GetStringTypeW

  MultiByteToWideChar

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  GetEnvironmentStringsW

  GetCPInfo

  GetACP

  GetOEMCP

  SetHandleCount

  GetStdHandle

  SetStdHandle

  GetFileType

  RtlUnwind

  LCMapStringA

  LCMapStringW

  lstrcpynA

  CompareStringA

  FindResourceA

  lstrlenA

  lstrcpyA

  FindClose

  FindFirstFileA

  GetDiskFreeSpaceA

  Sleep

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingA

  GetFileSize

  CreateFileA

  GetFileAttributesA

  lstrcatA

  MoveFileExA

  GetShortPathNameA

  GetPrivateProfileSectionA

  WritePrivateProfileStringA

  WritePrivateProfileSectionA

  GetModuleFileNameA

  GetSystemDefaultLCID

  MulDiv

  ExitProcess

  FindNextFileA

  RemoveDirectoryA

  GetStartupInfoA

  WaitForSingleObject

  CreateProcessA

  GetLastError

  FormatMessageA

  LoadResource

  LockResource

  IsDBCSLeadByte

  lstrcmpA

  GetWindowsDirectoryA

  GetSystemDirectoryA

  GetTempPathA

  LoadLibraryA

  GetTempFileNameA

  FreeLibrary

  DeleteFileA

  GetProcAddress

  DosDateTimeToFileTime

  LocalFileTimeToFileTime

  SetFileTime

  SetFileAttributesA

  GetPrivateProfileStringA

  CreateDirectoryA

  ReadFile

  SetFilePointer

  WriteFile

  GetVersionExA

  SetUnhandledExceptionFilter

  DeleteCriticalSection

  Sections

  .text

  Size: 70KB - Virtual size: 69KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 11KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 183KB - Virtual size: 183KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ