General

Malware Config

Signatures

Files

• 30058358319717e91d359e4a87fdb81fa252d1e62571fc79479bf7510d8b757f

  .exe windows x86

  c7e14e4e9559fd2c3fb8c2a933f2a1e7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ole32

  CoRegisterChannelHook

  StringFromCLSID

  OleIsRunning

  CreateAntiMoniker

  CoIsHandlerConnected

  ReleaseStgMedium

  advapi32

  EnumServicesStatusA

  DuplicateTokenEx

  AccessCheckByType

  RegNotifyChangeKeyValue

  GetNumberOfEventLogRecords

  InitializeSecurityDescriptor

  GetUserNameW

  OpenServiceW

  gdi32

  Arc

  AnimatePalette

  CreateDIBPatternBrushPt

  ColorCorrectPalette

  CreateCompatibleDC

  CombineRgn

  CloseFigure

  ArcTo

  CreateDCA

  CreateBitmapIndirect

  AddFontResourceExA

  kernel32

  LoadLibraryExA

  GetProcessHeap

  OpenProcess

  LocalShrink

  PurgeComm

  GetNamedPipeHandleStateA

  ReleaseSemaphore

  LocalCompact

  GlobalCompact

  DecodePointer

  GetCommandLineA

  CancelIo

  GetLastError

  GetProcessTimes

  CreateIoCompletionPort

  GetThreadPriority

  PostQueuedCompletionStatus

  SetMailslotInfo

  SetSystemTimeAdjustment

  MapUserPhysicalPagesScatter

  GetThreadContext

  GetFileInformationByHandle

  GetMailslotInfo

  ClearCommError

  FindFirstFileExW

  GetProcessId

  SetPriorityClass

  InitAtomTable

  GetProcessVersion

  SetProcessWorkingSetSize

  ReleaseMutex

  DisconnectNamedPipe

  GlobalUnWire

  GetNamedPipeInfo

  CreateFileMappingW

  PeekNamedPipe

  RtlCaptureStackBackTrace

  GetProcessIoCounters

  GetFileAttributesExW

  GetFileType

  GetTapeStatus

  ConvertThreadToFiber

  CreateFiber

  GetVersion

  AssignProcessToJobObject

  DisableThreadLibraryCalls

  GetThreadTimes

  CreateTimerQueue

  GetLogicalDrives

  GetWriteWatch

  RequestDeviceWakeup

  GetProcessAffinityMask

  ResetWriteWatch

  CancelWaitableTimer

  MapUserPhysicalPages

  GetFileTime

  SetProcessShutdownParameters

  FlushViewOfFile

  SetSystemPowerState

  SetHandleCount

  GetExitCodeProcess

  MultiByteToWideChar

  InterlockedDecrement

  GetCPInfo

  HeapAlloc

  GetVersionExA

  GetStartupInfoA

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  InterlockedIncrement

  GetACP

  GetOEMCP

  GetProcAddress

  GetModuleHandleW

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  GetCurrentThreadId

  HeapFree

  LCMapStringA

  WideCharToMultiByte

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  VirtualFree

  VirtualAlloc

  HeapReAlloc

  HeapDestroy

  HeapCreate

  GetModuleHandleA

  ExitProcess

  WriteFile

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  OutputDebugStringA

  GetLocaleInfoA

  Sleep

  VirtualProtect

  GetSystemInfo

  VirtualQuery

  InitializeCriticalSection

  RtlUnwind

  Sections

  .text

  Size: 104KB - Virtual size: 104KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ