General

Malware Config

Signatures

Files

• 3d7bedb5d7b109bb67810e56bb05a2523e0b286e5b73bc8a04ae65e910f52531

  .exe windows x86

  6d3c38224a9c85a467af3f8787fd855b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  QueueUserAPC

  CreateFiber

  GetMailslotInfo

  PeekNamedPipe

  SetStdHandle

  ReleaseSemaphore

  GetPriorityClass

  TlsSetValue

  RemoveVectoredExceptionHandler

  GetThreadIOPendingFlag

  ClearCommBreak

  IsProcessInJob

  GetFileInformationByHandle

  SetSystemTimeAdjustment

  FindNextChangeNotification

  GetFileType

  LocalCompact

  LockResource

  RequestWakeupLatency

  SetMessageWaitingIndicator

  GetThreadPriorityBoost

  EncodeSystemPointer

  GlobalUnfix

  GlobalDeleteAtom

  GetVersion

  UnlockFile

  SetProcessWorkingSetSize

  PulseEvent

  SetFileValidData

  GetNumaAvailableMemoryNode

  AreFileApisANSI

  GetFileSize

  TlsGetValue

  GetProcessHandleCount

  GetFileSizeEx

  GetProcessIoCounters

  LockFileEx

  GetProcessId

  EncodePointer

  GetCurrentProcessId

  FlushViewOfFile

  GetStdHandle

  InitAtomTable

  CreateFileMappingW

  FlushFileBuffers

  GetLogicalDrives

  CancelDeviceWakeupRequest

  LocalUnlock

  GetNamedPipeHandleStateW

  ConvertThreadToFiber

  CreateMemoryResourceNotification

  GetModuleFileNameA

  GetWriteWatch

  GetHandleInformation

  GetEnvironmentStrings

  GetCurrentThread

  DeactivateActCtx

  GetFileAttributesExW

  WTSGetActiveConsoleSessionId

  DisableThreadLibraryCalls

  ConvertFiberToThread

  OpenProcess

  GetNamedPipeHandleStateA

  ResetEvent

  SetCommState

  HeapAlloc

  InterlockedDecrement

  GetCPInfo

  GetCommandLineA

  GetVersionExA

  GetStartupInfoA

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  HeapFree

  VirtualFree

  VirtualAlloc

  HeapReAlloc

  HeapDestroy

  HeapCreate

  GetProcAddress

  GetModuleHandleA

  ExitProcess

  WriteFile

  GetLastError

  LCMapStringA

  WideCharToMultiByte

  MultiByteToWideChar

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  InterlockedIncrement

  GetModuleHandleW

  TlsAlloc

  TlsFree

  SetLastError

  GetCurrentThreadId

  SetUnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  InitializeCriticalSection

  OutputDebugStringA

  RtlUnwind

  LoadLibraryExA

  GetACP

  GetOEMCP

  GetLocaleInfoA

  VirtualProtect

  GetSystemInfo

  VirtualQuery

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  Sleep

  Sections

  .text

  Size: 110KB - Virtual size: 110KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ