General

Malware Config

Signatures

Files

• d6d846ae3751495ef398ce5af5facfb460ec76b0cb02992905576542d6e548d7

  .exe windows x86

  5016f547eb8d55f684f40b311290de5e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  oleaut32

  SafeArraySetRecordInfo

  VarR4FromDec

  GetErrorInfo

  mprapi

  MprInfoBlockAdd

  urlmon

  CreateAsyncBindCtx

  CoInternetCreateSecurityManager

  user32

  PostMessageW

  DrawEdge

  GetLastActivePopup

  IsCharAlphaW

  MessageBoxW

  EnumDisplayDevicesW

  EndDialog

  SetDlgItemTextW

  shell32

  SHInvokePrinterCommandW

  SHInvokePrinterCommandA

  kernel32

  GetCurrentProcess

  UnhandledExceptionFilter

  GetWindowsDirectoryA

  TerminateProcess

  PurgeComm

  SetVolumeMountPointA

  GlobalLock

  BuildCommDCBAndTimeoutsA

  ResetWriteWatch

  Heap32First

  WaitForDebugEvent

  WritePrivateProfileStructA

  SetTapeParameters

  lstrcmpiW

  SetThreadLocale

  CancelWaitableTimer

  GetCurrentProcessId

  GetCurrentThreadId

  GetCurrentThread

  GetModuleHandleA

  GetLastError

  ExitThread

  WriteConsoleInputA

  OutputDebugStringW

  GetConsoleSelectionInfo

  GetWriteWatch

  GetCurrentConsoleFont

  GetCurrentActCtx

  EnumSystemGeoID

  WriteConsoleInputW

  VerifyVersionInfoW

  EnumCalendarInfoA

  LCMapStringA

  WriteConsoleW

  HeapSize

  GetModuleHandleW

  CancelDeviceWakeupRequest

  SetEvent

  GetPrivateProfileIntW

  GetLogicalDriveStringsW

  DecodeSystemPointer

  SetConsoleMode

  FindVolumeMountPointClose

  CreateFileA

  FlushConsoleInputBuffer

  LocalHandle

  GetTapeStatus

  LocalFlags

  WritePrivateProfileSectionW

  CancelWaitableTimer

  GetCompressedFileSizeA

  GetNumberFormatW

  SearchPathW

  FindActCtxSectionStringA

  GetProcessPriorityBoost

  ConvertThreadToFiber

  ReadConsoleInputA

  GetModuleHandleExW

  AddVectoredExceptionHandler

  CreateSemaphoreA

  VirtualAllocEx

  AllocateUserPhysicalPages

  DefineDosDeviceW

  VirtualAlloc

  SetUnhandledExceptionFilter

  FindFirstVolumeMountPointA

  GlobalGetAtomNameA

  GlobalAlloc

  CloseHandle

  SetCommBreak

  FindFirstChangeNotificationW

  TransactNamedPipe

  EscapeCommFunction

  DisconnectNamedPipe

  GetShortPathNameW

  FreeLibrary

  IsBadHugeWritePtr

  LocalLock

  IsValidLanguageGroup

  SetProcessWorkingSetSize

  SetCommState

  DeleteFileA

  GetProcessId

  SetInformationJobObject

  clusapi

  RemoveClusterResourceNode

  ClusterNodeControl

  AddClusterResourceNode

  ClusterNodeEnum

  ntdll

  vsprintf

  sprintf

  toupper

  memcmp

  isupper

  wcslen

  memset

  iswlower

  towupper

  isalpha

  _chkstk

  wcsncmp

  wcscpy

  msvcrt

  _lock

  __dllonexit

  _unlock

  vfwprintf

  is_wctype

  getc

  _except_handler3

  _onexit

  fputs

  feof

  getenv

  ferror

  fwrite

  atof

  perror

  Sections

  .text

  Size: 52KB - Virtual size: 52KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ