General

Malware Config

Signatures

Files

• ec4b7ee279126aead6ba43b067e52e32d7d476cbf7a62f94ade464974d8c95fd

  .exe windows x86

  4f1d4aa41856511da8f905a65ff97e1c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  ExitThread

  OutputDebugStringA

  Sleep

  SetProcessWorkingSetSize

  GetCurrentProcess

  lstrcpyA

  lstrcatA

  CreateProcessA

  GetTickCount

  CreateThread

  GlobalMemoryStatusEx

  GetSystemInfo

  CloseHandle

  WaitForSingleObject

  GetModuleHandleA

  GetStartupInfoA

  LoadLibraryA

  lstrlenA

  GetProcAddress

  user32

  wsprintfA

  advapi32

  RegQueryValueExA

  RegCloseKey

  ws2_32

  setsockopt

  gethostbyname

  select

  __WSAFDIsSet

  WSAIoctl

  recv

  send

  WSAStartup

  WSASocketA

  shutdown

  htonl

  sendto

  socket

  htons

  connect

  closesocket

  inet_addr

  iphlpapi

  GetIfTable

  msvcrt

  malloc

  _controlfp

  _except_handler3

  __set_app_type

  __p__fmode

  __p__commode

  _adjust_fdiv

  __setusermatherr

  _initterm

  __getmainargs

  _acmdln

  _XcptFilter

  _exit

  ??1type_info@@UAE@XZ

  __CxxFrameHandler

  _onexit

  __dllonexit

  atoi

  time

  localtime

  rand

  srand

  ??2@YAPAXI@Z

  strstr

  strchr

  realloc

  exit

  free

  sprintf

  ??3@YAXPAX@Z

  strrchr

  _CxxThrowException

  Sections

  .text

  Size: 20KB - Virtual size: 16KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 16B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ