General

Malware Config

Signatures

Files

• 26d71884514ae353b92f5eb6791e31406cddc9d020d8d9420b4f1c5e539e7163

  .exe windows x64

  e09e6be49968e9dd4785cce7697779ad

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  GetVersionExA

  __C_specific_handler

  InitializeCriticalSection

  DeleteCriticalSection

  GetModuleHandleA

  ole32

  StgOpenStorage

  msvcr71

  _c_exit

  printf

  wcstombs

  ??_U@YAPEAX_K@Z

  ??_V@YAXPEAX@Z

  strtok

  free

  __CxxFrameHandler

  mbstowcs

  memset

  __dllonexit

  _onexit

  _XcptFilter

  _exit

  _cexit

  exit

  __initenv

  _amsg_exit

  __getmainargs

  _initterm

  __setusermatherr

  _commode

  _fmode

  __set_app_type

  Sections

  .text

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 432B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ