General

Malware Config

Signatures

Files

• 90839e20d5fa2598b41fc0b82a1ab344017f90f9d1e720472107b1174ebf5c86

  .exe windows x86

  bbc69abdc8bcfa41f026b7f126f5b8d3

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Imports

  oleaut32

  SysFreeString

  SysReAllocStringLen

  SysFreeString

  SysAllocStringLen

  advapi32

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  OpenThreadToken

  OpenProcessToken

  GetTokenInformation

  FreeSid

  EqualSid

  AllocateAndInitializeSid

  CheckTokenMembership

  user32

  MessageBoxA

  CharNextW

  CreateWindowExW

  WaitMessage

  ValidateRect

  TranslateMessage

  ShowWindow

  SetWindowPos

  SetWindowContextHelpId

  SetTimer

  SetScrollInfo

  SetParent

  SetForegroundWindow

  SetFocus

  SetCursor

  SetCapture

  SendMessageW

  ScreenToClient

  ReleaseDC

  ReleaseCapture

  RegisterClassW

  PostQuitMessage

  OffsetRect

  OemToCharA

  MoveWindow

  MessageBoxW

  KillTimer

  IsWindowVisible

  IsWindowEnabled

  IsWindow

  IsIconic

  InvalidateRect

  GetWindowTextW

  GetWindowRgn

  GetWindowRect

  GetWindowContextHelpId

  GetUpdateRgn

  GetSystemMetrics

  GetSystemMenu

  GetSysColor

  GetScrollPos

  GetScrollInfo

  GetParent

  GetWindow

  GetMenuContextHelpId

  GetKeyState

  GetFocus

  GetDesktopWindow

  GetDCEx

  GetDC

  GetCursorPos

  GetClientRect

  GetClassInfoW

  GetCapture

  GetAsyncKeyState

  FillRect

  EndPaint

  EnableWindow

  EnableMenuItem

  DrawTextW

  DrawIcon

  DestroyWindow

  DestroyIcon

  DeleteMenu

  DefWindowProcW

  CopyImage

  ClientToScreen

  CharLowerBuffW

  BeginPaint

  wvsprintfW

  WinHelpW

  SetWindowLongW

  SetPropW

  SendMessageW

  RemovePropW

  PostMessageW

  PeekMessageW

  MessageBoxW

  LoadStringW

  LoadImageW

  LoadIconW

  LoadCursorW

  GetWindowTextLengthW

  GetWindowLongW

  GetPropW

  GetClassLongW

  GetClassInfoW

  DrawTextW

  DispatchMessageW

  DefWindowProcW

  CallWindowProcW

  kernel32

  lstrcmpiA

  LoadLibraryA

  LocalFree

  LocalAlloc

  GetACP

  Sleep

  VirtualFree

  VirtualAlloc

  GetSystemInfo

  GetTickCount

  QueryPerformanceCounter

  GetVersion

  GetCurrentThreadId

  VirtualQuery

  WideCharToMultiByte

  MultiByteToWideChar

  lstrlenW

  lstrcpynW

  LoadLibraryExW

  IsValidLocale

  GetSystemDefaultUILanguage

  GetStartupInfoA

  GetProcAddress

  GetModuleHandleW

  GetModuleFileNameW

  GetUserDefaultUILanguage

  GetLocaleInfoW

  GetLastError

  GetCommandLineW

  FreeLibrary

  FindFirstFileW

  FindClose

  ExitProcess

  CompareStringW

  WriteFile

  UnhandledExceptionFilter

  RtlUnwind

  RaiseException

  GetStdHandle

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  CloseHandle

  TlsSetValue

  TlsGetValue

  LocalAlloc

  GetModuleHandleW

  lstrcpyW

  WriteFile

  WaitForSingleObject

  VirtualQuery

  UnmapViewOfFile

  TerminateThread

  TerminateProcess

  SizeofResource

  SetFileTime

  SetFilePointer

  SetErrorMode

  SetEndOfFile

  SetCurrentDirectoryW

  ResumeThread

  ReadFile

  OpenProcess

  MultiByteToWideChar

  MapViewOfFile

  LocalFileTimeToFileTime

  LoadResource

  GlobalUnlock

  GlobalLock

  GlobalFree

  GlobalAlloc

  GetVersionExW

  GetVersion

  GetProcAddress

  GetModuleHandleW

  GetLastError

  GetFullPathNameW

  GetFileSize

  GetExitCodeThread

  GetExitCodeProcess

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  FreeLibrary

  FindFirstFileExW

  DosDateTimeToFileTime

  DeleteFileW

  CreateThread

  CreateFileW

  CloseHandle

  SetFileAttributesW

  LoadLibraryW

  GetVersionExW

  GetTempPathW

  GetTempFileNameW

  GetModuleFileNameW

  GetFullPathNameW

  GetFileAttributesW

  GetDiskFreeSpaceExW

  GetCurrentDirectoryW

  GetCommandLineW

  FormatMessageW

  FindResourceW

  FindNextFileW

  DeleteFileW

  CreateFileMappingW

  CreateFileW

  CreateDirectoryW

  CompareStringW

  gdi32

  StretchDIBits

  StretchBlt

  SetWindowOrgEx

  SetTextColor

  SetRectRgn

  SetROP2

  SetBrushOrgEx

  SetBkMode

  SetBkColor

  SelectObject

  SaveDC

  RestoreDC

  OffsetRgn

  MoveToEx

  IntersectClipRect

  GetStockObject

  ExtSelectClipRgn

  DeleteObject

  DeleteDC

  CreateSolidBrush

  CreateRectRgn

  CreateDIBSection

  CreateCompatibleDC

  CreateCompatibleBitmap

  CreateBrushIndirect

  CombineRgn

  BitBlt

  GetTextExtentPoint32W

  GetObjectW

  CreateFontIndirectW

  shell32

  ShellExecuteExW

  SHGetPathFromIDListW

  SHBrowseForFolderW

  SHGetFileInfoW

  ShellExecuteW

  SHGetFolderLocation

  SHGetPathFromIDListW

  ole32

  CoTaskMemFree

  OleInitialize

  CoTaskMemFree

  comctl32

  ImageList_GetIcon

  InitCommonControls

  version

  VerQueryValueW

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  shfolder

  SHGetFolderPathW

  shlwapi

  PathCanonicalizeW

  Sections

  .text

  Size: 150KB - Virtual size: 149KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .itext

  Size: 512B - Virtual size: 512B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .bss

  Size: - Virtual size: 11KB

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: - Virtual size: 8B

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 41KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ