General

Malware Config

Signatures

Files

• 5e8c7199c89c55f1bfa047ba47a6125a81b557a4009e742bd7f5508851b543eb

  .exe windows x86

  5453817223b5751021f43aa4f2ade8ce

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  setupapi

  SetupDiCallClassInstaller

  SetupDiGetClassDevsW

  CM_Get_DevNode_Status

  SetupDiGetDeviceRegistryPropertyW

  SetupDiEnumDeviceInfo

  CM_Reenumerate_DevNode

  SetupDiGetDeviceInstallParamsW

  CM_Locate_DevNode_ExW

  SetupDiDestroyDeviceInfoList

  SetupDiSetDeviceRegistryPropertyW

  SetupDiGetDeviceInterfaceDetailW

  SetupDiEnumDeviceInterfaces

  SetupDiSetClassInstallParamsW

  kernel32

  FreeEnvironmentStringsA

  GetModuleFileNameW

  LCMapStringW

  CreateEventW

  CreateFileW

  CreateThread

  SetThreadPriority

  CancelIo

  DisconnectNamedPipe

  ReleaseMutex

  SetEvent

  WaitForSingleObject

  ReadFile

  TerminateThread

  GetLastError

  CloseHandle

  HeapFree

  WaitForMultipleObjects

  GetCurrentThreadId

  HeapSize

  lstrlenW

  ResetEvent

  ExitThread

  GetOverlappedResult

  HeapValidate

  WriteFile

  PeekNamedPipe

  GetProcessHeap

  GetEnvironmentStrings

  HeapAlloc

  IsBadCodePtr

  GetTickCount

  CreateMutexW

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  Sleep

  DeviceIoControl

  MultiByteToWideChar

  WideCharToMultiByte

  GetVersionExW

  CreateFileA

  SetEndOfFile

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  GetStringTypeW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineA

  GetCommandLineW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  ConnectNamedPipe

  GetStringTypeA

  FlushFileBuffers

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  LCMapStringA

  IsValidCodePage

  GetOEMCP

  GetCPInfo

  GetStartupInfoA

  GetFileType

  SetHandleCount

  SetFilePointer

  HeapReAlloc

  VirtualAlloc

  InterlockedExchange

  GetACP

  GetLocaleInfoA

  GetThreadLocale

  GetVersionExA

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetStartupInfoW

  RaiseException

  RtlUnwind

  GetModuleHandleA

  GetProcAddress

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  SetLastError

  InterlockedDecrement

  ExitProcess

  GetStdHandle

  GetModuleFileNameA

  HeapDestroy

  HeapCreate

  VirtualFree

  LoadLibraryA

  user32

  UnregisterClassW

  UpdateWindow

  ShowWindow

  CharUpperBuffW

  UnregisterDeviceNotification

  RegisterDeviceNotificationW

  PostMessageW

  CreateWindowExW

  RegisterClassExW

  DispatchMessageW

  GetMessageW

  PostQuitMessage

  DefWindowProcW

  advapi32

  RegSetValueExW

  RegEnumKeyW

  RegQueryInfoKeyW

  RegDeleteValueW

  RegQueryValueExW

  RegOpenKeyExW

  RegCreateKeyExW

  RegCloseKey

  SetSecurityDescriptorDacl

  InitializeSecurityDescriptor

  shell32

  SHGetSpecialFolderPathW

  ole32

  CoTaskMemFree

  CLSIDFromString

  StringFromCLSID

  CoTaskMemAlloc

  oleaut32

  VarBstrCat

  SysAllocStringByteLen

  SysStringByteLen

  VarBstrCmp

  SysAllocStringLen

  SysStringLen

  SysFreeString

  SysAllocString

  Sections

  .text

  Size: 115KB - Virtual size: 114KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 30KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 58KB - Virtual size: 58KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ