General

Malware Config

Signatures

Files

• 99f0539fa46d95a1e59e3a21fc5f8b8c4eded28af12153129ed8aaa88c6aa37d

  .exe windows x86

  99b0b5c8ff694ee45e895f22d4a34caa

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_BIND

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetModuleFileNameA

  GetPrivateProfileSectionA

  CloseHandle

  lstrcpyW

  WriteConsoleW

  SetFilePointer

  FlushFileBuffers

  GetConsoleMode

  GetConsoleCP

  HeapReAlloc

  HeapSize

  GetStringTypeW

  MultiByteToWideChar

  LCMapStringW

  Sleep

  RtlUnwind

  LoadLibraryW

  GetSystemTimeAsFileTime

  GetTickCount

  QueryPerformanceCounter

  DeleteCriticalSection

  GetFileType

  InitializeCriticalSectionAndSpinCount

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetCurrentThreadId

  SetLastError

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  InterlockedDecrement

  InterlockedIncrement

  GetLocalTime

  GetPrivateProfileStringA

  GetThreadLocale

  GetLastError

  SetThreadLocale

  SetCurrentDirectoryA

  CreateFileW

  GetVolumePathNamesForVolumeNameW

  GetTimeFormatW

  GetDateFormatW

  HeapCreate

  CreateEventA

  GetDateFormatA

  GetProcessHeap

  GetCPInfo

  GetCurrentProcess

  TerminateProcess

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  LeaveCriticalSection

  GetTimeFormatA

  HeapFree

  HeapAlloc

  EnterCriticalSection

  EncodePointer

  GetLocaleInfoA

  GetCurrentProcessId

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  RaiseException

  IsProcessorFeaturePresent

  GetProcAddress

  GetModuleHandleW

  ExitProcess

  DecodePointer

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  SetStdHandle

  user32

  GetKeyboardLayoutNameA

  RegisterClassA

  CheckMenuItem

  GetKeyboardLayoutList

  SetWindowTextW

  LoadCursorA

  DestroyWindow

  GetWindowTextLengthW

  GetMessageA

  RegisterClassExA

  PostQuitMessage

  IsIconic

  SetForegroundWindow

  GetParent

  wsprintfA

  GetClientRect

  SetFocus

  GetDC

  IsDialogMessageA

  TranslateMessage

  SetDlgItemInt

  GetMenu

  GetWindowPlacement

  MessageBoxA

  GetWindowTextW

  CreateWindowExA

  ReleaseDC

  DefWindowProcA

  GetCursorPos

  ShowWindow

  CreateWindowExW

  DispatchMessageA

  LoadImageA

  SendMessageW

  MapWindowPoints

  UpdateWindow

  FindWindowA

  gdi32

  GetSystemPaletteEntries

  CreatePalette

  ole32

  StgCreatePropSetStg

  CoTaskMemAlloc

  StgCreateDocfile

  OleInitialize

  avifil32

  AVIFileOpenA

  AVIFileInit

  winmm

  mciSendCommandA

  iphlpapi

  IcmpCloseHandle

  IcmpCreateFile

  Sections

  .text

  Size: 44KB - Virtual size: 44KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 31KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 20KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ