General

Malware Config

Signatures

Files

• 9496caff51ad6367e1dbcfbe6e046131dbc2da072d3e1207470b572b1239c393

  .exe windows x86

  366c2de353c42cd01e5523a0f2cac32b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetDateFormatW

  GetDateFormatA

  lstrcmpiW

  lstrcmpiA

  lstrcpyW

  GetProfileIntA

  GetSystemDirectoryA

  GetWindowsDirectoryW

  GetWindowsDirectoryA

  MultiByteToWideChar

  lstrlenA

  IsBadWritePtr

  GlobalUnlock

  LocalReAlloc

  GlobalHandle

  IsBadHugeReadPtr

  IsBadHugeWritePtr

  ResetEvent

  ReleaseMutex

  GetUserDefaultLCID

  GlobalLock

  SetEvent

  UnmapViewOfFile

  OpenFileMappingA

  GlobalMemoryStatus

  GetTimeZoneInformation

  GetThreadTimes

  GetProcessWorkingSetSize

  GetProcessTimes

  VirtualFree

  TlsSetValue

  SystemTimeToFileTime

  SetThreadPriority

  SetPriorityClass

  SetFileTime

  SetFileAttributesW

  SetFileAttributesA

  SetConsoleMode

  ReadConsoleA

  MoveFileA

  LocalFileTimeToFileTime

  IsDBCSLeadByte

  GetSystemTime

  GetStartupInfoA

  GetFullPathNameA

  GetFileAttributesW

  GetFileAttributesA

  GetDiskFreeSpaceA

  GetCurrentThread

  GetCurrentDirectoryA

  GetConsoleMode

  GetCPInfo

  FindNextFileW

  FindNextFileA

  FindFirstFileW

  FindFirstFileA

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  DeleteFileW

  DeleteFileA

  CreateDirectoryW

  CreateDirectoryA

  CompareStringW

  WriteConsoleW

  GetConsoleOutputCP

  lstrcpynW

  FlushFileBuffers

  SetStdHandle

  SetFilePointer

  HeapSize

  GetLocaleInfoA

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetFileType

  SetHandleCount

  ExitProcess

  GetConsoleCP

  VirtualAlloc

  HeapCreate

  RaiseException

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  LCMapStringA

  SetLastError

  TlsFree

  TlsAlloc

  TlsGetValue

  GetOEMCP

  GetACP

  InterlockedDecrement

  InterlockedIncrement

  GetProcessHeap

  HeapAlloc

  HeapFree

  RtlUnwind

  DeleteCriticalSection

  WideCharToMultiByte

  CreateFileA

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  WriteFile

  SetFilePointerEx

  ReadFile

  DeviceIoControl

  GetVersion

  GetModuleFileNameA

  LocalFree

  WaitForSingleObject

  CloseHandle

  GetModuleHandleA

  CreateProcessA

  GetCommandLineA

  GetExitCodeThread

  IsDebuggerPresent

  VirtualProtect

  GetSystemInfo

  GetLastError

  FreeLibrary

  SearchPathA

  SetConsoleCtrlHandler

  VirtualQuery

  GetVersionExA

  GetLocalTime

  InterlockedExchange

  Sleep

  InterlockedCompareExchange

  QueryPerformanceCounter

  UnhandledExceptionFilter

  CreateFileW

  lstrlenW

  GetModuleFileNameW

  IsBadStringPtrA

  IsBadStringPtrW

  lstrcmpA

  lstrcmpW

  CreateMutexA

  CreateMutexW

  GetTempPathA

  GetTempPathW

  ExpandEnvironmentStringsA

  ExpandEnvironmentStringsW

  GetTempFileNameA

  GetTempFileNameW

  CopyFileA

  CopyFileW

  FindFirstChangeNotificationA

  FindFirstChangeNotificationW

  GetDiskFreeSpaceW

  CreateEventA

  lstrcpyA

  CompareStringA

  GetVersionExW

  lstrcpynA

  FindNextChangeNotification

  FindCloseChangeNotification

  WriteConsoleA

  GetExitCodeProcess

  user32

  TranslateAcceleratorW

  TranslateAcceleratorA

  CallWindowProcW

  CallWindowProcA

  GetWindowTextW

  GetWindowTextA

  LoadIconA

  LoadMenuW

  LoadMenuA

  LoadAcceleratorsA

  RegisterClassExW

  SetCursorPos

  RegisterClipboardFormatW

  RegisterClipboardFormatA

  CharUpperW

  CharUpperBuffW

  GetClassInfoW

  GetClassInfoA

  GetMenuItemInfoW

  GetMenuItemInfoA

  SetWindowTextW

  SetWindowTextA

  CreateDialogParamW

  CreateDialogParamA

  SystemParametersInfoA

  LoadCursorW

  RegisterClassW

  RegisterClassA

  UnregisterClassW

  CreateWindowExW

  CreateWindowExA

  SetWindowLongA

  DefWindowProcW

  CharNextW

  LoadStringW

  LoadStringA

  GetClassInfoExW

  LoadImageA

  InsertMenuW

  ModifyMenuW

  ModifyMenuA

  DrawTextA

  SetDlgItemTextA

  CharNextA

  IsIconic

  SetClipboardData

  GetSysColor

  TrackPopupMenu

  SetCapture

  DrawMenuBar

  RemoveMenu

  CheckMenuItem

  GetLastActivePopup

  SetActiveWindow

  GetSystemMenu

  MapWindowPoints

  GetDlgCtrlID

  OffsetRect

  GetQueueStatus

  GetProcessWindowStation

  GetOpenClipboardWindow

  GetInputState

  GetFocus

  GetDesktopWindow

  GetClipboardViewer

  GetClipboardOwner

  GetCaretPos

  GetCapture

  GetActiveWindow

  wsprintfA

  OemToCharBuffA

  OemToCharA

  CharUpperA

  CharToOemBuffA

  CharToOemA

  CharLowerW

  CharLowerA

  GetDlgItemTextA

  GetDlgItemTextW

  SetMenuItemInfoA

  GetWindowTextLengthW

  GetMenuItemID

  EndDialog

  GetDlgItem

  EnableWindow

  EnumChildWindows

  GetParent

  GetClientRect

  SetCursor

  WinHelpA

  WinHelpW

  EnableMenuItem

  ShowWindow

  KillTimer

  ScreenToClient

  ReleaseDC

  GetDC

  UpdateWindow

  CheckRadioButton

  IsDlgButtonChecked

  BeginDeferWindowPos

  MoveWindow

  IsWindowVisible

  GetKeyState

  CheckMenuRadioItem

  GetSubMenu

  GetMenu

  GetWindowPlacement

  SetForegroundWindow

  ReleaseCapture

  InvalidateRect

  RedrawWindow

  GetCursorPos

  GetWindowRect

  advapi32

  RegQueryValueA

  RegCreateKeyA

  RegCreateKeyW

  RegQueryValueExW

  RegCreateKeyExA

  RegCreateKeyExW

  RegSetValueExA

  RegSetValueExW

  RegQueryInfoKeyW

  RegEnumValueW

  SetFileSecurityW

  RegEnumValueA

  SetFileSecurityA

  OpenProcessToken

  LookupPrivilegeValueA

  AdjustTokenPrivileges

  RegEnumKeyA

  RegQueryValueExA

  RegCloseKey

  RegOpenKeyExA

  GetUserNameW

  GetUserNameA

  RegDeleteKeyW

  RegSetValueW

  RegSetValueA

  RegEnumKeyExW

  RegEnumKeyExA

  RegDeleteValueW

  shell32

  DragQueryFileW

  ole32

  CoInitialize

  CLSIDFromString

  CreateBindCtx

  CoGetMalloc

  CoTaskMemFree

  CoTaskMemAlloc

  OleGetClipboard

  StringFromCLSID

  OleInitialize

  DoDragDrop

  OleFlushClipboard

  OleSetClipboard

  CoLockObjectExternal

  OleUninitialize

  msvcrt

  abort

  atoi

  clock

  fclose

  ferror

  fopen

  fprintf

  fread

  atol

  qsort

  vfprintf

  strtoul

  strncmp

  strlen

  strcpy

  strcmp

  strchr

  srand

  sprintf

  realloc

  memset

  memmove

  memcmp

  malloc

  isxdigit

  iscntrl

  free

  shlwapi

  StrCpyNW

  wnsprintfW

  StrCatBuffA

  StrCatBuffW

  wnsprintfA

  Sections

  .text

  Size: 134KB - Virtual size: 134KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 84KB - Virtual size: 84KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 75KB - Virtual size: 2.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ