General

Malware Config

Signatures

Files

• 5f1d37b75551900fb6f85e02799bbf3fc7db56ff543f1c0d270ee9f1500ab544

  .exe windows x86

  76377352f141835e847baf0e5c709089

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FileTimeToSystemTime

  GetStdHandle

  GetDriveTypeA

  WriteConsoleW

  lstrcmpW

  GetCurrentProcess

  GetModuleFileNameW

  LoadLibraryW

  GetLocaleInfoW

  GetLocalTime

  GetEnvironmentStrings

  IsBadReadPtr

  GetProfileIntA

  CreateFileA

  SetHandleCount

  SetConsoleOutputCP

  CreateFileW

  ContinueDebugEvent

  GetNumberFormatW

  CreateMutexA

  WriteFile

  VirtualFree

  LocalUnlock

  GlobalDeleteAtom

  DebugBreak

  GetEnvironmentStringsW

  GetPriorityClass

  GetLogicalDrives

  CloseHandle

  ExpandEnvironmentStringsA

  GetAtomNameA

  LCMapStringA

  TerminateThread

  GetModuleHandleA

  GetSystemTimeAsFileTime

  lstrcmp

  GetSystemDirectoryW

  FreeLibrary

  SetConsoleCursorInfo

  ReadConsoleOutputAttribute

  EnumSystemLocalesA

  LoadLibraryA

  GetTickCount

  GetStartupInfoA

  LocalFileTimeToFileTime

  EnumResourceTypesA

  lstrlenA

  GetCommandLineA

  GetConsoleOutputCP

  SetWaitableTimer

  GetFileAttributesExA

  UnhandledExceptionFilter

  ReadFile

  EnterCriticalSection

  RaiseException

  SetEnvironmentVariableA

  GetTimeFormatA

  LocalLock

  Sleep

  HeapSize

  LockFile

  GetConsoleMode

  FreeEnvironmentStringsA

  CreateNamedPipeA

  OutputDebugStringW

  HeapValidate

  TerminateProcess

  OutputDebugStringA

  FoldStringW

  TlsAlloc

  CreateDirectoryExW

  HeapAlloc

  GetCPInfo

  FlushFileBuffers

  VirtualQuery

  TlsFree

  GetStringTypeA

  WaitNamedPipeW

  IsValidLocale

  TlsGetValue

  GetExitCodeProcess

  GetDateFormatA

  GetCurrentProcessId

  OpenMutexA

  HeapReAlloc

  EnumCalendarInfoA

  GetCalendarInfoW

  GetLastError

  SetThreadLocale

  SetCurrentDirectoryA

  InterlockedIncrement

  CreateDirectoryA

  GetPrivateProfileStructA

  GetThreadPriority

  DosDateTimeToFileTime

  GetEnvironmentVariableA

  GetEnvironmentStringsA

  GetUserDefaultLCID

  CreateThread

  GetVersionExW

  SystemTimeToFileTime

  SetConsoleCtrlHandler

  GetCurrentThreadId

  WideCharToMultiByte

  WriteConsoleA

  RtlUnwind

  IsDebuggerPresent

  GetStringTypeW

  GetLocaleInfoA

  GetCurrentThread

  QueryPerformanceCounter

  IsValidCodePage

  SetFilePointer

  SetStdHandle

  LCMapStringW

  SetConsoleTextAttribute

  HeapDestroy

  GetProfileSectionA

  FlushInstructionCache

  SetConsoleCP

  WritePrivateProfileSectionA

  VirtualQueryEx

  GetModuleFileNameA

  EnumDateFormatsW

  lstrcat

  GetFileSize

  SetCriticalSectionSpinCount

  GetFileType

  CreateMailslotA

  GetModuleHandleW

  GetProcessHeap

  CompareStringA

  InitializeCriticalSectionAndSpinCount

  GetACP

  GetOEMCP

  SetLocaleInfoA

  MultiByteToWideChar

  GetProcessHeaps

  GetTimeZoneInformation

  GetPrivateProfileSectionNamesW

  SetUnhandledExceptionFilter

  GetCurrentDirectoryA

  CreateDirectoryExA

  ExitProcess

  TlsSetValue

  LeaveCriticalSection

  OpenSemaphoreW

  DeleteCriticalSection

  SetEnvironmentVariableW

  HeapCreate

  GetThreadPriorityBoost

  VirtualAlloc

  CreateSemaphoreW

  SetLastError

  InterlockedDecrement

  GetConsoleCP

  InterlockedExchange

  WaitForSingleObjectEx

  CompareStringW

  GetProcAddress

  lstrcpyn

  FreeEnvironmentStringsW

  FreeLibraryAndExitThread

  HeapFree

  wininet

  InternetCombineUrlW

  FindNextUrlCacheEntryA

  InternetReadFileExA

  ResumeSuspendedDownload

  CreateUrlCacheContainerW

  InternetConfirmZoneCrossingA

  FtpCommandW

  comctl32

  InitMUILanguage

  ImageList_LoadImageA

  CreateToolbarEx

  ImageList_Read

  ImageList_Draw

  InitCommonControlsEx

  ImageList_DragShowNolock

  ImageList_GetImageInfo

  ImageList_DragMove

  DestroyPropertySheetPage

  ImageList_EndDrag

  ImageList_DrawIndirect

  _TrackMouseEvent

  CreatePropertySheetPageW

  CreateStatusWindowW

  ImageList_SetBkColor

  ImageList_DrawEx

  ImageList_Merge

  ImageList_Remove

  ImageList_SetFilter

  ImageList_LoadImageW

  DrawStatusText

  ImageList_Copy

  ImageList_BeginDrag

  ImageList_GetIconSize

  user32

  ShowScrollBar

  CreateDialogIndirectParamW

  SendMessageTimeoutA

  DeferWindowPos

  ModifyMenuW

  UnhookWindowsHookEx

  GetCursor

  IsRectEmpty

  DdeQueryStringA

  GetQueueStatus

  RealGetWindowClass

  DdeUnaccessData

  DragObject

  SetClassLongW

  DdeCreateDataHandle

  RegisterClassExA

  CreateIcon

  ShowCursor

  LoadImageA

  DdeClientTransaction

  RegisterClassA

  LookupIconIdFromDirectory

  SetWindowPos

  SetCapture

  GetClipboardFormatNameW

  CallMsgFilterW

  OemKeyScan

  EndTask

  VkKeyScanA

  TrackPopupMenuEx

  RegisterClipboardFormatA

  advapi32

  CryptSetProviderW

  LookupAccountNameA

  RegQueryValueA

  RegOpenKeyExW

  RegCloseKey

  InitiateSystemShutdownW

  CryptVerifySignatureA

  RegCreateKeyExA

  InitiateSystemShutdownA

  LookupAccountSidW

  RegCreateKeyExW

  RegEnumValueA

  CryptHashData

  CryptExportKey

  CryptDuplicateHash

  ReportEventW

  CryptGenRandom

  CryptHashSessionKey

  LookupSecurityDescriptorPartsW

  LogonUserW

  RegSaveKeyW

  CryptSetProviderExW

  CryptGetKeyParam

  CryptGetProvParam

  Sections

  .text

  Size: 323KB - Virtual size: 323KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 438KB - Virtual size: 438KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 138KB - Virtual size: 147KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 72KB - Virtual size: 72KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ