General

Malware Config

Signatures

Files

• 6390c6ca1c4a3a2e395e963534eec27f278cedfdb2df61717164d7cacd058b25

  .exe windows x86

  7034575ac785b50a37feff8dd4323210

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  version

  GetFileVersionInfoSizeA

  GetFileVersionInfoA

  VerQueryValueA

  GetFileVersionInfoSizeW

  GetFileVersionInfoW

  VerQueryValueW

  dsound

  ord11

  ord1

  ddraw

  DirectDrawCreateEx

  kernel32

  lstrcmpiW

  FlushFileBuffers

  LockFile

  UnlockFile

  SetEndOfFile

  CompareStringA

  EnumResourceLanguagesW

  ConvertDefaultLocale

  GetFileTime

  FindResourceExW

  TlsGetValue

  GlobalReAlloc

  GlobalHandle

  TlsAlloc

  TlsSetValue

  LocalReAlloc

  TlsFree

  GlobalFlags

  SetErrorMode

  GetStartupInfoW

  GetStringTypeExW

  HeapFree

  HeapAlloc

  GetSystemTimeAsFileTime

  ExitThread

  ExitProcess

  UnhandledExceptionFilter

  HeapReAlloc

  HeapSize

  GetFileAttributesA

  GetFileType

  SetStdHandle

  GetStdHandle

  GetCommandLineW

  SetHandleCount

  GetStartupInfoA

  HeapCreate

  HeapDestroy

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  LCMapStringW

  GetConsoleCP

  GetConsoleMode

  GetTimeZoneInformation

  GetTimeFormatA

  GetDateFormatA

  GetStringTypeA

  GetStringTypeW

  LCMapStringA

  InitializeCriticalSectionAndSpinCount

  EnumSystemLocalesA

  IsValidLocale

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  GetProcessHeap

  SetEnvironmentVariableA

  LocalAlloc

  GetProfileIntW

  GetThreadLocale

  lstrcmpA

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetPrivateProfileIntW

  GlobalFindAtomW

  CompareStringW

  GetVersionExA

  FreeResource

  GlobalSize

  CreateSemaphoreA

  GetFileSizeEx

  SetFilePointerEx

  DebugBreak

  GetTempFileNameW

  IsDBCSLeadByteEx

  RaiseException

  GetVolumeInformationW

  GetThreadPriority

  CreateSemaphoreW

  VirtualFree

  ReleaseSemaphore

  lstrcmpW

  GetModuleHandleA

  GetSystemDirectoryA

  CreateMutexA

  ReleaseMutex

  GetModuleFileNameA

  LoadLibraryA

  SuspendThread

  OutputDebugStringA

  GetThreadContext

  SetThreadContext

  FlushInstructionCache

  ResumeThread

  InterlockedCompareExchange

  VirtualAlloc

  VirtualQuery

  GetTempPathA

  GetTempFileNameA

  DeleteFileA

  CreatePipe

  DuplicateHandle

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  CreateProcessW

  TerminateProcess

  GlobalGetAtomNameW

  GlobalAddAtomW

  GlobalDeleteAtom

  GetWindowsDirectoryW

  CopyFileW

  GetACP

  GetFileAttributesW

  GetDateFormatW

  GetTimeFormatW

  DeleteFileW

  GetFileAttributesExW

  DeviceIoControl

  CreateFileA

  IsDebuggerPresent

  GetCurrentThread

  CreateDirectoryW

  GetSystemInfo

  GetFullPathNameW

  GetVersionExW

  QueryPerformanceFrequency

  QueryPerformanceCounter

  GetTempPathW

  ReadProcessMemory

  CreateMutexW

  SetUnhandledExceptionFilter

  WriteProcessMemory

  GetCurrentDirectoryW

  GetDriveTypeW

  OpenProcess

  SetPriorityClass

  GetDiskFreeSpaceExW

  FindNextFileW

  FindClose

  GetLocaleInfoW

  GetLocaleInfoA

  FindFirstFileW

  GlobalAlloc

  GlobalLock

  lstrcpyW

  CreateFileMappingW

  MapViewOfFile

  UnmapViewOfFile

  SetSystemPowerState

  SetThreadExecutionState

  GetCurrentProcess

  GlobalUnlock

  GlobalFree

  GetTickCount

  GetVersion

  VirtualProtect

  WriteFile

  GetModuleFileNameW

  GetUserDefaultLangID

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  CreateFileW

  GetFileSize

  SetFilePointer

  ReadFile

  GetCurrentProcessId

  ResetEvent

  InterlockedDecrement

  InterlockedIncrement

  GetCurrentThreadId

  FreeLibrary

  CreateEventW

  CreateThread

  SetThreadPriority

  WaitForMultipleObjects

  Sleep

  IsBadReadPtr

  IsBadWritePtr

  SetEvent

  CloseHandle

  WaitForSingleObject

  TerminateThread

  lstrlenA

  MultiByteToWideChar

  MulDiv

  GetLastError

  SetLastError

  GetProcAddress

  GetModuleHandleW

  LoadLibraryW

  WideCharToMultiByte

  GetUserDefaultLCID

  lstrlenW

  DeleteCriticalSection

  InitializeCriticalSection

  InterlockedExchange

  EnterCriticalSection

  LeaveCriticalSection

  GetPrivateProfileSectionW

  FormatMessageW

  LocalFree

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  RtlUnwind

  user32

  CheckRadioButton

  CheckDlgButton

  SetMenuItemBitmaps

  GetMenuCheckMarkDimensions

  CheckMenuItem

  SendDlgItemMessageW

  SendDlgItemMessageA

  WinHelpW

  SetWindowsHookExW

  SetPropW

  GetPropW

  RemovePropW

  SetFocus

  GetWindowTextLengthW

  GetWindowTextW

  GetLastActivePopup

  TrackPopupMenu

  GetScrollPos

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  SystemParametersInfoA

  GetWindowPlacement

  UnhookWindowsHookEx

  CreateDialogIndirectParamW

  DestroyWindow

  IsWindowEnabled

  GetNextDlgTabItem

  EndDialog

  GetMenuState

  GetMenuStringW

  GetMenu

  GetIconInfo

  GetDCEx

  SetWindowRgn

  AdjustWindowRectEx

  BeginDeferWindowPos

  DeferWindowPos

  EndDeferWindowPos

  GetClassLongW

  GetWindowRgn

  GetScrollInfo

  GetTopWindow

  EnumWindows

  GetClassNameW

  DrawTextExW

  InvertRect

  CharLowerBuffW

  GetQueueStatus

  MsgWaitForMultipleObjects

  PeekMessageW

  wsprintfA

  GetMessageW

  CopyIcon

  GetMessageTime

  EnumDisplayDevicesW

  wsprintfW

  GetCapture

  EqualRect

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  OpenClipboard

  SetActiveWindow

  GetDlgCtrlID

  TranslateMessage

  GetDlgItemTextW

  IntersectRect

  DefWindowProcW

  IsIconic

  ShowWindow

  CreateAcceleratorTableW

  DestroyAcceleratorTable

  ChangeDisplaySettingsExW

  EnumDisplaySettingsW

  UnregisterHotKey

  GetRawInputDeviceList

  GetRawInputDeviceInfoW

  RegisterRawInputDevices

  RegisterHotKey

  SetClassLongW

  GetRawInputData

  GetWindowModuleFileNameW

  GetWindowThreadProcessId

  EnumDisplayMonitors

  GetKeyState

  SystemParametersInfoW

  DestroyIcon

  CreateWindowExW

  MoveWindow

  SetWindowPos

  SetWindowLongW

  FindWindowExW

  SetMenu

  IsMenu

  GetAsyncKeyState

  GetWindowLongW

  GetCursorPos

  GetMenuItemRect

  CallWindowProcW

  PostQuitMessage

  FindWindowW

  GetMenuBarInfo

  ExitWindowsEx

  RegisterClipboardFormatW

  PostThreadMessageW

  GetForegroundWindow

  SetForegroundWindow

  IsChild

  GetActiveWindow

  ReleaseDC

  GetDC

  LoadMenuW

  RemoveMenu

  ModifyMenuW

  InsertMenuW

  GetSubMenu

  SetMenuItemInfoW

  GetMenuItemInfoW

  GetMenuItemID

  GetMenuItemCount

  EnableMenuItem

  DeleteMenu

  RegisterWindowMessageW

  RedrawWindow

  GetFocus

  GetSysColorBrush

  ReleaseCapture

  FillRect

  FrameRect

  GetSysColor

  WindowFromPoint

  GetDesktopWindow

  SetCapture

  KillTimer

  UpdateWindow

  IsDlgButtonChecked

  IsDialogMessageW

  SetWindowTextW

  TabbedTextOutW

  DrawTextW

  GrayStringW

  GetNextDlgGroupItem

  LockWindowUpdate

  InvalidateRgn

  CopyAcceleratorTableW

  UnregisterClassW

  DrawFocusRect

  ClientToScreen

  GetMonitorInfoW

  OffsetRect

  SetRectEmpty

  SetWindowContextHelpId

  ShowOwnedPopups

  SetParent

  GetSystemMenu

  WaitMessage

  IsClipboardFormatAvailable

  UnpackDDElParam

  ReuseDDElParam

  LoadAcceleratorsW

  InsertMenuItemW

  BringWindowToTop

  TranslateAcceleratorW

  CharUpperW

  CharNextW

  DestroyMenu

  MapDialogRect

  ValidateRect

  EndPaint

  BeginPaint

  DispatchMessageW

  GetWindowDC

  MonitorFromWindow

  CopyRect

  MessageBeep

  GetMessagePos

  LoadIconW

  SetTimer

  ScreenToClient

  AppendMenuW

  CreatePopupMenu

  LoadBitmapW

  GetDlgItem

  UnionRect

  SetRect

  IsRectEmpty

  LoadImageW

  GetSystemMetrics

  SetCursor

  GetParent

  InvalidateRect

  GetWindowRect

  InflateRect

  PtInRect

  PostMessageW

  IsWindowVisible

  MapWindowPoints

  GetClientRect

  GetWindow

  IsWindow

  LoadCursorW

  SendMessageW

  EnableWindow

  MessageBoxW

  ChangeDisplaySettingsExA

  CallNextHookEx

  gdi32

  GetViewportExtEx

  AddFontResourceW

  GetWindowExtEx

  PtVisible

  RectVisible

  Escape

  SetStretchBltMode

  SetWindowExtEx

  ScaleWindowExtEx

  GetBkColor

  GetCharWidthW

  GetRgnBox

  GetTextMetricsW

  TranslateCharsetInfo

  Rectangle

  CreateSolidBrush

  RestoreDC

  SaveDC

  DPtoLP

  CreatePatternBrush

  GetMapMode

  GetClipBox

  CopyMetaFileW

  PatBlt

  GetPixel

  CreatePolygonRgn

  FillRgn

  OffsetRgn

  SetRectRgn

  GdiFlush

  MoveToEx

  LineTo

  SelectClipRgn

  OffsetViewportOrgEx

  GetKerningPairsW

  CloseFigure

  EndPath

  GetPath

  AbortPath

  IntersectClipRect

  ExcludeClipRect

  EnumFontFamiliesExW

  GetObjectW

  DeleteObject

  StretchBlt

  SetDIBColorTable

  SelectObject

  DeleteDC

  ScaleViewportExtEx

  CreateCompatibleDC

  EqualRgn

  CombineRgn

  EnumFontFamiliesW

  GetTextColor

  StretchDIBits

  GetDIBits

  GetStockObject

  ExtSelectClipRgn

  SetPixel

  CreateRectRgnIndirect

  SetViewportOrgEx

  SetViewportExtEx

  CreateDCW

  CreateFontIndirectW

  SetBkMode

  BitBlt

  CreateCompatibleBitmap

  CreatePen

  CreateBitmap

  GetCurrentObject

  TextOutW

  CreateRectRgn

  GetRegionData

  SetMapMode

  SetTextColor

  SetBkColor

  GetTextExtentPoint32W

  ExtTextOutW

  GetDeviceCaps

  CreateFontW

  CreateDIBSection

  BeginPath

  comdlg32

  GetFileTitleW

  winspool.drv

  OpenPrinterW

  DocumentPropertiesW

  ClosePrinter

  advapi32

  RegOpenKeyW

  RegEnumValueW

  RegOpenKeyExW

  RegEnumKeyW

  OpenProcessToken

  RegQueryValueExW

  RegEnumKeyExW

  RegCreateKeyExA

  RegCreateKeyExW

  RegDeleteKeyA

  RegDeleteKeyW

  RegDeleteValueA

  RegDeleteValueW

  LookupPrivilegeValueW

  AdjustTokenPrivileges

  RegSetValueA

  RegSetValueW

  RegQueryValueW

  RegQueryValueA

  RegCloseKey

  RegOpenKeyA

  RegCreateKeyW

  RegCreateKeyA

  RegFlushKey

  RegSetValueExW

  RegSetValueExA

  RegQueryValueExA

  RegQueryInfoKeyW

  RegQueryInfoKeyA

  RegOpenKeyExA

  RegEnumValueA

  RegEnumKeyExA

  shell32

  ShellExecuteW

  Shell_NotifyIconW

  SHAddToRecentDocs

  SHGetPathFromIDListW

  SHBrowseForFolderW

  DragFinish

  DragAcceptFiles

  ShellExecuteExW

  ExtractIconExW

  SHChangeNotify

  ord680

  ExtractIconW

  DragQueryFileW

  comctl32

  ImageList_Add

  ImageList_Destroy

  ImageList_Create

  shlwapi

  PathAddExtensionW

  PathAddBackslashW

  PathFileExistsW

  PathCombineW

  PathRenameExtensionW

  PathRemoveExtensionW

  PathFindExtensionW

  PathMakePrettyW

  PathRemoveFileSpecW

  PathSkipRootW

  PathStripToRootW

  PathCompactPathW

  PathAppendW

  PathIsDirectoryW

  PathRelativePathToW

  PathCanonicalizeW

  PathAddBackslashA

  PathRemoveFileSpecA

  UrlUnescapeW

  PathIsUNCW

  PathStripPathW

  PathFindFileNameW

  oledlg

  OleUIBusyW

  ole32

  CoTaskMemFree

  CoCreateInstance

  StringFromGUID2

  CLSIDFromString

  MkParseDisplayName

  CreateBindCtx

  CreateItemMoniker

  GetRunningObjectTable

  CoTaskMemAlloc

  CoInitialize

  CoUninitialize

  CreateStreamOnHGlobal

  OleSaveToStream

  OleLoadFromStream

  OleInitialize

  OleUninitialize

  CoFreeUnusedLibraries

  CoFreeLibrary

  StringFromCLSID

  CoLoadLibrary

  CreateILockBytesOnHGlobal

  ReleaseStgMedium

  OleDuplicateData

  CoInitializeEx

  RegisterDragDrop

  CoLockObjectExternal

  RevokeDragDrop

  OleGetClipboard

  CLSIDFromProgID

  CoGetClassObject

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CoRegisterMessageFilter

  OleFlushClipboard

  OleIsCurrentClipboard

  CoRevokeClassObject

  oleaut32

  SysAllocStringByteLen

  SafeArrayDestroy

  VariantCopy

  SysStringLen

  OleCreateFontIndirect

  VarBstrCmp

  SysAllocStringLen

  SystemTimeToVariantTime

  VariantTimeToSystemTime

  OleCreatePropertyFrame

  SysStringByteLen

  SafeArrayAccessData

  SafeArrayUnaccessData

  SysAllocString

  VariantChangeType

  VariantClear

  VariantInit

  SysFreeString

  ws2_32

  WSACleanup

  WSAGetLastError

  listen

  closesocket

  recvfrom

  bind

  setsockopt

  socket

  inet_addr

  htons

  htonl

  WSAStartup

  recv

  send

  WSAAsyncSelect

  sendto

  connect

  WSASetLastError

  getpeername

  getsockname

  select

  accept

  gethostbyname

  inet_ntoa

  ntohs

  winmm

  timeKillEvent

  timeSetEvent

  waveOutGetVolume

  waveOutSetVolume

  mixerSetControlDetails

  timeGetTime

  timeGetDevCaps

  timeBeginPeriod

  timeEndPeriod

  wininet

  InternetOpenUrlW

  InternetReadFile

  InternetWriteFile

  InternetSetFilePointer

  InternetSetStatusCallbackW

  InternetOpenW

  InternetGetLastResponseInfoW

  InternetCloseHandle

  InternetQueryDataAvailable

  InternetQueryOptionW

  InternetCanonicalizeUrlW

  InternetCrackUrlW

  Sections

  .text

  Size: 4.9MB - Virtual size: 4.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  _TEXT64

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .text.un

  Size: 40KB - Virtual size: 39KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1.3MB - Virtual size: 1.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 236KB - Virtual size: 2.7MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rodata

  Size: 512B - Virtual size: 144B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 474KB - Virtual size: 476KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 311KB - Virtual size: 310KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ