General

Malware Config

Signatures

Files

• b54b34023266416a2ec62b99c563873765fdb2adf1a97256898f90a9300b8438

  .zip
• ᰮƽIPȡ [߳X800] Byݱ缼.exe

  .exe windows x86

  1b3002133c0da64cf036712645125049

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetStdHandle

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  ModifyMenuA

  gdi32

  CreateDIBitmap

  winmm

  midiStreamOpen

  winspool.drv

  ClosePrinter

  advapi32

  RegCreateKeyExA

  shell32

  Shell_NotifyIconA

  ole32

  OleInitialize

  oleaut32

  SafeArrayGetDim

  comctl32

  ImageList_Destroy

  ws2_32

  getpeername

  comdlg32

  ChooseFontA

  Sections

  .text

  Size: - Virtual size: 615KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 232KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 195KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 36KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .vmp0

  Size: - Virtual size: 325KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  .vmp1

  Size: 840KB - Virtual size: 838KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE