General

Malware Config

Signatures

Files

• b079a64137c6696c5ffb96a2b19d337772d9a7e304efa8e50d3093bdac20f7cd

  .exe windows x86

  ef8870db532db93a414652b50ba5d545

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  UpdateWindow

  ShowWindow

  PostQuitMessage

  GetMessageA

  DispatchMessageA

  TranslateMessage

  CreateWindowExA

  RegisterClassExA

  DefWindowProcA

  LoadCursorA

  SetFocus

  kernel32

  GetModuleHandleA

  GetProcAddress

  VirtualAlloc

  HeapAlloc

  HeapFree

  WriteFile

  RtlUnwind

  VirtualFree

  HeapCreate

  GetFileType

  GetStdHandle

  SetHandleCount

  GetTempPathA

  CreateDirectoryA

  GetDateFormatA

  GetTimeFormatA

  SetLastError

  GetTimeZoneInformation

  GetLocalTime

  GetSystemInfo

  GetVersionExW

  lstrcpynA

  HeapDestroy

  GetACP

  lstrcatA

  lstrlenA

  CloseHandle

  DeleteFileA

  FindNextFileA

  FindClose

  FindFirstFileA

  LoadLibraryA

  lstrcpyA

  GetStartupInfoA

  GetCommandLineA

  GetVersion

  ExitProcess

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  GetModuleFileNameA

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  WideCharToMultiByte

  GetCPInfo

  GetOEMCP

  Sections

  .text

  Size: 272KB - Virtual size: 271KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 27KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 424B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ