General

Malware Config

Signatures

Files

• a9568c664952a6ab384fc9901fdb9fb9b12a2bcdaf5327fed154a56bc96623f9

  .exe windows x86

  e5ff27e1e30fc8301ed835faf60a31ce

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetStdHandle

  HeapSize

  LCMapStringW

  RtlUnwind

  FlushFileBuffers

  LoadLibraryW

  HeapReAlloc

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  QueryPerformanceCounter

  HeapCreate

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetModuleFileNameA

  GetModuleFileNameW

  GetStringTypeW

  IsValidLocale

  EnumSystemLocalesA

  WriteConsoleW

  GetLocaleInfoW

  GetUserDefaultLCID

  GetOEMCP

  GetACP

  GetCurrentThreadId

  SetLastError

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  ExitProcess

  GetModuleHandleW

  GetProcAddress

  Sleep

  DeleteCriticalSection

  GetFileType

  InitializeCriticalSectionAndSpinCount

  GetStdHandle

  ReadFile

  lstrcpyA

  DeleteFileA

  GlobalReAlloc

  LocalFree

  CloseHandle

  _lread

  GetSystemInfo

  LockResource

  SetConsoleOutputCP

  LocalAlloc

  CreateFileA

  GlobalFree

  IsValidCodePage

  CreateConsoleScreenBuffer

  GetLastError

  GetConsoleOutputCP

  GlobalUnlock

  SetConsoleTitleA

  MultiByteToWideChar

  lstrcatA

  GetFileAttributesW

  GlobalAlloc

  WriteFile

  FormatMessageA

  GetProcessHeap

  GetTickCount

  GlobalLock

  HeapFree

  GetCurrentProcess

  _lwrite

  SetHandleCount

  TerminateProcess

  DecodePointer

  HeapAlloc

  LoadResource

  EncodePointer

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  GetCPInfo

  lstrlenA

  FindResourceA

  GetLocaleInfoA

  UnhandledExceptionFilter

  IsProcessorFeaturePresent

  EnterCriticalSection

  LeaveCriticalSection

  InterlockedDecrement

  InterlockedIncrement

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  RaiseException

  CreateFileW

  user32

  OemToCharBuffA

  CharToOemA

  LoadCursorA

  EndPaint

  DestroyWindow

  GetMessageA

  CloseClipboard

  GetClassNameA

  GetWindowRect

  IsMenu

  CharNextW

  FillRect

  GetTopWindow

  KillTimer

  DrawTextA

  GetSubMenu

  LoadBitmapA

  IsClipboardFormatAvailable

  GetParent

  IsWindowEnabled

  DrawIcon

  GetClientRect

  SendMessageA

  BeginPaint

  GetDC

  TranslateMessage

  GetMenu

  SetRect

  MessageBoxA

  GetClipboardData

  CreateWindowExA

  ReleaseDC

  EndDialog

  GetSysColorBrush

  CreateDialogParamW

  DispatchMessageA

  OpenClipboard

  IsWindowVisible

  InsertMenuA

  gdi32

  MoveToEx

  EndPage

  RemoveFontResourceA

  GetEnhMetaFileW

  FrameRgn

  LineTo

  DeleteEnhMetaFile

  StartPage

  DeleteDC

  CreateFontA

  GetDeviceCaps

  StretchBlt

  GetDIBits

  DeleteObject

  SelectObject

  SelectClipRgn

  CreateCompatibleDC

  PlayEnhMetaFile

  Rectangle

  StartDocA

  FillRgn

  CreatePen

  GetObjectA

  EndDoc

  CloseEnhMetaFile

  CreateEnhMetaFileW

  CreateSolidBrush

  CreateRectRgnIndirect

  winspool.drv

  AddPrinterDriverA

  GetPrinterDriverDirectoryA

  comdlg32

  PageSetupDlgA

  shlwapi

  StrChrW

  StrCpyNW

  comctl32

  CreateToolbarEx

  ord17

  ImageList_Draw

  dbghelp

  EnumerateLoadedModules

  Sections

  .text

  Size: 69KB - Virtual size: 69KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 29KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 15KB - Virtual size: 23KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 58KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ