General

Malware Config

Signatures

Files

• fe1acbb4451f2821303b9601d01a4780fbce60e6aae315161b9969db18e7181f

  .exe windows x86

  6b88141f65c0f2b93d0d8f8b181ec174

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVersionExA

  GetVersion

  VirtualQuery

  LocalAlloc

  LocalFree

  GetModuleFileNameW

  GetProcessAffinityMask

  SetProcessAffinityMask

  SetThreadAffinityMask

  Sleep

  ExitProcess

  FreeLibrary

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  user32

  TabbedTextOutA

  GetProcessWindowStation

  GetProcessWindowStation

  GetUserObjectInformationW

  gdi32

  SetTextColor

  winmm

  midiStreamRestart

  winspool.drv

  ClosePrinter

  advapi32

  RegEnumValueA

  shell32

  Shell_NotifyIconA

  ole32

  CLSIDFromProgID

  oleaut32

  UnRegisterTypeLi

  comctl32

  ImageList_Destroy

  ws2_32

  ntohl

  comdlg32

  ChooseColorA

  wtsapi32

  WTSSendMessageW

  Sections

  .text

  Size: - Virtual size: 765KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 167KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 979KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 3.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .vmp1

  Size: 5.9MB - Virtual size: 5.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 8KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ