General

Malware Config

Signatures

Files

• 5cbc55701a7f6973ea3985d469c2d2d9de8f5642de947c2a1e5813b4fd0363ad

  .exe windows x86

  877ab7c346e7728753fee6026cacd200

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  GetFileSizeEx

  GetFileTime

  LocalAlloc

  TlsGetValue

  GlobalReAlloc

  GlobalHandle

  TlsAlloc

  TlsSetValue

  LocalReAlloc

  TlsFree

  GlobalFlags

  SetErrorMode

  GetStartupInfoW

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  VirtualProtect

  VirtualAlloc

  VirtualQuery

  RtlUnwind

  RaiseException

  SetStdHandle

  GetFileType

  ExitProcess

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetStartupInfoA

  VirtualFree

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  GetTimeFormatA

  GetDateFormatA

  GetUserDefaultLCID

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  GetStringTypeA

  GetStringTypeW

  LCMapStringA

  LCMapStringW

  InitializeCriticalSectionAndSpinCount

  GetConsoleCP

  GetConsoleMode

  SetConsoleCtrlHandler

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  GetCurrentDirectoryA

  GetDriveTypeA

  SetEnvironmentVariableA

  SetConsoleMode

  ReadConsoleInputA

  FlushConsoleInputBuffer

  FindFirstFileA

  DuplicateHandle

  GlobalMemoryStatus

  GetVersion

  GetCurrentThread

  ConvertDefaultLocale

  EnumResourceLanguagesW

  GetLocaleInfoW

  CompareStringA

  InterlockedExchange

  ReleaseSemaphore

  CreateSemaphoreW

  GetThreadLocale

  InterlockedIncrement

  lstrcmpA

  GetModuleHandleA

  GlobalAddAtomW

  GlobalFindAtomW

  GlobalDeleteAtom

  CompareStringW

  lstrcmpW

  GlobalFree

  MulDiv

  GetPrivateProfileStringW

  GetVolumeInformationW

  FindNextFileW

  GetLocalTime

  GetTimeZoneInformation

  FindClose

  FindFirstFileW

  GetCurrentProcess

  FreeResource

  CreateDirectoryW

  GlobalMemoryStatusEx

  GetComputerNameW

  GetModuleFileNameW

  lstrlenW

  DeleteFileA

  AreFileApisANSI

  GetSystemTime

  LocalFree

  GetTempPathA

  GetCurrentProcessId

  GetVersionExA

  OutputDebugStringA

  DeleteCriticalSection

  GetFileAttributesExW

  GetSystemInfo

  GetDiskFreeSpaceA

  LoadLibraryA

  GetDiskFreeSpaceW

  EnterCriticalSection

  LockFileEx

  HeapSize

  GetTempPathW

  FlushFileBuffers

  ReadFile

  GetFileAttributesW

  HeapValidate

  HeapCreate

  GetFileAttributesA

  LeaveCriticalSection

  HeapDestroy

  FormatMessageW

  WideCharToMultiByte

  InitializeCriticalSection

  WriteFile

  FormatMessageA

  GetSystemTimeAsFileTime

  GetProcessHeap

  UnlockFileEx

  LockFile

  UnlockFile

  InterlockedCompareExchange

  HeapFree

  QueryPerformanceCounter

  SystemTimeToFileTime

  HeapAlloc

  SetEndOfFile

  SetFilePointer

  CreateMutexW

  GetFileSize

  HeapReAlloc

  GetFullPathNameA

  GetFullPathNameW

  CreateEventW

  MoveFileW

  SetFileAttributesW

  GetSystemDefaultLCID

  WritePrivateProfileStringW

  ResetEvent

  GetPrivateProfileIntW

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingW

  CreateFileW

  GetModuleHandleW

  SetLastError

  TerminateThread

  Sleep

  WaitForSingleObject

  CreateThread

  GetTickCount

  OutputDebugStringW

  SetEvent

  lstrlenA

  CloseHandle

  DeviceIoControl

  GetVersionExW

  CreateFileA

  GetCurrentThreadId

  InterlockedDecrement

  GetLastError

  GetProcAddress

  LoadLibraryW

  FreeLibrary

  GlobalAlloc

  GlobalUnlock

  GlobalLock

  DeleteFileW

  LockResource

  MultiByteToWideChar

  SizeofResource

  LoadResource

  GetEnvironmentStringsW

  FindResourceW

  user32

  SetDlgItemTextW

  SendDlgItemMessageW

  SendDlgItemMessageA

  WinHelpW

  IsChild

  GetCapture

  SetWindowsHookExW

  CallNextHookEx

  GetClassLongW

  GetClassNameW

  SetPropW

  GetPropW

  RemovePropW

  GetWindowTextLengthW

  GetWindowTextW

  GetForegroundWindow

  GetLastActivePopup

  SetActiveWindow

  BeginDeferWindowPos

  EndDeferWindowPos

  GetDlgItem

  GetTopWindow

  DestroyWindow

  GetMessageTime

  GetMessagePos

  MapWindowPoints

  TrackPopupMenu

  GetKeyState

  SetMenu

  UpdateWindow

  CreateWindowExW

  GetClassInfoExW

  GetClassInfoW

  RegisterClassW

  AdjustWindowRectEx

  EqualRect

  DeferWindowPos

  PtInRect

  GetDlgCtrlID

  DefWindowProcW

  CallWindowProcW

  GetMenu

  GetWindowLongW

  IsDialogMessageW

  OffsetRect

  IntersectRect

  SystemParametersInfoA

  GetWindowPlacement

  GetWindow

  ReleaseDC

  GetDC

  GetFocus

  IsWindowEnabled

  IsWindow

  SetFocus

  UnhookWindowsHookEx

  ExitWindowsEx

  FindWindowExW

  keybd_event

  LoadCursorW

  SetCursor

  ShowWindow

  ScreenToClient

  TranslateMessage

  RegisterWindowMessageW

  MessageBoxW

  EnableWindow

  InvalidateRect

  GetSysColor

  PeekMessageW

  DispatchMessageW

  mouse_event

  SetCursorPos

  GetMenuItemCount

  DrawMenuBar

  GetMenuItemID

  ModifyMenuW

  SetMenuInfo

  LoadMenuW

  GetWindowDC

  SetWindowPos

  GetWindowRect

  CheckMenuItem

  GetMenuState

  PostQuitMessage

  SetForegroundWindow

  GetSubMenu

  GetCursorPos

  DrawIcon

  GetSystemMetrics

  IsIconic

  LoadIconW

  IsWindowVisible

  GetParent

  SetWindowTextW

  MoveWindow

  EnableMenuItem

  LoadBitmapW

  GetMenuCheckMarkDimensions

  SetMenuItemBitmaps

  TabbedTextOutW

  DrawTextExW

  EndDialog

  PostMessageW

  DrawTextW

  GrayStringW

  ClientToScreen

  SetWindowLongW

  GetClientRect

  SendMessageW

  SetRectEmpty

  UnionRect

  InflateRect

  CopyRect

  MessageBoxA

  GetProcessWindowStation

  GetUserObjectInformationW

  OpenClipboard

  CloseClipboard

  EmptyClipboard

  SetClipboardData

  PostThreadMessageW

  MessageBeep

  GetNextDlgGroupItem

  ReleaseCapture

  SetCapture

  InvalidateRgn

  IsRectEmpty

  CopyAcceleratorTableW

  UnregisterClassW

  GetSysColorBrush

  SetRect

  CharUpperW

  GetMessageW

  ValidateRect

  WindowFromPoint

  RegisterClipboardFormatW

  SetTimer

  KillTimer

  SetWindowContextHelpId

  MapDialogRect

  GetWindowThreadProcessId

  DestroyMenu

  GetDesktopWindow

  GetActiveWindow

  CreateDialogIndirectParamW

  BeginPaint

  CharNextW

  EndPaint

  GetNextDlgTabItem

  gdi32

  DeleteObject

  GetViewportExtEx

  GetWindowExtEx

  PtVisible

  RectVisible

  TextOutW

  Escape

  SelectObject

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowExtEx

  ScaleWindowExtEx

  ExtSelectClipRgn

  DeleteDC

  IntersectClipRect

  CreateCompatibleDC

  GetStockObject

  GetMapMode

  GetBkColor

  GetTextColor

  GetCharWidthW

  StretchDIBits

  CreateCompatibleBitmap

  GetRgnBox

  ExcludeClipRect

  SetMapMode

  SetBkMode

  RestoreDC

  SaveDC

  CreateBitmap

  GetObjectW

  SetBkColor

  SetTextColor

  GetClipBox

  CreateRectRgnIndirect

  CreateFontW

  CreateSolidBrush

  EnumFontFamiliesW

  GetDeviceCaps

  ExtTextOutW

  GetTextExtentPoint32W

  comdlg32

  GetFileTitleW

  winspool.drv

  DocumentPropertiesW

  ClosePrinter

  OpenPrinterW

  advapi32

  RegisterEventSourceA

  RegQueryValueW

  RegOpenKeyW

  RegEnumKeyW

  RegDeleteKeyW

  RegQueryValueExW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  OpenProcessToken

  DeregisterEventSource

  RegSetValueExW

  RegOpenKeyExW

  RegCreateKeyExW

  RegisterEventSourceW

  RegCloseKey

  ReportEventA

  shell32

  DragQueryFileW

  DragFinish

  Shell_NotifyIconW

  SHGetFileInfoW

  ExtractIconW

  ShellExecuteW

  comctl32

  InitCommonControlsEx

  ImageList_Draw

  shlwapi

  PathFindExtensionW

  PathFindFileNameW

  PathStripToRootW

  PathRemoveFileSpecW

  PathIsUNCW

  oledlg

  OleUIBusyW

  ole32

  CoTaskMemAlloc

  CLSIDFromProgID

  CLSIDFromString

  OleUninitialize

  CoFreeUnusedLibraries

  OleInitialize

  CoGetClassObject

  StgOpenStorageOnILockBytes

  StgCreateDocfileOnILockBytes

  CreateILockBytesOnHGlobal

  CoRevokeClassObject

  CoTaskMemFree

  CoInitializeEx

  CoInitializeSecurity

  CoSetProxyBlanket

  CoUninitialize

  CoInitialize

  CoCreateInstance

  CoRegisterMessageFilter

  OleFlushClipboard

  OleIsCurrentClipboard

  oleaut32

  OleCreateFontIndirect

  VariantChangeType

  SysStringLen

  SysAllocStringLen

  VariantInit

  SafeArrayDestroy

  SafeArrayAccessData

  SafeArrayCreateVector

  VariantClear

  SysFreeString

  SysAllocString

  VariantCopy

  VariantTimeToSystemTime

  SystemTimeToVariantTime

  urlmon

  URLDownloadToFileW

  wsock32

  WSASetLastError

  WSAStartup

  WSAGetLastError

  select

  shutdown

  closesocket

  __WSAFDIsSet

  recv

  socket

  setsockopt

  htons

  htonl

  bind

  connect

  inet_ntoa

  send

  WSACleanup

  gethostname

  gethostbyname

  inet_addr

  dnsapi

  DnsQuery_W

  DnsFree

  ws2_32

  WSAEnumNetworkEvents

  WSAWaitForMultipleEvents

  freeaddrinfo

  getaddrinfo

  wininet

  DeleteUrlCacheEntryW

  Sections

  .text

  Size: 1.7MB - Virtual size: 1.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 489KB - Virtual size: 488KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 79KB - Virtual size: 113KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1.6MB - Virtual size: 1.6MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ