General

Malware Config

Signatures

Files

• dd59f8e7fcc27c8b2e4fab1963d5b00c6a7365109e016968e3781efd621023ea

  .exe windows x86

  93c380f15ab35cbffa093b7e64ff37d1

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAlloc

  VirtualProtect

  VirtualFree

  GetProcAddress

  LoadLibraryA

  IsBadReadPtr

  lstrcmpiA

  HeapFree

  GetProcessHeap

  FreeLibrary

  GetModuleHandleA

  HeapAlloc

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetCurrentThreadId

  GetTickCount

  QueryPerformanceCounter

  SetUnhandledExceptionFilter

  RtlUnwind

  GetStartupInfoA

  InterlockedCompareExchange

  Sleep

  InterlockedExchange

  user32

  MessageBoxA

  msvcrt

  ??0exception@@QAE@XZ

  ?what@exception@@UBEPBDXZ

  ??1exception@@UAE@XZ

  ??0exception@@QAE@ABV0@@Z

  _CxxThrowException

  _callnewh

  __getmainargs

  _cexit

  _exit

  _XcptFilter

  _ismbblead

  _acmdln

  _initterm

  _amsg_exit

  __setusermatherr

  __p__commode

  __set_app_type

  ??1type_info@@UAE@XZ

  _unlock

  __dllonexit

  _lock

  _onexit

  ?terminate@@YAXXZ

  _controlfp

  realloc

  free

  malloc

  memcpy

  memset

  exit

  __p__fmode

  Sections

  .text

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 40KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ