General

Malware Config

Signatures

Files

• 92449ccf090ef16697a226419edf724b138ee7eb12380bade16706d8dd056b03

  .exe windows x86

  57fef113fb8764921419469db487ddeb

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  Sleep

  DeleteFileA

  GetLastError

  CreateDirectoryA

  lstrcpyA

  lstrlenA

  lstrcatA

  GetDriveTypeA

  GetLogicalDriveStringsA

  FindClose

  LocalFree

  FindNextFileA

  LocalReAlloc

  FindFirstFileA

  LocalAlloc

  RemoveDirectoryA

  GetFileSize

  CreateFileA

  ReadFile

  SetFilePointer

  WriteFile

  GetTickCount

  GetVersionExA

  ExpandEnvironmentStringsA

  ReleaseMutex

  OpenEventA

  SetErrorMode

  CreateMutexA

  CancelIo

  TerminateThread

  GetLocalTime

  GetModuleFileNameA

  CreateProcessA

  GetSystemDirectoryA

  CreatePipe

  DisconnectNamedPipe

  TerminateProcess

  PeekNamedPipe

  WaitForMultipleObjects

  GetCurrentThreadId

  FlushFileBuffers

  SetStdHandle

  LCMapStringW

  LCMapStringA

  InterlockedExchange

  SetEvent

  WaitForSingleObject

  CloseHandle

  CreateEventA

  LoadLibraryA

  VirtualAlloc

  VirtualFree

  LoadLibraryW

  GetOEMCP

  GetACP

  GetProcAddress

  CreateThread

  FreeLibrary

  GetCPInfo

  IsBadCodePtr

  IsBadReadPtr

  GetStringTypeW

  GetStringTypeA

  MultiByteToWideChar

  InterlockedIncrement

  InterlockedDecrement

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  RtlUnwind

  RaiseException

  HeapFree

  HeapAlloc

  TlsSetValue

  TlsGetValue

  ExitThread

  GetModuleHandleA

  GetStartupInfoA

  GetCommandLineA

  GetVersion

  ExitProcess

  TlsAlloc

  SetLastError

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  SetUnhandledExceptionFilter

  GetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  HeapReAlloc

  IsBadWritePtr

  GetCurrentProcess

  HeapSize

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStrings

  user32

  CharNextA

  SetProcessWindowStation

  OpenWindowStationA

  GetProcessWindowStation

  CloseDesktop

  SetThreadDesktop

  GetUserObjectInformationA

  GetThreadDesktop

  OpenInputDesktop

  OpenDesktopA

  MessageBoxA

  wsprintfA

  advapi32

  RegQueryValueA

  RegQueryValueExW

  OpenEventLogA

  CloseEventLog

  RegCloseKey

  RegOpenKeyExA

  RegQueryValueExA

  RegOpenKeyExW

  shell32

  SHGetFileInfoA

  iphlpapi

  GetAdaptersAddresses

  dnsapi

  DnsFree

  DnsQuery_A

  ws2_32

  getsockname

  inet_addr

  inet_ntoa

  closesocket

  recv

  connect

  htons

  socket

  WSAStartup

  select

  send

  Sections

  .text

  Size: 62KB - Virtual size: 62KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .Fly

  Size: 18KB - Virtual size: 17KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .Solo

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 11KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 19KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ