General

Malware Config

Signatures

Files

• b2216689bc98c78464ecd32132fbeb267084fdbbdef5c23ce06bc35b18564a59

  .exe windows x86

  18a3c3c7c906b7fe37ac0ff41c3db2da

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  dbghelp

  SymGetModuleInfoW

  SymEnumerateSymbolsW

  SymFromName

  FindFileInSearchPath

  SymGetSymFromName64

  SymGetModuleInfo

  kernel32

  OpenEventA

  SetStdHandle

  WriteConsoleW

  HeapSize

  CloseHandle

  CreateThread

  CreateMutexA

  WaitForSingleObject

  GetCurrentThreadId

  BackupSeek

  LoadLibraryExW

  CreateFileA

  GetFileTime

  ReadConsoleOutputCharacterA

  CreateEventW

  GetFileType

  GetFileSize

  GetStdHandle

  RaiseException

  ReadFile

  RtlUnwind

  SetEndOfFile

  SetFilePointer

  UnhandledExceptionFilter

  WriteFile

  ExitThread

  ExitProcess

  FindClose

  FindFirstFileA

  FreeLibrary

  GetCommandLineA

  GetLastError

  GetLocaleInfoA

  GetModuleFileNameA

  GetModuleHandleA

  GetProcAddress

  GetStartupInfoA

  GetThreadLocale

  LoadLibraryExA

  lstrcpynA

  lstrlenA

  MultiByteToWideChar

  WideCharToMultiByte

  VirtualQuery

  LocalAlloc

  LocalFree

  VirtualAlloc

  VirtualFree

  InitializeCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  TlsGetValue

  TlsSetValue

  CompareStringA

  CreateEventA

  CreateFileMappingA

  CreateProcessA

  EnumCalendarInfoA

  FileTimeToDosDateTime

  FileTimeToLocalFileTime

  FindResourceA

  FormatMessageA

  FreeResource

  GetACP

  GetCPInfo

  GetCurrentProcessId

  GetDateFormatA

  GetDiskFreeSpaceA

  GetExitCodeThread

  GetLocalTime

  GetProfileStringA

  GetStringTypeExA

  GetSystemInfo

  GetTempPathA

  GetTickCount

  GetVersion

  GetVersionExA

  GlobalAddAtomA

  GlobalAlloc

  GlobalDeleteAtom

  GlobalFindAtomA

  GlobalFree

  GlobalLock

  GlobalHandle

  GlobalReAlloc

  GlobalSize

  GlobalUnlock

  LoadLibraryA

  LoadResource

  LockResource

  MapViewOfFile

  MulDiv

  OpenFileMappingA

  OpenMutexA

  ReleaseMutex

  ResetEvent

  ResumeThread

  SetErrorMode

  SetEvent

  SetThreadLocale

  SizeofResource

  Sleep

  UnmapViewOfFile

  lstrcmpA

  lstrcpyA

  DeleteFileW

  FindFirstFileW

  FindNextFileW

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetModuleHandleW

  GetExitCodeProcess

  ExpandEnvironmentStringsW

  lstrcmpW

  lstrcmpiW

  RemoveDirectoryW

  GetSystemDirectoryW

  GetVersionExW

  lstrcpyW

  OpenProcess

  lstrcatW

  GetTempFileNameW

  lstrcmpiA

  CreateProcessW

  LoadLibraryW

  GetDiskFreeSpaceW

  lstrcpynW

  lstrlenW

  GetCommandLineW

  GetTempPathW

  GetWindowsDirectoryW

  CopyFileW

  GetCurrentProcess

  GetModuleFileNameW

  CreateFileW

  SetFileAttributesW

  CreateDirectoryW

  GetFileAttributesW

  SetCurrentDirectoryW

  MoveFileW

  GetFullPathNameW

  GetShortPathNameW

  SearchPathW

  CompareFileTime

  SetFileTime

  HeapSetInformation

  GetStartupInfoW

  DecodePointer

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EncodePointer

  TerminateProcess

  TlsAlloc

  TlsFree

  InterlockedIncrement

  SetLastError

  InterlockedDecrement

  IsProcessorFeaturePresent

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  HeapCreate

  QueryPerformanceCounter

  GetSystemTimeAsFileTime

  HeapFree

  GetOEMCP

  IsValidCodePage

  HeapAlloc

  HeapReAlloc

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  LCMapStringW

  GetStringTypeW

  Sections

  .text

  Size: 35KB - Virtual size: 34KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 67KB - Virtual size: 66KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 30KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 45KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ