General

Malware Config

Signatures

Files

• 2ad9b362775fe8a5a70ea4707325699123480e2827abdd2893ff566b80e86ea8

  .exe windows x86

  5610c5b530138865117b260e5ca145b5

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  FreeConsole

  ExitProcess

  user32

  IsWindow

  MessageBoxW

  GetForegroundWindow

  comdlg32

  ReplaceTextW

  FindTextA

  ChooseColorA

  PageSetupDlgW

  ChooseFontW

  setupapi

  SetupGetLineTextW

  SetupDiGetDriverInfoDetailA

  SetupQueueDeleteSectionA

  SetupDiGetDeviceInfoListDetailA

  SetupQueryInfFileInformationA

  SetupDiGetSelectedDriverW

  SetupDiGetINFClassW

  SetupDiGetDeviceInterfaceDetailA

  SetupDiOpenDeviceInterfaceA

  SetupDiRegisterCoDeviceInstallers

  SetupDiInstallClassW

  SetupScanFileQueueA

  SetupQueueDefaultCopyW

  SetupDiBuildClassInfoListExA

  SetupDiInstallClassExA

  SetupQueueDefaultCopyA

  SetupInstallFilesFromInfSectionA

  esent

  JetSetCurrentIndex3

  JetAttachDatabase

  JetSetCurrentIndex

  JetGetTableInfo

  JetGetIndexInfo

  JetDupSession

  JetGetVersion

  JetGetLock

  JetTerm2

  JetRestore2

  JetTruncateLog

  JetOpenFile

  JetMove

  JetGetCursorInfo

  JetRenameTable

  JetBeginTransaction

  JetUpdate

  Sections

  .text

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  tnr

  Size: 58KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ