General

Malware Config

Signatures

Files

• b85f60b45975bddbaf46362601224a9ce1a333f7c8a3c66a6aa9e6db11c445f8

  .exe windows x86

  ffba5455fabfef71ce709449c0134600

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  comctl32

  ImageList_Copy

  ImageList_LoadImage

  ImageList_Remove

  ImageList_Duplicate

  ImageList_SetImageCount

  CreateMappedBitmap

  CreatePropertySheetPage

  CreateToolbar

  CreatePropertySheetPageW

  ImageList_DrawIndirect

  ImageList_Add

  ImageList_Replace

  DestroyPropertySheetPage

  ImageList_DragMove

  ImageList_SetDragCursorImage

  ImageList_GetImageRect

  CreateStatusWindow

  ImageList_AddMasked

  ImageList_SetBkColor

  ImageList_SetIconSize

  MakeDragList

  CreateToolbarEx

  InitCommonControlsEx

  DrawStatusTextW

  ImageList_SetFilter

  user32

  SetCursor

  CharNextA

  SetWindowsHookW

  CreateWindowExW

  GetClipboardSequenceNumber

  RegisterClassA

  OpenWindowStationA

  GetWindowContextHelpId

  LoadImageW

  RegisterClassExA

  DdeDisconnectList

  SendInput

  GetKeyNameTextW

  IsWindowVisible

  GetClassInfoA

  CreateWindowExA

  DefMDIChildProcW

  ToUnicodeEx

  SendIMEMessageExW

  CloseWindowStation

  CreateIconFromResource

  CreateIconFromResourceEx

  ChildWindowFromPointEx

  RegisterHotKey

  MessageBoxW

  DestroyWindow

  GrayStringA

  PostThreadMessageA

  ShowWindow

  SetMenuItemInfoW

  SendMessageA

  DefWindowProcW

  GetMenuItemInfoA

  CharLowerW

  kernel32

  FreeEnvironmentStringsA

  GetFileType

  InterlockedDecrement

  GetDateFormatA

  GetSystemTimeAsFileTime

  CompareStringA

  lstrcatW

  VirtualFree

  UnhandledExceptionFilter

  LockResource

  LeaveCriticalSection

  GetLastError

  CopyFileExA

  FoldStringW

  GetSystemDirectoryW

  SetStdHandle

  LCMapStringW

  SetFilePointer

  HeapSize

  GetTempFileNameW

  ReadConsoleOutputCharacterA

  TlsAlloc

  FindAtomW

  GetCommandLineW

  HeapCreate

  EnumCalendarInfoA

  FreeEnvironmentStringsW

  IsBadWritePtr

  SuspendThread

  SetHandleCount

  HeapFree

  ReadFile

  TlsFree

  GetTimeZoneInformation

  GetModuleFileNameA

  GetEnvironmentStringsW

  FreeLibraryAndExitThread

  SetConsoleTitleA

  ReadConsoleOutputA

  WaitForDebugEvent

  DeleteCriticalSection

  GetCPInfo

  MapViewOfFile

  EnterCriticalSection

  GlobalAddAtomA

  VirtualQuery

  GetLongPathNameW

  FlushInstructionCache

  FillConsoleOutputAttribute

  GetUserDefaultLCID

  GetStringTypeW

  VirtualLock

  GetStartupInfoA

  GetMailslotInfo

  LocalFree

  GetModuleHandleA

  RtlUnwind

  LoadResource

  VirtualProtect

  lstrlen

  ContinueDebugEvent

  TlsSetValue

  FindNextChangeNotification

  GetProfileStringW

  HeapDestroy

  LoadLibraryExA

  GetCurrentThread

  GetStdHandle

  GetProfileStringA

  WaitForMultipleObjectsEx

  GetSystemInfo

  FindNextFileA

  CompareStringW

  VirtualAlloc

  GetStringTypeA

  SetEnvironmentVariableA

  SetLastError

  GetCommandLineA

  CloseHandle

  GetEnvironmentStrings

  ReadConsoleOutputCharacterW

  GetProfileSectionA

  InitializeCriticalSection

  lstrcmpiA

  GetModuleFileNameW

  GetDiskFreeSpaceExA

  SystemTimeToFileTime

  HeapReAlloc

  MultiByteToWideChar

  LocalUnlock

  WritePrivateProfileStructW

  OpenMutexA

  GlobalUnlock

  GetCurrentProcess

  FlushFileBuffers

  GetOEMCP

  QueryPerformanceCounter

  SetLocaleInfoA

  FindNextFileW

  IsValidLocale

  GetLocaleInfoA

  GetLocaleInfoW

  IsValidCodePage

  GetProcAddress

  GetStartupInfoW

  ReadConsoleW

  GetACP

  CreateMutexA

  ExitProcess

  InterlockedExchange

  GetTickCount

  SetConsoleActiveScreenBuffer

  TerminateProcess

  WriteFile

  GetTempPathA

  FlushConsoleInputBuffer

  SetConsoleCursorInfo

  GetNamedPipeInfo

  TlsGetValue

  EnumSystemLocalesA

  WideCharToMultiByte

  GlobalAddAtomW

  OpenSemaphoreA

  TryEnterCriticalSection

  LocalReAlloc

  WriteConsoleOutputCharacterA

  WaitForSingleObject

  OpenMutexW

  VirtualUnlock

  ReadConsoleInputA

  GetCurrentProcessId

  LoadLibraryA

  GetVersionExA

  GetTimeFormatA

  ReadFileEx

  LCMapStringA

  GetCompressedFileSizeA

  GetConsoleMode

  GetFileAttributesW

  SetFileTime

  DuplicateHandle

  HeapAlloc

  GetCurrentThreadId

  Sections

  .text

  Size: 148KB - Virtual size: 146KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 96KB - Virtual size: 94KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 96KB - Virtual size: 114KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 28KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ