General

Malware Config

Signatures

Files

• 65bfa46f94dc9544968684cfd90ed3ddb33f21e832c9493d4f6d15d2973d984d

  .exe windows x86

  40d204a045742f390a5f87147bf4d754

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mpr

  WNetGetUserA

  user32

  GetWindowRect

  CheckMenuItem

  GetMenu

  RegisterClassA

  CreateWindowExA

  GetWindow

  DestroyWindow

  DrawStateA

  EnableWindow

  DefWindowProcA

  GetCapture

  DestroyIcon

  EnableMenuItem

  ShowWindow

  SetCapture

  EqualRect

  GetSystemMenu

  LoadAcceleratorsA

  wsprintfA

  KillTimer

  BeginPaint

  CreateIconIndirect

  SetWindowLongA

  GetCursorPos

  DrawIconEx

  SetCursor

  GetClientRect

  GetDlgItem

  DispatchMessageA

  LoadBitmapA

  WindowFromPoint

  HideCaret

  GetClassNameA

  GetParent

  IsIconic

  TranslateMessage

  LoadStringA

  ReleaseCapture

  DrawIcon

  LoadIconA

  EndDeferWindowPos

  RedrawWindow

  FillRect

  MessageBoxA

  EndPaint

  BeginDeferWindowPos

  GetSystemMetrics

  GetMenuItemCount

  GetWindowLongA

  RegisterClassExA

  SetRect

  IntersectRect

  GetDC

  LoadCursorA

  GetLastActivePopup

  IsDialogMessageA

  comctl32

  ImageList_Destroy

  ImageList_AddMasked

  ImageList_Read

  ImageList_Write

  ImageList_GetImageCount

  gdi32

  StartPage

  ExcludeClipRect

  Ellipse

  PaintRgn

  SelectObject

  Polygon

  GetNearestPaletteIndex

  SetBrushOrgEx

  GetBkMode

  CreateSolidBrush

  CombineRgn

  GetTextMetricsA

  ScaleWindowExtEx

  FillRgn

  GetRgnBox

  SetBkMode

  GetStockObject

  CreateRoundRectRgn

  CreateFontIndirectA

  EndPage

  GetCharABCWidthsA

  ExtTextOutA

  DeleteObject

  CreateRectRgn

  SetWindowOrgEx

  CreatePalette

  GetWindowExtEx

  BeginPath

  SetBkColor

  MoveToEx

  CreateFontA

  StretchBlt

  CreateBrushIndirect

  DPtoLP

  PtVisible

  Pie

  TextOutA

  SetAbortProc

  GetTextAlign

  PtInRegion

  Escape

  LineTo

  CopyMetaFileA

  CreateHatchBrush

  CreateCompatibleBitmap

  GetBkColor

  Rectangle

  IntersectClipRect

  RectVisible

  UnrealizeObject

  BitBlt

  GetTextExtentPoint32A

  LPtoDP

  GetDeviceCaps

  GetROP2

  SelectPalette

  SetTextColor

  DeleteDC

  CreateDCA

  ScaleViewportExtEx

  CreateDIBSection

  OffsetClipRgn

  Polyline

  CreateBitmap

  SetViewportOrgEx

  GetViewportOrgEx

  StretchDIBits

  GetClipRgn

  GetDIBits

  SetROP2

  EndDoc

  ExtCreatePen

  GetCurrentObject

  EndPath

  CreateCompatibleDC

  GetCurrentPositionEx

  PatBlt

  advapi32

  RegCreateKeyA

  RegDeleteKeyA

  RegSetValueA

  RegCloseKey

  RegDeleteValueA

  RegEnumKeyA

  mfc42

  ord1576

  kernel32

  LCMapStringW

  GetFileSize

  GlobalFlags

  CreateMutexA

  GetLastError

  GetFullPathNameW

  FormatMessageW

  GetOEMCP

  GetFileTime

  FreeEnvironmentStringsA

  FreeLibrary

  GetCurrentProcessId

  TerminateProcess

  SetLastError

  GetTempPathA

  LoadLibraryA

  GetModuleFileNameA

  QueryPerformanceCounter

  CreateDirectoryA

  LoadLibraryW

  SetEnvironmentVariableW

  GetLocaleInfoA

  CreateFileA

  FlushFileBuffers

  GetTimeZoneInformation

  TlsAlloc

  DeleteFileW

  GetTempFileNameW

  GetCommandLineW

  TlsFree

  HeapAlloc

  InterlockedDecrement

  GetCurrentThreadId

  GetCurrentDirectoryA

  GetStartupInfoA

  SetHandleCount

  LeaveCriticalSection

  GetThreadLocale

  lstrlenA

  lstrcpynW

  WriteFile

  IsBadCodePtr

  WideCharToMultiByte

  GetStringTypeA

  GetEnvironmentStrings

  SetStdHandle

  GlobalReAlloc

  MulDiv

  GetSystemTime

  ExitProcess

  HeapDestroy

  VirtualAlloc

  GlobalHandle

  SetFileAttributesW

  GetStdHandle

  IsBadReadPtr

  ExpandEnvironmentStringsA

  FileTimeToSystemTime

  ExitThread

  CreateProcessW

  HeapSize

  HeapReAlloc

  GetModuleFileNameW

  GetEnvironmentStringsW

  SetEvent

  GetProcAddress

  GetSystemDirectoryW

  MapViewOfFile

  CloseHandle

  GetVersion

  EnterCriticalSection

  SetEnvironmentVariableA

  GetCommandLineA

  ConvertDefaultLocale

  GetSystemTimeAsFileTime

  CreateEventW

  HeapFree

  OutputDebugStringA

  CompareStringA

  GetProcessHeap

  FindFirstFileW

  WaitForMultipleObjects

  LocalFree

  LocalReAlloc

  LCMapStringA

  CompareStringW

  LocalAlloc

  HeapCreate

  GetVersionExA

  RtlUnwind

  MultiByteToWideChar

  GetTempPathW

  GetTickCount

  InterlockedIncrement

  Sleep

  CopyFileW

  GetCurrentThread

  CreateMutexW

  GetACP

  GlobalDeleteAtom

  ReadFile

  LoadResource

  GetLocaleInfoW

  DeleteCriticalSection

  GetFileAttributesW

  CreateFileW

  GlobalLock

  InitializeCriticalSection

  VirtualQuery

  FileTimeToLocalFileTime

  IsValidCodePage

  TlsSetValue

  GlobalAlloc

  GetLocalTime

  lstrlenW

  GetDateFormatA

  FindClose

  GetDriveTypeA

  InterlockedExchange

  GetSystemInfo

  RaiseException

  GetExitCodeThread

  SetFilePointer

  SystemTimeToFileTime

  lstrcmpW

  LockFile

  GetFileType

  SizeofResource

  UnhandledExceptionFilter

  GetStringTypeW

  FreeEnvironmentStringsW

  GetVersionExW

  DuplicateHandle

  GetCPInfo

  GetCurrentProcess

  GetUserDefaultLangID

  EnumSystemLocalesA

  CreateToolhelp32Snapshot

  GetFullPathNameA

  SetUnhandledExceptionFilter

  GetModuleHandleA

  lstrcpyW

  TlsGetValue

  IsDebuggerPresent

  UnlockFile

  VirtualFree

  ResumeThread

  GlobalUnlock

  GetUserDefaultLCID

  WaitForSingleObject

  TerminateThread

  GetModuleHandleW

  ole32

  StgCreateDocfileOnILockBytes

  CLSIDFromProgID

  CoLockObjectExternal

  StgOpenStorageOnILockBytes

  StgCreateDocfile

  CoInitialize

  ReleaseStgMedium

  OleInitialize

  OleLockRunning

  CreateILockBytesOnHGlobal

  CoFreeUnusedLibraries

  OleFlushClipboard

  OleIsCurrentClipboard

  CoTaskMemAlloc

  Sections

  .text

  Size: 80KB - Virtual size: 78KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 260KB - Virtual size: 257KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 76KB - Virtual size: 94KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 20KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ