General

Malware Config

Signatures

Files

• 935fde514a701d9181d0d343f2082416d1661fbca9835db53a62f270bceb0dae

  .exe windows x86

  00bfd43259863d6318d0fc4a1c78dfb8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  wininet

  InternetConnectW

  InternetCloseHandle

  InternetOpenW

  InternetReadFile

  HttpOpenRequestW

  InternetCanonicalizeUrlW

  HttpQueryInfoW

  HttpSendRequestW

  winmm

  PlaySoundW

  kernel32

  GetModuleFileNameW

  CreateProcessW

  WaitForMultipleObjects

  GetProcAddress

  GetSystemInfo

  GetModuleHandleW

  GetTempPathW

  GetVersionExW

  GetCurrentProcess

  DeviceIoControl

  CreateFileW

  SetPriorityClass

  WriteConsoleW

  SetStdHandle

  GetTimeZoneInformation

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCurrentProcessId

  QueryPerformanceCounter

  GetOEMCP

  GetACP

  IsValidCodePage

  UnregisterWaitEx

  QueryDepthSList

  InterlockedFlushSList

  InterlockedPushEntrySList

  InterlockedPopEntrySList

  InitializeSListHead

  ReleaseSemaphore

  GetSystemTimeAsFileTime

  FreeLibraryAndExitThread

  FreeLibrary

  GetThreadTimes

  OutputDebugStringW

  VirtualProtect

  VirtualFree

  VirtualAlloc

  SetFilePointerEx

  ReadFile

  GetFileType

  GetConsoleMode

  GetConsoleCP

  WriteFile

  FlushFileBuffers

  GetProcessHeap

  HeapSize

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetTimeFormatW

  GetDateFormatW

  UnregisterWait

  RegisterWaitForSingleObject

  SetThreadAffinityMask

  GetProcessAffinityMask

  GetNumaHighestNodeNumber

  DeleteTimerQueueTimer

  CloseHandle

  GetStdHandle

  DeleteFileW

  GetLastError

  GetFileAttributesW

  ReadConsoleW

  LoadLibraryW

  SetEnvironmentVariableA

  SetEndOfFile

  GetModuleHandleA

  GetCurrentThreadId

  ChangeTimerQueueTimer

  CreateTimerQueueTimer

  GetLogicalProcessorInformation

  GetThreadPriority

  SetThreadPriority

  SwitchToThread

  SignalObjectAndWait

  WaitForSingleObjectEx

  SetEvent

  DuplicateHandle

  GetCurrentThread

  WideCharToMultiByte

  MultiByteToWideChar

  GetStringTypeW

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  EncodePointer

  DecodePointer

  RaiseException

  RtlUnwind

  HeapFree

  IsDebuggerPresent

  IsProcessorFeaturePresent

  ExitProcess

  GetModuleHandleExW

  HeapReAlloc

  GetCPInfo

  HeapAlloc

  GetCommandLineW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  SetLastError

  InitializeCriticalSectionAndSpinCount

  CreateEventW

  Sleep

  TerminateProcess

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetStartupInfoW

  GetTickCount

  CreateSemaphoreW

  CreateThread

  ExitThread

  LoadLibraryExW

  CreateTimerQueue

  user32

  GetDlgItem

  MoveWindow

  SetWindowLongW

  IsDlgButtonChecked

  LoadStringW

  EndPaint

  BeginPaint

  UpdateWindow

  EndDialog

  DialogBoxParamW

  RegisterClassExW

  PostQuitMessage

  DefWindowProcW

  SystemParametersInfoW

  ReleaseDC

  GetDC

  LoadIconW

  SetCursorPos

  SetFocus

  EnableWindow

  FindWindowW

  DestroyIcon

  TranslateAcceleratorW

  LoadAcceleratorsW

  DispatchMessageW

  TranslateMessage

  GetMessageW

  LoadCursorW

  GetSystemMetrics

  GetWindowLongW

  GetSysColor

  SetCursor

  RemovePropW

  GetPropW

  SetPropW

  InvalidateRect

  CallWindowProcW

  SetWindowPos

  ShowWindow

  CreateWindowExW

  PostMessageW

  GetParent

  MessageBoxW

  GetWindowRect

  GetClientRect

  SetWindowTextW

  SendMessageW

  gdi32

  SelectObject

  GetTextExtentPoint32W

  GetObjectW

  SetTextColor

  GetStockObject

  DeleteObject

  CreateFontIndirectW

  GetTextMetricsW

  comdlg32

  GetSaveFileNameW

  advapi32

  RegQueryValueExW

  RegOpenKeyExW

  RegCreateKeyW

  RegOpenCurrentUser

  RegCloseKey

  RegSetValueExW

  shell32

  SHGetFolderPathW

  ShellExecuteW

  ShellExecuteExW

  SHCreateDirectoryExW

  ole32

  CoUninitialize

  CoCreateInstance

  CoInitialize

  Sections

  .text

  Size: 667KB - Virtual size: 666KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 143KB - Virtual size: 143KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 23KB - Virtual size: 51KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 33KB - Virtual size: 33KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ