General

Malware Config

Signatures

Files

• 1bf9f2ba608fddd01e07cbcd9dd9faeb51ba56acd6664932920f3e52231ce972

  .exe windows x86

  d9cd009ed0efb32f54e73b3643b5f62d

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVolumeInformationA

  SetVolumeLabelA

  GetModuleFileNameA

  GetFileAttributesA

  SetFileAttributesA

  GetShortPathNameA

  GetEnvironmentVariableA

  FreeLibrary

  LoadLibraryA

  SetEnvironmentVariableA

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  ReadFile

  GetCurrentThreadId

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GlobalMemoryStatus

  GetTempPathA

  GetSystemDirectoryA

  GetWindowsDirectoryA

  GetComputerNameA

  TerminateProcess

  OpenProcess

  CreateProcessA

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingA

  ReadProcessMemory

  GetVersionExA

  WaitForSingleObject

  SetFileTime

  DeleteFileA

  MoveFileA

  CopyFileA

  CreateDirectoryA

  RemoveDirectoryA

  GetCurrentProcess

  CompareStringA

  SetEndOfFile

  FlushFileBuffers

  SetStdHandle

  GetStringTypeW

  GetStringTypeA

  GetModuleHandleA

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  WriteFile

  UnhandledExceptionFilter

  TlsGetValue

  SetLastError

  TlsAlloc

  RtlUnwind

  VirtualAlloc

  VirtualFree

  HeapCreate

  HeapDestroy

  HeapSize

  HeapReAlloc

  GetOEMCP

  GetACP

  GetCPInfo

  SetFilePointer

  LCMapStringW

  LCMapStringA

  WideCharToMultiByte

  LeaveCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  GetVersion

  GetCommandLineA

  GetStartupInfoA

  ExitThread

  TlsSetValue

  CreateThread

  GetSystemTimeAsFileTime

  ExitProcess

  HeapAlloc

  HeapFree

  GetLocalTime

  GetTimeZoneInformation

  InterlockedIncrement

  InterlockedDecrement

  GetProcAddress

  GetDiskFreeSpaceA

  SetErrorMode

  GetDriveTypeA

  MultiByteToWideChar

  GetFileSize

  FindFirstFileA

  FindNextFileA

  GetSystemTime

  SystemTimeToFileTime

  GetCurrentDirectoryA

  CreateFileA

  GetFileTime

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  CompareStringW

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  SetCurrentDirectoryA

  Sleep

  GetExitCodeProcess

  CloseHandle

  GetFullPathNameA

  GetLastError

  FormatMessageA

  FindClose

  user32

  DialogBoxParamA

  MessageBeep

  EndDialog

  InvalidateRect

  GetDlgItem

  SendDlgItemMessageA

  LoadMenuA

  CheckMenuItem

  SetForegroundWindow

  CharLowerA

  CharUpperA

  UnregisterHotKey

  TrackPopupMenuEx

  ExitWindowsEx

  PostQuitMessage

  SetTimer

  GetKeyboardLayoutNameA

  DefWindowProcA

  LoadIconA

  GetSysColorBrush

  RegisterClassExA

  IsIconic

  IsZoomed

  GetCaretPos

  ClientToScreen

  GetFocus

  GetMenu

  GetMenuItemCount

  GetMenuStringA

  EnumThreadWindows

  GetKeyboardState

  SetKeyboardState

  GetAsyncKeyState

  GetKeyState

  DestroyMenu

  keybd_event

  DestroyWindow

  MessageBoxA

  LoadStringA

  GetMessageA

  PostMessageA

  RegisterWindowMessageA

  VkKeyScanA

  DispatchMessageA

  TranslateMessage

  PeekMessageA

  GetWindowTextA

  SendMessageA

  IsCharUpperA

  IsCharLowerA

  IsCharAlphaNumericA

  IsCharAlphaA

  SetWindowTextA

  FindWindowA

  KillTimer

  SendMessageTimeoutA

  CloseClipboard

  GetMenuItemID

  GetSubMenu

  IsWindowEnabled

  MapVirtualKeyA

  GetDlgCtrlID

  GetParent

  EnableWindow

  ScreenToClient

  SetActiveWindow

  SetFocus

  MoveWindow

  IsWindowVisible

  GetClassNameA

  EnumWindows

  EnumChildWindows

  RegisterHotKey

  LoadCursorA

  WindowFromPoint

  GetWindowThreadProcessId

  AttachThreadInput

  GetCursor

  SystemParametersInfoA

  SetRect

  AdjustWindowRectEx

  CreateWindowExA

  GetClientRect

  SetWindowPos

  ShowWindow

  GetDesktopWindow

  mouse_event

  GetCursorPos

  GetForegroundWindow

  GetWindowRect

  GetDC

  ReleaseDC

  EmptyClipboard

  SetClipboardData

  IsClipboardFormatAvailable

  OpenClipboard

  GetClipboardData

  gdi32

  CreateDCA

  GetStockObject

  SelectObject

  GetTextFaceA

  GetDeviceCaps

  DeleteDC

  GetPixel

  CreateFontA

  comdlg32

  GetOpenFileNameA

  GetSaveFileNameA

  advapi32

  GetUserNameA

  OpenProcessToken

  LookupPrivilegeValueA

  AdjustTokenPrivileges

  RegEnumKeyExA

  RegDeleteValueA

  RegDeleteKeyA

  RegCreateKeyExA

  CloseServiceHandle

  UnlockServiceDatabase

  LockServiceDatabase

  OpenSCManagerA

  RegCloseKey

  RegQueryValueExA

  RegOpenKeyExA

  RegSetValueExA

  shell32

  SHFileOperationA

  SHGetMalloc

  SHGetDesktopFolder

  SHBrowseForFolderA

  SHGetPathFromIDListA

  Shell_NotifyIconA

  ole32

  CoUninitialize

  CoCreateInstance

  CoInitialize

  CreateStreamOnHGlobal

  oleaut32

  OleLoadPicture

  winmm

  waveOutSetVolume

  timeGetTime

  mciSendStringA

  version

  GetFileVersionInfoA

  VerQueryValueA

  GetFileVersionInfoSizeA

  wsock32

  gethostbyname

  WSAStartup

  inet_addr

  WSACleanup

  gethostname

  Sections

  .text

  Size: 132KB - Virtual size: 129KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 24KB - Virtual size: 97KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ