General

Malware Config

Signatures

Files

• d119babfd04596cdae407a1642d4713d566e601c6d2d096215fed02a8d14a7aa

  .exe windows x86

  205fa1d09da3d86afda4bde69fd3dd1d

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  InflateRect

  SetForegroundWindow

  ScrollWindowEx

  EnableMenuItem

  DialogBoxParamW

  ChildWindowFromPoint

  EndPaint

  ReleaseDC

  GetScrollInfo

  OffsetRect

  GetClientRect

  LoadCursorW

  SetWindowLongW

  EnumChildWindows

  SetFocus

  MoveWindow

  SetWindowPos

  GetWindowTextW

  GetKeyState

  MapWindowPoints

  IsDlgButtonChecked

  SetWindowTextA

  IsIconic

  GetWindowPlacement

  BeginPaint

  DialogBoxIndirectParamW

  ScreenToClient

  DeferWindowPos

  SetActiveWindow

  PostMessageW

  CreateWindowExW

  CheckMenuItem

  LoadImageW

  DestroyWindow

  GetClassNameW

  IsDialogMessageW

  SetClipboardData

  RegisterWindowMessageW

  GetWindowRect

  ShowWindow

  ReleaseCapture

  GetActiveWindow

  SendMessageW

  SetTimer

  UnionRect

  GetPropW

  LoadStringW

  FillRect

  DestroyAcceleratorTable

  IntersectRect

  GetSysColor

  GetParent

  GetClassLongW

  GetSystemMetrics

  IsWindowEnabled

  SetCapture

  DrawIconEx

  GetMenu

  KillTimer

  DrawFrameControl

  GetSysColorBrush

  IsZoomed

  SetCursor

  GetSubMenu

  GetDC

  GetGuiResources

  GetWindowLongW

  OpenClipboard

  GetIconInfo

  InSendMessageEx

  IsChild

  DrawFocusRect

  GetWindowDC

  GetScrollPos

  SetMessageExtraInfo

  RedrawWindow

  MapVirtualKeyW

  GetMessageExtraInfo

  HiliteMenuItem

  RealChildWindowFromPoint

  EnableWindow

  GetNextDlgGroupItem

  EndDeferWindowPos

  comdlg32

  PrintDlgW

  FindTextW

  GetOpenFileNameW

  ChooseFontW

  shell32

  SHGetSpecialFolderLocation

  SHBrowseForFolderW

  ShellExecuteExW

  SHGetFileInfoW

  ole32

  CoInitialize

  advapi32

  FreeSid

  RegQueryValueExA

  OpenProcessToken

  AllocateAndInitializeSid

  AdjustTokenPrivileges

  CloseServiceHandle

  RegSetValueExW

  RegOpenKeyW

  GetTokenInformation

  RegCloseKey

  RegOpenKeyExW

  RegCreateKeyW

  RegQueryValueExW

  EqualSid

  gdi32

  GetBkColor

  EndPage

  DeleteDC

  Polyline

  FrameRgn

  GetDeviceCaps

  EndDoc

  SetBkMode

  CreateFontW

  SelectClipRgn

  CreateFontIndirectW

  DeleteObject

  CombineRgn

  CreateSolidBrush

  GetTextMetricsW

  CreateRectRgnIndirect

  GetStockObject

  SetTextColor

  GetObjectW

  StartDocW

  Polygon

  comctl32

  InitCommonControlsEx

  ImageList_Destroy

  ImageList_Create

  ImageList_ReplaceIcon

  ImageList_SetBkColor

  ImageList_DrawEx

  version

  GetFileVersionInfoW

  VerQueryValueW

  kernel32

  GetOverlappedResult

  CloseHandle

  GetConsoleMode

  GetFileInformationByHandle

  GetCurrentProcessId

  Module32FirstW

  lstrlenA

  GetNativeSystemInfo

  SetLastError

  GlobalFree

  SetEndOfFile

  RaiseException

  ExitProcess

  Process32NextW

  GetCurrentProcess

  MultiByteToWideChar

  LeaveCriticalSection

  LocalAlloc

  QueryPerformanceFrequency

  CreateFileMappingW

  InterlockedDecrement

  ExpandEnvironmentStringsA

  IsDebuggerPresent

  SizeofResource

  WriteConsoleA

  FreeEnvironmentStringsA

  CompareStringW

  LockResource

  SetEnvironmentVariableA

  CompareStringA

  GetStartupInfoA

  GetFileAttributesW

  FreeEnvironmentStringsW

  VirtualFree

  Thread32Next

  TlsFree

  FindClose

  ExitThread

  FileTimeToSystemTime

  VirtualProtectEx

  GetTickCount

  SetProcessWorkingSetSize

  WriteConsoleW

  GetStdHandle

  Thread32First

  HeapCreate

  EnterCriticalSection

  TerminateProcess

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  GetCPInfo

  GetACP

  HeapAlloc

  HeapReAlloc

  RtlUnwind

  HeapSize

  GlobalUnlock

  GetFileSize

  QueryPerformanceCounter

  FormatMessageW

  GetSystemTimeAsFileTime

  FreeLibrary

  DeleteFileW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetModuleHandleW

  Sleep

  WriteFile

  GetModuleFileNameA

  WideCharToMultiByte

  SetHandleCount

  DeleteCriticalSection

  TlsGetValue

  TlsAlloc

  InterlockedIncrement

  LocalFree

  GetCurrentThreadId

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetTempPathA

  GetFileType

  SetFileValidData

  GlobalWire

  ReplaceFileA

  SetFilePointerEx

  FreeResource

  GetFileAttributesExW

  TransmitCommChar

  CancelWaitableTimer

  GlobalUnWire

  UnlockFileEx

  GetFileSizeEx

  FindVolumeClose

  GetAtomNameW

  GlobalCompact

  VirtualAlloc

  SetFileApisToOEM

  GetDevicePowerState

  FlushFileBuffers

  UnmapViewOfFile

  CreateProcessW

  CreateNamedPipeW

  GetLocaleInfoA

  Module32NextW

  HeapFree

  GlobalLock

  ExpandEnvironmentStringsW

  GetCommandLineW

  GlobalAddAtomW

  GetOEMCP

  GetLastError

  GetCurrentDirectoryW

  CreateToolhelp32Snapshot

  GetEnvironmentStringsW

  WaitForSingleObject

  TlsSetValue

  FileTimeToLocalFileTime

  LCMapStringA

  GetModuleFileNameW

  SetFilePointer

  SetCurrentDirectoryW

  GetCommandLineA

  GetProcAddress

  GetEnvironmentStrings

  IsValidCodePage

  CreateFileW

  ResumeThread

  Sections

  .text

  Size: 60KB - Virtual size: 60KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 100KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 88KB - Virtual size: 87KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ