General

Malware Config

Signatures

Files

• 844906208bda6417d663b5f5d51d20fd9b1488882fd9f45e19c35768867ea787

  .exe windows x86

  5184d4dcdb54c39dddc841d4367580fc

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVersion

  GetVersionExA

  InitializeCriticalSection

  GetModuleFileNameW

  GetModuleHandleA

  LoadLibraryA

  LocalAlloc

  LocalFree

  GetModuleFileNameA

  ExitProcess

  user32

  MessageBoxW

  gdi32

  ScaleWindowExtEx

  winmm

  midiStreamOut

  winspool.drv

  OpenPrinterA

  advapi32

  RegCloseKey

  shell32

  Shell_NotifyIconA

  ole32

  OleIsCurrentClipboard

  oleaut32

  VariantInit

  comctl32

  ImageList_AddMasked

  ws2_32

  ioctlsocket

  comdlg32

  PrintDlgA

  Exports

  Exports

  ��~�C��>F �$/k��<LSq���0e���Q��7�HTB���[�f�5QR
  ���m N�͙�48y���N�r�`$2 h���j�K�x~�MU}�Z�X�>�A�7�!�tg=�����b�<
  =�����X�'���m��1ȧ��e?f����R䉛^�4N��=����@0\^�ty��e�,P����G�j���+*�yF��V��h)ЎC$xĭ��nJ8q���T[+��<6:��Xs��`{f�+���bw�h[�A�Fo����� �L�r�E���K���;!d��E��]�n�i-V�� �,�(��V\���QY��=o���o`�X��,�.6һb��@9���l��ٺwF�?,��y�{N���G"G��0s�SOX���gz�H+�����3�z>�yW�#���r�P�Cy�7��W�揫�^��v�l�qO����K����t��G�n=�;o�-�����T�ՃVI�xqYT��r�J�8���۪ߓGXJ�n��qQ ��(`�a{,�|�e�R����a��)5G�R�5~��Q`\��T>h_�|��x$/!|āYp�9f�1�\hV��2زt�}H��F��$�n�Tr�4^%�l���ž��K<��̉�@�*C^�+�u�QQ���}��͘[6=��A�7&����6��#dzf!��)Ց@q���ɛ��1RCQ �
  �z�Q�W:�5��f�AV�:N������;���~�k^�/R�o'��F��Cs�����Tik[р ��jp@m+W%�[���p���jU�f���K�J�Jv�u��m�W5K�?2
  j���R�$ju b�Ȃ�� �ir��U�0z��HP�c�j�+�{��a[��h���`�1��X�sb$� � ��4� ӿ�C�͛�����+b��9�h�H���8M�2:�4��h @��ӂ6o���oD=�e%S4F죎�c�������#�]�� $�-�͠:���G��� L��99���qؕ�,���j��oR�ᥕ4N;�f<��4ނhr��h��#㓉�>�̿�M �G���.+��If��x�Jy9(�k��ؙ��.^j�>��I��-�f�-`�]p���}��xs�kǝ � ]�)���*.x��p��Q�f�����R��w�����ܖ�<�د�_;ś� B�1"�y+���JMLj�J���餖#W��5l���p�ԔE���!����09ȺqC�����j�G0�����L��.>��-���E��j�� 
  \K%ϚQ���`��^=�v��2� �:V;��|�����#w"y��1�U����`���K�$nY��n�<?�����3��� :�VJz�~)�6�ߧ�!U+y{[+=�;�1��]�[T���0�9��=Qn�_b���*ɗ]q��:��ݮ8[d;df�O�q T���� �|'�[� ~��Q�� I���7O�o���ſ�GL/� �cI8��3\|�ԣ����-�ӈ�����X� LL��s��̺�ż3cm��}������΋E<' �y�!{�.F��������\ Xs�r�QZb��h�꬞(����\���n�J�b��:Z�EI|�DJ�s�o�IbR=��uc�i>i,�4���������nw��������
  �g���%O����c�F�������}�����EDw:+��'�?�������X"Ѧ� V���p����f��L5{�H�5�]*��&��\�6�P(��7��Z���C�1��9��A�x�FY���,c� ^B(B��o�Lv�z�Hf��#u�tDF�Y4�]LE<�������� >����Ư����b��R�frg�R}��J� ���Md��~���l����W?�������N���5�d���Ċ�?�^onrB݁��Q�hY�!h��\�����1�Y<2�^ M��I�X�|÷�|Z1�قS;��_�#҇���Uh��g@B<bZ��]�"��~m3 ����G��8��{�u��-}t�P��.FKs��T��LMf���_��#l3���o�M�8HG��.�X ���(T@��j��fg�(����L��ݲLj����R�O�^!��R=1�c�R�������Є3��$-���#��R�����-�w�"IL�RF%q�]�ȑE
  ����?��]��l��i��-m�V!���L#�_2��� �c9nR�b���p$��]kH}ْ�ʡ����ó���Vw�EB����f�A&�)��[9��ԓ�a��T���a>�5���Y����@�_����tS��ivӤzF���<�~�� �qf�m!R)��%���\M�X�����~�Ʈ��Z�������_��{֘�{pI���،G4�AnI3 ��ɗ"��_����7��Q�`���3�{��$Er�n�q
  �E��Cx���o�C���J�����,��M�Ɵ&�ߎ�x�� j"����O5�\��{�DRd`O�7m������5A���вSpt>-ơ �vl��-��\�$3���iP(���lP�e��-1�z�o3\��Ǝ�LB�&�IF^w�gB���T��@��yt0�G֎��������W��h�����dU]��mv^~�'���7'-m2�֗�E8 nY^Y�O_.������:��1���Ao����Ce.U?$G��X.9n����/U9��P�9K<`�?K�}�[h�1���)ܡR�.�ZRj]Š -���E�KTk��};!x;u��z��>���+3��G!zn Ѻ�)I��!4�6�0�`]qqC� �=��A�w���7��el_�o{��^�N^6�Z��S��*K1�x�����u&/�XE3��]g�|"�7����cjf��D~���l5�mo�Q���Y����g}����N��Iw���/�J 4&j=V:��ǰ|�[���,z�Ѽ Z��=���׾��4@B�G�p�joJN���O �����������cg�8���>�-�~�����������pa1�#v:i���JErH�F���1'6����ܒ��y�Mv��wLB\D[���
  P���ߥ��`� ��C�G�-0�A4Tu �Nee�Z��-�e��(�I�蹹��V�=,)0l

  Sections

  .text

  Size: - Virtual size: 811KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 161KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: - Virtual size: 276KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp0

  Size: - Virtual size: 1.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 4KB - Virtual size: 24B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .vmp1

  Size: 2.4MB - Virtual size: 2.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ