General

Malware Config

Signatures

Files

• 865eae7d6115ba199ac7efb00094a4bb84c2d747551e042764c63e7ba105a1a5

  .exe windows x86

  30c7fac20b2addb83533a4a790e043b8

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  CryptCreateHash

  GetUserNameW

  RegOpenKeyExA

  CryptEncrypt

  RegEnumValueA

  CryptGetProvParam

  DuplicateTokenEx

  CryptAcquireContextA

  LookupPrivilegeDisplayNameW

  RegQueryMultipleValuesW

  LookupAccountSidW

  RegQueryValueExW

  comctl32

  InitCommonControlsEx

  kernel32

  GetTimeFormatA

  HeapSize

  HeapAlloc

  LockFileEx

  GetProcAddress

  EnumSystemCodePagesW

  EnumCalendarInfoW

  TlsGetValue

  GetEnvironmentStrings

  FlushFileBuffers

  InterlockedDecrement

  VirtualFree

  IsValidCodePage

  GetTempPathA

  WideCharToMultiByte

  GetDateFormatA

  TlsAlloc

  WriteConsoleInputW

  GetSystemDirectoryA

  GetUserDefaultLCID

  SetFilePointer

  GetCurrentThread

  GetThreadTimes

  WriteFile

  EnumSystemLocalesA

  VirtualAlloc

  FreeLibrary

  QueryPerformanceCounter

  ExitProcess

  WriteConsoleW

  HeapCreate

  GetLocaleInfoA

  GetProcessHeap

  HeapFree

  SetEnvironmentVariableA

  FreeEnvironmentStringsW

  SetLastError

  CompareStringA

  WriteConsoleA

  GetTickCount

  TerminateProcess

  GetCalendarInfoW

  GetCurrentProcess

  HeapReAlloc

  CompareStringW

  GetCurrentProcessId

  GetOEMCP

  TlsSetValue

  LoadLibraryA

  VirtualQuery

  IsValidLocale

  GetACP

  SetUnhandledExceptionFilter

  FreeEnvironmentStringsA

  GetLastError

  InterlockedIncrement

  GetStringTypeA

  IsDebuggerPresent

  HeapDestroy

  SetHandleCount

  GetConsoleCP

  GetStartupInfoA

  GetConsoleMode

  GetCurrentThreadId

  GetVersionExA

  GetStdHandle

  CloseHandle

  GetCPInfo

  OpenMutexA

  LCMapStringA

  CreateFileA

  GetStringTypeW

  GetLocaleInfoW

  SetStdHandle

  GetTimeZoneInformation

  GlobalUnfix

  DeleteCriticalSection

  SetConsoleCtrlHandler

  CreateMutexA

  ReadFile

  GetModuleHandleA

  UnhandledExceptionFilter

  GetFileType

  LeaveCriticalSection

  LCMapStringW

  GetConsoleOutputCP

  GetCommandLineA

  GetModuleFileNameA

  Sleep

  TlsFree

  SetConsoleScreenBufferSize

  GetSystemTimeAsFileTime

  EnterCriticalSection

  GetEnvironmentStringsW

  InterlockedExchange

  InitializeCriticalSection

  MultiByteToWideChar

  RtlUnwind

  gdi32

  StartPage

  CreatePolyPolygonRgn

  SetMetaFileBitsEx

  UnrealizeObject

  GetRegionData

  FlattenPath

  OffsetRgn

  ExtTextOutA

  GetObjectW

  SetICMMode

  SelectObject

  CreateDIBPatternBrushPt

  CreateDCW

  SetBitmapDimensionEx

  shell32

  ShellAboutA

  SHGetPathFromIDListA

  SHLoadInProc

  RealShellExecuteExA

  DragQueryFileAorW

  user32

  GetScrollRange

  RegisterClassA

  EnumPropsExA

  RegisterClassExA

  wininet

  FtpCreateDirectoryW

  FtpCommandA

  InternetSecurityProtocolToStringA

  InternetSetCookieW

  FtpPutFileW

  FtpGetFileSize

  Sections

  .text

  Size: 174KB - Virtual size: 174KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 358KB - Virtual size: 357KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ