General

Malware Config

Signatures

Files

• 7a51d87f905febdacd9f3cddf2b6af2ad74cb727e9a40d842c54d3a6cf9a2a76

  .exe windows x86

  a183f91bb2c0c0e3331966a83f8f5cd7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  HeapReAlloc

  HeapSize

  FlushFileBuffers

  SetStdHandle

  LoadLibraryW

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  GetConsoleMode

  SetEndOfFile

  SetFilePointer

  CreateFileW

  Sleep

  HeapAlloc

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  InterlockedDecrement

  GetCurrentThreadId

  SetLastError

  InterlockedIncrement

  TlsFree

  MultiByteToWideChar

  ReadFile

  IsProcessorFeaturePresent

  WriteConsoleW

  LCMapStringW

  GetStringTypeW

  CloseHandle

  GetVersionExA

  LoadLibraryA

  GetLocalTime

  GlobalFree

  GetProcAddress

  lstrlenW

  GetLastError

  MulDiv

  GlobalAlloc

  GetConsoleCP

  GetProcessHeap

  GetFileSize

  GetCommandLineW

  TlsSetValue

  TlsGetValue

  TlsAlloc

  DeleteCriticalSection

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  RaiseException

  ExitProcess

  GetModuleFileNameA

  HeapCreate

  GetModuleFileNameW

  GetStdHandle

  WriteFile

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  HeapFree

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSectionAndSpinCount

  EncodePointer

  DecodePointer

  RtlUnwind

  GetModuleHandleW

  user32

  UpdateWindow

  EnableWindow

  SetDlgItemTextA

  CheckMenuItem

  ScrollWindowEx

  SetWindowTextA

  EndPaint

  DestroyWindow

  EnumDisplayMonitors

  SetTimer

  IsIconic

  KillTimer

  LoadBitmapA

  GetParent

  TrackMouseEvent

  CallNextHookEx

  WindowFromPoint

  GetClientRect

  SendMessageA

  BeginPaint

  GetDC

  GetMenu

  InvalidateRect

  LoadMenuW

  AppendMenuW

  GetWindowLongA

  SetScrollPos

  ReleaseDC

  GetDlgItem

  GetCursorPos

  CheckDlgButton

  CreatePopupMenu

  CreateDialogParamW

  IsWindow

  gdi32

  BitBlt

  SetTextColor

  CreateDIBSection

  GetDeviceCaps

  CreateFontIndirectA

  SetBkColor

  DeleteObject

  SelectObject

  EnumFontFamiliesExA

  CreateCompatibleDC

  SetMapMode

  Rectangle

  CreateBrushIndirect

  SetTextAlign

  GetObjectA

  TextOutW

  CreateSolidBrush

  AddFontResourceA

  comdlg32

  GetOpenFileNameA

  ChooseColorW

  CommDlgExtendedError

  advapi32

  IsTextUnicode

  shell32

  CommandLineToArgvW

  mpr

  WNetEnumResourceW

  WNetOpenEnumW

  WNetCloseEnum

  version

  GetFileVersionInfoW

  comctl32

  CreateToolbarEx

  wtsapi32

  WTSFreeMemory

  WTSCloseServer

  WTSEnumerateSessionsA

  WTSOpenServerA

  WTSQuerySessionInformationA

  Sections

  .text

  Size: 40KB - Virtual size: 39KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 20KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .dadata

  Size: 44KB - Virtual size: 44KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ