General

Malware Config

Signatures

Files

• 7aca00bf2db9824d2e87e8a12380f53c8ae901c267b899fb33a603b377a625c4

  .exe windows x86

  245aa91855acf78aac062e70139ca99a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_NET_RUN_FROM_SWAP

  Imports

  kernel32

  GetStringTypeW

  LCMapStringW

  MultiByteToWideChar

  WriteConsoleW

  SetStdHandle

  LoadLibraryW

  HeapReAlloc

  HeapFree

  GlobalFree

  GetOEMCP

  GetACP

  GetCPInfo

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  GetSystemTimeAsFileTime

  FlushFileBuffers

  HeapSize

  CreateFileW

  CloseHandle

  LocalFree

  GetCurrentProcessId

  FindFirstChangeNotificationA

  FindNextChangeNotification

  WritePrivateProfileStringA

  LocalAlloc

  RtlUnwind

  GetPrivateProfileStringA

  GetLastError

  SetConsoleTitleA

  HeapCreate

  Sleep

  GlobalAlloc

  GetConsoleTitleA

  GetTickCount

  FindCloseChangeNotification

  WaitForSingleObject

  QueryPerformanceCounter

  InterlockedDecrement

  GetCurrentThreadId

  SetLastError

  GetCurrentProcess

  HeapAlloc

  IsValidCodePage

  lstrlenA

  InterlockedIncrement

  TlsFree

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  IsProcessorFeaturePresent

  DecodePointer

  EncodePointer

  EnterCriticalSection

  LeaveCriticalSection

  GetProcAddress

  GetModuleHandleW

  ExitProcess

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  GetModuleFileNameA

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  DeleteCriticalSection

  TlsAlloc

  TlsGetValue

  TlsSetValue

  user32

  FindWindowA

  SetDlgItemTextA

  MoveWindow

  GetWindowRect

  SendDlgItemMessageA

  GetFocus

  LoadBitmapA

  wsprintfA

  GetClientRect

  SendMessageA

  BeginPaint

  WinHelpA

  OffsetRect

  GetWindowTextA

  InvalidateRect

  GetDlgItem

  CheckDlgButton

  ShowWindow

  AppendMenuA

  IsWindow

  DdeNameService

  RegisterClipboardFormatW

  SetWindowTextA

  LoadImageA

  UpdateWindow

  gdi32

  MoveToEx

  BitBlt

  SetTextColor

  DeleteDC

  CreateFontIndirectA

  SetBkColor

  DeleteObject

  SelectObject

  CreateCompatibleDC

  GetTextMetricsA

  ChoosePixelFormat

  SetTextAlign

  GetObjectA

  CreateSolidBrush

  ExtCreatePen

  comdlg32

  ChooseFontA

  advapi32

  LookupAccountSidA

  ConvertSidToStringSidA

  GetUserNameW

  FreeSid

  AllocateAndInitializeSid

  OpenProcessToken

  EqualSid

  GetTokenInformation

  shell32

  SHGetFolderPathA

  ole32

  OleCreateFromFile

  netapi32

  NetApiBufferFree

  NetUserGetInfo

  comctl32

  InitCommonControlsEx

  ImageList_Add

  ImageList_Create

  wsnmp32

  ord320

  Sections

  .text

  Size: 36KB - Virtual size: 36KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 25KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 208KB - Virtual size: 216KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 100KB - Virtual size: 100KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ