General

Malware Config

Signatures

Files

• 67de2a5c0d0ade91979ccfe81a81c9ec1da3ee5accf6a359c9d5bec16c77d307

  .exe windows x86

  e1aedb076f29a9105624da15a0d91615

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ole32

  OleRun

  DoDragDrop

  GetClassFile

  CreateILockBytesOnHGlobal

  ReleaseStgMedium

  OleSetClipboard

  CoCreateGuid

  CreateFileMoniker

  CreateStreamOnHGlobal

  OleGetIconOfClass

  CoRevokeClassObject

  CoGetMalloc

  CreateOleAdviseHolder

  CoFreeUnusedLibraries

  OleCreateFromFile

  RegisterDragDrop

  CoCreateInstance

  SetConvertStg

  OleCreateStaticFromData

  OleIsCurrentClipboard

  OleRegEnumVerbs

  StgIsStorageILockBytes

  OleCreateLinkFromData

  StringFromCLSID

  CreateBindCtx

  OleDuplicateData

  OleTranslateAccelerator

  CreateDataAdviseHolder

  OleFlushClipboard

  OleQueryLinkFromData

  StgCreateDocfile

  CoInitializeEx

  OleSaveToStream

  OleSave

  OleLockRunning

  CoRegisterClassObject

  OleInitialize

  StgIsStorageFile

  OleCreateLinkToFile

  IsAccelerator

  OleCreate

  GetHGlobalFromILockBytes

  ReadFmtUserTypeStg

  StringFromGUID2

  WriteClassStg

  CoUninitialize

  OleGetClipboard

  CreateGenericComposite

  CoRegisterMessageFilter

  CoTaskMemRealloc

  StgOpenStorage

  CoTaskMemAlloc

  CoDisconnectObject

  OleIsRunning

  CoTaskMemFree

  OleRegGetMiscStatus

  CLSIDFromProgID

  CoGetClassObject

  OleCreateMenuDescriptor

  ReadClassStg

  CoTreatAsClass

  CoInitialize

  StgOpenStorageOnILockBytes

  OleRegGetUserType

  WriteFmtUserTypeStg

  OleDestroyMenuDescriptor

  CLSIDFromString

  OleQueryCreateFromData

  CoLockObjectExternal

  WriteClassStm

  StgCreateDocfileOnILockBytes

  RevokeDragDrop

  OleSetMenuDescriptor

  GetRunningObjectTable

  OleCreateFromData

  OleSetContainedObject

  OleUninitialize

  comctl32

  ImageList_BeginDrag

  InitializeFlatSB

  ImageList_GetImageInfo

  FlatSB_EnableScrollBar

  ImageList_Create

  ImageList_SetOverlayImage

  PropertySheetA

  ImageList_Destroy

  CreatePropertySheetPageW

  ImageList_Remove

  _TrackMouseEvent

  CreateStatusWindowW

  ImageList_GetIcon

  ImageList_Add

  ImageList_Read

  ImageList_EndDrag

  InitCommonControlsEx

  ImageList_DragMove

  ImageList_GetImageCount

  ImageList_Draw

  ImageList_AddMasked

  ImageList_LoadImageA

  ImageList_DragEnter

  ImageList_DrawEx

  ord17

  ImageList_Replace

  ImageList_DragShowNolock

  DestroyPropertySheetPage

  ImageList_SetImageCount

  ImageList_Write

  ImageList_ReplaceIcon

  ImageList_DragLeave

  CreatePropertySheetPageA

  user32

  DrawTextExA

  GetMenuCheckMarkDimensions

  IsWindow

  FillRect

  SetMenu

  SetDlgItemTextA

  MonitorFromPoint

  LoadMenuA

  GetMenuItemCount

  DrawFocusRect

  DrawEdge

  DrawMenuBar

  SendInput

  MapDialogRect

  GetForegroundWindow

  EndPaint

  SendDlgItemMessageA

  SetCapture

  FindWindowA

  SetClassLongA

  SendMessageTimeoutW

  CallWindowProcA

  GetFocus

  SetPropW

  GetClassInfoExA

  AppendMenuA

  AppendMenuW

  GetClassInfoExW

  CallWindowProcW

  GetClientRect

  PeekMessageA

  GetSysColor

  DestroyWindow

  SendMessageA

  GetMessagePos

  GetSystemMetrics

  TabbedTextOutA

  GetClassNameA

  BringWindowToTop

  GetClassNameW

  GetWindow

  KillTimer

  RegisterWindowMessageA

  RegisterClassW

  CreateAcceleratorTableA

  DeleteMenu

  GetClassLongA

  ChildWindowFromPoint

  GetDC

  MapWindowPoints

  IsWindowVisible

  LoadStringA

  ShowScrollBar

  SetRect

  DestroyAcceleratorTable

  GetMenuItemID

  DestroyMenu

  IsWindowUnicode

  UnregisterHotKey

  InsertMenuItemA

  GetClipboardData

  GetDlgCtrlID

  GetWindowLongA

  wsprintfA

  IsWindowEnabled

  GetActiveWindow

  CopyRect

  DestroyCursor

  SetTimer

  GetUpdateRect

  CallNextHookEx

  CreatePopupMenu

  wvsprintfA

  LoadBitmapA

  OffsetRect

  UpdateWindow

  IsDialogMessageW

  DispatchMessageW

  GetAsyncKeyState

  GetIconInfo

  IsClipboardFormatAvailable

  SetCursorPos

  CharNextA

  EqualRect

  WinHelpA

  SetWindowContextHelpId

  SetMenuDefaultItem

  CreateMenu

  LoadMenuW

  InsertMenuW

  CheckRadioButton

  GrayStringA

  SetFocus

  CreateAcceleratorTableW

  GetMenuItemInfoW

  RegisterClipboardFormatA

  ScreenToClient

  GetParent

  IsZoomed

  SetClipboardData

  GetCaretPos

  IsCharLowerW

  PostMessageW

  DrawStateW

  DefFrameProcA

  IsIconic

  OpenClipboard

  GetPropA

  SetWindowRgn

  SetWindowTextA

  TrackPopupMenu

  SetMenuItemBitmaps

  EnumChildWindows

  InvalidateRect

  GetDesktopWindow

  EndDialog

  ShowCaret

  MessageBeep

  MessageBoxW

  PostMessageA

  LoadImageA

  SetWindowPos

  GetDlgItem

  TranslateMDISysAccel

  IsDialogMessageA

  IntersectRect

  GetCursor

  SetCursor

  GetClassLongW

  GetKeyState

  RegisterClassA

  GetMenuItemInfoA

  SetActiveWindow

  GetNextDlgGroupItem

  SetScrollPos

  SetWindowPlacement

  BeginPaint

  CreateWindowExW

  SendMessageW

  TrackPopupMenuEx

  GetMessageA

  DrawTextA

  AdjustWindowRectEx

  SetWindowsHookExW

  ReleaseCapture

  UnpackDDElParam

  ReuseDDElParam

  ChildWindowFromPointEx

  WindowFromPoint

  RemovePropW

  IsRectEmpty

  CharUpperA

  EnableWindow

  PostThreadMessageA

  InsertMenuA

  SendDlgItemMessageW

  PeekMessageW

  DrawIcon

  ModifyMenuA

  GetNextDlgTabItem

  RegisterWindowMessageW

  LoadImageW

  RemovePropA

  GetCursorPos

  ModifyMenuW

  FrameRect

  MapVirtualKeyA

  GetWindowDC

  IsMenu

  SetWindowsHookExA

  UnregisterClassA

  GetWindowThreadProcessId

  DispatchMessageA

  GetWindowRect

  GetPropW

  RedrawWindow

  WinHelpW

  GetWindowPlacement

  CheckMenuRadioItem

  SetForegroundWindow

  GetSubMenu

  ClientToScreen

  GetMenuState

  CheckMenuItem

  GetLastActivePopup

  GetClassInfoW

  GetSystemMenu

  GetDlgItemTextW

  CopyIcon

  InvalidateRgn

  MapVirtualKeyExW

  GetTopWindow

  DrawIconEx

  CheckDlgButton

  ExcludeUpdateRgn

  SetRectEmpty

  InflateRect

  CreateCaret

  CreateIconIndirect

  DrawFrameControl

  PtInRect

  GetMenu

  GetSysColorBrush

  GetWindowTextA

  MoveWindow

  UnhookWindowsHookEx

  DefDlgProcA

  AttachThreadInput

  RegisterClassExA

  EnumWindows

  LockWindowUpdate

  EnableMenuItem

  SystemParametersInfoA

  TranslateMessage

  CreateDialogIndirectParamW

  SetCaretPos

  GetWindowTextLengthA

  GetWindowTextW

  IsChild

  SetDlgItemInt

  PostQuitMessage

  SetWindowLongW

  GetDlgItemTextA

  GetScrollInfo

  ReleaseDC

  CloseClipboard

  ShowWindow

  LoadIconA

  GetCapture

  DefWindowProcA

  LoadCursorA

  GetMenuStringW

  SetWindowLongA

  MessageBoxA

  ScrollWindow

  SetPropA

  GetDialogBaseUnits

  CreateWindowExA

  DestroyIcon

  GetWindowLongW

  GetMessageTime

  DeferWindowPos

  ScrollWindowEx

  CopyAcceleratorTableA

  kernel32

  GetModuleFileNameW

  ReleaseMutex

  FindNextFileW

  GetUserDefaultLCID

  GetCurrentThreadId

  lstrcpynA

  GetModuleHandleW

  ExitProcess

  IsBadWritePtr

  DeleteFileA

  GetStdHandle

  GetEnvironmentStrings

  CreateSemaphoreA

  GlobalGetAtomNameA

  ReadFile

  FindClose

  FreeEnvironmentStringsA

  LoadLibraryA

  TlsGetValue

  GetModuleHandleA

  GetCurrentDirectoryW

  FindResourceExA

  GetCurrentThread

  GetProcessVersion

  GetProcessHeap

  LCMapStringA

  GlobalReAlloc

  LocalReAlloc

  FindFirstFileW

  WaitForSingleObject

  GetFileType

  MoveFileA

  GetFullPathNameW

  CreateMutexA

  GlobalHandle

  HeapAlloc

  RtlUnwind

  LocalAlloc

  GetLocaleInfoW

  GetLocaleInfoA

  InterlockedExchange

  CreateFileA

  GlobalLock

  GetDateFormatA

  lstrlenW

  EnumSystemLocalesA

  GetConsoleMode

  GetCommandLineA

  TlsSetValue

  VirtualProtect

  lstrcatA

  InitializeCriticalSection

  QueryPerformanceFrequency

  GetStringTypeA

  SetEndOfFile

  OpenProcess

  MoveFileExA

  GetSystemInfo

  GetThreadLocale

  OpenMutexA

  lstrcmpiA

  SetFileTime

  GetProcessTimes

  RemoveDirectoryA

  InterlockedDecrement

  LCMapStringW

  Beep

  GetStringTypeW

  GetVersionExW

  GetWindowsDirectoryA

  GetFileAttributesA

  TerminateProcess

  FlushFileBuffers

  ExpandEnvironmentStringsA

  LoadLibraryW

  GetCPInfo

  GetFullPathNameA

  lstrcmpW

  LeaveCriticalSection

  GetSystemTimeAsFileTime

  GlobalFlags

  GetFileSize

  SetLastError

  ConvertDefaultLocale

  Sleep

  GetVersionExA

  CreateThread

  DeviceIoControl

  LockResource

  MultiByteToWideChar

  FreeResource

  TlsFree

  GetLastError

  WritePrivateProfileSectionA

  GlobalAddAtomW

  GetSystemDirectoryW

  CompareStringW

  IsBadReadPtr

  FindFirstFileA

  MulDiv

  MapViewOfFile

  GetFileAttributesW

  GetVolumeInformationW

  GetCurrentDirectoryA

  lstrlenA

  CopyFileA

  GetCurrentProcess

  InterlockedIncrement

  GetVersion

  WriteFile

  VirtualFree

  FindResourceA

  GetTickCount

  QueryPerformanceCounter

  CreateProcessA

  _lcreat

  GlobalSize

  GlobalDeleteAtom

  HeapSize

  WriteConsoleW

  GetShortPathNameA

  IsValidCodePage

  FileTimeToSystemTime

  DeleteFileW

  lstrcatW

  SetStdHandle

  IsBadStringPtrA

  HeapCreate

  IsDebuggerPresent

  lstrcmpA

  LoadLibraryExA

  GetProcAddress

  CloseHandle

  LocalFree

  EnterCriticalSection

  GetTempFileNameA

  IsValidLocale

  SetUnhandledExceptionFilter

  SetEvent

  DebugBreak

  ReleaseSemaphore

  CreateToolhelp32Snapshot

  IsProcessorFeaturePresent

  GlobalAlloc

  GetSystemDirectoryA

  GetTimeFormatA

  GetOverlappedResult

  SetHandleCount

  GetCurrentProcessId

  TlsAlloc

  CreateMutexW

  GlobalFindAtomA

  InterlockedCompareExchange

  ResetEvent

  VirtualQuery

  GetTempPathA

  GetStartupInfoA

  HeapFree

  CompareStringA

  VirtualAlloc

  FormatMessageA

  FreeLibrary

  TerminateThread

  SetProcessShutdownParameters

  FreeEnvironmentStringsW

  GetOEMCP

  GetModuleFileNameA

  SetFileAttributesA

  GetProfileStringA

  GetStringTypeExA

  FindNextFileA

  LoadResource

  WideCharToMultiByte

  CreateProcessW

  GetSystemTime

  GetFileTime

  GetTimeZoneInformation

  GetLogicalDrives

  DeleteCriticalSection

  FatalAppExitA

  SetEnvironmentVariableA

  HeapReAlloc

  GetACP

  FormatMessageW

  GlobalUnlock

  GetStartupInfoW

  CreateFileW

  SetFilePointer

  FlushInstructionCache

  GetVolumeInformationA

  GetPrivateProfileStringA

  SetThreadPriority

  HeapDestroy

  GetEnvironmentStringsW

  lstrcpyA

  FindResourceW

  GetCommandLineW

  UnhandledExceptionFilter

  WriteConsoleA

  FileTimeToLocalFileTime

  GlobalFree

  GetPrivateProfileIntA

  SetErrorMode

  comdlg32

  GetOpenFileNameA

  PageSetupDlgA

  PrintDlgA

  GetFileTitleA

  ChooseColorA

  GetSaveFileNameA

  CommDlgExtendedError

  ChooseFontA

  ReplaceTextA

  winspool.drv

  WritePrinter

  GetPrinterA

  GetPrinterDriverA

  DocumentPropertiesA

  AbortPrinter

  ClosePrinter

  DeviceCapabilitiesA

  StartDocPrinterW

  SetPrinterA

  EndPagePrinter

  ord204

  StartDocPrinterA

  StartPagePrinter

  EndDocPrinter

  OpenPrinterA

  oleaut32

  LoadTypeLi

  advapi32

  CryptDeriveKey

  RegCreateKeyA

  CopySid

  LookupPrivilegeValueA

  SetServiceStatus

  RegQueryInfoKeyA

  RegOpenKeyExA

  OpenServiceA

  GetUserNameA

  RegSetValueA

  RegDeleteKeyA

  OpenThreadToken

  ReportEventA

  RegSetValueExW

  RegQueryValueA

  AddAce

  CryptReleaseContext

  RegQueryValueW

  AllocateAndInitializeSid

  InitializeSecurityDescriptor

  RegEnumKeyA

  DeleteService

  GetSidLengthRequired

  RegSetValueExA

  CloseServiceHandle

  RegQueryValueExW

  CryptCreateHash

  RegisterEventSourceA

  ControlService

  GetTokenInformation

  RegEnumKeyW

  CryptDestroyKey

  CryptGetHashParam

  DuplicateToken

  InitializeAcl

  RegDeleteValueW

  IsValidSid

  GetLengthSid

  SetEntriesInAclW

  RegQueryValueExA

  SetFileSecurityA

  AccessCheck

  RegDeleteKeyW

  AdjustTokenPrivileges

  LookupPrivilegeValueW

  RegDeleteValueA

  RegEnumKeyExA

  OpenSCManagerA

  CryptAcquireContextA

  RegCreateKeyExA

  RegCloseKey

  OpenProcessToken

  RegCreateKeyExW

  GetSecurityDescriptorSacl

  RegOpenKeyExW

  RegFlushKey

  RegEnumValueA

  CryptDestroyHash

  SetSecurityDescriptorDacl

  RegOpenKeyA

  CryptHashData

  DeregisterEventSource

  shell32

  DragQueryFileA

  DragQueryFileW

  SHGetMalloc

  SHGetSpecialFolderLocation

  ShellExecuteW

  DragFinish

  Shell_NotifyIconA

  SHGetPathFromIDListA

  ExtractIconA

  Shell_NotifyIconW

  SHChangeNotify

  SHBrowseForFolderA

  SHGetFileInfoA

  SHFileOperationA

  ShellExecuteA

  SHGetSpecialFolderPathA

  ord155

  SHAppBarMessage

  ShellExecuteExA

  Sections

  .text

  Size: 80KB - Virtual size: 78KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 84KB - Virtual size: 80KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 92KB - Virtual size: 113KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 76KB - Virtual size: 73KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ