General

Malware Config

Signatures

Files

• 8aae7f0575d68d4070b66bb528c3e4f4270a09156c00989fe25609c7b519a76d

  .exe windows x86

  8beec03e834272ea4dd2eb8479ebbfba

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetEndOfFile

  GetStringTypeW

  LCMapStringW

  CreateFileA

  IsProcessorFeaturePresent

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  SetStdHandle

  LoadLibraryW

  OutputDebugStringW

  WriteConsoleW

  OutputDebugStringA

  IsValidCodePage

  GetCPInfo

  GetOEMCP

  HeapFree

  HeapQueryInformation

  HeapSize

  HeapReAlloc

  GetEnvironmentStringsW

  FindFirstFileA

  FreeEnvironmentStringsW

  ExitProcess

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  ReadFile

  MultiByteToWideChar

  InterlockedDecrement

  InterlockedIncrement

  GetModuleHandleW

  GetProcAddress

  TlsFree

  CreateFileW

  CloseHandle

  GetCurrentDirectoryA

  CancelIo

  GetModuleHandleA

  GetModuleFileNameA

  GetSystemInfo

  ResetEvent

  FindClose

  SetLastError

  GetACP

  GetLastError

  GetStdHandle

  GetOverlappedResult

  SetConsoleMode

  HeapCreate

  HeapAlloc

  CreateEventA

  ReadConsoleInputA

  OpenProcess

  WriteFile

  GetCurrentThreadId

  TlsSetValue

  TlsGetValue

  TlsAlloc

  RtlUnwind

  EncodePointer

  DecodePointer

  GetFileType

  SetHandleCount

  SetFilePointer

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  GetProcessHeap

  WaitForSingleObject

  WideCharToMultiByte

  TerminateProcess

  GetModuleFileNameW

  IsBadReadPtr

  HeapValidate

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  RaiseException

  user32

  LoadCursorA

  FindWindowA

  MoveWindow

  GetWindowRect

  OpenIcon

  RegisterClassExA

  IsIconic

  SetForegroundWindow

  LoadBitmapA

  LoadIconA

  GetWindowTextLengthA

  SendMessageA

  GetMenu

  CreateWindowExA

  DefWindowProcA

  SetWindowPos

  ShowWindow

  GetSystemMetrics

  SetWindowTextA

  LoadImageA

  UpdateWindow

  gdi32

  SetTextColor

  CreateFontA

  GetDeviceCaps

  SetBkMode

  DeleteObject

  SelectObject

  CreateBitmapIndirect

  SetTextAlign

  GetStockObject

  TextOutA

  comdlg32

  FindTextW

  advapi32

  LookupAccountNameW

  shell32

  SHFileOperationA

  ole32

  CoCreateFreeThreadedMarshaler

  psapi

  GetModuleBaseNameA

  EnumProcessModules

  winmm

  PlaySoundA

  shlwapi

  PathAppendA

  PathRemoveFileSpecA

  comctl32

  ImageList_Create

  ImageList_Add

  oleacc

  GetOleaccVersionInfo

  wtsapi32

  WTSEnumerateProcessesA

  Exports

  Exports

  Ino

  Sections

  .text

  Size: 232KB - Virtual size: 232KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 55KB - Virtual size: 63KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 49KB - Virtual size: 48KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 13KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ