General

Malware Config

Signatures

Files

• ad4867a256b66212c709c8308cfb1d3f827705eb7e6c21e2fa1ce43963f9351c

  .exe windows x86

  bf29182af081beb62d6b01aeca3c8fc7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  GetTopWindow

  MonitorFromPoint

  GetClipboardSequenceNumber

  SetWindowsHookA

  VkKeyScanA

  CreateWindowExA

  IsRectEmpty

  CallWindowProcA

  GetMenuItemID

  EnumWindows

  CreateDialogParamA

  IsWindowVisible

  AppendMenuA

  SetRect

  IsCharAlphaW

  GetCapture

  GetAncestor

  IsCharAlphaA

  GetCaretPos

  IsZoomed

  FlashWindow

  GetMenuState

  GetScrollRange

  DeferWindowPos

  IsCharAlphaNumericW

  UpdateLayeredWindow

  MonitorFromWindow

  SetScrollRange

  IsCharUpperA

  GetWindowDC

  InSendMessageEx

  OpenClipboard

  SetScrollPos

  GetDlgCtrlID

  SetSysColors

  SetWindowTextA

  IsMenu

  SetWindowPlacement

  GetDC

  SetWindowRgn

  FrameRect

  SetMenuContextHelpId

  IsWinEventHookInstalled

  TrackMouseEvent

  GetMenuContextHelpId

  SetWindowsHookW

  GetSysColor

  SetMenu

  ArrangeIconicWindows

  GetKBCodePage

  GetCursorPos

  IsClipboardFormatAvailable

  VkKeyScanExA

  ChildWindowFromPoint

  ToAsciiEx

  GetActiveWindow

  GetKeyState

  OpenIcon

  shell32

  ShellExecuteExW

  ole32

  WriteFmtUserTypeStg

  advapi32

  RegQueryInfoKeyA

  RegOpenKeyExA

  RegDeleteKeyW

  gdi32

  Ellipse

  CreateRectRgnIndirect

  GetBitmapBits

  GetCharWidthW

  crypt32

  CryptMsgOpenToDecode

  version

  VerQueryValueW

  kernel32

  LCMapStringW

  MultiByteToWideChar

  LCMapStringA

  GetLocaleInfoA

  HeapSize

  RtlUnwind

  HeapReAlloc

  VirtualAlloc

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  IsDebuggerPresent

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  EnterCriticalSection

  LeaveCriticalSection

  GetSystemTimeAsFileTime

  GetTickCount

  GetStringTypeA

  HeapFree

  VirtualFree

  HeapCreate

  InterlockedDecrement

  GetCurrentThreadId

  SetLastError

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsAlloc

  DeleteCriticalSection

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetStdHandle

  WriteFile

  ExitProcess

  GetProcAddress

  GetStringTypeW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetFileSizeEx

  Sleep

  GetModuleHandleW

  GetThreadPriorityBoost

  GetProcessPriorityBoost

  CreateIoCompletionPort

  GetThreadPriority

  GlobalCompact

  GlobalDeleteAtom

  EscapeCommFunction

  GetModuleFileNameW

  GetModuleFileNameA

  RequestDeviceWakeup

  GetTapeParameters

  SetFilePointerEx

  EncodeSystemPointer

  CreateFiberEx

  GetCommandLineA

  HeapAlloc

  ConvertThreadToFiber

  BindIoCompletionCallback

  ReplaceFileA

  UnlockFileEx

  GetProcessHeap

  GetLastError

  GetTempPathA

  GlobalUnlock

  GlobalMemoryStatus

  CreateFileA

  GetLocaleInfoW

  CreateProcessA

  SetEnvironmentVariableA

  GetPrivateProfileStringW

  TlsGetValue

  CreateThread

  VirtualQuery

  ResumeThread

  GlobalLock

  PeekNamedPipe

  CreateRemoteThread

  GetStartupInfoA

  SetUnhandledExceptionFilter

  Sections

  .text

  Size: 76KB - Virtual size: 76KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 10KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 111KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 103KB - Virtual size: 103KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ