General

Malware Config

Signatures

Files

• b0c4858c1b34dcf6a851842bfda111338c195b0fe70342a62518320cada5a358

  .exe windows x86

  8126063750ef450a6bd2810a0729fb9b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  SetWindowRgn

  ReleaseDC

  GetWindowDC

  GetTopWindow

  shell32

  ShellExecuteA

  advapi32

  RegCreateKeyExA

  LookupPrivilegeValueA

  RegQueryValueA

  RegEnumKeyA

  RegOpenKeyA

  OpenProcessToken

  RegOpenKeyExA

  RegCloseKey

  RegDeleteValueA

  RegSetValueExA

  RegDeleteKeyA

  RegQueryValueExA

  AdjustTokenPrivileges

  gdi32

  GetDIBits

  GetObjectA

  CreateCompatibleBitmap

  DeleteObject

  GetClipBox

  SetMapMode

  SetTextColor

  SetBkMode

  SetBkColor

  RestoreDC

  SaveDC

  GetStockObject

  CreateFontIndirectA

  CreateRectRgn

  CombineRgn

  SelectObject

  StretchBlt

  BitBlt

  GetBkColor

  CreateCompatibleDC

  GetDeviceCaps

  comctl32

  ImageList_Read

  ImageList_Write

  ImageList_GetIconSize

  ImageList_SetIconSize

  _TrackMouseEvent

  ImageList_GetDragImage

  ImageList_SetDragCursorImage

  ImageList_DragMove

  ImageList_DragLeave

  ImageList_DragEnter

  ImageList_EndDrag

  ImageList_BeginDrag

  ImageList_Remove

  ImageList_DrawEx

  ImageList_Draw

  ImageList_DragShowNolock

  ImageList_GetBkColor

  ImageList_SetBkColor

  ImageList_ReplaceIcon

  ImageList_Add

  ImageList_GetImageCount

  ImageList_Destroy

  ImageList_Create

  ord17

  version

  VerQueryValueA

  GetFileVersionInfoA

  GetFileVersionInfoSizeA

  shlwapi

  PathFindExtensionA

  PathFindFileNameA

  kernel32

  SetStdHandle

  CreateFileA

  InterlockedDecrement

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  CloseHandle

  SetFilePointer

  ReadFile

  FlushFileBuffers

  GetConsoleMode

  VirtualAlloc

  FatalExit

  ReadProcessMemory

  lstrlenA

  CreateSemaphoreW

  UnlockFileEx

  WaitForSingleObject

  SetCriticalSectionSpinCount

  InterlockedIncrement

  GetSystemTimeAsFileTime

  GetCommandLineA

  GetStartupInfoA

  GetCPInfo

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetLastError

  HeapFree

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  GetModuleHandleW

  Sleep

  GetProcAddress

  ExitProcess

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  GetCurrentThreadId

  GetACP

  GetOEMCP

  IsValidCodePage

  GetUserDefaultLCID

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  GetStringTypeA

  MultiByteToWideChar

  GetStringTypeW

  HeapAlloc

  GetModuleHandleA

  WriteFile

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  LCMapStringA

  LCMapStringW

  HeapReAlloc

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  RtlUnwind

  RaiseException

  GetLocaleInfoW

  HeapSize

  GetConsoleCP

  Sections

  .text

  Size: 85KB - Virtual size: 84KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 27KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 13KB - Virtual size: 112KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 178KB - Virtual size: 180KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ