General

Malware Config

Signatures

Files

• 57187a5aae14cd5372b0fdcc6865f5ae644c4aa478a42b86786a69426ecb949d

  .exe windows x86

  bc7e6b0134a8a980fc7e9a6a6fb7d7c3

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  CreateWindowExW

  RegisterClassExW

  GetWindow

  GetDesktopWindow

  IsWindowEnabled

  KillTimer

  MsgWaitForMultipleObjects

  GetDlgCtrlID

  CheckRadioButton

  SendMessageTimeoutW

  PeekMessageW

  GetUserObjectSecurity

  SetUserObjectSecurity

  IsDialogMessageW

  DrawIconEx

  CheckMenuRadioItem

  WindowFromPoint

  RedrawWindow

  TrackPopupMenu

  RemoveMenu

  CreateMenu

  DrawMenuBar

  LoadMenuW

  TranslateAcceleratorW

  LoadAcceleratorsW

  GetDlgItemTextW

  CallWindowProcW

  IsWindow

  PostQuitMessage

  ExitWindowsEx

  DispatchMessageW

  TranslateMessage

  GetMessageW

  DrawEdge

  RegisterWindowMessageW

  GetWindowDC

  SetMenuItemInfoW

  IsIconic

  ShowWindowAsync

  SystemParametersInfoW

  EnumWindows

  SetClassLongW

  GetWindowTextW

  InvalidateRgn

  TrackPopupMenuEx

  ModifyMenuW

  AppendMenuW

  GetMenuItemCount

  GetMenuItemID

  EnableMenuItem

  CreatePopupMenu

  EnableWindow

  IsDlgButtonChecked

  CheckDlgButton

  GetWindowPlacement

  LoadImageW

  SetWindowPlacement

  RegisterClassW

  DefMDIChildProcW

  DefDlgProcW

  CreateIconIndirect

  FrameRect

  ClientToScreen

  IsWindowVisible

  DefWindowProcW

  LoadStringW

  ReleaseDC

  GetDC

  CreateDialogParamW

  DestroyWindow

  DefFrameProcW

  GetClassNameW

  EnumChildWindows

  PtInRect

  UnionRect

  CopyRect

  ScreenToClient

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  OpenClipboard

  IsZoomed

  EndDeferWindowPos

  DeferWindowPos

  BeginDeferWindowPos

  PostMessageW

  DrawFrameControl

  ChildWindowFromPoint

  SetDlgItemTextW

  DialogBoxParamW

  MoveWindow

  SetWindowTextW

  GetDlgItem

  EndDialog

  DialogBoxIndirectParamW

  GetScrollInfo

  SetScrollInfo

  GetParent

  GetClassLongW

  SetWindowLongW

  GetWindowLongW

  OffsetRect

  IntersectRect

  InflateRect

  FillRect

  GetSysColorBrush

  GetSysColor

  MapWindowPoints

  GetCursorPos

  GetWindowRect

  GetClientRect

  SendMessageW

  WaitForInputIdle

  ShowWindow

  SetFocus

  GetMenu

  CheckMenuItem

  GetSubMenu

  InsertMenuW

  GetPropW

  SetPropW

  ScrollWindowEx

  ValidateRect

  InvalidateRect

  GetUpdateRgn

  GetUpdateRect

  EndPaint

  BeginPaint

  UpdateWindow

  DrawTextW

  GetSystemMetrics

  SetTimer

  ReleaseCapture

  SetCapture

  GetCapture

  DeleteMenu

  SetForegroundWindow

  MessageBoxW

  SetCursor

  FindWindowW

  FindWindowExW

  GetWindowThreadProcessId

  LoadCursorW

  LoadIconW

  DestroyIcon

  EnumDisplaySettingsW

  GetKeyState

  GetFocus

  SetWindowPos

  comdlg32

  PrintDlgW

  GetSaveFileNameW

  GetOpenFileNameW

  FindTextW

  ChooseFontW

  ChooseColorW

  shell32

  Shell_NotifyIconW

  ShellExecuteExW

  SHGetMalloc

  ShellExecuteA

  ShellExecuteW

  SHGetFileInfoW

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  SHBrowseForFolderW

  ole32

  CoTaskMemFree

  CoInitialize

  CoUninitialize

  CoGetInterfaceAndReleaseStream

  CoSetProxyBlanket

  CoMarshalInterThreadInterfaceInStream

  CoCreateInstance

  advapi32

  RegOpenKeyW

  RegDeleteValueW

  StartServiceW

  QueryServiceStatus

  FreeSid

  GetAce

  LookupAccountSidW

  LookupAccountNameW

  LookupPrivilegeValueW

  ImpersonateLoggedOnUser

  RegCreateKeyExW

  RegDeleteKeyW

  RegEnumKeyW

  RegEnumValueW

  RegLoadKeyW

  RegQueryInfoKeyW

  RegQueryValueExW

  RegSetValueExW

  RegUnLoadKeyW

  RegQueryValueW

  CryptAcquireContextW

  CryptReleaseContext

  CryptGetHashParam

  CryptCreateHash

  CryptHashData

  CryptDestroyHash

  CloseServiceHandle

  OpenSCManagerW

  OpenServiceW

  ControlService

  MapGenericMask

  QueryServiceObjectSecurity

  SetServiceObjectSecurity

  AllocateAndInitializeSid

  EqualSid

  AdjustTokenPrivileges

  GetTokenInformation

  OpenProcessToken

  RevertToSelf

  GetLengthSid

  CopySid

  QueryServiceConfigW

  SetTokenInformation

  IsValidSid

  GetSidIdentifierAuthority

  GetSidSubAuthority

  GetSidSubAuthorityCount

  InitializeAcl

  AddAce

  AddAccessAllowedAce

  RegCloseKey

  RegConnectRegistryW

  CreateProcessAsUserW

  GetKernelObjectSecurity

  IsValidSecurityDescriptor

  SetKernelObjectSecurity

  LookupPrivilegeNameW

  RegQueryValueExA

  RegOpenKeyExA

  RegOpenKeyExW

  RegCreateKeyW

  gdi32

  CreateCompatibleDC

  CreateCompatibleBitmap

  BitBlt

  DeleteObject

  SelectObject

  CreateDIBSection

  GetTextExtentPoint32W

  GetStockObject

  CreateFontIndirectW

  CreateRectRgn

  CreateRectRgnIndirect

  CreateSolidBrush

  DeleteDC

  GetBkColor

  GetObjectW

  GetBkMode

  CreatePen

  GetDeviceCaps

  GetTextMetricsW

  SetTextColor

  RectInRegion

  SelectClipRgn

  SetTextAlign

  SetBkColor

  Polyline

  SetMapMode

  StartDocW

  EndDoc

  StartPage

  EndPage

  SetBkMode

  MoveToEx

  SetROP2

  SaveDC

  RestoreDC

  Rectangle

  LineTo

  ExtTextOutW

  comctl32

  ImageList_Create

  ImageList_Destroy

  InitCommonControlsEx

  ImageList_Add

  ImageList_ReplaceIcon

  CreateToolbarEx

  CreatePropertySheetPageW

  CreateStatusWindowW

  PropertySheetW

  ImageList_DrawEx

  mpr

  WNetGetConnectionW

  shlwapi

  UrlUnescapeW

  ColorRGBToHLS

  ColorHLSToRGB

  kernel32

  GetEnvironmentStringsW

  VirtualAlloc

  GetSystemTimeAsFileTime

  GetCommandLineA

  GetStartupInfoA

  EnterCriticalSection

  LeaveCriticalSection

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetProcAddress

  GetModuleHandleA

  RtlUnwind

  GetModuleHandleW

  Sleep

  ExitProcess

  SetHandleCount

  GetFileType

  DeleteCriticalSection

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  SetLastError

  GetCurrentThreadId

  InterlockedDecrement

  HeapCreate

  WriteFile

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  VirtualFree

  HeapFree

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  MultiByteToWideChar

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  HeapAlloc

  HeapReAlloc

  RaiseException

  GetConsoleCP

  GetConsoleMode

  FlushFileBuffers

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  SetFilePointer

  ReadFile

  HeapSize

  CloseHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  SetStdHandle

  CreateFileA

  GetLastError

  Sections

  .text

  Size: 100KB - Virtual size: 100KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 42KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 32.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 143KB - Virtual size: 142KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ