General

Malware Config

Signatures

Files

• d5ebcdac450c9999ef7184481f729df0bb5babd9ae9fb62b7c6fdff02569a674

  .exe windows x86

  943c2571e677c484283d2dc47109bcc5

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  EnumDisplaySettingsW

  WaitForInputIdle

  GetClassLongW

  GetUpdateRgn

  GetUpdateRect

  IntersectRect

  ValidateRect

  GetScrollInfo

  SetScrollInfo

  ScrollWindowEx

  IsWindowEnabled

  GetDlgCtrlID

  PeekMessageW

  MsgWaitForMultipleObjects

  CheckRadioButton

  SetUserObjectSecurity

  GetUserObjectSecurity

  GetDesktopWindow

  GetWindow

  SendMessageTimeoutW

  ExitWindowsEx

  LoadAcceleratorsW

  GetMessageW

  TranslateAcceleratorW

  IsDialogMessageW

  TranslateMessage

  DispatchMessageW

  CreateDialogParamW

  GetDlgItemTextW

  RemoveMenu

  DrawMenuBar

  PostQuitMessage

  DrawIconEx

  TrackPopupMenu

  IsWindow

  GetCapture

  ReleaseCapture

  SetCapture

  DrawEdge

  RegisterWindowMessageW

  LoadMenuW

  InsertMenuW

  CheckMenuItem

  CreateMenu

  CheckMenuRadioItem

  RedrawWindow

  ShowWindowAsync

  SetForegroundWindow

  FindWindowExW

  IsIconic

  GetWindowDC

  SetMenuItemInfoW

  DeleteMenu

  CheckDlgButton

  IsDlgButtonChecked

  InvalidateRgn

  FillRect

  EnumWindows

  GetWindowThreadProcessId

  GetWindowTextW

  ModifyMenuW

  SystemParametersInfoW

  CreatePopupMenu

  AppendMenuW

  TrackPopupMenuEx

  GetSubMenu

  GetMenuItemCount

  GetMenuItemID

  GetMenu

  EnableMenuItem

  DestroyIcon

  SetClassLongW

  SetFocus

  SetTimer

  WindowFromPoint

  KillTimer

  GetWindowPlacement

  LoadStringW

  FindWindowW

  LoadIconW

  LoadImageW

  RegisterClassExW

  RegisterClassW

  SetWindowPlacement

  UpdateWindow

  InflateRect

  SetWindowTextW

  DialogBoxIndirectParamW

  DefDlgProcW

  DialogBoxParamW

  SetCursor

  InvalidateRect

  ChildWindowFromPoint

  GetSysColor

  GetSysColorBrush

  DefFrameProcW

  DefMDIChildProcW

  FrameRect

  GetDC

  DrawTextW

  ClientToScreen

  ReleaseDC

  CreateIconIndirect

  MapWindowPoints

  DestroyWindow

  CreateWindowExW

  IsWindowVisible

  GetFocus

  GetPropW

  ScreenToClient

  GetClassNameW

  DeferWindowPos

  BeginDeferWindowPos

  EnumChildWindows

  EndDeferWindowPos

  OffsetRect

  UnionRect

  IsZoomed

  GetSystemMetrics

  PtInRect

  BeginPaint

  DrawFrameControl

  EndPaint

  SetPropW

  CallWindowProcW

  DefWindowProcW

  GetClientRect

  CopyRect

  GetWindowLongW

  GetParent

  ShowWindow

  SetWindowLongW

  GetKeyState

  OpenClipboard

  EmptyClipboard

  SetClipboardData

  CloseClipboard

  GetCursorPos

  SetWindowPos

  PostMessageW

  SendMessageW

  MessageBoxW

  EndDialog

  GetDlgItem

  GetWindowRect

  MoveWindow

  SetDlgItemTextW

  LoadCursorW

  EnableWindow

  comdlg32

  ChooseColorW

  ChooseFontW

  PrintDlgW

  GetSaveFileNameW

  FindTextW

  GetOpenFileNameW

  gdi32

  CreateRectRgnIndirect

  RectInRegion

  GetObjectW

  GetStockObject

  DeleteObject

  CreateSolidBrush

  DeleteDC

  CreateCompatibleDC

  CreateDIBSection

  BitBlt

  SetBkColor

  EndDoc

  EndPage

  StartPage

  StartDocW

  SelectClipRgn

  GetDeviceCaps

  GetTextExtentPoint32W

  ExtTextOutW

  SetTextAlign

  RestoreDC

  Rectangle

  CreatePen

  SetROP2

  SaveDC

  CreateCompatibleBitmap

  LineTo

  MoveToEx

  GetTextMetricsW

  Polyline

  CreateFontIndirectW

  SetBkMode

  SetTextColor

  SelectObject

  GetBkColor

  CreateRectRgn

  SetMapMode

  GetBkMode

  kernel32

  GetStringTypeW

  GetStringTypeA

  GetConsoleMode

  GetConsoleCP

  GetModuleHandleA

  LCMapStringW

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  TlsFree

  GetModuleFileNameA

  ExitProcess

  HeapCreate

  GetStartupInfoW

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  CreateThread

  RtlUnwind

  RaiseException

  HeapSize

  HeapReAlloc

  HeapDestroy

  lstrlenA

  SetProcessWorkingSetSize

  FindFirstFileW

  FindClose

  SetPriorityClass

  TerminateProcess

  GetComputerNameW

  GetLocaleInfoW

  SetErrorMode

  WaitForMultipleObjects

  GetTickCount

  GlobalMemoryStatus

  MapViewOfFile

  IsBadReadPtr

  UnmapViewOfFile

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GetVersionExW

  Thread32First

  Thread32Next

  GetThreadContext

  LoadLibraryExW

  ResumeThread

  SuspendThread

  OpenThread

  SetEnvironmentVariableW

  GetCurrentProcessId

  LCMapStringA

  GetCurrentThread

  SetThreadAffinityMask

  Sleep

  GetSystemDirectoryW

  GetNumberFormatW

  ReadFile

  SetFilePointer

  VirtualQueryEx

  GetFileAttributesW

  SearchPathW

  ExpandEnvironmentStringsW

  MultiByteToWideChar

  lstrcmpiW

  lstrcmpW

  GetDateFormatW

  ReadProcessMemory

  HeapAlloc

  HeapFree

  GetEnvironmentVariableW

  CreateEventW

  OpenEventW

  GetCommandLineW

  CreateFileW

  GetCurrentProcess

  IsBadStringPtrW

  lstrlenW

  GetSystemTimeAsFileTime

  DeleteCriticalSection

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  GetTimeFormatW

  GetSystemTime

  SystemTimeToFileTime

  FreeLibrary

  GetProcAddress

  LoadLibraryW

  WaitForSingleObject

  TerminateThread

  CreateToolhelp32Snapshot

  Module32FirstW

  Module32NextW

  GetModuleHandleW

  GlobalReAlloc

  GlobalLock

  GlobalAlloc

  GlobalUnlock

  SetEvent

  GetVersion

  FindResourceExW

  LoadResource

  LockResource

  SizeofResource

  GetStartupInfoA

  GetEnvironmentStringsW

  InitializeCriticalSectionAndSpinCount

  GetLocaleInfoA

  LoadLibraryA

  ExpandEnvironmentStringsA

  GetPrivateProfileStringW

  TlsAlloc

  ExitThread

  GetFileSize

  GetFullPathNameW

  FormatMessageW

  WriteFile

  GetWindowsDirectoryW

  TlsSetValue

  Process32FirstW

  Process32NextW

  TlsGetValue

  GetSystemInfo

  GlobalAddAtomW

  FindNextFileW

  WideCharToMultiByte

  GetExitCodeThread

  GetFileTime

  VirtualAlloc

  VirtualFree

  GetDriveTypeW

  DeviceIoControl

  GetCurrentDirectoryW

  GetProcessWorkingSetSize

  DuplicateHandle

  GetCommandLineA

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  InterlockedIncrement

  InterlockedDecrement

  DeleteFileW

  DisableThreadLibraryCalls

  GetWriteWatch

  UpdateResourceW

  ClearCommBreak

  GetNamedPipeHandleStateW

  PulseEvent

  IsSystemResumeAutomatic

  SetProcessShutdownParameters

  GetModuleFileNameW

  ConvertFiberToThread

  LocalCompact

  FreeEnvironmentStringsW

  GlobalCompact

  SetStdHandle

  FlushViewOfFile

  GlobalDeleteAtom

  GetProcessVersion

  OpenProcess

  PeekNamedPipe

  FlushInstructionCache

  GetPriorityClass

  InitAtomTable

  FlushFileBuffers

  GetProcessId

  GetAtomNameW

  FindVolumeClose

  CreateFiber

  GetThreadIOPendingFlag

  RemoveVectoredExceptionHandler

  SetTapeParameters

  MulDiv

  ResetEvent

  DisconnectNamedPipe

  DecodePointer

  SetHandleCount

  QueueUserAPC

  GetCommMask

  FreeResource

  CheckRemoteDebuggerPresent

  FindFirstFileExW

  AssignProcessToJobObject

  SetProcessPriorityBoost

  GlobalUnWire

  CreateFileMappingW

  SetLastError

  ConvertThreadToFiber

  GetFileType

  SetTapePosition

  GetTapeStatus

  FreeUserPhysicalPages

  GetProcessHeap

  GetStdHandle

  GetProcessAffinityMask

  GetThreadPriority

  PrepareTape

  GetCurrentThreadId

  RequestDeviceWakeup

  GetCommTimeouts

  SetSystemPowerState

  EncodePointer

  CreateNamedPipeW

  WTSGetActiveConsoleSessionId

  GetThreadSelectorEntry

  GetMailslotInfo

  GetNamedPipeInfo

  GetThreadPriorityBoost

  EscapeCommFunction

  ClearCommError

  RtlCaptureStackBackTrace

  FormatMessageA

  SetEnvironmentVariableA

  CompareStringW

  CompareStringA

  SetEndOfFile

  CreateFileA

  GetTimeZoneInformation

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  LocalAlloc

  LocalFree

  GetLastError

  CloseHandle

  CreateProcessW

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  FindResourceW

  Sections

  .text

  Size: 43KB - Virtual size: 43KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 16KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 31KB - Virtual size: 450KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 213KB - Virtual size: 212KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ