General

Malware Config

Signatures

Files

• ea4d6b06920a2b27ec6817065154cc8df386ced2f86cea8e2abc249dc543f9a3

  .exe windows x86

  e85f1af652d872b8be1542db70f53719

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_NO_BIND

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_UP_SYSTEM_ONLY

  Imports

  kernel32

  IsValidCodePage

  GetOEMCP

  GetACP

  HeapSize

  GetLocaleInfoW

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  GetCurrentThreadId

  SetLastError

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetModuleFileNameA

  FlushFileBuffers

  GetConsoleMode

  GetConsoleCP

  SetFilePointer

  ReadFile

  GetModuleFileNameW

  WriteFile

  ExitProcess

  GetModuleHandleW

  GetProcAddress

  GetUserDefaultLCID

  IsProcessorFeaturePresent

  GetFileType

  InitializeCriticalSectionAndSpinCount

  GetStdHandle

  SetHandleCount

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  GetCPInfo

  LCMapStringW

  WideCharToMultiByte

  RtlUnwind

  RaiseException

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  HeapReAlloc

  HeapFree

  LeaveCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  InitializeCriticalSection

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  GetStringTypeW

  LoadLibraryW

  SetStdHandle

  WriteConsoleW

  CreateFileW

  lstrcpyA

  DeleteFileA

  GetSystemTime

  LocalFree

  CloseHandle

  LocalSize

  OutputDebugStringA

  GetModuleHandleA

  GetProfileStringA

  LocalAlloc

  GetFullPathNameA

  BackupWrite

  GetLastError

  GetProfileIntA

  GlobalUnlock

  MultiByteToWideChar

  lstrcatA

  HeapCreate

  Sleep

  DecodePointer

  EncodePointer

  InterlockedDecrement

  InterlockedIncrement

  FormatMessageA

  GetProcessHeap

  WaitForSingleObject

  QueryPerformanceCounter

  HeapAlloc

  lstrlenA

  CreateFileA

  SetEndOfFile

  user32

  SetFocus

  MoveWindow

  GetWindow

  GetDialogBaseUnits

  GetScrollPos

  SetDlgItemTextA

  EndDeferWindowPos

  DialogBoxParamA

  GetDlgItemTextA

  LoadCursorA

  SetMenuItemInfoA

  DestroyMenu

  EnableWindow

  UpdateWindow

  LoadImageA

  SetWindowTextA

  GetSystemMetrics

  BeginDeferWindowPos

  DeferWindowPos

  EndPaint

  ClientToScreen

  DestroyWindow

  GetMessageA

  InvertRect

  SetTimer

  GetWindowRect

  SetActiveWindow

  CreateDialogParamA

  RegisterClassExA

  PostQuitMessage

  TrackPopupMenu

  FillRect

  KillTimer

  GetSubMenu

  SetMenuItemBitmaps

  LoadBitmapA

  LoadMenuA

  LoadIconA

  DispatchMessageA

  SetParent

  GetClientRect

  wsprintfA

  SendMessageA

  BeginPaint

  GetScrollRange

  GetDC

  TranslateMessage

  GetMenu

  OffsetRect

  GetWindowTextA

  MessageBoxA

  InvalidateRect

  CreateWindowExA

  SetScrollPos

  ReleaseDC

  GetDlgItem

  ScrollWindow

  EndDialog

  DefWindowProcA

  GetDesktopWindow

  GetSysColor

  GetMenuItemInfoA

  ShowWindow

  IsWindow

  gdi32

  EndPage

  BitBlt

  PlayMetaFile

  GetTextExtentPoint32A

  StartPage

  DeleteDC

  GetDeviceCaps

  StretchBlt

  SetAbortProc

  CreateBitmap

  DeleteObject

  SelectObject

  CreateCompatibleDC

  SetMapMode

  CreateCompatibleBitmap

  Rectangle

  CreateBrushIndirect

  Ellipse

  SaveDC

  SetStretchBltMode

  SetTextAlign

  GetPixel

  GetObjectA

  GetStockObject

  RestoreDC

  CreateSolidBrush

  EnumFontsA

  TextOutA

  SetPixel

  winspool.drv

  FindFirstPrinterChangeNotification

  GetPrinterA

  EnumPrintersA

  EnumJobsA

  OpenPrinterA

  ClosePrinter

  FindClosePrinterChangeNotification

  advapi32

  RegQueryValueExA

  ConvertSidToStringSidA

  CredDeleteA

  ole32

  OleUninitialize

  OleInitialize

  wininet

  FtpSetCurrentDirectoryA

  ws2_32

  WSAEnumProtocolsA

  WSAStartup

  avicap32

  capGetDriverDescriptionA

  winmm

  timeBeginPeriod

  timeGetTime

  comctl32

  ord6

  rasapi32

  RasHangUpA

  RasGetErrorStringA

  RasDialA

  Sections

  .text

  Size: 89KB - Virtual size: 88KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 89KB - Virtual size: 89KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 27KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 53KB - Virtual size: 53KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ