General

Malware Config

Signatures

Files

• d650e12ea3bb05457a6f4780c13c3797510c53db21aecc71a036a1b073d7ec9f

  .exe windows x86

  2d2090c1b3d09491c317880e6a1b39bd

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_NO_BIND

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_UP_SYSTEM_ONLY

  Imports

  kernel32

  LoadLibraryW

  HeapSize

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  GetTickCount

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  Sleep

  GetConsoleMode

  GetConsoleCP

  DeleteCriticalSection

  SetHandleCount

  GetModuleFileNameW

  WriteFile

  GetStringTypeW

  ExitProcess

  TerminateProcess

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  LCMapStringW

  GetCurrentThreadId

  SetLastError

  GetModuleHandleW

  TlsFree

  DecodePointer

  TlsSetValue

  TlsGetValue

  TlsAlloc

  EncodePointer

  IsValidCodePage

  GetOEMCP

  GetACP

  InterlockedDecrement

  InterlockedIncrement

  GetCPInfo

  IsProcessorFeaturePresent

  GetStartupInfoW

  HeapSetInformation

  GetCommandLineA

  GetFileType

  InitializeCriticalSectionAndSpinCount

  SetStdHandle

  LeaveCriticalSection

  EnterCriticalSection

  HeapReAlloc

  RtlUnwind

  RaiseException

  WriteConsoleW

  SetFilePointer

  OutputDebugStringA

  InitializeCriticalSection

  InterlockedExchange

  MultiByteToWideChar

  GlobalAlloc

  LocalHandle

  LocalFree

  FindFirstFileA

  GetFullPathNameA

  FindNextFileA

  FindClose

  LocalAlloc

  LocalUnlock

  GetProcessHeap

  HeapAlloc

  HeapFree

  AllocConsole

  GetStdHandle

  SetConsoleScreenBufferSize

  GetVersion

  GetSystemInfo

  FormatMessageA

  GetModuleFileNameA

  WritePrivateProfileStringA

  GetCurrentProcess

  CloseHandle

  CreateFileA

  GetFileSize

  CreateFileMappingA

  MapViewOfFile

  FlushViewOfFile

  UnmapViewOfFile

  HeapCreate

  FindResourceA

  LoadResource

  LockResource

  SizeofResource

  CreateFileW

  WideCharToMultiByte

  GetLastError

  lstrcatA

  lstrlenA

  GetModuleHandleA

  GetProcAddress

  FlushFileBuffers

  user32

  GetClassInfoA

  AdjustWindowRect

  SetWindowLongA

  GetWindowLongA

  IsWindowEnabled

  IsDlgButtonChecked

  GetDlgItemTextA

  EndDialog

  LoadImageA

  ReleaseDC

  OffsetRect

  IntersectRect

  wsprintfA

  GetMenu

  GetMenuItemInfoA

  CheckMenuRadioItem

  GetWindowRect

  MoveWindow

  DefWindowProcA

  SetMenuItemInfoA

  MessageBoxA

  GetParent

  InvalidateRect

  BeginPaint

  GetClientRect

  DrawTextA

  EndPaint

  RedrawWindow

  EnumClipboardFormats

  GetClipboardFormatNameA

  GetClipboardData

  CloseClipboard

  GetDlgItem

  ClientToScreen

  GetCursorPos

  OpenClipboard

  LoadCursorA

  LoadIconA

  RegisterClassExW

  CreateWindowExW

  SetWindowRgn

  IsWindow

  SendMessageA

  DestroyIcon

  LoadCursorW

  LoadIconW

  RegisterClassW

  InvertRect

  GetWindowDC

  RegisterClassExA

  CreateWindowExA

  ShowWindow

  GetMessageA

  TranslateMessage

  DispatchMessageA

  LoadBitmapA

  DestroyWindow

  PostQuitMessage

  SetCursor

  GetSysColorBrush

  FillRect

  gdi32

  SetTextColor

  CreateEllipticRgn

  CombineRgn

  SetMapMode

  SetPolyFillMode

  SetBkMode

  SelectObject

  DeleteObject

  GetGlyphOutlineA

  GetFontData

  ExtTextOutW

  GetTextMetricsA

  GetStockObject

  GetRgnBox

  CreateSolidBrush

  CreateCompatibleDC

  CreateDIBSection

  MaskBlt

  GetMapMode

  GetObjectA

  DPtoLP

  BitBlt

  DeleteDC

  CreateBitmap

  GetPixel

  SetPixel

  GetOutlineTextMetricsA

  winspool.drv

  DeviceCapabilitiesA

  ClosePrinter

  OpenPrinterA

  comdlg32

  GetFileTitleA

  advapi32

  GetSidSubAuthorityCount

  LookupPrivilegeValueA

  OpenProcessToken

  EqualSid

  GetLengthSid

  LookupAccountSidA

  LookupAccountSidW

  IsValidSid

  GetSidIdentifierAuthority

  GetSidSubAuthority

  AdjustTokenPrivileges

  shell32

  SHParseDisplayName

  SHCreateShellItem

  SHGetFileInfoA

  ole32

  PropVariantCopy

  CoInitialize

  CoUninitialize

  CoCreateInstance

  PropVariantClear

  oleaut32

  SysAllocString

  ws2_32

  WSAAsyncGetProtoByNumber

  gethostname

  netapi32

  NetUserGetLocalGroups

  NetUserGetGroups

  mpr

  WNetCloseEnum

  WNetOpenEnumA

  WNetEnumResourceA

  shlwapi

  SHCreateStreamOnFileW

  comctl32

  ImageList_Create

  ord17

  ImageList_Add

  PropertySheetA

  CreatePropertySheetPageA

  ImageList_ReplaceIcon

  setupapi

  SetupDiGetClassInstallParamsA

  SetupDiSetClassInstallParamsA

  Sections

  .text

  Size: 75KB - Virtual size: 75KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 57KB - Virtual size: 56KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 5KB - Virtual size: 12KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .ndata

  Size: 131KB - Virtual size: 131KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 130KB - Virtual size: 129KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ