General

Malware Config

Signatures

Files

• 50067123a00b1ed69c8b4d819732b4a6d6e0bb9acbbf3f27d7cb67c07cba5066

  .exe windows x86

  1a866146f5b7bd523be467cc857cdef4

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualQuery

  HeapAlloc

  GetProcessHeap

  GetCurrentThreadId

  GetModuleFileNameA

  EnterCriticalSection

  LeaveCriticalSection

  Sleep

  CloseHandle

  GetTickCount

  CreateEventA

  GetModuleFileNameW

  OutputDebugStringW

  SetEnvironmentVariableA

  HeapFree

  WriteConsoleW

  SetStdHandle

  ReadConsoleW

  GetStringTypeW

  LoadLibraryExW

  GetConsoleMode

  GetConsoleCP

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetLocaleInfoW

  LCMapStringW

  CompareStringW

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  GetTimeZoneInformation

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetFileType

  GetStdHandle

  WideCharToMultiByte

  MultiByteToWideChar

  GetModuleHandleExW

  ExitProcess

  GetModuleHandleW

  GetStartupInfoW

  TlsFree

  UnregisterWait

  CreateMutexW

  GetCurrentProcess

  SetEvent

  ConnectNamedPipe

  CreateNamedPipeW

  WriteFile

  InitializeCriticalSection

  ReadFile

  GetOverlappedResult

  DisconnectNamedPipe

  GetLastError

  ResetEvent

  RegisterWaitForSingleObject

  CreateEventW

  DeleteCriticalSection

  DuplicateHandle

  ReleaseMutex

  GetCurrentProcessId

  UnregisterWaitEx

  GetSystemTimeAsFileTime

  GetProcessTimes

  OpenProcess

  ReadProcessMemory

  FreeLibrary

  LoadLibraryW

  CreateFileW

  GetProcAddress

  GetSystemTime

  FlushFileBuffers

  SetEndOfFile

  SetFilePointerEx

  FindClose

  GetFileTime

  CreateDirectoryW

  SetFileAttributesW

  GetFileAttributesW

  DeleteFileW

  FindFirstFileW

  FindNextFileW

  RaiseException

  IsDebuggerPresent

  IsProcessorFeaturePresent

  RtlUnwind

  GetCommandLineA

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  SetLastError

  InitializeCriticalSectionAndSpinCount

  TerminateProcess

  TlsAlloc

  TlsGetValue

  TlsSetValue

  wininet

  InternetCloseHandle

  HttpOpenRequestW

  HttpQueryInfoW

  HttpAddRequestHeadersW

  HttpSendRequestW

  InternetConnectW

  InternetReadFile

  InternetCrackUrlW

  InternetQueryDataAvailable

  InternetOpenW

  Sections

  .text

  Size: 149KB - Virtual size: 152KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 37KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 295KB - Virtual size: 294KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ