General

Malware Config

Signatures

Files

• 0b9cff1a760082bae8ad2fb7a57471196da0655f552228721090208c837148c6

  .exe windows x86

  b07ca1110404b9d9386f95c69ecbff8a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVersion

  GetVersionExA

  GetVersionExW

  GetVolumeInformationA

  GetVolumeInformationW

  GetWindowsDirectoryA

  GetWindowsDirectoryW

  GlobalAlloc

  GlobalDeleteAtom

  GlobalFlags

  GlobalFree

  GlobalHandle

  GlobalLock

  GlobalMemoryStatus

  GlobalReAlloc

  GlobalUnlock

  HeapSize

  InitializeCriticalSection

  InterlockedCompareExchange

  InterlockedDecrement

  InterlockedExchange

  InterlockedIncrement

  IsBadReadPtr

  IsDebuggerPresent

  IsValidLocale

  LeaveCriticalSection

  LoadLibraryExA

  LoadLibraryW

  LoadResource

  LocalAlloc

  LocalFree

  LocalSize

  LockResource

  MapViewOfFile

  OpenFileMappingA

  OpenFileMappingW

  OpenProcess

  OutputDebugStringW

  Process32NextW

  QueryPerformanceCounter

  QueryPerformanceFrequency

  RaiseException

  ReadFile

  ReadProcessMemory

  ReleaseMutex

  RemoveDirectoryA

  ResetEvent

  ResumeThread

  RtlUnwind

  SetCommConfig

  SetConsoleDisplayMode

  SetEndOfFile

  SetEvent

  SetFileAttributesA

  SetFilePointer

  SetLastError

  SetThreadPriority

  SetUnhandledExceptionFilter

  GetTickCount

  Sleep

  SuspendThread

  SystemTimeToFileTime

  TerminateProcess

  TerminateThread

  TlsGetValue

  TlsSetValue

  UnhandledExceptionFilter

  UnmapViewOfFile

  UpdateResourceA

  VirtualFree

  VirtualProtect

  VirtualQuery

  WaitForSingleObject

  WriteConsoleOutputCharacterA

  WriteConsoleW

  WriteFile

  WritePrivateProfileStringW

  WriteProfileStringA

  lstrcat

  lstrcmpA

  lstrlen

  lstrlenW

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  MultiByteToWideChar

  LCMapStringA

  HeapReAlloc

  HeapAlloc

  IsValidCodePage

  GetCPInfo

  InitializeCriticalSectionAndSpinCount

  LoadLibraryA

  HeapFree

  HeapCreate

  TlsFree

  TlsAlloc

  GetFileType

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetStdHandle

  GetThreadPriority

  GetThreadLocale

  GetThreadContext

  GetTempPathA

  GetSystemTimeAsFileTime

  GetSystemTime

  GetSystemDirectoryW

  GetSystemDirectoryA

  GetStartupInfoA

  GetProcessAffinityMask

  GetProcAddress

  GetPrivateProfileStringW

  GetPriorityClass

  GetOEMCP

  GetModuleHandleW

  GetModuleFileNameW

  GetModuleFileNameA

  GetLocaleInfoW

  GetLocaleInfoA

  GetLocalTime

  GetLastError

  GetHandleInformation

  GetFileTime

  GetFileSize

  GetFileAttributesW

  GetFileAttributesA

  GetDriveTypeW

  GetDiskFreeSpaceA

  GetCurrentThreadId

  GetCurrentThread

  GetCurrentProcessId

  GetCurrentProcess

  GetConsoleScreenBufferInfo

  GetComputerNameA

  GetCommandLineW

  GetCommandLineA

  GetCalendarInfoW

  GetBinaryTypeA

  GetACP

  FreeResource

  FreeLibrary

  FormatMessageA

  FlushViewOfFile

  FindResourceW

  FindResourceA

  FindNextVolumeW

  FindNextVolumeMountPointW

  FindNextFileA

  FindFirstVolumeMountPointW

  FindFirstFileA

  FindClose

  FindAtomW

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  FileTimeToDosDateTime

  ExpandEnvironmentStringsA

  ExitThread

  ExitProcess

  EnumDateFormatsW

  EnumCalendarInfoExW

  EnterCriticalSection

  DuplicateHandle

  DeleteFileW

  DeleteFileA

  DeleteCriticalSection

  CreateTimerQueueTimer

  CreateThread

  CreateRemoteThread

  CreateProcessW

  CreateProcessA

  CreatePipe

  CreateMutexW

  CreateMutexA

  CreateFileW

  CreateFileMappingW

  CreateFileMappingA

  CreateFileA

  CreateEventW

  CreateEventA

  CreateDirectoryA

  CopyFileA

  ConnectNamedPipe

  CloseHandle

  CallNamedPipeA

  BuildCommDCBAndTimeoutsW

  Beep

  GetModuleHandleA

  SetErrorMode

  SizeofResource

  VirtualAlloc

  user32

  SetWindowTextA

  ShowWindow

  SwitchDesktop

  SystemParametersInfoW

  TabbedTextOutA

  TileWindows

  TrackPopupMenu

  TranslateMessage

  UnregisterClassW

  WindowFromPoint

  RegisterWindowMessageW

  RegisterWindowMessageA

  RegisterClassA

  PostThreadMessageW

  PostThreadMessageA

  PostQuitMessage

  PostMessageW

  PostMessageA

  PeekMessageW

  PeekMessageA

  PackDDElParam

  OpenClipboard

  OffsetRect

  MessageBoxA

  MessageBeep

  LoadMenuA

  LoadImageA

  LoadCursorW

  KillTimer

  IsWindowVisible

  IsWindow

  IsIconic

  IsDialogMessageW

  InvalidateRgn

  InvalidateRect

  InflateRect

  InSendMessageEx

  HiliteMenuItem

  GetWindowThreadProcessId

  GetWindowTextA

  GetWindowRect

  GetWindowPlacement

  GetWindowLongW

  GetWindowLongA

  GetWindowDC

  GetWindow

  GetSystemMenu

  SetWindowPos

  GetSysColor

  GetSubMenu

  GetMessageW

  GetMessageA

  GetMenuStringW

  GetMenuItemID

  GetLastInputInfo

  GetKeyState

  GetIconInfo

  GetFocus

  GetCursorPos

  GetClientRect

  GetClassNameW

  GetClassNameA

  GetClassInfoA

  GetCapture

  FrameRect

  FindWindowW

  FillRect

  EnumWindows

  EndPaint

  EnableWindow

  DrawTextA

  DrawIconEx

  DrawFrameControl

  DrawFocusRect

  DlgDirListComboBoxA

  DispatchMessageW

  DestroyWindow

  DefWindowProcW

  DefWindowProcA

  DdeSetUserHandle

  DdeQueryNextServer

  DdeAccessData

  CreateWindowExW

  CreateWindowExA

  CheckDlgButton

  CharToOemBuffW

  ChangeDisplaySettingsExW

  CallWindowProcW

  CallWindowProcA

  BringWindowToTop

  BeginPaint

  AttachThreadInput

  LoadIconA

  GetClipboardData

  GetDC

  GetListBoxInfo

  SetWindowLongA

  SetTimer

  SetRect

  SetProcessWindowStation

  SetMenuItemInfoA

  SetMenuDefaultItem

  SetForegroundWindow

  SetFocus

  SetCursor

  SetClipboardData

  SetCapture

  SetActiveWindow

  SendMessageW

  SendMessageTimeoutA

  SendMessageA

  ScreenToClient

  RemoveMenu

  ReleaseDC

  GetSysColorBrush

  ReleaseCapture

  WindowFromDC

  GetShellWindow

  DestroyCursor

  CloseClipboard

  GetForegroundWindow

  GetDoubleClickTime

  DestroyIcon

  IsWindowUnicode

  GetCursor

  IsGUIThread

  IsMenu

  GetMenuCheckMarkDimensions

  GetDlgCtrlID

  IsCharAlphaNumericW

  GetAsyncKeyState

  GetDesktopWindow

  IsWindowEnabled

  DrawMenuBar

  GetOpenClipboardWindow

  CopyIcon

  CreatePopupMenu

  GetMessageTime

  GetActiveWindow

  GetParent

  GetSystemMetrics

  CharNextA

  LoadCursorFromFileW

  GetMenuItemCount

  GetTopWindow

  GetDialogBaseUnits

  InSendMessage

  GetKBCodePage

  GetMessagePos

  GetKeyboardLayout

  ShowCaret

  CharLowerA

  GetClipboardViewer

  EmptyClipboard

  gdi32

  CreateDCW

  CreateDIBSection

  CreateFontA

  CreateFontW

  CreatePen

  CreateRectRgnIndirect

  CreateSolidBrush

  DeleteObject

  EndDoc

  EngDeleteClip

  EngMarkBandingSurface

  GdiConvertMetaFilePict

  GdiFlush

  GdiPlayPrivatePageEMF

  GdiPlayScript

  GetClipRgn

  GetDeviceCaps

  GetObjectW

  GetRandomRgn

  CreateCompatibleDC

  GetStockObject

  GetTextExtentPoint32A

  GetTextFaceA

  GetTextMetricsW

  LineTo

  MoveToEx

  PolyBezier

  Polygon

  SelectClipRgn

  SelectObject

  SetBkColor

  SetBkMode

  SetDIBColorTable

  SetMapMode

  SetTextColor

  StartDocA

  StartPage

  TextOutA

  CreateBrushIndirect

  BitBlt

  CombineRgn

  GetFontLanguageInfo

  GetROP2

  GetPolyFillMode

  GetBkColor

  StrokePath

  DeleteDC

  UnrealizeObject

  GetTextColor

  CreatePatternBrush

  GetObjectType

  EndPage

  AddFontResourceW

  AbortDoc

  GetTextAlign

  FlattenPath

  FillPath

  EndPath

  WidenPath

  DeleteColorSpace

  RealizePalette

  GetRgnBox

  GetColorSpace

  CreateHalftonePalette

  comdlg32

  GetSaveFileNameA

  PrintDlgW

  advapi32

  RegEnumKeyA

  RegQueryValueExA

  AllocateAndInitializeSid

  SetSecurityDescriptorDacl

  RegSetValueExA

  RegQueryValueExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegOpenKeyExA

  RegOpenKeyW

  RegDeleteValueA

  RegCreateKeyExA

  RegCloseKey

  InitializeSecurityDescriptor

  GetUserNameW

  GetUserNameA

  FreeSid

  shell32

  SHGetPathFromIDListA

  Shell_NotifyIcon

  ShellExecuteW

  ShellExecuteExA

  SHCreateDirectoryExA

  SHGetDataFromIDListW

  SHGetIconOverlayIndexA

  SHGetMalloc

  Shell_NotifyIconA

  SHGetSpecialFolderLocation

  SHGetSpecialFolderPathW

  SHInvokePrinterCommandA

  SHQueryRecycleBinW

  ShellExecuteA

  shlwapi

  StrRStrIW

  StrStrIW

  StrRChrIW

  StrStrW

  comctl32

  ImageList_Destroy

  ImageList_Create

  ord17

  Sections

  .text

  Size: 1.8MB - Virtual size: 1.8MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 19KB - Virtual size: 18KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 13KB - Virtual size: 13KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ