General

Malware Config

Signatures

Files

• 20A565943964AC488DCCCCB0F12092DB.exe

  .exe windows x86

  0be9d92ae0898f1d675bda3e22f16b55

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetCurrentDirectoryW

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThreadId

  GetDateFormatW

  GetFileAttributesExW

  GetFileAttributesW

  GetFileSize

  GetFullPathNameW

  GetLastError

  GetModuleHandleA

  GetProcessHeap

  GetShortPathNameW

  GetStartupInfoA

  GetSystemDirectoryW

  GetSystemInfo

  GetSystemTimeAsFileTime

  GetTickCount

  GetTimeFormatW

  GetCommandLineW

  GetWindowsDirectoryW

  HeapAlloc

  HeapFree

  LocalFree

  MulDiv

  QueryPerformanceCounter

  SetCurrentDirectoryW

  SetEndOfFile

  SetFilePointer

  SetUnhandledExceptionFilter

  SystemTimeToFileTime

  TerminateProcess

  UnhandledExceptionFilter

  WriteFile

  lstrcatW

  lstrcmpW

  lstrcpyW

  lstrlenW

  FormatMessageW

  FlushFileBuffers

  FindNextFileW

  FindFirstFileW

  VirtualAllocEx

  FindClose

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  DeleteFileW

  CreateThread

  CreateFileW

  CompareStringW

  CompareFileTime

  CloseHandle

  Sleep

  GetModuleHandleW

  GetVersionExW

  user32

  IsDlgButtonChecked

  LoadCursorW

  LoadIconW

  LoadStringW

  MessageBoxW

  MoveWindow

  PostMessageW

  RegisterClassW

  ScreenToClient

  SendMessageW

  SetClassLongW

  SetDlgItemTextW

  SetFocus

  SetForegroundWindow

  SetWindowLongW

  ShowWindow

  InvalidateRect

  wsprintfW

  GetDlgItem

  GetClientRect

  FindWindowW

  EndPaint

  EndDialog

  EnableWindow

  DialogBoxParamW

  DestroyWindow

  DestroyIcon

  DefWindowProcW

  CreateWindowExW

  ChildWindowFromPoint

  CheckDlgButton

  CharUpperBuffW

  GetWindowRect

  GetWindowLongW

  GetSysColor

  GetParent

  WinHelpW

  GetDlgItemTextW

  CharLowerBuffW

  BeginPaint

  CheckRadioButton

  gdi32

  SetTextAlign

  SetBkColor

  SelectObject

  GetTextExtentPoint32W

  SetTextColor

  ExtTextOutW

  advapi32

  RegOpenKeyA

  RegSetValueExW

  RegOpenKeyW

  RegCreateKeyExW

  RegCloseKey

  RegQueryValueExW

  shell32

  SHGetFileInfoW

  SHGetPathFromIDListW

  SHGetSpecialFolderLocation

  ShellExecuteW

  SHBrowseForFolderW

  comctl32

  CreateStatusWindowW

  PropertySheetW

  winmm

  timeGetTime

  msvcrt

  _XcptFilter

  __getmainargs

  __p__commode

  __p__fmode

  __set_app_type

  __setusermatherr

  _acmdln

  _adjust_fdiv

  _c_exit

  _cexit

  _controlfp

  _except_handler3

  _exit

  _initterm

  _wcsicmp

  _wcsnicmp

  exit

  wcschr

  wcsstr

  Sections

  .text

  Size: 162KB - Virtual size: 161KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .xF1

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 82KB - Virtual size: 82KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 36KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .xF1

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .xF2

  Size: 20KB - Virtual size: 19KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 720B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ