General

Malware Config

Signatures

Files

• c4638f5a0ebc021bd45d2b102db634605d0ef9781f4fa5de66ab5b599a9357a5

  .exe windows x86

  2847b301a6c5844474b93b7fa6dd69c9

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  EnterCriticalSection

  GetConsoleTitleA

  CreateDirectoryA

  GetConsoleTitleA

  CloseHandle

  CreateDirectoryA

  GlobalFree

  ReadFile

  VirtualProtect

  Sleep

  GetFileSize

  GetModuleHandleA

  DeleteFileA

  CancelIo

  RemoveDirectoryA

  GetCommandLineA

  WriteConsoleW

  CancelIo

  GetModuleFileNameA

  GetEnvironmentStringsW

  lstrlenW

  GetStartupInfoA

  CreateFileA

  GetTickCount

  TlsGetValue

  user32

  wsprintfA

  IsWindow

  PeekMessageA

  GetClassInfoA

  DestroyMenu

  DispatchMessageA

  MessageBoxA

  GetSysColor

  IsWindowVisible

  GetWindowLongA

  CreateIcon

  GetWindowLongA

  IsWindowEnabled

  cmutil

  ??1CIniA@@QAE@XZ

  ??_FCIniA@@QAEXXZ

  ??1CIniW@@QAE@XZ

  ??_FCIniW@@QAEXXZ

  advapi32

  RegCloseKey

  Sections

  .text

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 522B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 115KB - Virtual size: 115KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE