General

Malware Config

Signatures

Files

• cd5f527ec3dfe2ca8f379e8fd7c4b2f1e7ca9da378c5cf3ef30b5fd779dce449

  .exe windows x86

  77dfaa31393b56036797388c6f0c3978

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  wsock32

  socket

  ioctlsocket

  select

  __WSAFDIsSet

  gethostbyname

  inet_addr

  connect

  WSAStartup

  send

  htons

  bind

  listen

  accept

  recv

  closesocket

  WSACleanup

  gdi32

  GetMapMode

  SetMapMode

  LPtoDP

  GetDeviceCaps

  DPtoLP

  GetStockObject

  kernel32

  GetStringTypeW

  SetFilePointer

  IsValidLocale

  EnumSystemLocalesA

  SetStdHandle

  FlushFileBuffers

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  GetStringTypeA

  GetLocaleInfoW

  Process32Next

  CloseHandle

  TerminateProcess

  OpenProcess

  Process32First

  CreateToolhelp32Snapshot

  WaitForSingleObject

  Sleep

  SetEvent

  GetExitCodeProcess

  GetLastError

  CreateProcessA

  CreateThread

  MoveFileA

  GetTickCount

  GetTempPathA

  GetWindowsDirectoryA

  CopyFileA

  DeleteFileA

  SetFileAttributesA

  GetModuleFileNameA

  GetCommandLineA

  CreateMutexA

  GetEnvironmentVariableA

  GetProcAddress

  LoadLibraryA

  GetSystemTime

  TerminateThread

  ContinueDebugEvent

  SetThreadContext

  SetEndOfFile

  WaitForDebugEvent

  GetStartupInfoA

  CreateFileA

  ReadFile

  CreateEventA

  ResetEvent

  WriteFile

  FindClose

  FindNextFileA

  FindFirstFileA

  GetLocalTime

  GetModuleHandleA

  ReleaseMutex

  MulDiv

  Module32First

  FreeLibrary

  GetTempFileNameA

  GlobalFree

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  GetVersionExA

  GetCurrentProcessId

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  HeapSize

  GetTimeZoneInformation

  InitializeCriticalSectionAndSpinCount

  GetFileAttributesA

  GetConsoleMode

  GetConsoleCP

  GetFileType

  SetHandleCount

  GetCurrentDirectoryA

  GetFullPathNameA

  GetStdHandle

  HeapCreate

  VirtualAlloc

  GetProcessHeap

  CompareStringA

  CompareStringW

  SetEnvironmentVariableA

  GetThreadContext

  CreateDirectoryA

  GetLocaleInfoA

  GetUserDefaultLCID

  VirtualFree

  IsValidCodePage

  GetOEMCP

  InterlockedIncrement

  InterlockedDecrement

  WideCharToMultiByte

  InterlockedExchange

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  MultiByteToWideChar

  RtlUnwind

  GetCurrentProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  HeapAlloc

  GetSystemTimeAsFileTime

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  GetDriveTypeA

  GetModuleHandleW

  ExitProcess

  HeapFree

  HeapReAlloc

  RaiseException

  LCMapStringA

  LCMapStringW

  GetCPInfo

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  GetCurrentThreadId

  GetACP

  user32

  GetWindowDC

  ShowWindow

  LoadCursorA

  RegisterClassExA

  GetMessageA

  TranslateMessage

  DispatchMessageA

  CreateIconFromResourceEx

  SetWindowTextA

  GetTitleBarInfo

  GetDesktopWindow

  GetWindowRect

  CreateWindowExA

  PostQuitMessage

  SetFocus

  DefWindowProcA

  BeginPaint

  EndPaint

  InvalidateRect

  UpdateWindow

  PostMessageA

  MessageBoxA

  MoveWindow

  advapi32

  RegQueryValueExA

  RegOpenKeyA

  RegSetValueExA

  RegCloseKey

  RegOpenKeyExA

  ole32

  CreateStreamOnHGlobal

  shell32

  Shell_NotifyIconA

  oleaut32

  OleLoadPicture

  Sections

  .text

  Size: 744KB - Virtual size: 744KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 30KB - Virtual size: 30KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 82KB - Virtual size: 112KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE