General

Malware Config

Signatures

Files

• fcf4ee2868a0f2607a0998fcefc2741285c3d6aa41172b1dfd4e0a014c0bf7c6

  .exe windows x86

  282f31ba2e0840b19e8d475de20a4b27

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrlenA

  WaitForSingleObject

  WinExec

  GetModuleFileNameA

  CreateFileA

  WriteFile

  LoadLibraryA

  GetModuleHandleA

  ExitProcess

  GetProcAddress

  LoadResource

  LockResource

  DeleteFileA

  Sleep

  SetFilePointer

  CloseHandle

  GetStartupInfoA

  user32

  LoadCursorA

  LoadIconA

  wsprintfA

  RegisterClassA

  gdi32

  GetStockObject

  advapi32

  ChangeServiceConfigA

  StartServiceA

  RegCreateKeyExA

  RegOpenKeyA

  RegSetValueExA

  RegCloseKey

  OpenServiceA

  OpenSCManagerA

  RegOpenKeyExA

  ControlService

  msvcrt

  _controlfp

  rand

  srand

  __CxxFrameHandler

  _CxxThrowException

  ??3@YAXPAX@Z

  ??1type_info@@UAE@XZ

  _exit

  _XcptFilter

  exit

  _acmdln

  __getmainargs

  _initterm

  __setusermatherr

  _adjust_fdiv

  __p__commode

  __p__fmode

  __set_app_type

  _except_handler3

  Sections

  .text

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 496B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 140KB - Virtual size: 140KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ