General

Malware Config

Signatures

Files

• 4dcf71294c2eac9daea67264934f4bc2842809cea249d3aae052290a2f656c24

  .exe windows x64

  2c04b499bf6690156a8d10423e77648b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  kernel32

  GetVersionExA

  GetModuleHandleA

  GetProcAddress

  LoadLibraryExW

  lstrcatW

  lstrlenW

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  CloseHandle

  GetLastError

  InitializeCriticalSection

  SetEvent

  ResetEvent

  ReleaseSemaphore

  WaitForSingleObject

  CreateEventA

  CreateSemaphoreA

  CreateIoCompletionPort

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  Sleep

  ExitProcess

  CreateThread

  LoadResource

  LockResource

  FindResourceA

  AreFileApisANSI

  MultiByteToWideChar

  WideCharToMultiByte

  GlobalLock

  GlobalUnlock

  FreeLibrary

  GetModuleFileNameA

  GetModuleFileNameW

  LoadLibraryA

  LoadLibraryW

  LocalFree

  FormatMessageA

  FormatMessageW

  GetCurrentDirectoryA

  GetCurrentDirectoryW

  CreateDirectoryA

  CreateDirectoryW

  CreateFileW

  DeleteFileA

  DeleteFileW

  RemoveDirectoryA

  RemoveDirectoryW

  SetFileAttributesA

  SetFileAttributesW

  SetFileTime

  SetLastError

  GetSystemDirectoryW

  GetCurrentThreadId

  GetTickCount

  GetModuleHandleW

  MoveFileA

  MoveFileW

  FindClose

  FindFirstFileA

  FindFirstFileW

  FindNextFileA

  FindNextFileW

  GetFileAttributesA

  GetFileAttributesW

  GetFileInformationByHandle

  GetLogicalDriveStringsW

  GetLogicalDriveStringsA

  CreateFileA

  GetFileSize

  ReadFile

  SetEndOfFile

  SetFilePointer

  WriteFile

  GlobalAlloc

  GlobalFree

  CompareFileTime

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  GetCurrentProcess

  GlobalMemoryStatusEx

  GetSystemInfo

  GetProcessAffinityMask

  GetStdHandle

  SetPriorityClass

  WaitForMultipleObjects

  CreateMutexA

  CreateProcessW

  ReadProcessMemory

  WriteProcessMemory

  lstrcpyA

  GetCommandLineW

  IsProcessorFeaturePresent

  VirtualFree

  GetCurrentProcessId

  WriteConsoleW

  SetFilePointerEx

  SetStdHandle

  GetConsoleMode

  GetConsoleCP

  FlushFileBuffers

  GetStringTypeW

  LCMapStringW

  HeapFree

  OutputDebugStringW

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  GetFileType

  HeapSize

  GetStartupInfoW

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  TerminateProcess

  InitializeCriticalSectionAndSpinCount

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlCaptureContext

  GetModuleHandleExW

  GetProcessHeap

  GetCommandLineA

  HeapReAlloc

  RaiseException

  RtlPcToFileHeader

  IsDebuggerPresent

  RtlLookupFunctionEntry

  RtlUnwindEx

  ExitThread

  DecodePointer

  EncodePointer

  HeapAlloc

  VirtualAlloc

  user32

  SendMessageA

  ShowWindow

  MoveWindow

  OpenClipboard

  CloseClipboard

  SetClipboardData

  SendMessageW

  MessageBoxW

  CharUpperW

  CharUpperA

  EmptyClipboard

  LoadIconA

  LoadCursorA

  SetCursor

  KillTimer

  SetTimer

  IsDlgButtonChecked

  CheckDlgButton

  InvalidateRect

  EnableWindow

  GetKeyState

  GetFocus

  SetFocus

  EndDialog

  PostMessageA

  GetWindowTextLengthW

  GetWindowTextLengthA

  GetWindowTextW

  GetWindowTextA

  SetWindowTextW

  SetWindowTextA

  LoadStringW

  LoadStringA

  GetMonitorInfoA

  MonitorFromWindow

  SystemParametersInfoA

  MapDialogRect

  GetParent

  SetWindowLongPtrA

  GetWindowLongPtrA

  ScreenToClient

  GetWindowRect

  GetDlgItem

  DialogBoxParamW

  DialogBoxParamA

  shell32

  SHGetMalloc

  SHGetFileInfoA

  SHBrowseForFolderA

  SHGetPathFromIDListA

  ole32

  CoInitializeSecurity

  CoInitializeEx

  CoCreateInstance

  CoInitialize

  CoUninitialize

  OleInitialize

  oleaut32

  VariantInit

  SysFreeString

  VariantClear

  SysAllocStringLen

  SysAllocString

  SysStringLen

  winhttp

  WinHttpGetIEProxyConfigForCurrentUser

  WinHttpGetProxyForUrl

  WinHttpCloseHandle

  WinHttpOpen

  shlwapi

  PathFileExistsW

  StrStrA

  rpcrt4

  RpcStringFreeA

  UuidToStringA

  UuidCreate

  Sections

  .text

  Size: 290KB - Virtual size: 289KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 135KB - Virtual size: 134KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 369KB - Virtual size: 369KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ