General

Malware Config

Signatures

Files

• a0be0fc03b5e4097a0a60f89afd3ea9c.exe

  .exe windows x86

  d943b9e62d78306a5b1f5a80e23ce7c7

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetThreadUILanguage

  TransmitCommChar

  FreeEnvironmentStringsA

  EndUpdateResourceA

  GetCurrencyFormatW

  GlobalFindAtomW

  HeapCreate

  SetCriticalSectionSpinCount

  FlushInstructionCache

  GetVersion

  LocalUnlock

  GetBinaryTypeW

  SetComputerNameA

  EnumSystemLocalesA

  GetUserDefaultLangID

  OpenJobObjectW

  SetupComm

  GetCalendarInfoA

  GetConsoleAliasExesW

  SetConsoleCP

  GetConsoleMode

  SetVolumeMountPointA

  IsWow64Process

  CreateIoCompletionPort

  SetEndOfFile

  HeapLock

  OutputDebugStringW

  ReadProcessMemory

  ProcessIdToSessionId

  EnumCalendarInfoA

  GetConsoleAliasesLengthW

  CreateSemaphoreW

  GetNativeSystemInfo

  GetModuleHandleExW

  GetConsoleAliasExesLengthW

  LocalFree

  GetCommTimeouts

  DefineDosDeviceW

  WriteFile

  EnterCriticalSection

  AddVectoredExceptionHandler

  lstrlenA

  SetConsoleCursorPosition

  VirtualQueryEx

  GetExitCodeProcess

  HeapSize

  BackupWrite

  lstrcmpiW

  DebugActiveProcess

  CloseHandle

  WriteConsoleW

  SetStdHandle

  FlushFileBuffers

  LoadLibraryW

  GetConsoleCP

  SetFilePointer

  GetLogicalDrives

  FreeLibrary

  LoadLibraryA

  GetModuleFileNameW

  ExitThread

  GetProcAddress

  WaitNamedPipeW

  FindNextFileA

  FindFirstFileExW

  lstrlenW

  ReadConsoleOutputCharacterA

  MapViewOfFileEx

  SetThreadPriorityBoost

  GetACP

  CompareStringA

  GetLocalTime

  WriteConsoleA

  QueryMemoryResourceNotification

  VirtualProtect

  InterlockedIncrement

  InterlockedDecrement

  Sleep

  InterlockedExchange

  InitializeCriticalSection

  DeleteCriticalSection

  LeaveCriticalSection

  EncodePointer

  DecodePointer

  GetLastError

  HeapFree

  RaiseException

  RtlUnwind

  GetCommandLineW

  HeapSetInformation

  GetStartupInfoW

  WideCharToMultiByte

  LCMapStringW

  MultiByteToWideChar

  GetCPInfo

  HeapAlloc

  IsProcessorFeaturePresent

  HeapDestroy

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetModuleHandleW

  SetLastError

  GetCurrentThreadId

  GetCurrentThread

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  TerminateProcess

  GetCurrentProcess

  ExitProcess

  GetStdHandle

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetOEMCP

  IsValidCodePage

  GetStringTypeW

  GetLocaleInfoW

  HeapReAlloc

  FatalAppExitA

  GetUserDefaultLCID

  GetLocaleInfoA

  IsValidLocale

  SetConsoleCtrlHandler

  CreateFileW

  user32

  DefMDIChildProcA

  GetUpdateRect

  FindWindowW

  CreateIconFromResourceEx

  GetMonitorInfoW

  GetCaretPos

  advapi32

  GetNumberOfEventLogRecords

  RegQueryMultipleValuesW

  RegDeleteKeyA

  RegSetKeySecurity

  StartServiceA

  RegCreateKeyExA

  RegQueryInfoKeyW

  AddAccessAllowedAce

  GetAclInformation

  ClearEventLogW

  ReadEventLogW

  ObjectCloseAuditAlarmA

  RegEnumKeyA

  ReportEventW

  GetKernelObjectSecurity

  SetAclInformation

  AccessCheckByType

  RegisterEventSourceW

  Sections

  .text

  Size: 174KB - Virtual size: 174KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 36KB - Virtual size: 35KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 11KB - Virtual size: 94.6MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 51KB - Virtual size: 50KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 43KB - Virtual size: 43KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ