General

Malware Config

Signatures

Files

• 4734f6cd792df420b26a864fd71085393511fb4c6b0dd2017ebb3fd3897ec638

  .exe windows x86

  52974b2775f5dc151a452daad0716215

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LoadLibraryA

  VirtualAlloc

  VirtualFree

  VirtualProtect

  GetProcAddress

  lstrcmpA

  GetCurrentThreadId

  GetCurrentThread

  gdiplus

  GdipCreateMatrix3

  advapi32

  ElfRegisterEventSourceA

  comdlg32

  GetOpenFileNameA

  Sections

  .codes

  Size: 324KB - Virtual size: 323KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdatau

  Size: 158KB - Virtual size: 158KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 98KB - Virtual size: 98KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ