General

Malware Config

Signatures

Files

• 2c599903042c465b6711805474f55548adc42c70634a7a1665d8cab874fdac35

  .dll windows x86

  f0e55e3b19da00c1f0d23daf95115d7e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetVersion

  VirtualProtect

  OpenProcess

  ExitProcess

  Sleep

  SizeofResource

  GetFileTime

  GetSystemTime

  FileTimeToLocalFileTime

  CreateEventA

  LoadLibraryA

  GetModuleFileNameA

  GetModuleHandleA

  CreateProcessA

  GetEnvironmentVariableA

  GetWindowsDirectoryA

  CreateFileA

  GetFileAttributesA

  QueryPerformanceCounter

  GetVersionExA

  GetDateFormatA

  WriteConsoleW

  CloseHandle

  CreateFileW

  SetFilePointerEx

  GetConsoleMode

  GetConsoleCP

  WriteFile

  FlushFileBuffers

  SetStdHandle

  HeapReAlloc

  HeapSize

  GetStringTypeW

  GetFileType

  GetStdHandle

  GetProcessHeap

  SetEnvironmentVariableW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  WideCharToMultiByte

  MultiByteToWideChar

  GetCommandLineW

  GetCommandLineA

  GetCPInfo

  GetOEMCP

  GetACP

  IsValidCodePage

  FindNextFileW

  FindFirstFileExW

  FindClose

  LCMapStringW

  CompareStringW

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  IsProcessorFeaturePresent

  GetCurrentProcessId

  GetCurrentThreadId

  GetSystemTimeAsFileTime

  InitializeSListHead

  IsDebuggerPresent

  GetStartupInfoW

  GetModuleHandleW

  RaiseException

  RtlUnwind

  InterlockedFlushSList

  GetLastError

  SetLastError

  EncodePointer

  EnterCriticalSection

  LeaveCriticalSection

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  FreeLibrary

  GetProcAddress

  LoadLibraryExW

  QueryPerformanceFrequency

  GetModuleHandleExW

  GetModuleFileNameW

  HeapFree

  HeapAlloc

  GetTimeZoneInformation

  DecodePointer

  user32

  DispatchMessageA

  ExitWindowsEx

  PostMessageA

  CallWindowProcA

  RegisterClassExA

  GetClassInfoExA

  SetParent

  GetDesktopWindow

  GetWindowLongA

  IntersectRect

  InflateRect

  GetSysColorBrush

  MapWindowPoints

  GetCursorPos

  GetWindowRect

  GetClientRect

  GetWindowTextLengthA

  ValidateRect

  InvalidateRect

  BeginPaint

  GetForegroundWindow

  AppendMenuA

  DestroyMenu

  CreatePopupMenu

  GetSystemMetrics

  GetKeyNameTextA

  GetFocus

  SetFocus

  OpenClipboard

  DialogBoxIndirectParamA

  CreateDialogIndirectParamA

  EndDeferWindowPos

  ole32

  CoUninitialize

  CoRegisterClassObject

  CoRegisterSurrogate

  CoTaskMemAlloc

  CoTaskMemFree

  CoInitialize

  Exports

  Exports

  Create

  Distantcare

  Pitch

  Standship

  Sections

  .text

  Size: 250KB - Virtual size: 250KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 35KB - Virtual size: 35KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 368KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: 512B - Virtual size: 284B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 448B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ