General

Malware Config

Signatures

Files

• 0x00060000000142f9-55.exe

  .exe windows x86

  f9fc0ecba4bcf3f4eadacd9b358488bc

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  DeleteCriticalSection

  EnterCriticalSection

  FreeLibrary

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThreadId

  GetLastError

  GetModuleHandleA

  GetModuleHandleW

  GetProcAddress

  GetStartupInfoA

  GetSystemTimeAsFileTime

  GetTickCount

  InitializeCriticalSection

  IsDBCSLeadByteEx

  LeaveCriticalSection

  LoadLibraryA

  MultiByteToWideChar

  QueryPerformanceCounter

  SetUnhandledExceptionFilter

  Sleep

  TerminateProcess

  TlsGetValue

  UnhandledExceptionFilter

  VirtualProtect

  VirtualQuery

  WideCharToMultiByte

  msvcrt

  ___mb_cur_max_func

  __doserrno

  __getmainargs

  __initenv

  __lconv_init

  __p__acmdln

  __p__fmode

  __pioinfo

  __set_app_type

  __setusermatherr

  _amsg_exit

  _cexit

  _errno

  _fdopen

  _filelengthi64

  _fileno

  _fileno

  _fstat64

  _initterm

  _iob

  _lseeki64

  _onexit

  _popen

  _read

  _strnicmp

  _write

  _write

  abort

  atoi

  calloc

  exit

  fclose

  fflush

  fgetpos

  fopen

  fprintf

  fputc

  fputs

  fread

  free

  fsetpos

  fwrite

  getc

  getenv

  getwc

  isspace

  iswctype

  localeconv

  malloc

  memchr

  memcmp

  memcpy

  memmove

  memset

  putc

  putwc

  realloc

  setlocale

  setvbuf

  signal

  sprintf

  strchr

  strcmp

  strcoll

  strerror

  strftime

  strlen

  strncmp

  strtoul

  strxfrm

  towlower

  towupper

  ungetc

  ungetwc

  vfprintf

  wcscoll

  wcsftime

  wcslen

  wcsxfrm

  libwinpthread-1

  pthread_cond_broadcast

  pthread_cond_wait

  pthread_getspecific

  pthread_key_create

  pthread_mutex_destroy

  pthread_mutex_init

  pthread_mutex_lock

  pthread_mutex_unlock

  pthread_once

  pthread_setspecific

  user32

  FindWindowA

  ShowWindow

  libcurlpp

  _ZN6curlpp10OptionBaseC2E10CURLoption

  _ZN6curlpp10OptionBaseD2Ev

  _ZN6curlpp11UnsetOptionC1EPKc

  _ZN6curlpp12RuntimeErrorD2Ev

  _ZN6curlpp20libcurlRuntimeAssertEPKc8CURLcode

  _ZN6curlpp4Easy7performEv

  _ZN6curlpp4EasyC1Ev

  _ZN6curlpp4EasyD1Ev

  _ZN6curlpp7CleanupC1Ev

  _ZN6curlpp7CleanupD1Ev

  _ZNK6curlpp10OptionBaseltERKS0_

  libcurl

  curl_easy_setopt

  Sections

  .text

  Size: 630KB - Virtual size: 629KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 40KB - Virtual size: 40KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  /4

  Size: 232KB - Virtual size: 231KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .bss

  Size: - Virtual size: 3KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CRT

  Size: 512B - Virtual size: 52B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 8B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  /14

  Size: 512B - Virtual size: 240B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /29

  Size: 100KB - Virtual size: 99KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /41

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /55

  Size: 21KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /67

  Size: 512B - Virtual size: 56B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /80

  Size: 1024B - Virtual size: 714B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /91

  Size: 42KB - Virtual size: 41KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  /102

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ