General

Malware Config

Signatures

Files

• 7C9805C8B00E8154700E1CAFEF63CD4D62152B2EC5BEC.exe

  .exe windows x86

  9eab64d61b2f1f6b33a5d544637a49d6

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  InsertMenuA

  InsertMenuW

  InvalidateRect

  IsClipboardFormatAvailable

  IsIconic

  IsWindow

  IsZoomed

  KillTimer

  LoadBitmapA

  LoadCursorA

  LoadCursorFromFileA

  MapVirtualKeyA

  MessageBeep

  LoadIconA

  IsWindowVisible

  kernel32

  FormatMessageW

  GlobalAddAtomW

  GlobalFindAtomW

  GlobalDeleteAtom

  lstrcmpW

  GetVersionExA

  SetLastError

  GetProcessHeap

  HeapReAlloc

  FindFirstFileW

  FindNextFileW

  WritePrivateProfileStringW

  GetCurrentThreadId

  LeaveCriticalSection

  InitializeCriticalSection

  EnterCriticalSection

  DeleteCriticalSection

  ExitThread

  GetConsoleMode

  CompareStringA

  GetSystemTime

  RaiseException

  RtlUnwind

  HeapAlloc

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  InterlockedDecrement

  GetConsoleCP

  FlushFileBuffers

  SetEnvironmentVariableA

  GetLocaleInfoA

  LCMapStringA

  GetTimeZoneInformation

  InitializeCriticalSectionAndSpinCount

  SetConsoleCtrlHandler

  LCMapStringW

  SetStdHandle

  WriteConsoleW

  GetConsoleOutputCP

  WriteConsoleA

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  QueryPerformanceCounter

  VirtualFree

  HeapDestroy

  HeapCreate

  GetStartupInfoA

  GetFileType

  SetHandleCount

  GetStdHandle

  VirtualQuery

  GetSystemInfo

  VirtualAlloc

  LoadLibraryExA

  VirtualProtect

  HeapFree

  GlobalLock

  DeleteFileA

  FindFirstFileA

  FindNextFileA

  FindClose

  SetFilePointer

  MulDiv

  ReadFile

  WriteFile

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  MultiByteToWideChar

  FreeLibrary

  GetProcAddress

  LoadLibraryA

  GetModuleHandleA

  GetExitCodeProcess

  WaitForSingleObject

  GlobalAlloc

  GlobalFree

  ExpandEnvironmentStringsA

  lstrcmpA

  lstrlenA

  CreateThread

  GlobalUnlock

  GetTempPathA

  GetCommandLineA

  ExitProcess

  GetCurrentProcess

  GetTickCount

  GetModuleFileNameA

  GetFileSize

  Sleep

  GetLastError

  GetFullPathNameA

  CloseHandle

  GetLocaleInfoW

  GetStringTypeW

  GetStringTypeA

  CreateFileA

  HeapSize

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetFileTime

  GetCurrentDirectoryA

  SetConsoleMode

  ReadConsoleInputA

  GetDriveTypeA

  FlushConsoleInputBuffer

  GlobalMemoryStatus

  GetVersion

  SizeofResource

  LockResource

  LoadResource

  FindResourceW

  GetFileAttributesW

  CreateSemaphoreW

  OpenSemaphoreW

  GetVersionExW

  GetCommandLineW

  WideCharToMultiByte

  lstrlenW

  FreeResource

  CreateFileW

  CreateDirectoryW

  GetPrivateProfileStringW

  SetEndOfFile

  LocalFree

  LocalAlloc

  TerminateProcess

  OpenProcess

  LoadLibraryExW

  GetCurrentProcessId

  DeleteFileW

  SetFileAttributesW

  CopyFileW

  LoadLibraryW

  GetWindowsDirectoryW

  GetSystemDirectoryW

  ExpandEnvironmentStringsW

  MoveFileExW

  GetTempPathW

  RemoveDirectoryW

  CreateEventW

  SetEvent

  TerminateThread

  GetSystemTimeAsFileTime

  ResetEvent

  FindResourceExW

  CompareStringW

  GetModuleFileNameW

  GetModuleHandleW

  GetFileSizeEx

  CreateProcessW

  Sections

  .text

  Size: 75KB - Virtual size: 75KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 15KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 290KB - Virtual size: 421KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ