General

Malware Config

Signatures

Files

• a853b17061786737988e904c7cca3c808f5a74ea3bb6d9c624ae71bd08ea40ad

  .exe windows x86

  53f8ee7cb488f1fee528409debb3a862

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  HeapAlloc

  user32

  RegisterClipboardFormatA

  gdi32

  GetStockObject

  comdlg32

  GetFileTitleA

  winspool.drv

  OpenPrinterA

  advapi32

  RegDeleteKeyA

  comctl32

  InitCommonControlsEx

  shlwapi

  PathFindFileNameA

  oledlg

  ord8

  ole32

  OleUninitialize

  oleaut32

  VariantCopy

  ws2_32

  WSAStartup

  msvcrt

  strncpy

  iphlpapi

  GetInterfaceInfo

  psapi

  GetMappedFileNameW

  shell32

  SHGetFolderPathW

  Sections

  .text

  Size: 149KB - Virtual size: 912KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .sedata

  Size: 931KB - Virtual size: 932KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1024B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 586KB - Virtual size: 588KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .sedata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ