General

Malware Config

Signatures

Files

• 85caf92b6709de24e1c39c82c32395c1.exe

  .exe windows x86

  7d59f1d82b84e111e9b6c1196cc48fca

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  FindClose

  GetSystemTimeAsFileTime

  LocalAlloc

  LocalFree

  GetModuleFileNameW

  ExitProcess

  LoadLibraryA

  GetModuleHandleA

  GetProcAddress

  user32

  ReleaseDC

  CharUpperBuffW

  gdi32

  CreateCompatibleBitmap

  advapi32

  RegQueryValueExW

  shell32

  SHFileOperationW

  ole32

  CreateStreamOnHGlobal

  crypt32

  CertFindChainInStore

  wininet

  InternetSetOptionA

  ws2_32

  send

  Sections

  .text

  Size: - Virtual size: 696KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: - Virtual size: 129KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 20KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: - Virtual size: 9B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .gfids

  Size: - Virtual size: 564B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .{Us

  Size: - Virtual size: 3.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .&*Q

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .z!(

  Size: 5.9MB - Virtual size: 5.9MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 409KB - Virtual size: 408KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ