General

Malware Config

Signatures

Files

• a3455cf8e2ce4c933567360b795ea137a1d83f7c63568ecfb0f2ec440f96ffaa

  .exe windows x86

  18ed17fcf5cf58b6f9373b3c91771d8b

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  EnterCriticalSection

  InitializeCriticalSection

  SetErrorMode

  GetCurrentThreadId

  GetProcAddress

  FreeLibrary

  InterlockedDecrement

  GetShortPathNameW

  SetEvent

  WaitForSingleObject

  WaitForMultipleObjects

  CloseHandle

  CreateEventW

  LoadLibraryW

  DeleteFileW

  CopyFileW

  MoveFileW

  lstrcmpW

  GetCommandLineW

  GetTickCount

  InterlockedIncrement

  LeaveCriticalSection

  FindResourceExW

  FindResourceW

  SizeofResource

  LoadResource

  DeleteCriticalSection

  InitializeCriticalSectionAndSpinCount

  GetLastError

  RaiseException

  GetProcessHeap

  HeapSize

  HeapFree

  HeapReAlloc

  SetLastError

  lstrcmpiW

  LoadLibraryExW

  GetModuleFileNameW

  GetModuleHandleW

  lstrcpynW

  CreateProcessW

  OpenProcess

  MoveFileExW

  FindNextFileW

  FindFirstFileW

  GetFileAttributesW

  SetFileAttributesW

  CreateFileW

  GetFullPathNameW

  RemoveDirectoryW

  GetTempFileNameW

  lstrlenW

  FindClose

  SetFilePointer

  WriteFile

  GetExitCodeProcess

  TerminateProcess

  GetCurrentProcessId

  WriteConsoleW

  ReadConsoleW

  MultiByteToWideChar

  HeapAlloc

  HeapDestroy

  SetEnvironmentVariableA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineA

  GetOEMCP

  IsValidCodePage

  FindFirstFileExW

  EnumSystemLocalesW

  GetUserDefaultLCID

  IsValidLocale

  GetTimeZoneInformation

  GetConsoleMode

  GetConsoleCP

  GetFileType

  ExitThread

  RtlUnwind

  QueryDepthSList

  InterlockedFlushSList

  ReleaseSemaphore

  VirtualProtect

  FreeLibraryAndExitThread

  GetThreadTimes

  UnregisterWait

  SetThreadAffinityMask

  GetProcessAffinityMask

  GetNumaHighestNodeNumber

  DeleteTimerQueueTimer

  ChangeTimerQueueTimer

  CreateTimerQueueTimer

  GetLogicalProcessorInformation

  GetThreadPriority

  SignalObjectAndWait

  CreateTimerQueue

  GetSystemWindowsDirectoryW

  CreateFileA

  lstrcmpiA

  lstrcmpA

  DeviceIoControl

  DosDateTimeToFileTime

  LocalFileTimeToFileTime

  CreateDirectoryW

  GetSystemDirectoryW

  SetStdHandle

  WideCharToMultiByte

  LockResource

  GetCurrentProcess

  UnregisterWaitEx

  RegisterWaitForSingleObject

  OutputDebugStringA

  GetModuleHandleExW

  GetModuleHandleExA

  GetModuleHandleA

  SetFileTime

  IsDebuggerPresent

  OutputDebugStringW

  EncodePointer

  InitializeSListHead

  InterlockedPopEntrySList

  InterlockedPushEntrySList

  FlushInstructionCache

  IsProcessorFeaturePresent

  VirtualAlloc

  VirtualFree

  LoadLibraryExA

  GetStringTypeW

  FormatMessageW

  DuplicateHandle

  WaitForSingleObjectEx

  Sleep

  SwitchToThread

  GetCurrentThread

  GetNativeSystemInfo

  TryEnterCriticalSection

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetSystemTimeAsFileTime

  QueryPerformanceCounter

  QueryPerformanceFrequency

  CompareStringW

  LCMapStringW

  GetLocaleInfoW

  GetCPInfo

  GetFileSize

  ReadFile

  FlushFileBuffers

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  ResetEvent

  GetStartupInfoW

  LocalFree

  ReleaseMutex

  CreateMutexW

  GetVersionExW

  MapViewOfFile

  UnmapViewOfFile

  CreateFileMappingW

  OpenFileMappingW

  GetFileSizeEx

  GetACP

  FreeResource

  ExitProcess

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  MulDiv

  IsBadReadPtr

  GlobalFree

  GetVersion

  InterlockedExchange

  InterlockedCompareExchange

  ResumeThread

  GetLocalTime

  SetEndOfFile

  GetTempPathW

  CreateThread

  SetThreadPriority

  CreateIoCompletionPort

  GetQueuedCompletionStatus

  PostQueuedCompletionStatus

  GetStdHandle

  SetFilePointerEx

  DecodePointer

  user32

  MapWindowPoints

  PtInRect

  LoadIconW

  SystemParametersInfoW

  CallWindowProcW

  RegisterClassExW

  GetClassInfoExW

  CreateWindowExW

  SetTimer

  GetWindowLongW

  SetWindowLongW

  LoadCursorW

  GetMessageW

  TranslateMessage

  DispatchMessageW

  KillTimer

  GetSystemMetrics

  FindWindowW

  GetDC

  ReleaseDC

  GetIconInfo

  ScreenToClient

  GetCursorPos

  GetWindowRect

  wsprintfW

  wvsprintfW

  SetCursor

  InflateRect

  OffsetRect

  SendMessageW

  IsChild

  UpdateLayeredWindow

  GetFocus

  GetKeyState

  SetCapture

  ReleaseCapture

  BeginPaint

  EndPaint

  GetUpdateRect

  GetClientRect

  IsRectEmpty

  GetParent

  GetClassNameW

  GetWindow

  RegisterClassW

  EnableWindow

  GetMenu

  SetPropW

  GetPropW

  AdjustWindowRectEx

  CopyRect

  IntersectRect

  IsIconic

  SetWindowRgn

  MonitorFromWindow

  GetMonitorInfoW

  FindWindowExW

  CharPrevW

  DrawTextW

  SetRect

  DrawIconEx

  CreateCaret

  HideCaret

  ShowCaret

  SetCaretPos

  GetCaretPos

  ClientToScreen

  GetSysColor

  RemovePropW

  GetWindowDC

  SetWindowTextW

  GetWindowTextW

  GetWindowTextLengthW

  CreateAcceleratorTableW

  InvalidateRgn

  FillRect

  PeekMessageW

  WaitMessage

  CallMsgFilterW

  GetQueueStatus

  MsgWaitForMultipleObjectsEx

  SetForegroundWindow

  SwitchToThisWindow

  UpdateWindow

  SetFocus

  IsZoomed

  IsWindowVisible

  ShowWindow

  IsWindow

  PostQuitMessage

  MessageBoxW

  LoadImageW

  MoveWindow

  SetWindowPos

  DestroyIcon

  PostMessageW

  CharNextW

  DestroyWindow

  DefWindowProcW

  RegisterWindowMessageW

  UnregisterClassW

  InvalidateRect

  gdi32

  CreateRoundRectRgn

  BitBlt

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateFontIndirectW

  CreatePen

  DeleteDC

  GetStockObject

  GetTextExtentPoint32W

  Rectangle

  RestoreDC

  SaveDC

  SelectObject

  GetTextMetricsW

  GetObjectW

  SetWindowOrgEx

  GetDIBits

  CombineRgn

  CreateRectRgnIndirect

  GetCharABCWidthsW

  GetClipBox

  LineTo

  RoundRect

  SelectClipRgn

  ExtSelectClipRgn

  SetBkColor

  SetBkMode

  DeleteObject

  StretchBlt

  SetStretchBltMode

  SetTextColor

  CreateDIBSection

  MoveToEx

  TextOutW

  ExtTextOutW

  GetDeviceCaps

  CreateDCW

  SetDIBitsToDevice

  CreateSolidBrush

  advapi32

  RegQueryValueExA

  RegOpenKeyExA

  RegEnumKeyExA

  LookupPrivilegeValueW

  AdjustTokenPrivileges

  OpenProcessToken

  RegSetValueExW

  RegQueryInfoKeyW

  RegOpenKeyExW

  RegEnumKeyExW

  RegDeleteValueW

  RegDeleteKeyW

  RegCreateKeyExW

  RegCloseKey

  RegQueryValueExW

  RegCreateKeyW

  GetTokenInformation

  shell32

  ShellExecuteW

  ShellExecuteExW

  SHCreateDirectoryExW

  SHChangeNotify

  Shell_NotifyIconW

  SHFileOperationW

  SHGetSpecialFolderPathW

  ord165

  ole32

  CoCreateGuid

  OleLockRunning

  CLSIDFromString

  CreateStreamOnHGlobal

  CoTaskMemFree

  CoTaskMemRealloc

  CoTaskMemAlloc

  CoCreateInstance

  CoUninitialize

  CLSIDFromProgID

  CoInitialize

  oleaut32

  VariantClear

  SysFreeString

  VarUI4FromStr

  VariantInit

  SafeArrayPutElement

  SysAllocString

  SysAllocStringLen

  SafeArrayCreate

  shlwapi

  StrStrIA

  SHGetValueA

  SHSetValueA

  StrCmpNIW

  StrStrIW

  StrCmpIW

  PathFileExistsW

  PathIsDirectoryW

  PathRemoveFileSpecW

  SHDeleteKeyW

  StrCpyW

  PathCombineW

  PathFindFileNameW

  SHGetValueW

  AssocQueryStringW

  SHSetValueW

  StrTrimA

  comctl32

  ord17

  InitCommonControlsEx

  _TrackMouseEvent

  gdiplus

  GdipImageSelectActiveFrame

  GdipGetPropertyItemSize

  GdipGetPropertyItem

  GdipGraphicsClear

  GdipDrawImageRectI

  GdipCreatePath

  GdipDeletePath

  GdipClosePathFigure

  GdipAddPathArcI

  GdipCreateTexture

  GdipSaveImageToFile

  GdipGetImageGraphicsContext

  GdipCreateBitmapFromStream

  GdipCreateBitmapFromFile

  GdipCreateBitmapFromScan0

  GdiplusStartup

  GdiplusShutdown

  GdipImageGetFrameCount

  GdipAlloc

  GdipFree

  GdipCloneBrush

  GdipDeleteBrush

  GdipCreateSolidFill

  GdipCreateHBITMAPFromBitmap

  GdipCloneBitmapAreaI

  GdipBitmapLockBits

  GdipBitmapUnlockBits

  GdipSetInterpolationMode

  GdipFillPath

  GdipDrawImagePointsI

  GdipDrawImageRectRectI

  GdipGetImageEncodersSize

  GdipGetImageEncoders

  ord1

  GdipCreatePen1

  GdipDeletePen

  GdipDrawPath

  GdipDrawEllipseI

  GdipLoadImageFromStream

  GdipImageGetFrameDimensionsList

  GdipImageGetFrameDimensionsCount

  GdipGetImageHeight

  GdipGetImageWidth

  GdipFillEllipseI

  GdipSetSmoothingMode

  GdipDeleteGraphics

  GdipCreateFromHDC

  GdipDisposeImage

  GdipCloneImage

  GdipLoadImageFromStreamICM

  psapi

  EnumProcessModules

  EnumProcesses

  GetModuleFileNameExW

  version

  VerQueryValueW

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  wininet

  InternetSetCookieW

  InternetGetConnectedState

  InternetCrackUrlW

  InternetGetCookieExW

  iphlpapi

  GetAdaptersInfo

  crypt32

  CertGetNameStringW

  wintrust

  WinVerifyTrust

  WTHelperProvDataFromStateData

  winmm

  timeGetTime

  timeBeginPeriod

  timeEndPeriod

  msimg32

  GradientFill

  AlphaBlend

  urlmon

  URLDownloadToFileW

  URLDownloadToCacheFileW

  imm32

  ImmReleaseContext

  ImmSetCompositionWindow

  ImmGetContext

  Sections

  .text

  Size: 1.2MB - Virtual size: 1.2MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 288KB - Virtual size: 287KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 28KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 2.4MB - Virtual size: 2.4MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 71KB - Virtual size: 71KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ