General

Malware Config

Signatures

Files

• dd18a455e9d700d656ce6965cee1a068.bin

  .zip

  Password: infected

• 18643a9a6e4b61e967e428fadb2d4bb52dfed8a949b4a39cb461c2e3a8e6d207.exe

  .exe windows x86

  203b54dd7cb5052a152152d37aa392da

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  WaitForSingleObject

  SetComputerNameW

  AddConsoleAliasW

  GetComputerNameW

  GetModuleHandleW

  EnumCalendarInfoExW

  GetConsoleAliasesA

  GetNumberFormatA

  GetConsoleTitleA

  ReadConsoleW

  GetWindowsDirectoryA

  GetConsoleAliasExesW

  EnumTimeFormatsW

  CreateActCtxW

  SetProcessPriorityBoost

  FindResourceExA

  GetCalendarInfoW

  GetSystemWindowsDirectoryA

  FindNextVolumeW

  Beep

  WriteConsoleW

  GetConsoleFontSize

  lstrlenW

  GlobalUnlock

  GetShortPathNameA

  GetCPInfoExW

  SetLastError

  GetProcAddress

  GetLongPathNameA

  VirtualAlloc

  HeapSize

  IsBadHugeWritePtr

  GetConsoleAliasA

  EnumSystemCodePagesW

  SetThreadPriorityBoost

  LoadLibraryA

  InterlockedExchangeAdd

  LocalAlloc

  RemoveDirectoryW

  QueryDosDeviceW

  WriteProfileSectionW

  AddAtomA

  FindAtomA

  EnumResourceTypesW

  GetModuleFileNameA

  GetOEMCP

  GetDefaultCommConfigA

  SetConsoleCursorInfo

  GetConsoleTitleW

  WriteConsoleOutputAttribute

  GetDiskFreeSpaceExW

  WriteFileEx

  DeleteTimerQueueTimer

  SuspendThread

  RaiseException

  GetModuleHandleA

  GetLocaleInfoA

  ReadConsoleA

  lstrlenA

  SystemTimeToFileTime

  BeginUpdateResourceW

  FindResourceA

  MultiByteToWideChar

  GetCommandLineA

  GetStartupInfoA

  HeapAlloc

  GetLastError

  HeapFree

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  GetCurrentThreadId

  InterlockedDecrement

  Sleep

  ExitProcess

  GetCPInfo

  GetACP

  IsValidCodePage

  SetUnhandledExceptionFilter

  WriteFile

  GetStdHandle

  FreeEnvironmentStringsA

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  SetHandleCount

  GetFileType

  DeleteCriticalSection

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  TerminateProcess

  GetCurrentProcess

  UnhandledExceptionFilter

  IsDebuggerPresent

  LeaveCriticalSection

  EnterCriticalSection

  HeapReAlloc

  InitializeCriticalSectionAndSpinCount

  RtlUnwind

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  user32

  ToAsciiEx

  ChangeMenuA

  CharLowerBuffW

  CreateAcceleratorTableW

  GetWindowLongW

  GetSysColorBrush

  SetCaretPos

  ModifyMenuA

  IsCharAlphaNumericA

  GetKeyNameTextA

  gdi32

  CreateHalftonePalette

  GetCharABCWidthsW

  GetCharWidthW

  advapi32

  BackupEventLogA

  Sections

  .text

  Size: 144KB - Virtual size: 143KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 6.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 130KB - Virtual size: 129KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 21KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ