General

Malware Config

Signatures

Files

• 5e34b52fb24804b7f2709926d57582f34f1d6b351284a15d52d0194635b2dc7e

  .exe windows x86

  a87fc84c2f41ca6ee8937bf3c6d5da0f

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LeaveCriticalSection

  InitializeCriticalSection

  EnterCriticalSection

  FreeLibrary

  GetCommandLineA

  SetCurrentDirectoryA

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  RemoveDirectoryA

  GetTempPathA

  FindFirstFileA

  FindNextFileA

  SetFilePointer

  GetEnvironmentVariableA

  GetFileSize

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GlobalFree

  GetStartupInfoA

  GetFileAttributesA

  GetTickCount

  GetLocalTime

  LCMapStringA

  CreateFileA

  WriteFile

  CreateDirectoryA

  SetFileAttributesA

  GetModuleFileNameA

  IsBadReadPtr

  HeapReAlloc

  ExitProcess

  VirtualFree

  GetProcAddress

  LoadLibraryA

  VirtualAlloc

  MoveFileA

  UnmapViewOfFile

  MapViewOfFile

  CreateFileMappingA

  HeapFree

  HeapAlloc

  GetProcessHeap

  VirtualFreeEx

  ReadProcessMemory

  WriteProcessMemory

  VirtualAllocEx

  GetExitCodeProcess

  ReadFile

  PeekNamedPipe

  CreateProcessA

  CreatePipe

  GetCurrentThreadId

  GetTempPathW

  Module32First

  GetSystemInfo

  GetVersionExA

  GetComputerNameA

  GetQueuedCompletionStatus

  CreateIoCompletionPort

  WaitForSingleObject

  TerminateThread

  GetExitCodeThread

  lstrcpynA

  IsWow64Process

  LocalSize

  SetWaitableTimer

  CreateWaitableTimerA

  DeleteFileA

  CreateDirectoryW

  FindClose

  FindNextFileW

  DeleteFileW

  lstrlenW

  FindFirstFileW

  CreateThread

  GetCurrentProcessId

  GetTimeFormatA

  GetDateFormatA

  GetLocaleInfoA

  Process32Next

  SetStdHandle

  IsBadCodePtr

  GetStringTypeW

  GetStringTypeA

  SetUnhandledExceptionFilter

  LCMapStringW

  Process32First

  lstrcpyn

  GetFileAttributesW

  QueryDosDeviceW

  TerminateProcess

  Process32NextW

  Sleep

  Process32FirstW

  CreateToolhelp32Snapshot

  MultiByteToWideChar

  GetModuleHandleA

  WideCharToMultiByte

  RtlMoveMemory

  SetLastError

  GetNativeSystemInfo

  CloseHandle

  LocalFree

  LocalAlloc

  IsBadWritePtr

  HeapCreate

  HeapDestroy

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  GetACP

  HeapSize

  RaiseException

  RtlUnwind

  GetOEMCP

  GetCPInfo

  FlushFileBuffers

  SetErrorMode

  GetProcessVersion

  FindResourceA

  LoadResource

  LockResource

  GetVersion

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  InterlockedIncrement

  lstrcpyA

  lstrcatA

  WritePrivateProfileStringA

  InterlockedDecrement

  GlobalFlags

  OpenProcess

  GetCurrentProcess

  MulDiv

  TlsGetValue

  LocalReAlloc

  TlsSetValue

  GlobalReAlloc

  DeleteCriticalSection

  lstrlenA

  SetSystemPowerState

  GetLastError

  GetCurrentThread

  lstrcmpiA

  lstrcmpA

  GlobalDeleteAtom

  TlsAlloc

  GlobalHandle

  TlsFree

  user32

  GetWindowTextLengthW

  GetWindowTextW

  GetClassNameA

  GetClientRect

  PostMessageW

  FindWindowExA

  SendMessageA

  GetWindowTextA

  wsprintfA

  EnableWindow

  IsWindowEnabled

  IsWindow

  GetActiveWindow

  SetForegroundWindow

  ExitWindowsEx

  PostQuitMessage

  SetCursor

  GetLastActivePopup

  SetWindowsHookExA

  ValidateRect

  CallNextHookEx

  GetKeyState

  GetNextDlgTabItem

  EnableMenuItem

  CheckMenuItem

  SetMenuItemBitmaps

  ModifyMenuA

  GetMenuState

  ClientToScreen

  GetMenuCheckMarkDimensions

  RegisterClipboardFormatA

  PtInRect

  GetDlgCtrlID

  SetWindowTextA

  UnhookWindowsHookEx

  GetMenuItemCount

  TabbedTextOutA

  DrawTextA

  GrayStringA

  GetDlgItem

  SendDlgItemMessageA

  GetWindowThreadProcessId

  IsDialogMessageA

  ShowWindow

  GetWindowPlacement

  SystemParametersInfoA

  RegisterWindowMessageA

  GetMessagePos

  GetMessageTime

  DefWindowProcA

  RemovePropA

  GetPropA

  SetPropA

  GetClassLongA

  CreateWindowExA

  DestroyWindow

  GetClassInfoA

  WinHelpA

  GetCapture

  GetTopWindow

  CopyRect

  AdjustWindowRectEx

  GetSysColor

  MapWindowPoints

  UpdateWindow

  LoadIconA

  LoadCursorA

  GetSysColorBrush

  LoadStringA

  UnregisterClassA

  PostThreadMessageA

  DestroyMenu

  CreateDialogIndirectParamA

  EndDialog

  MessageBoxA

  PeekMessageA

  SetClipboardData

  GetWindowRect

  EnumWindows

  GetWindowInfo

  MsgWaitForMultipleObjects

  GetParent

  IsWindowVisible

  LoadBitmapA

  MoveWindow

  GetWindowLongA

  SetWindowLongA

  SetLayeredWindowAttributes

  EnumChildWindows

  SetWindowPos

  RegisterClassA

  GetMessageA

  TranslateMessage

  DispatchMessageA

  GetDesktopWindow

  PostMessageA

  GetMenu

  GetSubMenu

  GetMenuItemID

  GetSystemMetrics

  GetWindowTextLengthA

  GetForegroundWindow

  ReleaseDC

  GetCursorInfo

  GetIconInfo

  DrawIcon

  SetCursorPos

  WindowFromPoint

  EmptyClipboard

  CloseClipboard

  GetClipboardData

  OpenClipboard

  PrintWindow

  IsIconic

  EnumDisplaySettingsA

  DrawIconEx

  FillRect

  LoadImageA

  SetFocus

  GetWindow

  SendMessageW

  GetDC

  CallWindowProcA

  KillTimer

  SetTimer

  MapVirtualKeyA

  SendInput

  SetActiveWindow

  AttachThreadInput

  GetAncestor

  GetFocus

  GetCursorPos

  advapi32

  RegCreateKeyExA

  OpenProcessToken

  AllocateAndInitializeSid

  GetTokenInformation

  EqualSid

  FreeSid

  GetUserNameA

  RegOpenKeyExA

  RegEnumKeyExA

  RegCloseKey

  RegEnumValueA

  RegQueryValueExA

  RegSetValueExA

  RegCreateKeyA

  RegDeleteKeyA

  RegOpenKeyA

  RegDeleteValueA

  LookupPrivilegeValueA

  AdjustTokenPrivileges

  shell32

  ShellExecuteA

  SHChangeNotify

  SHGetSpecialFolderPathW

  ole32

  OleUninitialize

  CreateStreamOnHGlobal

  OleInitialize

  CoFreeUnusedLibraries

  CoRegisterMessageFilter

  CoRevokeClassObject

  OleFlushClipboard

  OleIsCurrentClipboard

  gdiplus

  GdiplusStartup

  gdi32

  CreateDIBSection

  DeleteDC

  SelectObject

  DeleteObject

  BitBlt

  GdiFlush

  GetObjectA

  CreateCompatibleDC

  CreateSolidBrush

  GetPixel

  SetPixelV

  GetDIBits

  SetDIBitsToDevice

  StretchBlt

  SetStretchBltMode

  CreateCompatibleBitmap

  GetStockObject

  CreateBitmap

  SaveDC

  RestoreDC

  SetBkColor

  SetTextColor

  SetMapMode

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowExtEx

  ScaleWindowExtEx

  GetClipBox

  GetDeviceCaps

  PtVisible

  RectVisible

  TextOutA

  ExtTextOutA

  Escape

  ws2_32

  send

  closesocket

  socket

  WSACleanup

  recv

  gethostbyname

  WSAStartup

  setsockopt

  connect

  htons

  inet_addr

  psapi

  GetModuleFileNameExA

  GetProcessImageFileNameW

  shlwapi

  PathIsDirectoryW

  PathMatchSpecA

  PathFindExtensionA

  PathFindFileNameA

  PathFileExistsA

  oleaut32

  VariantInit

  SafeArrayAllocDescriptor

  SafeArrayAllocData

  SafeArrayGetDim

  SafeArrayGetLBound

  SafeArrayGetUBound

  SafeArrayAccessData

  SafeArrayUnaccessData

  SafeArrayGetElemsize

  SysFreeString

  OleLoadPicture

  VariantChangeType

  VariantCopy

  SysAllocString

  VariantClear

  SafeArrayDestroy

  VariantTimeToSystemTime

  winspool.drv

  DocumentPropertiesA

  ClosePrinter

  OpenPrinterA

  comctl32

  ord17

  oledlg

  ord8

  Sections

  .text

  Size: 524KB - Virtual size: 521KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 28KB - Virtual size: 26KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 680KB - Virtual size: 777KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 24KB - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE