General

Malware Config

Signatures

Files

• 58a1d49fe1e152f8acebd35ecf04144cdd794cc21169c67cbab7def4cd31123d

  .exe windows x86

  cf06f5ca6cface45fea69971d742e72c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  RtlMoveMemory

  InterlockedExchangeAdd

  Wow64DisableWow64FsRedirection

  Wow64RevertWow64FsRedirection

  SetFileTime

  WriteFile

  InterlockedIncrement

  GlobalFree

  GetLongPathNameA

  GetFileTime

  GetFileSizeEx

  ReadFile

  QueryPerformanceFrequency

  GetProcessHeap

  CreateTimerQueue

  InitializeCriticalSection

  lstrlenA

  lstrcmpA

  HeapAlloc

  HeapFree

  HeapCreate

  HeapDestroy

  InterlockedDecrement

  VirtualAlloc

  VirtualFree

  DeleteTimerQueueEx

  CreateTimerQueueTimer

  ChangeTimerQueueTimer

  DeleteTimerQueueTimer

  GlobalLock

  GlobalSize

  GlobalUnlock

  EnterCriticalSection

  CreateIoCompletionPort

  LeaveCriticalSection

  ReadDirectoryChangesW

  GetQueuedCompletionStatus

  ExitProcess

  HeapReAlloc

  IsBadReadPtr

  GetModuleFileNameA

  GetTickCount

  Sleep

  CreateDirectoryA

  GetEnvironmentVariableA

  DeleteFileA

  FindNextFileA

  FindFirstFileA

  FindClose

  MultiByteToWideChar

  GetUserDefaultLCID

  GetModuleHandleA

  GetCommandLineA

  FreeLibrary

  LCMapStringA

  FlushFileBuffers

  SetStdHandle

  LCMapStringW

  IsBadCodePtr

  SetUnhandledExceptionFilter

  GetStringTypeW

  GetStringTypeA

  SetFilePointer

  GetOEMCP

  GetACP

  GetCPInfo

  RaiseException

  IsBadWritePtr

  GetVersionExA

  GetLastError

  TlsGetValue

  SetLastError

  TlsAlloc

  TlsSetValue

  GetCurrentThreadId

  DeleteCriticalSection

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  RtlUnwind

  GetVersion

  CreateThread

  CloseHandle

  DeviceIoControl

  CreateFileA

  WideCharToMultiByte

  GlobalAlloc

  GetStartupInfoA

  GetProcAddress

  LoadLibraryA

  user32

  SetWindowPos

  PostQuitMessage

  SendMessageA

  SetWindowTextA

  IsClipboardFormatAvailable

  RegisterWindowMessageA

  GetClientRect

  ShowWindow

  DefWindowProcA

  OpenClipboard

  GetClipboardData

  CloseClipboard

  EmptyClipboard

  SetClipboardData

  RegisterClipboardFormatA

  GetClipboardOwner

  SetClipboardViewer

  PeekMessageA

  GetMessageA

  TranslateMessage

  DispatchMessageA

  GetSystemMetrics

  wsprintfA

  MessageBoxA

  ChangeClipboardChain

  ws2_32

  inet_ntoa

  WSAStartup

  closesocket

  htons

  socket

  bind

  recvfrom

  inet_addr

  sendto

  shell32

  ExtractIconA

  DragQueryFileA

  SHChangeNotify

  Shell_NotifyIconA

  shlwapi

  PathIsDirectoryA

  PathFileExistsA

  psapi

  GetProcessMemoryInfo

  advapi32

  RegQueryValueExA

  RegCreateKeyExA

  RegSetValueExA

  RegOpenKeyA

  RegCloseKey

  ole32

  CoUninitialize

  CreateStreamOnHGlobal

  CoInitialize

  oleaut32

  OleLoadPicture

  SafeArrayDestroy

  VariantClear

  SysAllocString

  SafeArrayCreate

  VariantCopy

  VarR8FromBool

  VarR8FromCy

  Sections

  .text

  Size: 164KB - Virtual size: 161KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 12KB - Virtual size: 9KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 40KB - Virtual size: 94KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 12KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE