General

Malware Config

Signatures

Files

• 3KCat.exe

  .exe windows x86

  0b2d86174ed755be4993d5c3d3f47c2e

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  Process32First

  Process32Next

  CreateRemoteThread

  GetExitCodeThread

  Module32First

  Module32Next

  OpenThread

  LeaveCriticalSection

  CreateToolhelp32Snapshot

  GetCurrentProcess

  HeapCreate

  ReadProcessMemory

  VirtualQuery

  SetWaitableTimer

  CreateWaitableTimerA

  GetNativeSystemInfo

  TerminateThread

  VirtualFreeEx

  FreeLibrary

  LoadLibraryExA

  VirtualQueryEx

  CreateFileA

  DeviceIoControl

  CreateProcessA

  PeekNamedPipe

  RtlMoveMemory

  GetVersionExA

  SetHandleCount

  lstrlenW

  lstrcpyA

  InitializeCriticalSection

  GetCurrentThreadId

  SetProcessAffinityMask

  EnterCriticalSection

  DeleteCriticalSection

  RtlZeroMemory

  HeapAlloc

  HeapFree

  lstrcmpW

  lstrcmpiW

  GetProcessHeap

  ExitProcess

  HeapReAlloc

  IsBadReadPtr

  WriteFile

  ReadFile

  GetFileSize

  DeleteFileA

  LCMapStringA

  GetTickCount

  GetModuleFileNameA

  GetUserDefaultLCID

  lstrcpynA

  GetDiskFreeSpaceExA

  GetCurrentDirectoryA

  SetFileAttributesA

  GetLastError

  SetCurrentDirectoryA

  GetStartupInfoA

  FindNextFileA

  FindFirstFileA

  FindClose

  GetCommandLineA

  LoadLibraryA

  FlushFileBuffers

  SetStdHandle

  IsBadCodePtr

  SetUnhandledExceptionFilter

  GetStringTypeW

  GetStringTypeA

  GetOEMCP

  GetVersion

  RtlUnwind

  InterlockedDecrement

  InterlockedIncrement

  TerminateProcess

  TlsSetValue

  TlsAlloc

  TlsFree

  SetLastError

  GetProcAddress

  GetWindowsDirectoryA

  WideCharToMultiByte

  lstrcpynW

  CloseHandle

  OpenProcess

  IsWow64Process

  GetModuleHandleA

  lstrcpyn

  VirtualAllocEx

  WriteProcessMemory

  VirtualProtect

  DuplicateHandle

  CopyFileA

  GetTempFileNameA

  GetSystemDirectoryA

  GetTempPathA

  MultiByteToWideChar

  TlsGetValue

  WaitForSingleObject

  GetStdHandle

  GetFileType

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  GetEnvironmentVariableA

  HeapDestroy

  VirtualFree

  VirtualAlloc

  IsBadWritePtr

  RaiseException

  SetFilePointer

  LCMapStringW

  GetCPInfo

  GetACP

  RaiseException

  GetLocalTime

  GetSystemTime

  ExitThread

  RtlUnwind

  GetStartupInfoA

  GetOEMCP

  GetCPInfo

  GetProcessVersion

  SetErrorMode

  GlobalFlags

  GetCurrentThread

  GetFileTime

  LocalReAlloc

  GlobalHandle

  LocalAlloc

  lstrcmpA

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  lstrcmpiA

  GetFileType

  SetEnvironmentVariableA

  HeapSize

  SetStdHandle

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  DuplicateHandle

  lstrcpynA

  FileTimeToLocalFileTime

  GetEnvironmentStringsW

  SetHandleCount

  GetStdHandle

  GetEnvironmentVariableA

  HeapDestroy

  HeapCreate

  VirtualFree

  LCMapStringA

  LCMapStringW

  VirtualAlloc

  IsBadWritePtr

  GetStringTypeA

  GetStringTypeW

  SetUnhandledExceptionFilter

  IsValidLocale

  IsValidCodePage

  EnumSystemLocalesA

  CompareStringA

  CompareStringW

  IsBadReadPtr

  GetLocaleInfoW

  InterlockedDecrement

  InterlockedIncrement

  TlsGetValue

  TlsSetValue

  TlsFree

  TlsAlloc

  OpenEventA

  OpenFileMappingA

  WaitNamedPipeA

  SetNamedPipeHandleState

  GetACP

  SuspendThread

  ReleaseMutex

  CreateMutexA

  FileTimeToSystemTime

  GetVersion

  GetLocaleInfoA

  GetTimeZoneInformation

  SetLastError

  GetSystemDirectoryA

  InterlockedExchange

  SetEnvironmentVariableW

  IsBadCodePtr

  GetWindowsDirectoryA

  TerminateProcess

  CloseHandle

  WaitForSingleObject

  CreateProcessA

  GetTickCount

  GetCommandLineA

  MulDiv

  GetDiskFreeSpaceA

  GetProcAddress

  GetModuleHandleA

  GetVolumeInformationA

  SetCurrentDirectoryA

  GetCurrentDirectoryA

  DeleteFileA

  GetFileAttributesA

  FindClose

  FindFirstFileA

  GetTempPathA

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  ExpandEnvironmentStringsA

  Sleep

  CreateEventA

  CreateThread

  GetPrivateProfileStringA

  WritePrivateProfileStringA

  GetVersionExA

  GetLastError

  LoadLibraryA

  FreeLibrary

  GetFullPathNameA

  GetUserDefaultLCID

  HeapAlloc

  GetProcessHeap

  HeapReAlloc

  HeapFree

  GlobalReAlloc

  GetDriveTypeA

  FindNextFileA

  lstrcpyA

  WinExec

  lstrlenA

  lstrcatA

  InitializeCriticalSection

  DeleteCriticalSection

  GlobalFree

  GlobalSize

  ExitProcess

  GetCurrentThreadId

  MultiByteToWideChar

  WideCharToMultiByte

  GetModuleFileNameA

  RemoveDirectoryA

  lstrlenW

  ReadFile

  LockResource

  LoadResource

  FindResourceA

  SetEvent

  CreateFileA

  WaitForMultipleObjects

  WriteFile

  GetProfileStringA

  LeaveCriticalSection

  EnterCriticalSection

  ReleaseSemaphore

  ResumeThread

  CreateSemaphoreA

  TerminateThread

  MapViewOfFile

  CreateFileMappingA

  LocalFree

  UnmapViewOfFile

  FormatMessageA

  SetFilePointer

  GetFileSize

  GetCurrentProcess

  shlwapi

  PathFileExistsA

  PathFindExtensionA

  StrToIntW

  StrToIntExW

  StrToIntExA

  PathFindFileNameA

  ws2_32

  WSACleanup

  htons

  WSAStartup

  WSAAsyncSelect

  htons

  bind

  socket

  setsockopt

  recvfrom

  ioctlsocket

  connect

  recv

  closesocket

  getpeername

  send

  select

  gethostname

  WSACleanup

  WSAStartup

  gethostbyname

  inet_ntoa

  accept

  WSAGetLastError

  __WSAFDIsSet

  ntohs

  getsockname

  shutdown

  ntohl

  inet_addr

  listen

  version

  VerQueryValueA

  GetFileVersionInfoA

  GetFileVersionInfoSizeA

  user32

  GetWindowThreadProcessId

  GetWindowTextA

  GetClassNameA

  MsgWaitForMultipleObjects

  SendMessageA

  RegisterWindowMessageA

  GetParent

  IsWindowVisible

  CallWindowProcA

  PeekMessageA

  TranslateMessage

  DispatchMessageA

  wsprintfA

  GetMessageA

  EnumWindows

  ShowWindow

  MessageBoxA

  FindWindowA

  ClientToScreen

  GetForegroundWindow

  GetCursorPos

  WindowFromPoint

  GetDlgItem

  GetAncestor

  LoadCursorA

  SetCursorPos

  SetActiveWindow

  GetSysColor

  SetWindowLongA

  GetWindowLongA

  RedrawWindow

  EnableWindow

  IsWindowVisible

  OffsetRect

  PtInRect

  DestroyIcon

  IntersectRect

  InflateRect

  SetRect

  SetScrollPos

  SetScrollRange

  GetScrollRange

  SetCapture

  GetCapture

  ReleaseCapture

  SetTimer

  KillTimer

  WinHelpA

  LoadBitmapA

  CopyRect

  ChildWindowFromPointEx

  ScreenToClient

  GetMessagePos

  SetWindowRgn

  DestroyAcceleratorTable

  GetWindow

  GetActiveWindow

  SetFocus

  IsIconic

  PeekMessageA

  SetMenu

  GetMenu

  DeleteMenu

  GetSystemMenu

  DefWindowProcA

  GetClassInfoA

  IsZoomed

  PostQuitMessage

  CopyAcceleratorTableA

  UnregisterClassA

  TranslateAcceleratorA

  IsWindowEnabled

  ShowWindow

  SystemParametersInfoA

  LoadImageA

  EnumDisplaySettingsA

  ClientToScreen

  SetCursor

  EnableMenuItem

  GetSubMenu

  GetDlgCtrlID

  CreateAcceleratorTableA

  CreateMenu

  ModifyMenuA

  AppendMenuA

  CreatePopupMenu

  GetFocus

  CreateIconFromResource

  CreateIconFromResourceEx

  RegisterClipboardFormatA

  SetRectEmpty

  DispatchMessageA

  GetMessageA

  WindowFromPoint

  DrawFocusRect

  DrawEdge

  DrawFrameControl

  TranslateMessage

  LoadIconA

  GetDesktopWindow

  GetClassNameA

  GetDlgItem

  GetWindowTextA

  GetForegroundWindow

  SetWindowTextA

  GetParent

  GetTopWindow

  PostMessageA

  IsWindow

  SetParent

  DestroyCursor

  SendMessageA

  SetWindowPos

  MessageBoxA

  GetCursorPos

  GetSystemMetrics

  GetDC

  FillRect

  IsRectEmpty

  GetWindowTextLengthA

  CharUpperA

  GetWindowDC

  BeginPaint

  EndPaint

  TabbedTextOutA

  DrawTextA

  GrayStringA

  DestroyWindow

  CreateDialogIndirectParamA

  EndDialog

  GetNextDlgTabItem

  GetWindowPlacement

  RegisterWindowMessageA

  GetLastActivePopup

  GetMessageTime

  RemovePropA

  CallWindowProcA

  GetPropA

  UnhookWindowsHookEx

  SetPropA

  GetClassLongA

  CallNextHookEx

  SetWindowsHookExA

  CreateWindowExA

  GetMenuItemID

  GetMenuItemCount

  RegisterClassA

  GetScrollPos

  AdjustWindowRectEx

  MapWindowPoints

  SendDlgItemMessageA

  ScrollWindowEx

  IsDialogMessageA

  MoveWindow

  CheckMenuItem

  SetMenuItemBitmaps

  GetMenuState

  GetMenuCheckMarkDimensions

  LoadStringA

  GetSysColorBrush

  ReleaseDC

  EmptyClipboard

  SetClipboardData

  OpenClipboard

  GetClipboardData

  CloseClipboard

  wsprintfA

  WaitForInputIdle

  IsChild

  DestroyMenu

  SetForegroundWindow

  GetWindowRect

  EqualRect

  UpdateWindow

  ValidateRect

  InvalidateRect

  GetClientRect

  DrawIconEx

  GetKeyState

  advapi32

  RegCloseKey

  DeleteService

  ControlService

  CloseServiceHandle

  OpenServiceA

  StartServiceA

  RegQueryValueExA

  CreateServiceA

  OpenSCManagerA

  AdjustTokenPrivileges

  LookupPrivilegeValueA

  OpenProcessToken

  CryptGetHashParam

  CryptHashData

  RegOpenKeyA

  RegQueryValueA

  RegCreateKeyA

  RegSetValueExA

  RegOpenKeyExA

  RegQueryValueExA

  RegCloseKey

  RegEnumValueA

  RegCreateKeyExA

  shell32

  SHGetSpecialFolderPathA

  ShellExecuteA

  SHGetSpecialFolderPathA

  Shell_NotifyIconA

  ole32

  CLSIDFromString

  OleRun

  CoUninitialize

  CoInitialize

  CoCreateInstance

  OleInitialize

  OleUninitialize

  CLSIDFromString

  CoCreateInstance

  OleRun

  CLSIDFromProgID

  CLSIDFromProgID

  psapi

  GetModuleInformation

  oleaut32

  VariantClear

  SysAllocString

  SafeArrayCreate

  RegisterTypeLi

  SafeArrayDestroy

  VariantChangeType

  SafeArrayGetLBound

  LHashValOfNameSys

  LoadTypeLi

  VariantInit

  SafeArrayGetDim

  VariantCopy

  SafeArrayAllocData

  SafeArrayAllocDescriptor

  SafeArrayGetUBound

  VarR8FromBool

  VarR8FromCy

  SysFreeString

  SafeArrayGetElemsize

  SafeArrayUnaccessData

  SafeArrayAccessData

  VariantCopy

  VariantClear

  VariantChangeType

  SafeArrayGetUBound

  UnRegisterTypeLi

  SafeArrayGetDim

  SafeArrayUnaccessData

  SafeArrayAccessData

  SafeArrayGetElement

  VariantCopyInd

  VariantInit

  SysAllocString

  SafeArrayDestroy

  SafeArrayCreate

  SafeArrayPutElement

  RegisterTypeLi

  LoadTypeLi

  SafeArrayGetLBound

  LHashValOfNameSys

  winmm

  midiStreamOut

  midiStreamStop

  midiOutReset

  midiStreamClose

  waveOutPrepareHeader

  midiOutPrepareHeader

  waveOutRestart

  waveOutUnprepareHeader

  midiStreamRestart

  waveOutWrite

  waveOutPause

  waveOutReset

  waveOutClose

  waveOutGetNumDevs

  waveOutOpen

  midiOutUnprepareHeader

  midiStreamOpen

  midiStreamProperty

  rasapi32

  RasHangUpA

  RasGetConnectStatusA

  gdi32

  LineTo

  MoveToEx

  ExcludeClipRect

  GetClipBox

  ScaleWindowExtEx

  SetWindowExtEx

  SetWindowOrgEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SetMapMode

  SetTextColor

  SetROP2

  SetPolyFillMode

  SetBkMode

  RestoreDC

  SaveDC

  PtVisible

  RectVisible

  TextOutA

  ExtTextOutA

  Escape

  GetTextMetricsA

  SetBkColor

  CreateRectRgnIndirect

  SetStretchBltMode

  GetClipRgn

  CreatePolygonRgn

  SelectClipRgn

  DeleteObject

  GetSystemPaletteEntries

  CreatePalette

  StretchBlt

  SelectPalette

  RealizePalette

  GetDIBits

  GetWindowExtEx

  GetViewportOrgEx

  GetWindowOrgEx

  BeginPath

  EndPath

  PathToRegion

  CreateEllipticRgn

  CreateRoundRectRgn

  GetTextColor

  GetBkMode

  GetBkColor

  GetROP2

  GetStretchBltMode

  GetPolyFillMode

  CreateCompatibleBitmap

  CreateDCA

  CreateBitmap

  SelectObject

  CreatePen

  PatBlt

  CombineRgn

  CreateRectRgn

  FillRgn

  CreateSolidBrush

  CreateFontIndirectA

  GetStockObject

  GetObjectA

  EndPage

  EndDoc

  DeleteDC

  GetDeviceCaps

  GetTextExtentPoint32A

  RoundRect

  ExtSelectClipRgn

  GetViewportExtEx

  CreateDIBitmap

  GetCurrentObject

  DPtoLP

  LPtoDP

  Rectangle

  Ellipse

  CreateCompatibleDC

  BitBlt

  StartPage

  StartDocA

  winspool.drv

  OpenPrinterA

  DocumentPropertiesA

  ClosePrinter

  comctl32

  ImageList_Destroy

  ord17

  wsock32

  getservbyname

  wininet

  InternetCloseHandle

  comdlg32

  GetSaveFileNameA

  ChooseColorA

  GetFileTitleA

  GetOpenFileNameA

  ChooseFontA

  Sections

  .text

  Size: 3.5MB - Virtual size: 3.5MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 11.2MB - Virtual size: 11.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2.5MB - Virtual size: 2.9MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 28KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ