General

Malware Config

Signatures

Files

• ddd6ff027422682fb51f0eb628a89bd739ff3a12df3275e87918b484ae69d622

  .exe windows x86

  da740035bb37921f7c78bbba16e7e4f7

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  shlwapi

  PathIsDirectoryA

  PathFindFileNameA

  PathRemoveBlanksA

  PathMakeSystemFolderA

  PathFileExistsA

  PathIsSystemFolderA

  PathIsDirectoryEmptyA

  PathUnmakeSystemFolderA

  StrFormatByteSize64A

  PathFindExtensionA

  StrTrimA

  PathRenameExtensionA

  winmm

  mciSendStringA

  midiStreamRestart

  midiStreamClose

  midiOutReset

  midiStreamStop

  midiStreamOut

  midiOutPrepareHeader

  midiStreamProperty

  midiStreamOpen

  midiOutUnprepareHeader

  waveOutOpen

  waveOutGetNumDevs

  waveOutClose

  waveOutReset

  waveOutPause

  waveOutWrite

  waveOutPrepareHeader

  waveOutUnprepareHeader

  version

  VerQueryValueA

  GetFileVersionInfoA

  GetFileVersionInfoSizeA

  kernel32

  SetErrorMode

  TlsGetValue

  RemoveDirectoryA

  GetEnvironmentVariableA

  GetCommandLineA

  FreeLibrary

  LoadLibraryA

  LocalReAlloc

  TlsSetValue

  GlobalReAlloc

  TlsFree

  GlobalHandle

  TlsAlloc

  OpenProcess

  CloseHandle

  CreateThread

  lstrcpyn

  GetWindowsDirectoryA

  HeapSize

  GetACP

  SetHandleCount

  GetStdHandle

  GetFileType

  FreeEnvironmentStringsA

  LCMapStringW

  MulDiv

  InterlockedDecrement

  InterlockedIncrement

  GlobalDeleteAtom

  lstrcmpA

  lstrcmpiA

  GetVersion

  GlobalFindAtomA

  QueryPerformanceCounter

  QueryPerformanceFrequency

  GlobalAddAtomA

  GlobalGetAtomNameA

  FindResourceA

  LoadResource

  LockResource

  lstrcatA

  GetProcessVersion

  GetCPInfo

  GetOEMCP

  RtlUnwind

  RaiseException

  CopyFileA

  SetProcessWorkingSetSize

  Process32Next

  Process32First

  CreateToolhelp32Snapshot

  SetWaitableTimer

  CreateWaitableTimerA

  GetTempPathA

  GetCurrentProcess

  Sleep

  DeleteCriticalSection

  VirtualFreeEx

  WaitForSingleObject

  GetProcAddress

  GetModuleHandleA

  RtlMoveMemory

  FreeEnvironmentStringsW

  GlobalFree

  GetCurrentProcessId

  GetDateFormatA

  GetTimeFormatA

  VirtualAllocEx

  WideCharToMultiByte

  MultiByteToWideChar

  WriteProcessMemory

  WritePrivateProfileStringA

  LCMapStringA

  GetTickCount

  SetFileAttributesA

  GetModuleFileNameA

  GetLocalTime

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GetUserDefaultLCID

  GetFileSize

  ReadFile

  FindClose

  FindFirstFileA

  FindNextFileA

  GetPrivateProfileStringA

  IsBadReadPtr

  HeapFree

  HeapReAlloc

  HeapAlloc

  ExitProcess

  GetProcessHeap

  VirtualProtectEx

  InitializeCriticalSection

  GetCurrentThreadId

  GetLongPathNameA

  WriteFile

  SetEndOfFile

  SetFilePointer

  GetLastError

  GetDriveTypeA

  DeviceIoControl

  QueryDosDeviceA

  GetLogicalDriveStringsA

  GetExitCodeThread

  CreateRemoteThread

  SetLastError

  lstrcpyA

  GetVersionExA

  SetUnhandledExceptionFilter

  GetStringTypeA

  CreateDirectoryA

  GetStringTypeW

  IsBadCodePtr

  SetStdHandle

  InterlockedExchange

  MoveFileA

  _lclose

  FlushFileBuffers

  lstrcpynA

  IsBadWritePtr

  VirtualAlloc

  VirtualFree

  DeleteFileA

  HeapCreate

  ReadProcessMemory

  HeapDestroy

  GetEnvironmentStringsW

  GetEnvironmentStrings

  VirtualQueryEx

  CreateFileA

  CreateProcessA

  GetStartupInfoA

  TerminateProcess

  LeaveCriticalSection

  LocalFree

  LocalAlloc

  OpenThread

  TerminateThread

  RtlFillMemory

  MapViewOfFile

  SuspendThread

  GetCurrentThread

  Thread32Next

  Thread32First

  lstrlenA

  ResumeThread

  GlobalFlags

  EnterCriticalSection

  IsBadCodePtr

  IsBadReadPtr

  CompareStringW

  CompareStringA

  SetUnhandledExceptionFilter

  GetStringTypeW

  GetStringTypeA

  IsBadWritePtr

  VirtualAlloc

  LCMapStringW

  LCMapStringA

  SetEnvironmentVariableA

  VirtualFree

  HeapCreate

  HeapDestroy

  GetEnvironmentVariableA

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  GetACP

  HeapSize

  TerminateProcess

  GetLocalTime

  GetSystemTime

  GetTimeZoneInformation

  RaiseException

  RtlUnwind

  GetStartupInfoA

  GetOEMCP

  GetCPInfo

  GetProcessVersion

  SetErrorMode

  GlobalFlags

  GetCurrentThread

  GetFileTime

  GetFileSize

  TlsGetValue

  LocalReAlloc

  TlsSetValue

  TlsFree

  GlobalHandle

  TlsAlloc

  LocalAlloc

  lstrcmpA

  GetVersion

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  GlobalDeleteAtom

  lstrcmpiA

  SetEndOfFile

  UnlockFile

  LockFile

  FlushFileBuffers

  SetFilePointer

  DuplicateHandle

  lstrcpynA

  SetLastError

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  LocalFree

  InterlockedDecrement

  InterlockedIncrement

  SetStdHandle

  Sleep

  CreateEventA

  CreateThread

  WritePrivateProfileStringA

  GetVersionExA

  GetLastError

  LoadLibraryA

  FreeLibrary

  GetFullPathNameA

  HeapAlloc

  GetProcessHeap

  HeapReAlloc

  HeapFree

  GlobalReAlloc

  FindNextFileA

  lstrcpyA

  WinExec

  lstrlenA

  lstrcatA

  InitializeCriticalSection

  DeleteCriticalSection

  GlobalFree

  GlobalSize

  ExitProcess

  GetCurrentThreadId

  GetModuleFileNameA

  RemoveDirectoryA

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GetTempPathA

  FindFirstFileA

  FindClose

  SetFileAttributesA

  GetFileAttributesA

  ReadFile

  LockResource

  LoadResource

  FindResourceA

  SetEvent

  CreateFileA

  WaitForMultipleObjects

  WriteFile

  GetProfileStringA

  LeaveCriticalSection

  EnterCriticalSection

  ReleaseSemaphore

  ResumeThread

  CreateSemaphoreA

  GetSystemDirectoryA

  GetWindowsDirectoryA

  GetCurrentProcess

  MultiByteToWideChar

  WideCharToMultiByte

  DeleteFileA

  SetCurrentDirectoryA

  GetVolumeInformationA

  GetModuleHandleA

  GetProcAddress

  MulDiv

  GetCommandLineA

  GetTickCount

  CreateProcessA

  WaitForSingleObject

  GetFileType

  CloseHandle

  user32

  GetWindowLongA

  PtInRect

  GetWindow

  GetParent

  PostQuitMessage

  SetCursor

  EnableWindow

  IsWindowEnabled

  GetLastActivePopup

  ValidateRect

  GetKeyState

  GetActiveWindow

  GetNextDlgTabItem

  EnableMenuItem

  CheckMenuItem

  SetMenuItemBitmaps

  ModifyMenuA

  GetMenuState

  LoadBitmapA

  GetMenuCheckMarkDimensions

  RegisterClipboardFormatA

  TabbedTextOutA

  DrawTextA

  GrayStringA

  DestroyWindow

  CreateDialogIndirectParamA

  SetActiveWindow

  EndDialog

  UnregisterClassA

  GetDlgCtrlID

  SetWindowTextA

  GetMenuItemCount

  SendDlgItemMessageA

  IsDialogMessageA

  SetWindowPos

  SetFocus

  GetWindowPlacement

  IsIconic

  RegisterWindowMessageA

  SetForegroundWindow

  GetForegroundWindow

  GetMessagePos

  GetMessageTime

  DefWindowProcA

  RemovePropA

  GetPropA

  SetPropA

  GetClassLongA

  CreateWindowExA

  GetMenuItemID

  GetSubMenu

  GetMenu

  RegisterClassA

  GetClassInfoA

  WinHelpA

  GetCapture

  GetTopWindow

  CopyRect

  GetClientRect

  AdjustWindowRectEx

  GetSysColor

  MapWindowPoints

  LoadIconA

  LoadCursorA

  GetSysColorBrush

  LoadStringA

  PostThreadMessageA

  SetClassLongA

  MessageBoxA

  wsprintfA

  GetMessageA

  GetDlgItem

  ShowWindow

  UpdateWindow

  SystemParametersInfoA

  GetDC

  PeekMessageA

  GetCursorPos

  GetSystemMetrics

  ShowCursor

  ClipCursor

  GetWindowRect

  SendMessageA

  IsWindow

  ReleaseDC

  GetFocus

  ReleaseCapture

  SetCapture

  CallWindowProcA

  UnhookWindowsHookEx

  TranslateMessage

  DispatchMessageA

  PostMessageA

  CharUpperA

  keybd_event

  SetWindowsHookExA

  CallNextHookEx

  SetCursorPos

  MsgWaitForMultipleObjects

  BlockInput

  CharLowerA

  GetClassNameA

  SwapMouseButton

  GetWindowThreadProcessId

  mouse_event

  IsWindowVisible

  GetWindowTextA

  SetWindowLongA

  ClientToScreen

  LoadCursorFromFileA

  DestroyMenu

  SystemParametersInfoA

  ShowWindow

  IsWindowEnabled

  TranslateAcceleratorA

  GetKeyState

  CopyAcceleratorTableA

  PostQuitMessage

  IsZoomed

  GetClassInfoA

  DefWindowProcA

  GetSystemMenu

  DeleteMenu

  GetMenu

  SetMenu

  PeekMessageA

  IsIconic

  SetFocus

  GetActiveWindow

  GetWindow

  DestroyAcceleratorTable

  SetWindowRgn

  GetMessagePos

  ScreenToClient

  LoadImageA

  CopyRect

  LoadBitmapA

  WinHelpA

  KillTimer

  SetTimer

  AppendMenuA

  CreatePopupMenu

  DrawIconEx

  CreateIconFromResource

  CreateIconFromResourceEx

  RegisterClipboardFormatA

  SetRectEmpty

  DispatchMessageA

  GetMessageA

  WindowFromPoint

  DrawFocusRect

  DrawEdge

  DrawFrameControl

  TranslateMessage

  LoadIconA

  GetForegroundWindow

  EnumDisplaySettingsA

  ClientToScreen

  EnableMenuItem

  GetSubMenu

  GetDlgCtrlID

  CreateAcceleratorTableA

  CreateMenu

  ChildWindowFromPointEx

  GetWindowTextA

  GetWindowTextLengthA

  CharUpperA

  GetWindowDC

  BeginPaint

  EndPaint

  TabbedTextOutA

  DrawTextA

  GrayStringA

  GetDlgItem

  DestroyWindow

  CreateDialogIndirectParamA

  EndDialog

  GetNextDlgTabItem

  GetWindowPlacement

  RegisterWindowMessageA

  GetLastActivePopup

  GetMessageTime

  RemovePropA

  CallWindowProcA

  GetPropA

  UnhookWindowsHookEx

  SetPropA

  GetClassLongA

  CallNextHookEx

  SetWindowsHookExA

  CreateWindowExA

  GetMenuItemID

  GetMenuItemCount

  RegisterClassA

  GetScrollPos

  AdjustWindowRectEx

  MapWindowPoints

  SendDlgItemMessageA

  ScrollWindowEx

  IsDialogMessageA

  SetWindowTextA

  MoveWindow

  CheckMenuItem

  SetMenuItemBitmaps

  GetMenuState

  GetMenuCheckMarkDimensions

  GetClassNameA

  GetDesktopWindow

  LoadStringA

  GetSysColorBrush

  ModifyMenuA

  InvalidateRect

  WaitForInputIdle

  wsprintfA

  CloseClipboard

  GetClipboardData

  OpenClipboard

  SetClipboardData

  EmptyClipboard

  GetSystemMetrics

  GetCursorPos

  MessageBoxA

  SetWindowPos

  SendMessageA

  DestroyCursor

  SetParent

  IsWindow

  PostMessageA

  GetTopWindow

  GetParent

  GetFocus

  GetClientRect

  UnregisterClassA

  ValidateRect

  UpdateWindow

  EqualRect

  GetWindowRect

  SetForegroundWindow

  DestroyMenu

  IsChild

  ReleaseDC

  IsRectEmpty

  FillRect

  GetDC

  SetCursor

  LoadCursorA

  SetCursorPos

  SetActiveWindow

  GetSysColor

  SetWindowLongA

  GetWindowLongA

  RedrawWindow

  EnableWindow

  IsWindowVisible

  OffsetRect

  PtInRect

  DestroyIcon

  IntersectRect

  InflateRect

  SetRect

  SetScrollPos

  SetScrollRange

  GetScrollRange

  SetCapture

  GetCapture

  ReleaseCapture

  gdi32

  SetViewportOrgEx

  SetMapMode

  SetTextColor

  ScaleWindowExtEx

  OffsetViewportOrgEx

  RestoreDC

  SaveDC

  CreateBitmap

  GetStockObject

  GetObjectA

  PtVisible

  RectVisible

  TextOutA

  ExtTextOutA

  Escape

  SetWindowExtEx

  ScaleViewportExtEx

  GetDeviceCaps

  SelectObject

  DeleteDC

  DeleteObject

  SetViewportExtEx

  GetClipBox

  SetBkColor

  TextOutA

  RectVisible

  PtVisible

  GetViewportExtEx

  ExtSelectClipRgn

  LineTo

  MoveToEx

  ExcludeClipRect

  GetClipBox

  ScaleWindowExtEx

  SetWindowExtEx

  SetWindowOrgEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SetMapMode

  SetTextColor

  SetROP2

  SetPolyFillMode

  SetBkMode

  RestoreDC

  ExtTextOutA

  EndPath

  BeginPath

  GetWindowOrgEx

  GetViewportOrgEx

  GetWindowExtEx

  GetDIBits

  RealizePalette

  SelectPalette

  StretchBlt

  CreatePalette

  GetSystemPaletteEntries

  CreateDIBitmap

  DeleteObject

  SelectClipRgn

  CreatePolygonRgn

  GetClipRgn

  SetStretchBltMode

  CreateRectRgnIndirect

  SetBkColor

  Escape

  GetTextMetricsA

  PathToRegion

  GetTextExtentPoint32A

  GetDeviceCaps

  CreateEllipticRgn

  CreateRoundRectRgn

  CreateRectRgn

  FillRgn

  CreateSolidBrush

  GetStockObject

  CreateFontIndirectA

  EndPage

  EndDoc

  DeleteDC

  StartDocA

  StartPage

  BitBlt

  CreateCompatibleDC

  Ellipse

  Rectangle

  LPtoDP

  DPtoLP

  GetCurrentObject

  RoundRect

  GetTextColor

  GetBkMode

  GetBkColor

  GetROP2

  GetStretchBltMode

  GetPolyFillMode

  CreateCompatibleBitmap

  CreateDCA

  CreateBitmap

  SelectObject

  GetObjectA

  CreatePen

  SaveDC

  CombineRgn

  PatBlt

  comdlg32

  GetOpenFileNameA

  GetSaveFileNameA

  GetFileTitleA

  GetFileTitleA

  ChooseColorA

  advapi32

  CryptAcquireContextA

  CryptCreateHash

  CryptHashData

  CryptDeriveKey

  CryptDestroyHash

  CryptEncrypt

  CryptDestroyKey

  CryptReleaseContext

  CryptGetHashParam

  CryptDecrypt

  RegCloseKey

  RegQueryValueExA

  RegOpenKeyA

  RegDeleteKeyA

  RegDeleteValueA

  RegOpenKeyExA

  RegSetValueExA

  RegCreateKeyExA

  RegCloseKey

  RegOpenKeyExA

  RegSetValueExA

  RegCreateKeyExA

  RegQueryValueA

  shell32

  SHBrowseForFolderA

  ShellExecuteA

  SHGetFileInfoA

  SHFileOperationA

  SHGetPathFromIDListA

  SHGetSpecialFolderPathA

  SHGetSpecialFolderPathA

  SHBrowseForFolderA

  SHGetPathFromIDListA

  SHGetMalloc

  Shell_NotifyIconA

  ShellExecuteA

  ole32

  OleUninitialize

  OleInitialize

  CLSIDFromString

  OleFlushClipboard

  OleIsCurrentClipboard

  CoRegisterMessageFilter

  CoFreeUnusedLibraries

  OleUninitialize

  CoInitialize

  CoUninitialize

  CoRevokeClassObject

  CLSIDFromProgID

  CLSIDFromString

  CoCreateInstance

  OleRun

  OleInitialize

  wininet

  InternetOpenA

  InternetOpenUrlA

  HttpQueryInfoA

  InternetCloseHandle

  InternetGetCookieA

  InternetGetCookieExA

  InternetConnectA

  HttpOpenRequestA

  HttpSendRequestA

  FtpOpenFileA

  InternetReadFile

  InternetTimeFromSystemTime

  InternetSetCookieA

  InternetTimeToSystemTime

  FtpGetFileSize

  winhttp

  WinHttpReceiveResponse

  WinHttpCheckPlatform

  WinHttpCrackUrl

  WinHttpOpen

  WinHttpConnect

  WinHttpTimeToSystemTime

  WinHttpTimeFromSystemTime

  WinHttpQueryHeaders

  WinHttpSetTimeouts

  WinHttpSetCredentials

  WinHttpCloseHandle

  WinHttpSetOption

  WinHttpAddRequestHeaders

  WinHttpSendRequest

  WinHttpOpenRequest

  WinHttpQueryDataAvailable

  WinHttpReadData

  oleaut32

  VariantTimeToSystemTime

  LoadTypeLi

  SystemTimeToVariantTime

  SafeArrayDestroy

  VariantClear

  SysAllocString

  VariantChangeType

  VariantInit

  SafeArrayAllocDescriptor

  SafeArrayAllocData

  VariantCopy

  SafeArrayGetDim

  SafeArrayGetLBound

  SafeArrayGetUBound

  SafeArrayAccessData

  SafeArrayUnaccessData

  SafeArrayGetElemsize

  SysFreeString

  VarR8FromCy

  VarR8FromBool

  LHashValOfNameSys

  RegisterTypeLi

  SafeArrayCreate

  UnRegisterTypeLi

  RegisterTypeLi

  LoadTypeLi

  dbghelp

  MakeSureDirectoryPathExists

  psapi

  GetModuleFileNameExA

  EnumProcesses

  crypt32

  CryptStringToBinaryA

  CryptBinaryToStringA

  setupapi

  SetupDiGetDeviceInterfaceDetailA

  SetupDiDestroyDeviceInfoList

  CM_Request_Device_EjectW

  SetupDiGetClassDevsA

  SetupDiEnumDeviceInterfaces

  oledlg

  ord8

  winspool.drv

  DocumentPropertiesA

  OpenPrinterA

  ClosePrinter

  ClosePrinter

  DocumentPropertiesA

  OpenPrinterA

  comctl32

  ord17

  ord17

  ImageList_Destroy

  ws2_32

  inet_ntoa

  WSACleanup

  closesocket

  WSAAsyncSelect

  accept

  recvfrom

  ioctlsocket

  recv

  getpeername

  Sections

  .text

  Size: 1.1MB - Virtual size: 1.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1.3MB - Virtual size: 1.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 288KB - Virtual size: 434KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 88KB - Virtual size: 86KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ