General

Malware Config

Signatures

Files

• d18f3fecf6d28ddd0f4cf4a9b53c0aec.bin

  .zip

  Password: infected

• 911bb31927c7250b4741063159cccf6549e4a28ce6b0a5043d3392c7fce401e4.exe

  .exe windows:5 windows x86

  Password: infected

  4efdec909aab550208ef0139e8b01583

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetConsoleAliasesLengthW

  GetModuleHandleExA

  GetLocaleInfoA

  GetConsoleAliasExesA

  CommConfigDialogA

  FindResourceW

  InterlockedDecrement

  SetDefaultCommConfigW

  QueryPerformanceCounter

  GetNamedPipeHandleStateA

  GetEnvironmentStringsW

  GetComputerNameW

  OpenSemaphoreA

  SetCommBreak

  CreateHardLinkA

  FreeEnvironmentStringsA

  SetTapeParameters

  FindNextVolumeMountPointA

  ConvertFiberToThread

  ReadConsoleW

  WaitNamedPipeW

  EnumTimeFormatsA

  WriteFile

  EnumTimeFormatsW

  GetCommandLineA

  GetDriveTypeA

  GetEnvironmentStrings

  FindResourceExA

  LoadLibraryW

  GetConsoleMode

  CopyFileW

  GetCalendarInfoA

  IsBadCodePtr

  SetConsoleCP

  DeleteVolumeMountPointW

  InterlockedPopEntrySList

  GetFileAttributesA

  EnumSystemCodePagesA

  SetSystemPowerState

  GetAtomNameW

  WriteConsoleInputW

  GetACP

  GetVolumePathNameA

  GetStartupInfoW

  CreateMailslotW

  DisconnectNamedPipe

  GetShortPathNameA

  GetConsoleAliasesW

  InterlockedExchange

  GetLastError

  IsDBCSLeadByteEx

  SetLastError

  ReadConsoleOutputCharacterA

  PeekConsoleInputW

  EnumSystemCodePagesW

  SetComputerNameA

  FindClose

  LoadLibraryA

  InterlockedExchangeAdd

  LocalAlloc

  SetConsoleCtrlHandler

  RemoveDirectoryW

  AddAtomA

  HeapWalk

  OpenJobObjectW

  GetPrivateProfileSectionNamesA

  EnumDateFormatsA

  GetModuleHandleA

  FindNextFileW

  GetStringTypeW

  VirtualProtect

  GetShortPathNameW

  SetCalendarInfoA

  ReadConsoleInputW

  GetWindowsDirectoryW

  FindFirstVolumeW

  GetVolumeNameForVolumeMountPointW

  DeleteFileW

  GetCurrentProcessId

  AddConsoleAliasA

  ReadConsoleOutputCharacterW

  CreateFileW

  ReadFile

  WriteConsoleW

  GetCompressedFileSizeA

  GetTempFileNameW

  MoveFileA

  HeapFree

  HeapAlloc

  GetProcAddress

  GetModuleHandleW

  ExitProcess

  DecodePointer

  HeapReAlloc

  GetCommandLineW

  HeapSetInformation

  RaiseException

  IsProcessorFeaturePresent

  HeapCreate

  EnterCriticalSection

  LeaveCriticalSection

  SetHandleCount

  GetStdHandle

  InitializeCriticalSectionAndSpinCount

  GetFileType

  DeleteCriticalSection

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EncodePointer

  TerminateProcess

  GetCurrentProcess

  GetModuleFileNameW

  SetFilePointer

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  InterlockedIncrement

  GetCurrentThreadId

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  CloseHandle

  FreeEnvironmentStringsW

  GetTickCount

  GetSystemTimeAsFileTime

  Sleep

  WideCharToMultiByte

  GetConsoleCP

  RtlUnwind

  SetStdHandle

  FlushFileBuffers

  MultiByteToWideChar

  HeapSize

  LCMapStringW

  DeleteFileA

  user32

  CharUpperW

  CharUpperBuffA

  gdi32

  GetKerningPairsA

  Sections

  .text

  Size: 212KB - Virtual size: 212KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 14KB - Virtual size: 30.3MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 46KB - Virtual size: 45KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ