General

Malware Config

Signatures

Files

• 5a84945991cf24c957cf67fd414c9f9a.bin

  .zip

  Password: infected

• 5633a46c25aced4b07728fd437b92c5e9102eabaa134ac584e2aae2e0adce587.exe

  .exe windows:5 windows x86

  c979a88e8595d029726dd8a9185ca5bc

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetLogicalDriveStringsW

  GetSystemWindowsDirectoryW

  FreeEnvironmentStringsA

  GetModuleHandleW

  GetTickCount

  GetNumberFormatA

  ReadConsoleW

  GetGeoInfoW

  GetDateFormatA

  ReadConsoleInputA

  GetThreadSelectorEntry

  AssignProcessToJobObject

  SizeofResource

  SetVolumeMountPointA

  GetProcessHandleCount

  HeapCreate

  TransactNamedPipe

  GetFileAttributesW

  IsDBCSLeadByte

  CreateFileW

  GetACP

  GetLastError

  SetLastError

  GetProcAddress

  VirtualAlloc

  BackupWrite

  InterlockedDecrement

  LoadLibraryA

  InterlockedExchangeAdd

  OpenWaitableTimerW

  WritePrivateProfileStringA

  CreateHardLinkW

  AddAtomW

  BeginUpdateResourceA

  SetConsoleWindowInfo

  GetCommMask

  OpenJobObjectW

  FoldStringW

  CreatePipe

  FindNextFileA

  GetShortPathNameW

  OpenSemaphoreW

  FindFirstVolumeA

  FindFirstVolumeW

  ReadConsoleOutputCharacterW

  LocalFileTimeToFileTime

  GetProcessHeap

  SetEndOfFile

  VirtualQuery

  EnumResourceNamesW

  GetTempFileNameA

  DebugActiveProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  HeapFree

  Sleep

  ExitProcess

  GetCommandLineA

  GetStartupInfoA

  WriteFile

  GetStdHandle

  GetModuleFileNameA

  TerminateProcess

  GetCurrentProcess

  IsDebuggerPresent

  HeapAlloc

  RaiseException

  VirtualFree

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  HeapReAlloc

  SetHandleCount

  GetFileType

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  InterlockedIncrement

  GetCurrentThreadId

  HeapSize

  RtlUnwind

  MultiByteToWideChar

  ReadFile

  InitializeCriticalSectionAndSpinCount

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  WideCharToMultiByte

  GetEnvironmentStringsW

  QueryPerformanceCounter

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetModuleHandleA

  SetFilePointer

  GetConsoleCP

  GetConsoleMode

  GetCPInfo

  GetOEMCP

  IsValidCodePage

  CloseHandle

  CreateFileA

  SetStdHandle

  GetLocaleInfoA

  FlushFileBuffers

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  LCMapStringA

  LCMapStringW

  GetStringTypeA

  GetStringTypeW

  user32

  ChangeDisplaySettingsW

  LoadMenuA

  GetClassInfoExW

  GetScrollInfo

  CharToOemBuffW

  GetMessageExtraInfo

  gdi32

  SetColorAdjustment

  advapi32

  InitiateSystemShutdownA

  SetKernelObjectSecurity

  Sections

  .text

  Size: 161KB - Virtual size: 161KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 28KB - Virtual size: 71KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 70KB - Virtual size: 69KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 7KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ