General

Malware Config

Signatures

Files

• aa8c93e9e5160d638ad2cd03714d863f.bin

  .exe windows:4 windows x86 arch:x86

  06ac1f21ee2a357ffb0dd7db52cbbb13

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvcrt

  memset

  strncpy

  _strnicmp

  strncmp

  strlen

  strcmp

  memmove

  memcpy

  sprintf

  kernel32

  GetModuleHandleA

  HeapCreate

  RemoveDirectoryA

  GetShortPathNameA

  HeapDestroy

  ExitProcess

  GetTempFileNameA

  FindResourceA

  LoadResource

  SizeofResource

  GetExitCodeProcess

  HeapFree

  HeapAlloc

  LoadLibraryA

  GetProcAddress

  FreeLibrary

  GetCurrentThreadId

  GetCurrentProcessId

  InitializeCriticalSection

  GetCommandLineA

  GetModuleFileNameA

  GetEnvironmentVariableA

  SetEnvironmentVariableA

  CloseHandle

  GetCurrentProcess

  TerminateProcess

  SetUnhandledExceptionFilter

  GetVersionExA

  Sleep

  HeapReAlloc

  EnterCriticalSection

  LeaveCriticalSection

  SetLastError

  GetCurrentDirectoryA

  SetCurrentDirectoryA

  DeleteFileA

  GetTempPathA

  CreateDirectoryA

  WriteFile

  CreateFileA

  SetFilePointer

  ReadFile

  comctl32

  InitCommonControls

  InitCommonControlsEx

  user32

  MessageBoxA

  SendMessageA

  GetWindowThreadProcessId

  IsWindowVisible

  IsWindowEnabled

  GetForegroundWindow

  EnableWindow

  EnumWindows

  DestroyWindow

  GetSysColor

  GetSysColorBrush

  CreateWindowExA

  GetWindowLongA

  PostMessageA

  CallWindowProcA

  SetWindowLongA

  SetFocus

  GetWindowTextLengthA

  GetWindowTextA

  RedrawWindow

  RemovePropA

  DefWindowProcA

  SetPropA

  GetParent

  GetPropA

  GetWindow

  SetActiveWindow

  UnregisterClassA

  DestroyAcceleratorTable

  LoadIconA

  LoadCursorA

  RegisterClassA

  AdjustWindowRect

  GetSystemMetrics

  GetActiveWindow

  GetWindowRect

  ShowWindow

  CreateAcceleratorTableA

  PeekMessageA

  MsgWaitForMultipleObjects

  GetMessageA

  TranslateAcceleratorA

  TranslateMessage

  DispatchMessageA

  SetCursorPos

  LoadImageA

  SetCursor

  MapWindowPoints

  MoveWindow

  SystemParametersInfoA

  GetKeyState

  SetCapture

  GetCursorPos

  ReleaseCapture

  GetClientRect

  FillRect

  EnumChildWindows

  DefFrameProcA

  GetFocus

  IsChild

  GetClassNameA

  gdi32

  GetStockObject

  SetBkColor

  SetTextColor

  CreateSolidBrush

  DeleteObject

  ole32

  CoInitialize

  CoTaskMemFree

  RevokeDragDrop

  shell32

  ShellExecuteExA

  shlwapi

  PathQuoteSpacesA

  Sections

  .code

  Size: 6KB - Virtual size: 6KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .text

  Size: 21KB - Virtual size: 21KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3.5MB - Virtual size: 3.5MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ