General

Malware Config

Signatures

Files

• SİPARİS450021722274015255.exe

  .exe windows:5 windows x86 arch:x86

  8ec4136096a86bb9426658d99220fe79

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  WriteConsoleInputW

  PeekNamedPipe

  BuildCommDCBAndTimeoutsA

  UpdateResourceA

  GlobalAddAtomA

  OpenJobObjectA

  InterlockedDecrement

  CreateJobObjectW

  GetNamedPipeHandleStateA

  GetProfileSectionA

  WriteConsoleInputA

  GetModuleHandleW

  LocalFlags

  GetNumberFormatA

  GetCompressedFileSizeW

  GetCommandLineA

  GlobalAlloc

  LoadLibraryW

  GetLocaleInfoW

  SetVolumeMountPointA

  GetVersionExW

  ReadFile

  GetVolumePathNameA

  VirtualUnlock

  GetShortPathNameA

  GetDateFormatW

  DeleteFiber

  GetStartupInfoA

  FindFirstFileA

  GetLastError

  SetLastError

  GetProcAddress

  HeapSize

  PeekConsoleInputW

  IsValidCodePage

  _hwrite

  OpenWaitableTimerA

  WriteConsoleA

  FindFirstVolumeMountPointW

  GetModuleHandleA

  FreeEnvironmentStringsW

  FindNextFileW

  GetCurrentDirectoryA

  WaitForDebugEvent

  GetCPInfoExA

  GetWindowsDirectoryW

  GetVolumeNameForVolumeMountPointW

  GetProfileSectionW

  CommConfigDialogW

  CreateFileW

  FlushFileBuffers

  WriteConsoleW

  InterlockedExchange

  LocalUnlock

  SetStdHandle

  WideCharToMultiByte

  InterlockedIncrement

  MultiByteToWideChar

  EncodePointer

  DecodePointer

  Sleep

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  HeapFree

  DeleteFileA

  HeapSetInformation

  GetStartupInfoW

  GetCPInfo

  RaiseException

  RtlUnwind

  HeapAlloc

  LCMapStringW

  IsProcessorFeaturePresent

  GetACP

  GetOEMCP

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  GetCurrentThreadId

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  TerminateProcess

  GetCurrentProcess

  HeapCreate

  ExitProcess

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  GetModuleFileNameA

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  GetStringTypeW

  GetUserDefaultLCID

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  HeapReAlloc

  SetFilePointer

  GetConsoleCP

  GetConsoleMode

  CloseHandle

  user32

  CharUpperA

  CharToOemBuffA

  advapi32

  DuplicateToken

  shell32

  DragAcceptFiles

  Sections

  .text

  Size: 129KB - Virtual size: 129KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 304KB - Virtual size: 5.0MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 33KB - Virtual size: 33KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ