General

Malware Config

Signatures

Files

• 3e63331b5023d327725e277f9815f5c9

  .exe windows:4 windows x86 arch:x86

  1c2a6fbef41572f4c9ce8acb5a63cde7

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  winmm

  timeEndPeriod

  timeBeginPeriod

  ws2_32

  WSAGetOverlappedResult

  kernel32

  WriteFile

  WriteConsoleW

  WaitForSingleObject

  VirtualQuery

  VirtualFree

  VirtualAlloc

  SwitchToThread

  SetWaitableTimer

  SetUnhandledExceptionFilter

  SetProcessPriorityBoost

  SetEvent

  SetErrorMode

  SetConsoleCtrlHandler

  LoadLibraryA

  LoadLibraryW

  GetSystemInfo

  GetStdHandle

  GetQueuedCompletionStatus

  GetProcessAffinityMask

  GetProcAddress

  GetEnvironmentStringsW

  GetConsoleMode

  FreeEnvironmentStringsW

  ExitProcess

  DuplicateHandle

  CreateThread

  CreateIoCompletionPort

  CreateEventA

  CloseHandle

  AddVectoredExceptionHandler

  Sections

  .text

  Size: 3.1MB - Virtual size: 3.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 3.4MB - Virtual size: 3.4MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 198KB - Virtual size: 285KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 1024B - Virtual size: 902B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .symtab

  Size: 512B - Virtual size: 4B

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ