General

Malware Config

Signatures

Files

• 52e299444efeafc5b6dab83f45a2aaf9

  .exe windows:4 windows x86 arch:x86

  dcc1d33011020aaa14d35bb62d0d4626

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  ole32

  CoInitialize

  CoRegisterSurrogate

  CoRegisterClassObject

  OleUninitialize

  OleInitialize

  ws2_32

  connect

  accept

  closesocket

  bind

  socket

  WSAConnect

  WSASocketA

  clusapi

  ClusterNetworkEnum

  AddClusterResourceDependency

  BackupClusterDatabase

  ChangeClusterResourceGroup

  CloseClusterGroup

  CloseClusterNetInterface

  CloseClusterNetwork

  CloseClusterNotifyPort

  CloseClusterResource

  ClusterControl

  ClusterEnum

  ClusterGetEnumCount

  ClusterGroupEnum

  SetClusterServiceAccountPassword

  SetClusterQuorumResource

  SetClusterNetworkPriorityOrder

  SetClusterName

  SetClusterGroupNodeList

  SetClusterGroupName

  ResumeClusterNode

  RestoreClusterDatabase

  RemoveClusterResourceNode

  RemoveClusterResourceDependency

  RegisterClusterNotify

  OpenClusterResource

  OpenClusterNode

  OpenClusterNetwork

  OpenClusterNetInterface

  OpenClusterGroup

  OfflineClusterResource

  OfflineClusterGroup

  MoveClusterGroup

  GetNodeClusterState

  GetClusterResourceTypeKey

  GetClusterResourceState

  GetClusterResourceNetworkName

  GetClusterResourceKey

  GetClusterQuorumResource

  GetClusterNotify

  GetClusterNodeState

  GetClusterNodeKey

  GetClusterNodeId

  GetClusterNetworkState

  GetClusterNetworkKey

  GetClusterNetworkId

  GetClusterNetInterfaceState

  GetClusterNetInterfaceKey

  GetClusterNetInterface

  GetClusterKey

  GetClusterInformation

  GetClusterFromNode

  GetClusterFromNetwork

  GetClusterFromNetInterface

  EvictClusterNodeEx

  EvictClusterNode

  CreateClusterResourceType

  CreateClusterResource

  CreateClusterNotifyPort

  CreateClusterGroup

  ClusterResourceTypeOpenEnum

  ClusterResourceTypeEnum

  ClusterResourceTypeControl

  ClusterResourceOpenEnum

  ClusterResourceEnum

  ClusterResourceControl

  ClusterRegSetKeySecurity

  ClusterRegQueryValue

  ClusterRegQueryInfoKey

  ClusterRegOpenKey

  ClusterRegEnumValue

  ClusterRegEnumKey

  ClusterRegDeleteKey

  ClusterRegCreateKey

  ClusterOpenEnum

  ClusterNodeOpenEnum

  ClusterNetworkOpenEnum

  ClusterNetworkGetEnumCount

  ClusterGroupGetEnumCount

  ClusterNetworkControl

  ClusterGroupOpenEnum

  cryptui

  CryptUIDlgViewCertificateA

  CryptUIDlgViewContext

  CryptUIWizFreeDigitalSignContext

  CryptUIWizImport

  CryptUIDlgSelectCertificateFromStore

  dciman32

  DCIDestroy

  DCIDraw

  DCIEndAccess

  DCICreatePrimary

  DCIOpenProvider

  DCISetClipList

  DCISetDestination

  DCISetSrcDestClip

  DCICreateOverlay

  DCICreateOffscreen

  DCICloseProvider

  DCIBeginAccess

  DCIEnum

  WinWatchOpen

  WinWatchNotify

  WinWatchGetClipList

  GetDCRegionData

  msvcrt

  fputs

  fopen

  exit

  free

  malloc

  _exit

  _XcptFilter

  _acmdln

  __getmainargs

  _initterm

  __setusermatherr

  _adjust_fdiv

  __p__commode

  __p__fmode

  __set_app_type

  _except_handler3

  _controlfp

  __dllonexit

  _onexit

  fread

  fclose

  kernel32

  GetStartupInfoA

  GetModuleHandleA

  CreateEventA

  WaitForSingleObject

  SetEvent

  ResetEvent

  GetWindowsDirectoryA

  VirtualProtect

  SetTapePosition

  CreateFileA

  GetLocalTime

  GetCommandLineA

  GetCPInfo

  SetSystemPowerState

  GetSystemTimeAsFileTime

  Sections

  .text

  Size: 32KB - Virtual size: 28KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 80KB - Virtual size: 78KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 32KB - Virtual size: 714KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE