General

Malware Config

Signatures

Files

• 67b78d68337844c4ce0c585851b633e2

  .exe windows:1 windows x86 arch:x86

  3a2a2b25074fac89bd16857b81413106

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvcrt

  frexp

  wcstol

  _wsopen

  __p__commode

  _resetstkoflw

  __p__fmode

  wcsncmp

  _except_handler3

  strftime

  exit

  _mbctombb

  _vscprintf

  _tzset

  iswalpha

  _winver

  __set_app_type

  _initterm

  memcpy

  _controlfp

  ispunct

  _exit

  iscntrl

  _mbsicoll

  gets

  _adjust_fdiv

  wcscspn

  __getmainargs

  iswspace

  _mbbtombc

  _acmdln

  __setusermatherr

  strcspn

  _rotl

  _XcptFilter

  kernel32

  LeaveCriticalSection

  GetVersion

  GlobalAlloc

  OpenEventA

  ExitThread

  HeapAlloc

  GetSystemTimeAsFileTime

  DuplicateHandle

  GetStartupInfoA

  GetProcessAffinityMask

  GetCommandLineW

  GetFileType

  ResumeThread

  WideCharToMultiByte

  QueryPerformanceCounter

  GetProcessWorkingSetSize

  GetStringTypeW

  SetEnvironmentVariableA

  ExpandEnvironmentStringsA

  SearchPathA

  GetTimeFormatA

  SizeofResource

  HeapCreate

  ExitProcess

  EnterCriticalSection

  FileTimeToLocalFileTime

  GetModuleHandleA

  GetCurrentThreadId

  Sections

  .text

  Size: 8KB - Virtual size: 8KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 29KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 20KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 4B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ