General

Malware Config

Signatures

Files

• 722e63f8910e9fe1d7775c3a0495de54

  .exe windows:4 windows x86 arch:x86

  6f46f06a35baad1c6627aaf878ffdc06

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  HeapSize

  lstrcmpiA

  HeapDestroy

  GetTickCount

  GetPrivateProfileStringA

  ExitProcess

  GetDriveTypeA

  GetStartupInfoA

  SetEvent

  DeleteTimerQueue

  GetConsoleWindow

  CreateHardLinkA

  DeleteCriticalSection

  GetLastError

  VirtualProtect

  CloseHandle

  ReleaseMutex

  GetModuleHandleA

  GetTempPathA

  ResumeThread

  IsValidCodePage

  advapi32

  RegLoadKeyA

  RegSaveKeyA

  CredFree

  LsaFreeMemory

  RegQueryInfoKeyA

  RegCloseKey

  ReportEventA

  FreeSid

  LsaClose

  OpenEventLogA

  IsValidSid

  RegEnumKeyExA

  CloseEventLog

  RegCreateKeyExA

  IsValidAcl

  RegQueryValueExA

  GetFileSecurityA

  AccessCheck

  RegEnumValueA

  LsaSetSecret

  GetSecurityInfo

  CloseTrace

  wininet

  DeleteUrlCacheEntryA

  DetectAutoProxyUrl

  FindCloseUrlCache

  HttpQueryInfoA

  HttpSendRequestA

  user32

  CreateWindowExA

  Sections

  .text

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 1024B - Virtual size: 522B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ