General

Malware Config

Signatures

Files

• ad0e164f0b91d79e8ab8b644e98890e2

  .exe windows:4 windows x86 arch:x86

  7431929dfd0aee7d5b991f1b05f20d7a

  
  

  Code Sign

  18:e2:18:47:33:8b:8d:aa:49:64:79:e7:66:80:2d:5f

  Certificate

  Issuer

  CN=CSHOESOAXYRSFUTCIK

  Not Before

  08-07-2020 05:54

  Not After

  31-12-2039 23:59

  Subject

  CN=CSHOESOAXYRSFUTCIK

  Extended Key Usages

  ExtKeyUsageCodeSigning

  3a:4b:13:c6:67:b1:57:1f:1a:00:e1:09:dc:73:62:54:65:a2:be:0f

  Signer

  Actual PE Digest

  3a:4b:13:c6:67:b1:57:1f:1a:00:e1:09:dc:73:62:54:65:a2:be:0f

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualAllocEx

  GetModuleHandleW

  GetLastError

  LoadLibraryA

  GetProcAddress

  Sleep

  LocalFree

  LocalAlloc

  GetCurrentProcess

  GetModuleFileNameA

  lstrlenA

  GetSystemDirectoryA

  RemoveDirectoryA

  FindClose

  FindNextFileA

  DeleteFileA

  SetFileAttributesA

  lstrcmpA

  FindFirstFileA

  lstrcatA

  lstrcpyA

  _lclose

  _llseek

  _lopen

  WritePrivateProfileStringA

  GetWindowsDirectoryA

  CreateDirectoryA

  GetFileAttributesA

  ExpandEnvironmentStringsA

  IsDBCSLeadByte

  GetShortPathNameA

  GetPrivateProfileStringA

  GetPrivateProfileIntA

  lstrcmpiA

  GlobalUnlock

  GlobalLock

  GlobalAlloc

  FreeResource

  CloseHandle

  LoadResource

  SizeofResource

  FindResourceA

  ReadFile

  WriteFile

  SetFilePointer

  SetFileTime

  LocalFileTimeToFileTime

  DosDateTimeToFileTime

  SetCurrentDirectoryA

  GetTempFileNameA

  ExitProcess

  CreateFileA

  LoadLibraryExA

  lstrcpynA

  GetVolumeInformationA

  FormatMessageA

  GetCurrentDirectoryA

  GetVersionExA

  GetExitCodeProcess

  WaitForSingleObject

  CreateProcessA

  GetTempPathA

  GetSystemInfo

  CreateMutexA

  SetEvent

  CreateEventA

  CreateThread

  ResetEvent

  TerminateThread

  GetDriveTypeA

  GetModuleHandleA

  GetStartupInfoA

  GetCommandLineA

  LockResource

  GetDiskFreeSpaceA

  MulDiv

  EnumResourceLanguagesA

  FreeLibrary

  GlobalFree

  lstrcmpiW

  ExpandEnvironmentStringsW

  DnsHostnameToComputerNameA

  CancelTimerQueueTimer

  GlobalFix

  OpenWaitableTimerA

  FlushConsoleInputBuffer

  SetConsoleMode

  CreateEventW

  GetModuleFileNameW

  OpenMutexA

  DeleteAtom

  GetVolumeNameForVolumeMountPointA

  GetExitCodeThread

  GetCommConfig

  Module32Next

  Process32FirstW

  EnumDateFormatsW

  FindResourceW

  SetCommConfig

  user32

  LoadIconW

  LoadCursorFromFileA

  GetOpenClipboardWindow

  CloseClipboard

  GetMenuItemCount

  GetMessagePos

  IsGUIThread

  GetForegroundWindow

  ShowCaret

  CloseWindow

  GetClipboardViewer

  GetCapture

  GetClipboardOwner

  IsCharUpperA

  IsCharUpperW

  GetMessageTime

  GetDlgCtrlID

  GetMenuContextHelpId

  CharLowerW

  ExitWindowsEx

  wsprintfA

  CharNextA

  CharUpperA

  CharPrevA

  SetWindowLongA

  GetWindowLongA

  CallWindowProcA

  DispatchMessageA

  MsgWaitForMultipleObjects

  PeekMessageA

  SendMessageA

  SetWindowPos

  ReleaseDC

  GetDC

  GetWindowRect

  SendDlgItemMessageA

  GetDlgItem

  SetForegroundWindow

  SetWindowTextA

  MessageBoxA

  DialogBoxIndirectParamA

  ShowWindow

  EnableWindow

  GetDlgItemTextA

  EndDialog

  GetDesktopWindow

  MessageBeep

  SetDlgItemTextA

  LoadStringA

  GetSystemMetrics

  ScreenToClient

  GetScrollPos

  VkKeyScanExA

  UnhookWinEvent

  FindWindowW

  CascadeChildWindows

  GetMouseMovePointsEx

  LoadImageW

  SystemParametersInfoW

  SetUserObjectSecurity

  RealGetWindowClassW

  IsCharAlphaNumericW

  EnumDisplayMonitors

  DrawFocusRect

  CharToOemBuffW

  DialogBoxParamW

  GetTitleBarInfo

  DdeSetUserHandle

  PostMessageW

  GetClassNameW

  DdeQueryNextServer

  LoadAcceleratorsA

  CreateWindowStationW

  GetTabbedTextExtentA

  OpenWindowStationA

  GetInputState

  DdeInitializeA

  DlgDirListW

  SetLastErrorEx

  SetProcessDefaultLayout

  GetClassLongA

  SetCursor

  RealGetWindowClass

  gdi32

  DeleteObject

  CreateMetaFileW

  CloseMetaFile

  CreateHalftonePalette

  FillPath

  CreateMetaFileA

  CreatePatternBrush

  EndPath

  EndDoc

  CreateCompatibleDC

  DeleteEnhMetaFile

  DeleteDC

  EndPage

  FlattenPath

  CreateSolidBrush

  DeleteMetaFile

  CloseFigure

  DeleteColorSpace

  GetStockObject

  GetColorSpace

  RealizePalette

  CancelDC

  GetFontLanguageInfo

  AbortPath

  SwapBuffers

  StrokePath

  GetPixelFormat

  GetBkMode

  GetTextAlign

  GetEnhMetaFileW

  GetEnhMetaFileHeader

  GdiConvertBrush

  ExtTextOutW

  EngComputeGlyphSet

  GetKerningPairsA

  GdiPlayJournal

  RestoreDC

  PlayEnhMetaFile

  SetLayout

  MirrorRgn

  Polygon

  GetMetaFileBitsEx

  GetArcDirection

  EngQueryLocalTime

  CreateBitmapIndirect

  GdiCreateLocalEnhMetaFile

  GetEnhMetaFileDescriptionW

  SetGraphicsMode

  CreateBrushIndirect

  Polyline

  EngDeleteSurface

  GetDCOrgEx

  GdiConvertDC

  EngLineTo

  WidenPath

  GdiEntry5

  UpdateICMRegKeyA

  DeviceCapabilitiesExW

  GdiIsMetaFileDC

  GetHFONT

  CreatePalette

  CreateDCA

  GetCharWidthFloatW

  BRUSHOBJ_ulGetBrushColor

  EngCopyBits

  GetTextCharacterExtra

  SetBkMode

  EngUnicodeToMultiByteN

  SetStretchBltMode

  IntersectClipRect

  GdiGetCodePage

  AddFontResourceExW

  SetDIBits

  SetBrushOrgEx

  PatBlt

  comdlg32

  PrintDlgA

  advapi32

  RegOpenKeyW

  RegQueryValueExA

  FreeSid

  AllocateAndInitializeSid

  EqualSid

  GetTokenInformation

  OpenProcessToken

  AdjustTokenPrivileges

  LookupPrivilegeValueA

  RegCloseKey

  RegDeleteValueA

  RegOpenKeyExA

  RegSetValueExA

  RegCreateKeyExA

  RegQueryInfoKeyA

  shell32

  ExtractIconExW

  SHGetSettings

  SHGetPathFromIDListW

  Shell_NotifyIcon

  ExtractIconA

  ShellAboutW

  SHAppBarMessage

  ShellExecuteExW

  SHFileOperation

  SHGetDataFromIDListA

  SHIsFileAvailableOffline

  SHGetDataFromIDListW

  SHBrowseForFolderW

  SHFileOperationW

  SHGetDesktopFolder

  Shell_NotifyIconW

  SHGetSpecialFolderPathA

  SHLoadInProc

  SHGetDiskFreeSpaceExA

  SHQueryRecycleBinA

  ExtractAssociatedIconExA

  ExtractIconEx

  SHGetFileInfoW

  CommandLineToArgvW

  SHInvokePrinterCommandA

  DoEnvironmentSubstW

  DoEnvironmentSubstA

  DragFinish

  SHGetSpecialFolderLocation

  SHGetFileInfoA

  SHChangeNotify

  SHAddToRecentDocs

  SHFormatDrive

  SHGetIconOverlayIndexA

  ole32

  DoDragDrop

  shlwapi

  StrChrIA

  StrCmpNA

  StrCmpNIA

  StrRStrIA

  StrStrIA

  StrChrW

  StrRChrIW

  StrStrA

  StrRChrA

  Sections

  .text

  Size: 257KB - Virtual size: 257KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 512B - Virtual size: 464B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  ggga32

  Size: 1024B - Virtual size: 1010B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  a322

  Size: 186KB - Virtual size: 186KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 37KB - Virtual size: 37KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ