General

Malware Config

Signatures

Files

• bc3c5ef1f273c9cf85ee33f2301fd8a2

  .exe windows:4 windows x86 arch:x86

  48d035d71bef1a6079be36b5df6c44de

  
  

  Headers

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  advapi32

  AllocateAndInitializeSid

  ChangeServiceConfig2A

  CloseServiceHandle

  GetUserNameA

  LockServiceDatabase

  OpenProcessToken

  RegCloseKey

  RegCreateKeyExA

  RegDeleteValueA

  RegEnumKeyExA

  RegQueryValueExA

  SetServiceStatus

  kernel32

  CloseHandle

  CopyFileA

  CreateEventA

  CreateFileA

  CreateMutexA

  CreateThread

  DeleteCriticalSection

  EnterCriticalSection

  EnumSystemLocalesA

  ExitProcess

  ExpandEnvironmentStringsA

  FileTimeToLocalFileTime

  FindFirstFileA

  FindNextFileA

  FreeEnvironmentStringsA

  FreeLibrary

  GetCommandLineA

  GetConsoleCP

  GetConsoleMode

  GetCurrentDirectoryA

  GetCurrentProcess

  GetCurrentThread

  GetEnvironmentStringsA

  GetFileTime

  GetFileType

  GetLastError

  GetLocalTime

  GetModuleFileNameA

  GetModuleHandleA

  GetOEMCP

  GetPrivateProfileSectionNamesA

  GetPrivateProfileStringA

  GetProcAddress

  GetProcessHeap

  GetStringTypeA

  GetSystemDirectoryA

  GetSystemTime

  GetTempFileNameA

  GetThreadLocale

  GetTickCount

  GetTimeZoneInformation

  GetWindowsDirectoryA

  GlobalFree

  HeapCreate

  HeapFree

  HeapSize

  InitializeCriticalSection

  InterlockedCompareExchange

  InterlockedDecrement

  IsBadReadPtr

  IsBadWritePtr

  IsValidCodePage

  LoadLibraryA

  LoadLibraryExA

  LoadResource

  LockResource

  Module32First

  Module32Next

  MultiByteToWideChar

  OutputDebugStringA

  QueryPerformanceCounter

  ReadFile

  RemoveDirectoryA

  SetCurrentDirectoryA

  SetErrorMode

  SetEvent

  SetFilePointer

  SetHandleCount

  SetLastError

  SetPriorityClass

  SetStdHandle

  SetThreadPriority

  SizeofResource

  TlsAlloc

  UnhandledExceptionFilter

  UnmapViewOfFile

  VirtualAlloc

  VirtualQuery

  WaitForSingleObject

  WideCharToMultiByte

  WriteConsoleA

  WritePrivateProfileStringA

  lstrcmpiA

  lstrcpyA

  lstrcpynA

  lstrlenA

  ole32

  CLSIDFromProgID

  CoCreateGuid

  CreateBindCtx

  CreateStreamOnHGlobal

  IIDFromString

  StringFromGUID2

  user32

  CallNextHookEx

  CharLowerA

  CharNextA

  CharUpperA

  CheckDlgButton

  ClientToScreen

  CreateWindowExA

  EndPaint

  EqualRect

  FindWindowA

  GetMessagePos

  GetSysColorBrush

  GetSystemMenu

  GetWindowDC

  GetWindowTextA

  IsIconic

  LoadBitmapA

  LoadCursorA

  LoadImageA

  LoadStringA

  MessageBoxA

  MoveWindow

  RegisterClassA

  RegisterClipboardFormatA

  SendDlgItemMessageA

  SetCursor

  SetDlgItemTextA

  SetForegroundWindow

  UpdateWindow

  version

  GetFileVersionInfoA

  GetFileVersionInfoSizeA

  VerQueryValueA

  Sections

  .text

  Size: 32KB - Virtual size: 36KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .bss

  Size: - Virtual size: 236KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 129KB - Virtual size: 132KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ