General

Malware Config

Signatures

Files

• ca29d1197a6ce2c0a57740829d144f9e

  .exe windows:4 windows x86 arch:x86

  deb93111e3b89c3e612108279457f8ba

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  shell32

  SHGetFileInfoA

  DragAcceptFiles

  kernel32

  FreeLibrary

  LocalFree

  WriteFile

  GetThreadLocale

  HeapReAlloc

  LCMapStringW

  GetStringTypeA

  GetUserDefaultLCID

  LocalAlloc

  GlobalUnlock

  HeapAlloc

  GlobalAlloc

  GlobalReAlloc

  GetPrivateProfileStringA

  GetStringTypeW

  LCMapStringA

  FindClose

  GetTimeZoneInformation

  GetVersionExA

  VirtualAlloc

  IsBadWritePtr

  FlushFileBuffers

  HeapCreate

  HeapSize

  GetStartupInfoA

  IsValidCodePage

  TlsAlloc

  UnlockFile

  GetStdHandle

  WideCharToMultiByte

  CompareStringW

  GlobalGetAtomNameA

  CreateFileA

  DeleteCriticalSection

  EnterCriticalSection

  GetLocalTime

  GlobalFlags

  GlobalFree

  HeapDestroy

  WritePrivateProfileStringA

  advapi32

  AdjustTokenPrivileges

  RegQueryValueExA

  RegQueryInfoKeyA

  RegOpenKeyExA

  RegDeleteValueA

  RegCreateKeyExA

  RegDeleteKeyA

  RegRestoreKeyA

  RegEnumValueA

  OpenProcessToken

  LookupPrivilegeValueA

  RegCloseKey

  RegSetValueExA

  RegOpenKeyA

  user32

  PeekMessageA

  BeginPaint

  IsIconic

  EqualRect

  DestroyWindow

  SetWindowsHookExA

  GetMenuState

  ReleaseDC

  CallMsgFilterA

  GetMessageTime

  gdi32

  SetMapMode

  GetDeviceCaps

  CreateDIBPatternBrushPt

  SetWindowOrgEx

  SelectClipPath

  RectVisible

  SetTextJustification

  GetStockObject

  OffsetViewportOrgEx

  GetWindowExtEx

  PlayMetaFile

  CreateRectRgn

  CreatePatternBrush

  GetCurrentPositionEx

  StartDocA

  PolylineTo

  msi

  MsiDatabaseExportA

  MsiConfigureProductA

  MsiDatabaseCommit

  MsiConfigureFeatureW

  setupapi

  SetupOpenInfFileA

  SetupDiEnumDriverInfoA

  SetupDiCreateDeviceInfoA

  SetupDiSetDeviceInstallParamsA

  SetupGetStringFieldA

  SetupDiGetDeviceInstallParamsA

  SetupDiSetSelectedDriverA

  SetupFindNextLine

  SetupCloseInfFile

  SetupDiOpenDevRegKey

  SetupDiBuildDriverInfoList

  SetupDiSetDeviceRegistryPropertyA

  SetupDiEnumDeviceInfo

  SetupDiClassGuidsFromNameA

  SetupFindFirstLineA

  samlib

  SamiEncryptPasswords

  SamTestPrivateFunctionsUser

  SamRemoveMultipleMembersFromAlias

  SamConnectWithCreds

  comdlg32

  GetFileTitleA

  Sections

  .text

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .idata

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 512B - Virtual size: 44B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 15KB - Virtual size: 72KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 512B - Virtual size: 212B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ