General

Malware Config

Signatures

Files

• d0c3b3e467f21c5ae8880459b00227de

  .exe windows:5 windows x86 arch:x86

  2d5b8aa0b9c44d7fb0c1c4092a9fce18

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  FTTTGR.pdb

  Imports

  powrprof

  ReadGlobalPwrPolicy

  IsPwrHibernateAllowed

  user32

  ShowCaret

  GetWindowRect

  InsertMenuA

  GetClipboardFormatNameA

  SetCursor

  IsWindow

  gdi32

  GetDeviceCaps

  GetObjectW

  GetCharWidthW

  GetPaletteEntries

  GetBitmapBits

  kernel32

  AddConsoleAliasA

  LoadLibraryA

  HeapCreate

  GetProcAddress

  GetCurrentConsoleFont

  GetProcessAffinityMask

  DeleteVolumeMountPointW

  GlobalFindAtomA

  HeapWalk

  EraseTape

  FillConsoleOutputAttribute

  GlobalAddAtomW

  GetConsoleCursorInfo

  SetFileAttributesW

  LockFile

  FindFirstFileA

  GetLocaleInfoW

  EnumSystemLocalesA

  GetModuleHandleA

  winspool.drv

  FindNextPrinterChangeNotification

  ole32

  CoFreeUnusedLibrariesEx

  wininet

  RetrieveUrlCacheEntryStreamW

  msvcrt

  memset

  Sections

  .rda

  Size: 304KB - Virtual size: 302KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 4KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data1

  Size: 20KB - Virtual size: 35KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 24KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ