General

Malware Config

Signatures

Files

• dc864750ce373f5b116f0b2e57720c48

  .exe windows:4 windows x86 arch:x86

  33ce7d8c9951142be786931aa1bd6f11

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_BYTES_REVERSED_LO

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_BYTES_REVERSED_HI

  Imports

  shell32

  ShellExecuteA

  Shell_NotifyIconA

  shlwapi

  StrRetToStrA

  PathIsFileSpecA

  PathAppendA

  PathIsContentTypeA

  SHCreateStreamOnFileEx

  PathCreateFromUrlW

  oleacc

  CreateStdAccessibleObject

  kernel32

  FindAtomA

  OutputDebugStringW

  WideCharToMultiByte

  GetCurrentDirectoryW

  MultiByteToWideChar

  SearchPathW

  LocalAlloc

  ExitProcess

  lstrcmpiW

  VirtualProtect

  SetEnvironmentVariableW

  GetCurrentThreadId

  lstrlenW

  GetModuleFileNameW

  LocalFree

  SetLastError

  EnumResourceLanguagesA

  OutputDebugStringA

  GetFileAttributesW

  GetFileInformationByHandle

  CreateDirectoryW

  GetStringTypeExW

  GetCurrentProcess

  GetModuleHandleA

  VirtualQuery

  DuplicateHandle

  InterlockedExchange

  Sections

  .text

  Size: 152KB - Virtual size: 283KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 132KB - Virtual size: 132KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ