General

Malware Config

Signatures

Files

• without_readme_cd4a0b371cd7dc9dab6b442b0583550c

  .exe windows:5 windows x64 arch:x64

  8e94250c88a6c0e478828f96bcbb1662

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  wsock32

  gethostbyname

  recv

  send

  socket

  inet_ntoa

  setsockopt

  ntohs

  WSACleanup

  WSAStartup

  sendto

  htons

  __WSAFDIsSet

  select

  accept

  listen

  bind

  inet_addr

  ioctlsocket

  recvfrom

  WSAGetLastError

  closesocket

  gethostname

  connect

  version

  GetFileVersionInfoW

  VerQueryValueW

  GetFileVersionInfoSizeW

  winmm

  timeGetTime

  waveOutSetVolume

  mciSendStringW

  comctl32

  ImageList_ReplaceIcon

  ImageList_Destroy

  ImageList_Remove

  ImageList_SetDragCursorImage

  ImageList_BeginDrag

  ImageList_DragEnter

  ImageList_DragLeave

  ImageList_EndDrag

  ImageList_DragMove

  InitCommonControlsEx

  ImageList_Create

  mpr

  WNetGetConnectionW

  WNetCancelConnection2W

  WNetUseConnectionW

  WNetAddConnection2W

  wininet

  HttpOpenRequestW

  InternetCloseHandle

  InternetOpenW

  InternetSetOptionW

  InternetCrackUrlW

  HttpQueryInfoW

  InternetQueryOptionW

  InternetConnectW

  HttpSendRequestW

  FtpOpenFileW

  FtpGetFileSize

  InternetOpenUrlW

  InternetReadFile

  InternetQueryDataAvailable

  psapi

  GetProcessMemoryInfo

  iphlpapi

  IcmpSendEcho

  IcmpCloseHandle

  IcmpCreateFile

  userenv

  DestroyEnvironmentBlock

  LoadUserProfileW

  CreateEnvironmentBlock

  UnloadUserProfile

  uxtheme

  IsThemeActive

  kernel32

  WaitForSingleObject

  HeapAlloc

  GetProcessHeap

  HeapFree

  Sleep

  GetCurrentThreadId

  MultiByteToWideChar

  MulDiv

  GetVersionExW

  IsWow64Process

  GetSystemInfo

  FreeLibrary

  LoadLibraryA

  GetProcAddress

  SetErrorMode

  GetModuleFileNameW

  WideCharToMultiByte

  lstrcpyW

  lstrlenW

  GetModuleHandleW

  QueryPerformanceCounter

  VirtualFreeEx

  OpenProcess

  VirtualAllocEx

  WriteProcessMemory

  ReadProcessMemory

  CreateFileW

  SetFilePointerEx

  SetEndOfFile

  ReadFile

  WriteFile

  FlushFileBuffers

  TerminateProcess

  CreateToolhelp32Snapshot

  Process32FirstW

  Process32NextW

  SetFileTime

  GetFileAttributesW

  FindFirstFileW

  FindClose

  GetLongPathNameW

  GetShortPathNameW

  DeleteFileW

  FindNextFileW

  CopyFileExW

  GetFullPathNameW

  CreateDirectoryW

  RemoveDirectoryW

  SetSystemPowerState

  QueryPerformanceFrequency

  LoadResource

  LockResource

  SizeofResource

  OutputDebugStringW

  GetTempPathW

  GetTempFileNameW

  DeviceIoControl

  LoadLibraryW

  GetLocalTime

  CompareStringW

  EnterCriticalSection

  DuplicateHandle

  GetStdHandle

  CreatePipe

  TerminateThread

  LoadLibraryExW

  FindResourceExW

  CopyFileW

  VirtualFree

  FormatMessageW

  GetExitCodeProcess

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  GetPrivateProfileSectionW

  WritePrivateProfileSectionW

  GetPrivateProfileSectionNamesW

  FileTimeToLocalFileTime

  FileTimeToSystemTime

  SystemTimeToFileTime

  LocalFileTimeToFileTime

  GetDriveTypeW

  GetDiskFreeSpaceExW

  GetDiskFreeSpaceW

  GetVolumeInformationW

  SetVolumeLabelW

  CreateHardLinkW

  SetFileAttributesW

  CreateEventW

  SetEvent

  GetEnvironmentVariableW

  SetEnvironmentVariableW

  GlobalLock

  GlobalUnlock

  GlobalAlloc

  GetFileSize

  GlobalFree

  GlobalMemoryStatusEx

  Beep

  GetSystemDirectoryW

  HeapReAlloc

  HeapSize

  GetComputerNameW

  GetWindowsDirectoryW

  GetCurrentProcessId

  GetProcessIoCounters

  CreateProcessW

  GetProcessId

  SetPriorityClass

  VirtualAlloc

  SetCurrentDirectoryW

  IsDebuggerPresent

  GetCurrentDirectoryW

  lstrcmpiW

  GetLastError

  RaiseException

  InitializeCriticalSectionAndSpinCount

  DeleteCriticalSection

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetStartupInfoW

  IsProcessorFeaturePresent

  GetSystemTimeAsFileTime

  CreateThread

  GetCurrentProcess

  GetCurrentThread

  LeaveCriticalSection

  InitializeSListHead

  RtlUnwindEx

  RtlPcToFileHeader

  SetLastError

  TlsAlloc

  ResetEvent

  WaitForSingleObjectEx

  TlsGetValue

  TlsSetValue

  TlsFree

  EncodePointer

  ExitProcess

  GetModuleHandleExW

  ExitThread

  ResumeThread

  FreeLibraryAndExitThread

  GetACP

  GetDateFormatW

  GetTimeFormatW

  LCMapStringW

  GetStringTypeW

  GetFileType

  SetStdHandle

  GetConsoleCP

  GetConsoleMode

  ReadConsoleW

  GetTimeZoneInformation

  FindFirstFileExW

  IsValidCodePage

  GetOEMCP

  GetCPInfo

  GetCommandLineA

  GetCommandLineW

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  SetEnvironmentVariableA

  CloseHandle

  WriteConsoleW

  MoveFileW

  RtlCaptureContext

  user32

  GetMenuStringW

  GetSubMenu

  GetCaretPos

  IsZoomed

  GetWindowLongW

  GetMonitorInfoW

  SetWindowLongW

  SetLayeredWindowAttributes

  FlashWindow

  GetClassLongPtrW

  TranslateAcceleratorW

  IsDialogMessageW

  GetSysColor

  InflateRect

  DrawFocusRect

  DrawTextW

  FrameRect

  DrawFrameControl

  FillRect

  PtInRect

  DestroyAcceleratorTable

  CreateAcceleratorTableW

  SetCursor

  GetWindowDC

  GetSystemMetrics

  SetWindowLongPtrW

  GetActiveWindow

  CharNextW

  wsprintfW

  RedrawWindow

  DrawMenuBar

  DestroyMenu

  SetMenu

  GetWindowTextLengthW

  CreateMenu

  IsDlgButtonChecked

  DefDlgProcW

  CallWindowProcW

  ReleaseCapture

  SetCapture

  BlockInput

  GetMessageW

  LockWindowUpdate

  DispatchMessageW

  TranslateMessage

  PeekMessageW

  GetInputState

  UnregisterHotKey

  CharLowerBuffW

  MonitorFromPoint

  MonitorFromRect

  LoadImageW

  mouse_event

  ExitWindowsEx

  SetActiveWindow

  FindWindowExW

  EnumThreadWindows

  IsCharUpperW

  InsertMenuItemW

  IsMenu

  TrackPopupMenuEx

  GetCursorPos

  DeleteMenu

  CheckMenuRadioItem

  GetMenuItemID

  GetMenuItemCount

  SetMenuItemInfoW

  GetMenuItemInfoW

  SetForegroundWindow

  IsIconic

  FindWindowW

  GetClipboardData

  keybd_event

  SendInput

  GetAsyncKeyState

  SetKeyboardState

  GetKeyboardState

  GetKeyState

  VkKeyScanW

  LoadStringW

  DialogBoxParamW

  MessageBeep

  EndDialog

  SendDlgItemMessageW

  GetDlgItem

  SetWindowTextW

  CopyRect

  ReleaseDC

  GetDC

  EndPaint

  BeginPaint

  GetClientRect

  GetMenu

  DestroyWindow

  EnumWindows

  GetDesktopWindow

  IsWindow

  IsWindowEnabled

  IsWindowVisible

  EnableWindow

  InvalidateRect

  GetWindowThreadProcessId

  AttachThreadInput

  GetFocus

  GetWindowTextW

  ScreenToClient

  SendMessageTimeoutW

  EnumChildWindows

  CharUpperBuffW

  GetClassNameW

  GetParent

  GetDlgCtrlID

  SendMessageW

  MapVirtualKeyW

  PostMessageW

  IsCharLowerW

  IsCharAlphaNumericW

  IsCharAlphaW

  GetKeyboardLayoutNameW

  ClientToScreen

  RegisterHotKey

  GetCursorInfo

  SetWindowPos

  CopyImage

  AdjustWindowRectEx

  SetRect

  SetClipboardData

  EmptyClipboard

  CountClipboardFormats

  SetMenuDefaultItem

  CloseClipboard

  GetWindowRect

  SetUserObjectSecurity

  IsClipboardFormatAvailable

  CloseDesktop

  CloseWindowStation

  OpenDesktopW

  SetProcessWindowStation

  GetProcessWindowStation

  OpenWindowStationW

  GetUserObjectSecurity

  MessageBoxW

  DefWindowProcW

  MoveWindow

  SetFocus

  PostQuitMessage

  KillTimer

  CreatePopupMenu

  RegisterWindowMessageW

  SetTimer

  ShowWindow

  CreateWindowExW

  RegisterClassExW

  LoadIconW

  LoadCursorW

  GetSysColorBrush

  GetForegroundWindow

  MessageBoxA

  DestroyIcon

  SystemParametersInfoW

  OpenClipboard

  GetWindowLongPtrW

  gdi32

  EndPath

  DeleteObject

  GetDeviceCaps

  ExtCreatePen

  StrokePath

  SetPixel

  CloseFigure

  LineTo

  AngleArc

  MoveToEx

  Ellipse

  PolyDraw

  GetTextExtentPoint32W

  CreateCompatibleBitmap

  BeginPath

  Rectangle

  SetViewportOrgEx

  GetObjectW

  SetBkMode

  RoundRect

  SetBkColor

  CreatePen

  CreateSolidBrush

  SetTextColor

  CreateFontW

  GetTextFaceW

  GetStockObject

  CreateDCW

  GetPixel

  DeleteDC

  GetDIBits

  StretchBlt

  SelectObject

  CreateCompatibleDC

  StrokeAndFillPath

  comdlg32

  GetSaveFileNameW

  GetOpenFileNameW

  advapi32

  GetAce

  RegEnumValueW

  RegDeleteValueW

  RegDeleteKeyW

  RegEnumKeyExW

  RegOpenKeyExW

  RegCloseKey

  RegQueryValueExW

  RegConnectRegistryW

  InitializeSecurityDescriptor

  InitializeAcl

  AdjustTokenPrivileges

  OpenThreadToken

  OpenProcessToken

  LookupPrivilegeValueW

  DuplicateTokenEx

  CreateProcessAsUserW

  CreateProcessWithLogonW

  GetLengthSid

  CopySid

  LogonUserW

  AllocateAndInitializeSid

  CheckTokenMembership

  FreeSid

  GetTokenInformation

  RegSetValueExW

  GetSecurityDescriptorDacl

  GetAclInformation

  RegCreateKeyExW

  AddAce

  SetSecurityDescriptorDacl

  InitiateSystemShutdownExW

  GetUserNameW

  shell32

  DragFinish

  DragQueryPoint

  ShellExecuteExW

  DragQueryFileW

  SHEmptyRecycleBinW

  SHGetPathFromIDListW

  SHBrowseForFolderW

  SHCreateShellItem

  SHGetDesktopFolder

  SHGetSpecialFolderLocation

  SHGetFolderPathW

  SHFileOperationW

  ExtractIconExW

  Shell_NotifyIconW

  ShellExecuteW

  ole32

  CoTaskMemAlloc

  CoTaskMemFree

  CLSIDFromString

  ProgIDFromCLSID

  CLSIDFromProgID

  OleSetMenuDescriptor

  MkParseDisplayName

  OleSetContainedObject

  CoCreateInstance

  IIDFromString

  StringFromGUID2

  CreateStreamOnHGlobal

  OleInitialize

  OleUninitialize

  CoInitialize

  CoUninitialize

  GetRunningObjectTable

  CoGetInstanceFromFile

  CoGetObject

  CoInitializeSecurity

  CoCreateInstanceEx

  CoSetProxyBlanket

  oleaut32

  VariantChangeType

  DispCallFunc

  CreateStdDispatch

  CreateDispTypeInfo

  UnRegisterTypeLi

  UnRegisterTypeLibForUser

  RegisterTypeLibForUser

  RegisterTypeLi

  LoadTypeLibEx

  VariantCopyInd

  VariantTimeToSystemTime

  SysFreeString

  SafeArrayDestroyDescriptor

  SafeArrayDestroyData

  SafeArrayUnaccessData

  VariantInit

  VariantClear

  VariantCopy

  SysAllocString

  SafeArrayCreateVector

  VarR8FromDec

  SafeArrayAllocDescriptorEx

  SafeArrayAllocData

  SysStringLen

  SafeArrayGetVartype

  OleLoadPicture

  QueryPathOfRegTypeLi

  SysReAllocString

  SafeArrayAccessData

  Sections

  .text

  Size: 717KB - Virtual size: 716KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 209KB - Virtual size: 208KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 20KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 28KB - Virtual size: 27KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 57KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 3KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ