General

Malware Config

Signatures

Files

• 8d7795e565558f472cef93c4d960ba71676d4a1fd45ddd6d7912223878a8285b

  .zip

  Password: infected

• 204063581a5aac527fc0be421097ddc37b338cedced74ca6858f88f3d31bcc51.exe

  .exe windows:5 windows x86 arch:x86

  99958f84824363d70f77dd17df64c197

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  GetComputerNameA

  CreateFileA

  OpenFile

  SetLocaleInfoA

  WriteConsoleInputW

  DeleteVolumeMountPointA

  VerSetConditionMask

  InterlockedDecrement

  ZombifyActCtx

  SetDefaultCommConfigW

  CreateJobObjectW

  GetProfileSectionA

  MoveFileWithProgressA

  FindNextVolumeMountPointA

  ReadConsoleW

  GetCommandLineA

  CreateActCtxW

  GlobalAlloc

  TerminateThread

  ReadConsoleInputA

  SetConsoleCP

  InterlockedPopEntrySList

  GlobalFlags

  WritePrivateProfileStructW

  WriteConsoleW

  GetTimeZoneInformation

  GetNamedPipeHandleStateW

  GetLargestConsoleWindowSize

  FindFirstFileA

  GetCPInfoExW

  GetLastError

  GetProcAddress

  PeekConsoleInputW

  VerLanguageNameW

  SearchPathA

  GetPrivateProfileStringA

  SetFileApisToOEM

  OpenWaitableTimerA

  LoadLibraryA

  GetConsoleScreenBufferInfo

  IsWow64Process

  BuildCommDCBAndTimeoutsW

  GetNumberFormatW

  FoldStringA

  GlobalFindAtomW

  GetModuleHandleA

  GetProcessShutdownParameters

  OpenFileMappingW

  LocalSize

  GetWindowsDirectoryW

  CloseHandle

  SetStdHandle

  FlushFileBuffers

  WideCharToMultiByte

  InterlockedIncrement

  InterlockedCompareExchange

  InterlockedExchange

  MultiByteToWideChar

  GetStringTypeW

  EncodePointer

  DecodePointer

  Sleep

  InitializeCriticalSection

  DeleteCriticalSection

  EnterCriticalSection

  LeaveCriticalSection

  HeapFree

  HeapReAlloc

  GetCommandLineW

  HeapSetInformation

  GetStartupInfoW

  GetCPInfo

  RaiseException

  RtlUnwind

  HeapAlloc

  LCMapStringW

  IsProcessorFeaturePresent

  HeapCreate

  HeapSize

  GetModuleHandleW

  ExitProcess

  SetUnhandledExceptionFilter

  WriteFile

  GetStdHandle

  GetModuleFileNameW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  SetHandleCount

  InitializeCriticalSectionAndSpinCount

  GetFileType

  TlsAlloc

  TlsGetValue

  TlsSetValue

  TlsFree

  SetLastError

  GetCurrentThreadId

  QueryPerformanceCounter

  GetTickCount

  GetCurrentProcessId

  GetSystemTimeAsFileTime

  UnhandledExceptionFilter

  IsDebuggerPresent

  TerminateProcess

  GetCurrentProcess

  GetLocaleInfoW

  GetACP

  GetOEMCP

  IsValidCodePage

  GetUserDefaultLCID

  GetLocaleInfoA

  EnumSystemLocalesA

  IsValidLocale

  LoadLibraryW

  SetFilePointer

  GetConsoleCP

  GetConsoleMode

  CreateFileW

  user32

  CharToOemBuffW

  CharUpperW

  Sections

  .text

  Size: 191KB - Virtual size: 190KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 6KB - Virtual size: 3.5MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 105KB - Virtual size: 104KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ