General

Malware Config

Signatures

Files

• 028dc43c9a2a73a6f1b115ec690b8cc9b188b4bd48668892571561e2611eea20

  .zip

  Password: infected

• 6362084f61fa6a41b8b01b7c62215ad41a2623b69572ce558c33bffaa21f0af9.exe

  .exe windows:5 windows x86 arch:x86

  67a36dd1932b24ae6e480a39581ed178

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  TrackMouseEvent

  ExcludeUpdateRgn

  gdi32

  GetColorAdjustment

  clusapi

  GetClusterFromResource

  kernel32

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  SleepEx

  FindNextVolumeMountPointW

  QueryIdleProcessorCycleTime

  Sleep

  SetEndOfFile

  LocalAlloc

  GetModuleHandleW

  RtlUnwind

  TerminateProcess

  GetCurrentProcess

  Sections

  .text

  Size: 24KB - Virtual size: 23KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 32KB - Virtual size: 29KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 20KB - Virtual size: 23KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  DATA

  Size: 84KB - Virtual size: 81KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CRT

  Size: 4KB - Virtual size: 4B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 4KB - Virtual size: 928B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 4KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ