General

Malware Config

Signatures

Files

• d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.zip

  .zip

  Password: infected

• d765e722e295969c0a5c2d90f549db8b89ab617900bf4698db41c7cdad993bb9.exe

  .exe windows:5 windows x86 arch:x86

  7e8ad4139efc6cbcf31df3bc4b291dd8

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvcrt

  _except_handler3

  memcpy

  memmove

  _vsnprintf

  _vsnwprintf

  _purecall

  memset

  kernel32

  LoadLibraryW

  FreeLibrary

  GetProcAddress

  WideCharToMultiByte

  MultiByteToWideChar

  lstrcmpA

  GlobalLock

  GlobalAlloc

  GlobalUnlock

  GlobalFree

  CreateMutexW

  ReleaseMutex

  FindResourceExW

  LoadResource

  SizeofResource

  LockResource

  CreateProcessW

  SetFilePointerEx

  FindNextFileW

  SystemTimeToFileTime

  FileTimeToSystemTime

  FileTimeToLocalFileTime

  GetSystemTime

  GetDateFormatW

  GetTimeFormatW

  GetCurrentThreadId

  HeapReAlloc

  HeapAlloc

  HeapFree

  GetProcessHeap

  GetEnvironmentVariableW

  CopyFileExW

  GetUserDefaultUILanguage

  DeleteCriticalSection

  FindClose

  FindFirstFileW

  DeleteFileW

  GetFileTime

  SetLastError

  GetFileSizeEx

  FlushFileBuffers

  ReadFile

  WriteFile

  SetFileTime

  ResumeThread

  EnterCriticalSection

  LeaveCriticalSection

  InitializeCriticalSection

  QueryPerformanceCounter

  SetFileAttributesW

  CreateFileW

  GetFileAttributesW

  Sleep

  GetTickCount

  MoveFileExW

  ExpandEnvironmentStringsW

  GetVolumeInformationW

  GetDiskFreeSpaceExW

  WaitForMultipleObjects

  ResetEvent

  GetTempPathW

  GetLogicalDrives

  GetDriveTypeW

  LocalFree

  CloseHandle

  CreateEventW

  GetLastError

  GetHandleInformation

  SetThreadPriority

  GetModuleFileNameW

  GetCurrentThread

  GetModuleHandleW

  SetEvent

  GetComputerNameW

  WaitForSingleObject

  SetErrorMode

  GetCommandLineW

  ExitProcess

  CreateThread

  user32

  MessageBoxIndirectW

  InSendMessage

  ClientToScreen

  GetWindowLongW

  GetClassNameW

  GetCaretPos

  TrackPopupMenu

  AppendMenuW

  GetCursorPos

  CreatePopupMenu

  SetMenuDefaultItem

  DestroyMenu

  LoadIconW

  CloseClipboard

  EmptyClipboard

  OpenClipboard

  SetClipboardData

  SystemParametersInfoW

  ScrollWindowEx

  GetSystemMetrics

  UpdateWindow

  SetScrollInfo

  MessageBoxW

  EndPaint

  ScreenToClient

  GetWindowRect

  DrawTextW

  GetParent

  GetClientRect

  IsDialogMessageW

  DestroyWindow

  BeginPaint

  DrawFocusRect

  IntersectRect

  GetDlgItem

  SendMessageW

  GetDlgCtrlID

  SetWindowTextW

  MoveWindow

  GetDC

  ReleaseDC

  CharLowerW

  PostQuitMessage

  MsgWaitForMultipleObjects

  TranslateMessage

  PeekMessageW

  DispatchMessageW

  SetTimer

  PostMessageW

  SetFocus

  RegisterClassExW

  FlashWindowEx

  InvalidateRect

  GetWindowTextW

  MonitorFromWindow

  SetWindowPos

  ShowWindow

  GetForegroundWindow

  AdjustWindowRectEx

  IsWindowVisible

  GetMonitorInfoW

  DefWindowProcW

  DialogBoxParamW

  SetWindowLongW

  EndDialog

  CreateDialogParamW

  MonitorFromPoint

  UnregisterClassW

  SetForegroundWindow

  GetKeyState

  ReplyMessage

  GetScrollInfo

  CreateWindowExW

  advapi32

  CryptAcquireContextW

  RegSetValueExW

  RegEnumKeyExW

  RegFlushKey

  CryptSetKeyParam

  CryptGetKeyParam

  CryptReleaseContext

  CryptImportKey

  CryptEncrypt

  CryptGenKey

  CryptDestroyKey

  CryptDecrypt

  CryptGetHashParam

  CryptCreateHash

  CryptDestroyHash

  CryptHashData

  RegCreateKeyExW

  RegCloseKey

  CryptExportKey

  RegQueryValueExW

  RegQueryInfoKeyW

  RegDeleteKeyW

  RegDeleteValueW

  RegEnumValueW

  RegOpenKeyExW

  shell32

  SHGetFileInfoW

  SHGetFolderPathW

  ShellExecuteExW

  CommandLineToArgvW

  uxtheme

  SetWindowTheme

  gdi32

  GetDeviceCaps

  CreateSolidBrush

  GetObjectW

  CreateCompatibleDC

  SelectObject

  DeleteObject

  SetBkMode

  SetBkColor

  DeleteDC

  SetTextColor

  GetObjectA

  CreateFontIndirectW

  comctl32

  InitCommonControlsEx

  ord413

  ord410

  shlwapi

  StrCmpW

  StrCmpNW

  StrCmpIW

  PathMatchSpecW

  PathRemoveBackslashW

  PathAddBackslashW

  ord12

  PathFindFileNameW

  PathRemoveFileSpecW

  PathUnquoteSpacesW

  StrChrW

  PathQuoteSpacesW

  msimg32

  AlphaBlend

  winhttp

  WinHttpConnect

  WinHttpCloseHandle

  WinHttpQueryHeaders

  WinHttpWriteData

  WinHttpOpenRequest

  WinHttpReadData

  WinHttpAddRequestHeaders

  WinHttpSendRequest

  WinHttpReceiveResponse

  WinHttpOpen

  gdiplus

  GdipAlloc

  GdipDisposeImage

  GdipCreateHBITMAPFromBitmap

  GdipCloneImage

  GdiplusStartup

  GdipDeleteBrush

  GdipCreateBitmapFromStream

  GdipCreateFontFromLogfontA

  GdipSetStringFormatLineAlign

  GdipDeleteFont

  GdipDeleteGraphics

  GdipDrawImageRectI

  GdipSetStringFormatAlign

  GdipCreateSolidFill

  GdipDrawString

  GdipCreateFromHDC

  GdipSetStringFormatHotkeyPrefix

  GdipCreateStringFormat

  GdipDeleteStringFormat

  GdipCreateFontFromDC

  GdipGetImageHeight

  GdipGetImageWidth

  GdiplusShutdown

  GdipFree

  GdipCloneBrush

  ole32

  CoInitializeEx

  CoUninitialize

  CoTaskMemFree

  StringFromGUID2

  crypt32

  CryptImportPublicKeyInfo

  CryptStringToBinaryA

  CryptDecodeObjectEx

  Sections

  .text

  Size: 63KB - Virtual size: 62KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 248KB - Virtual size: 247KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ