General

Malware Config

Signatures

Files

• f6874e007b74ceda33dc9250426a5977430a41c5419755a6c457c5857572b35c

  .exe windows:4 windows x86 arch:x86

  1eba0e4e18dc7fbf4c64ce2dfffa139d

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LCMapStringA

  LoadLibraryA

  FreeLibrary

  GetCommandLineA

  GetFileSize

  GetStartupInfoA

  CreateProcessA

  DeleteFileA

  CreateDirectoryA

  GetLocalTime

  WriteFile

  SetFilePointer

  GetTickCount

  Sleep

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GlobalFree

  GetUserDefaultLCID

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  GetModuleFileNameA

  GetProcAddress

  IsBadReadPtr

  HeapReAlloc

  ExitProcess

  LocalSize

  DeleteCriticalSection

  LeaveCriticalSection

  EnterCriticalSection

  InitializeCriticalSection

  lstrcmpA

  lstrlenA

  WaitForSingleObject

  ReleaseMutex

  OpenMutexA

  VirtualFree

  SetStdHandle

  IsBadCodePtr

  GetStringTypeW

  GetStringTypeA

  LCMapStringW

  SetUnhandledExceptionFilter

  IsBadWritePtr

  GetVersionExA

  GetEnvironmentVariableA

  GetFileType

  GetStdHandle

  SetHandleCount

  GetEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsW

  FreeEnvironmentStringsA

  UnhandledExceptionFilter

  GetACP

  HeapSize

  RaiseException

  TerminateProcess

  RtlUnwind

  VirtualAlloc

  lstrcmpiW

  GetOEMCP

  GetCPInfo

  FlushFileBuffers

  GetCurrentProcess

  SetErrorMode

  GetProcessVersion

  FindResourceA

  LoadResource

  LockResource

  GetVersion

  GlobalGetAtomNameA

  GlobalAddAtomA

  GlobalFindAtomA

  SetLastError

  lstrcpyA

  GlobalFlags

  MulDiv

  TlsGetValue

  LocalReAlloc

  TlsSetValue

  GlobalReAlloc

  TlsFree

  GlobalHandle

  TlsAlloc

  LocalFree

  LocalAlloc

  lstrcmpW

  lstrlenW

  HeapCreate

  HeapDestroy

  RtlZeroMemory

  InterlockedDecrement

  InterlockedIncrement

  Process32Next

  Process32First

  GetTimeFormatA

  GetDateFormatA

  MultiByteToWideChar

  HeapFree

  HeapAlloc

  GetProcessHeap

  ReadFile

  GlobalDeleteAtom

  lstrcmpiA

  GetCurrentThread

  GetCurrentThreadId

  GetFileSizeEx

  CreateFileA

  CreateThread

  lstrcatA

  RtlMoveMemory

  GetComputerNameExA

  SetDllDirectoryA

  WideCharToMultiByte

  CloseHandle

  lstrcpynA

  OpenProcess

  Module32First

  CreateToolhelp32Snapshot

  GetModuleHandleA

  GetLastError

  user32

  DefMDIChildProcA

  ReleaseCapture

  LoadCursorA

  PeekMessageA

  wsprintfA

  SetMenuDefaultItem

  SetMenuItemBitmaps

  SetMenuItemInfoA

  CheckMenuItem

  RemoveMenu

  MenuItemFromPoint

  GetMenuDefaultItem

  GetMenuInfo

  GetMenuState

  GetMenuItemRect

  GetMenuItemInfoA

  GetMenuStringA

  TrackPopupMenu

  SetForegroundWindow

  CheckMenuRadioItem

  GetMenuItemID

  GetSubMenu

  SetMenuInfo

  InsertMenuA

  GetMenuItemCount

  AppendMenuA

  DestroyMenu

  LoadMenuA

  GetSystemMenu

  CreatePopupMenu

  CreateMenu

  RegisterClassExA

  SetActiveWindow

  UnregisterHotKey

  RegisterHotKey

  RegisterWindowMessageA

  DrawMenuBar

  SetMenu

  GetMenu

  GetLastActivePopup

  SetWindowsHookExA

  GetCursorPos

  CallNextHookEx

  GetKeyState

  GetActiveWindow

  GetNextDlgTabItem

  EnableMenuItem

  SetCapture

  LoadBitmapA

  GetMenuCheckMarkDimensions

  RegisterClipboardFormatA

  PtInRect

  GetDlgCtrlID

  GetWindow

  ClientToScreen

  UnhookWindowsHookEx

  GetDC

  ReleaseDC

  TabbedTextOutA

  DrawTextA

  GrayStringA

  SendDlgItemMessageA

  GetWindowPlacement

  SystemParametersInfoA

  GetForegroundWindow

  GetMessagePos

  GetMessageTime

  RegisterClassA

  GetClassInfoA

  WinHelpA

  GetCapture

  GetTopWindow

  CopyRect

  AdjustWindowRectEx

  MapWindowPoints

  LoadIconA

  GetSysColorBrush

  LoadStringA

  UnregisterClassA

  PostThreadMessageA

  CreateDialogIndirectParamA

  EndDialog

  SetCursor

  TrackMouseEvent

  DestroyIcon

  PostQuitMessage

  SetWindowLongA

  DestroyCursor

  CreateWindowExA

  GetWindowLongA

  GetDlgItem

  GetClassNameA

  SetFocus

  GetWindowRect

  ScreenToClient

  InvalidateRect

  ValidateRect

  UpdateWindow

  MoveWindow

  SetWindowPos

  PostMessageA

  SetParent

  IsWindowVisible

  ShowWindow

  IsWindowEnabled

  EnableWindow

  DefWindowProcA

  DestroyWindow

  GetClientRect

  GetAsyncKeyState

  CallWindowProcA

  EndPaint

  BeginPaint

  GetWindowThreadProcessId

  IsWindow

  DispatchMessageA

  TranslateMessage

  IsDialogMessageA

  TranslateAcceleratorA

  SendMessageA

  GetParent

  IsChild

  GetFocus

  GetMessageA

  ModifyMenuA

  GetSystemMetrics

  IsZoomed

  IsIconic

  GetSysColor

  FillRect

  SetClassLongA

  GetClassLongA

  SetRect

  SetWindowRgn

  RemovePropA

  GetPropA

  SetPropA

  MessageBoxA

  SetWindowTextA

  GetWindowTextA

  GetWindowTextLengthA

  atl

  ord42

  shlwapi

  StrToIntW

  PathRemoveFileSpecA

  PathRemoveBackslashA

  PathFileExistsA

  PathFindFileNameA

  StrToIntExW

  ws2_32

  gethostname

  WSACleanup

  WSAGetLastError

  WSAStartup

  ole32

  OleFlushClipboard

  CoRevokeClassObject

  CoRegisterMessageFilter

  CoFreeUnusedLibraries

  OleIsCurrentClipboard

  OleInitialize

  CoInitialize

  CoUninitialize

  OleRun

  CoCreateInstance

  CLSIDFromString

  CLSIDFromProgID

  OleUninitialize

  oleaut32

  SystemTimeToVariantTime

  VariantInit

  SafeArrayGetDim

  SafeArrayGetLBound

  SafeArrayGetUBound

  SafeArrayAccessData

  SafeArrayUnaccessData

  SafeArrayGetElemsize

  VarR8FromCy

  VarR8FromBool

  VariantChangeType

  LoadTypeLi

  LHashValOfNameSys

  RegisterTypeLi

  VariantCopy

  SafeArrayCreate

  SysAllocString

  VariantClear

  SafeArrayDestroy

  VariantTimeToSystemTime

  shell32

  Shell_NotifyIconA

  DragAcceptFiles

  DragFinish

  DragQueryFileA

  gdi32

  CreateSolidBrush

  StretchBlt

  SetStretchBltMode

  CreateRoundRectRgn

  CombineRgn

  ExtCreateRegion

  BitBlt

  SelectObject

  DeleteDC

  CreateDIBSection

  CreateCompatibleDC

  GetObjectA

  GetStockObject

  DeleteObject

  CreatePatternBrush

  CreateBitmap

  SaveDC

  RestoreDC

  SetBkColor

  SetTextColor

  SetMapMode

  SetViewportOrgEx

  OffsetViewportOrgEx

  SetViewportExtEx

  ScaleViewportExtEx

  SetWindowExtEx

  ScaleWindowExtEx

  GetClipBox

  Escape

  ExtTextOutA

  TextOutA

  RectVisible

  PtVisible

  GetDeviceCaps

  winspool.drv

  OpenPrinterA

  ClosePrinter

  DocumentPropertiesA

  advapi32

  RegSetValueExA

  RegOpenKeyExA

  RegCreateKeyExA

  RegCloseKey

  comctl32

  ord17

  oledlg

  ord8

  Sections

  .text

  Size: 468KB - Virtual size: 464KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 28KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 804KB - Virtual size: 864KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE