General

Malware Config

Signatures

Files

• fce7f39135c20f0637e664affdc20b5c4ccc90db44bd6bd1c795741442f0ce5f

  .exe windows:4 windows x86 arch:x86

  b3479fcf1475cc035ac59d1334f7f98c

  
  

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  LeaveCriticalSection

  InitializeCriticalSection

  EnterCriticalSection

  LoadLibraryA

  GetProcAddress

  FreeLibrary

  GetCommandLineA

  GlobalAlloc

  GlobalLock

  GlobalUnlock

  GlobalFree

  GetUserDefaultLCID

  SetFileAttributesA

  WriteFile

  CopyFileA

  SetCurrentDirectoryA

  GetModuleFileNameA

  FindFirstFileA

  RemoveDirectoryA

  DeleteFileA

  FindNextFileA

  FindClose

  GetTickCount

  GetStartupInfoA

  GetFileSize

  ReadFile

  SetFilePointer

  CreateFileA

  Sleep

  GetEnvironmentVariableA

  IsBadReadPtr

  HeapReAlloc

  ExitProcess

  GetModuleHandleA

  lstrcpyA

  DeleteTimerQueueTimer

  CreateTimerQueueTimer

  TerminateProcess

  WideCharToMultiByte

  MultiByteToWideChar

  LCMapStringA

  GetCurrentThreadId

  GetProcessHeap

  InterlockedDecrement

  InterlockedIncrement

  CreateTimerQueue

  CreateIoCompletionPort

  lstrcpyn

  Module32First

  CreateToolhelp32Snapshot

  CreateEventA

  HeapValidate

  PostQueuedCompletionStatus

  GetQueuedCompletionStatus

  CreateThread

  GetSystemInfo

  HeapDestroy

  CloseHandle

  HeapFree

  HeapAlloc

  HeapCreate

  LocalSize

  RtlMoveMemory

  WaitForSingleObject

  CreateProcessA

  GetCurrentProcessId

  InterlockedExchange

  SetStdHandle

  IsBadCodePtr

  LoadResource

  SizeofResource

  FindResourceA

  MoveFileA

  CreateDirectoryA

  DeleteCriticalSection

  TerminateThread

  lstrlenA

  GetTempPathA

  GetSystemDirectoryA

  GetWindowsDirectoryA

  GetVersionExA

  GetCurrentProcess

  Process32Next

  Process32First

  OpenProcess

  SetLastError

  lstrcatA

  LockResource

  GetVersion

  GetCurrentThread

  lstrcmpiA

  lstrcmpA

  GlobalDeleteAtom

  MulDiv

  LocalFree

  FlushFileBuffers

  lstrcpynA

  LocalAlloc

  TlsAlloc

  GlobalHandle

  TlsFree

  GlobalReAlloc

  TlsSetValue

  LocalReAlloc

  TlsGetValue

  GlobalFlags

  WritePrivateProfileStringA

  GlobalFindAtomA

  GlobalAddAtomA

  GlobalGetAtomNameA

  GetProcessVersion

  SetErrorMode

  GetCPInfo

  GetOEMCP

  RtlUnwind

  RaiseException

  HeapSize

  GetACP

  UnhandledExceptionFilter

  FreeEnvironmentStringsA

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  GetEnvironmentStringsW

  SetHandleCount

  GetStdHandle

  GetFileType

  VirtualFree

  VirtualAlloc

  IsBadWritePtr

  LCMapStringW

  SetUnhandledExceptionFilter

  GetStringTypeA

  GetStringTypeW

  GetLastError

  user32

  GetMenuCheckMarkDimensions

  RegisterClipboardFormatA

  ClientToScreen

  TabbedTextOutA

  DrawTextA

  GrayStringA

  UnhookWindowsHookEx

  DestroyWindow

  CreateDialogIndirectParamA

  EndDialog

  GetDlgCtrlID

  SetWindowTextA

  GetMenuItemCount

  SendDlgItemMessageA

  IsDialogMessageA

  SetWindowPos

  SetFocus

  GetWindowPlacement

  IsIconic

  GetMessagePos

  GetMessageTime

  DefWindowProcA

  RemovePropA

  GetClassLongA

  CreateWindowExA

  GetMenuItemID

  GetWindowLongA

  GetMenu

  RegisterClassA

  GetClassInfoA

  WinHelpA

  GetCapture

  GetTopWindow

  LoadBitmapA

  CopyRect

  AdjustWindowRectEx

  GetSysColor

  MapWindowPoints

  LoadIconA

  LoadCursorA

  GetSysColorBrush

  LoadStringA

  UnregisterClassA

  PostThreadMessageA

  DestroyMenu

  GetWindowTextA

  GetDlgItem

  ShowWindow

  UpdateWindow

  SystemParametersInfoA

  GetDC

  ReleaseDC

  GetWindowThreadProcessId

  GetClassNameA

  GetWindowRect

  GetSystemMetrics

  GetMenuState

  ModifyMenuA

  SetMenuItemBitmaps

  CheckMenuItem

  EnableMenuItem

  GetFocus

  GetNextDlgTabItem

  GetKeyState

  CallNextHookEx

  ValidateRect

  SetWindowsHookExA

  GetLastActivePopup

  SetCursor

  PostMessageA

  PostQuitMessage

  GetWindow

  GetCursorPos

  PeekMessageA

  GetMessageA

  TranslateMessage

  DispatchMessageA

  wsprintfA

  MessageBoxA

  GetClientRect

  GetPropA

  SetPropA

  CreateIconFromResource

  SendMessageA

  IsWindow

  FindWindowExA

  FindWindowA

  RegisterWindowMessageA

  TrackPopupMenu

  SetForegroundWindow

  PtInRect

  IsWindowVisible

  SetActiveWindow

  GetActiveWindow

  GetForegroundWindow

  IsWindowEnabled

  GetParent

  EnableWindow

  CallWindowProcA

  AppendMenuA

  AppendMenuW

  SetWindowLongA

  DrawMenuBar

  SetMenu

  CreatePopupMenu

  GetSubMenu

  advapi32

  CreateProcessAsUserA

  RegCloseKey

  RegOpenKeyExA

  RegCreateKeyExA

  RegSetValueExA

  shell32

  SHGetFileInfoA

  Shell_NotifyIconA

  ShellExecuteEx

  SHGetSpecialFolderPathA

  ole32

  CoRevokeClassObject

  CoRegisterMessageFilter

  CoFreeUnusedLibraries

  CLSIDFromProgID

  CLSIDFromString

  CoCreateInstance

  OleRun

  OleUninitialize

  OleInitialize

  OleFlushClipboard

  OleIsCurrentClipboard

  CoUninitialize

  CoInitialize

  iphlpapi

  GetExtendedTcpTable

  shlwapi

  PathFileExistsA

  ws2_32

  closesocket

  setsockopt

  WSARecv

  inet_ntoa

  WSASocketA

  WSAGetLastError

  WSAIoctl

  WSAStartup

  WSASocketW

  ioctlsocket

  shutdown

  socket

  htons

  inet_addr

  recvfrom

  sendto

  accept

  htonl

  __WSAFDIsSet

  connect

  gethostbyname

  ntohs

  getsockname

  recv

  bind

  getpeername

  WSACleanup

  WSASetLastError

  send

  select

  listen

  WSAConnect

  gdi32

  SetWindowExtEx

  SetViewportOrgEx

  ScaleWindowExtEx

  GetClipBox

  GetStockObject

  GetObjectA

  DeleteObject

  DeleteDC

  SelectObject

  GetDeviceCaps

  CreateBitmap

  SaveDC

  RestoreDC

  SetBkColor

  ScaleViewportExtEx

  SetViewportExtEx

  Escape

  ExtTextOutA

  TextOutA

  SetTextColor

  SetMapMode

  RectVisible

  PtVisible

  OffsetViewportOrgEx

  oledlg

  ord8

  oleaut32

  SafeArrayDestroy

  VariantClear

  SysAllocString

  SafeArrayCreate

  VariantCopy

  RegisterTypeLi

  LHashValOfNameSys

  LoadTypeLi

  VariantChangeType

  winmm

  timeKillEvent

  timeSetEvent

  winspool.drv

  ClosePrinter

  DocumentPropertiesA

  OpenPrinterA

  comctl32

  ord17

  Sections

  .text

  Size: 392KB - Virtual size: 390KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 28KB - Virtual size: 25KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 48KB - Virtual size: 195KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 7.2MB - Virtual size: 7.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE