General

Malware Config

Signatures

Files

• VirusShare_3fddbe5ea820221c9214f0eff882d51e

  .exe windows:5 windows x86 arch:x86

  cec6b8a072b567a6e9e08a866c3d35e0

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  lstrcpyA

  lstrlenW

  MultiByteToWideChar

  AreFileApisANSI

  GetModuleHandleA

  FreeLibrary

  InterlockedDecrement

  lstrlenA

  CloseHandle

  CreateMutexA

  SetLastError

  GetFileAttributesA

  LocalFree

  GetProcAddress

  GetModuleFileNameA

  GetStartupInfoA

  lstrcpynA

  LoadLibraryA

  CancelWaitableTimer

  GetTickCount

  GetProcessHeap

  ActivateActCtx

  GlobalFindAtomA

  GetACP

  OpenWaitableTimerA

  OpenWaitableTimerW

  GetOEMCP

  GetFullPathNameA

  GetCurrentThreadId

  GetLastError

  WideCharToMultiByte

  VirtualProtect

  user32

  GetForegroundWindow

  GetKeyboardLayout

  IsWindowUnicode

  GetDesktopWindow

  IsWindowVisible

  IsZoomed

  GetDlgCtrlID

  EnableWindow

  UpdateWindow

  SetRect

  ReleaseCapture

  SetCapture

  wsprintfW

  SendMessageA

  GetWindowRect

  EnumChildWindows

  DefWindowProcA

  GrayStringA

  GetParent

  PtInRect

  IsWindow

  FillRect

  GetSystemMetrics

  GetWindowTextA

  GetSystemMenu

  SetForegroundWindow

  IsWindowEnabled

  CharUpperA

  GetTopWindow

  SetWindowTextA

  TabbedTextOutA

  DrawTextA

  OffsetRect

  gdi32

  CreatePalette

  LPtoDP

  CreateFontIndirectA

  SetPixel

  Polyline

  GetTextColor

  BitBlt

  PtVisible

  PtInRegion

  TextOutA

  DPtoLP

  CreatePolygonRgn

  SetRectRgn

  CombineRgn

  RectVisible

  CreateRectRgn

  GetObjectA

  advapi32

  CryptHashData

  CryptAcquireContextA

  CryptDestroyKey

  CryptDecrypt

  RegOpenKeyExA

  RegDeleteValueW

  RegCreateKeyExA

  FreeSid

  IsTextUnicode

  CryptCreateHash

  LsaFreeMemory

  RegCloseKey

  RegSetValueExW

  RegOpenCurrentUser

  LsaOpenPolicy

  RegEnumValueW

  RegDeleteKeyW

  RegOpenKeyExW

  RegCreateKeyExW

  RegEnumKeyW

  RegQueryValueExW

  LsaClose

  CryptDestroyHash

  CryptReleaseContext

  EqualSid

  RegDeleteValueA

  CryptDeriveKey

  RegEnumValueA

  RegSetValueExA

  RegQueryValueExA

  CryptEncrypt

  RegOpenKeyA

  shell32

  ShellExecuteA

  SHGetMalloc

  SHGetDesktopFolder

  SHGetPathFromIDListA

  ole32

  CoUninitialize

  CoCreateInstance

  StringFromCLSID

  CoTaskMemFree

  CoInitialize

  CLSIDFromProgID

  comctl32

  _TrackMouseEvent

  InitCommonControlsEx

  version

  GetFileVersionInfoA

  VerQueryValueA

  GetFileVersionInfoSizeA

  oledlg

  ord8

  OleUIBusyW

  msvcrt

  _adjust_fdiv

  _controlfp

  _CIcos

  exit

  free

  _vsnprintf

  _strdup

  _initterm

  _mbscmp

  __getmainargs

  _splitpath

  _acmdln

  __dllonexit

  _onexit

  _except_handler3

  __setusermatherr

  __CxxFrameHandler

  _exit

  ??1type_info@@UAE@XZ

  _setmbcp

  _mbsicmp

  _CxxThrowException

  _XcptFilter

  ?terminate@@YAXXZ

  __p__commode

  __p__fmode

  __set_app_type

  Sections

  .text

  Size: 71KB - Virtual size: 71KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .text

  Size: 4KB - Virtual size: 4KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 28KB - Virtual size: 28KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 18KB - Virtual size: 21KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data2

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 57KB - Virtual size: 57KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ