General

Malware Config

Signatures

Files

• 6hjusfd8.exe

  .exe windows:4 windows x86 arch:x86

  cb664df5fa904736e15ac44ff006d780

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DEBUG_STRIPPED

  Imports

  kernel32

  GetCurrentProcess

  GetCurrentProcessId

  GetCurrentThreadId

  GetTickCount

  QueryPerformanceCounter

  TerminateProcess

  UnhandledExceptionFilter

  VirtualProtect

  VirtualQuery

  CloseHandle

  CreateDirectoryW

  CreateFileW

  CreateProcessA

  CreateToolhelp32Snapshot

  DeleteCriticalSection

  DeviceIoControl

  EnterCriticalSection

  FindClose

  FindFirstFileW

  FindNextFileW

  FormatMessageW

  GetComputerNameW

  GetConsoleMode

  GetEnvironmentVariableW

  GetFileInformationByHandle

  GetLastError

  GetLocaleInfoW

  GetModuleFileNameW

  GetModuleHandleW

  GetProcAddress

  GetProcessHeap

  GetStartupInfoA

  GetStdHandle

  GetSystemInfo

  GetSystemTimeAsFileTime

  GetTempPathW

  GetTimeZoneInformation

  GetUserDefaultLocaleName

  GlobalMemoryStatusEx

  HeapAlloc

  HeapFree

  HeapReAlloc

  InitializeCriticalSection

  LeaveCriticalSection

  LoadLibraryA

  LocalFree

  Process32First

  Process32Next

  ReadFile

  SetFilePointerEx

  SetHandleInformation

  SetLastError

  SetUnhandledExceptionFilter

  Sleep

  TlsAlloc

  TlsGetValue

  TlsSetValue

  WriteConsoleW

  WriteFile

  msvcrt

  __getmainargs

  __initenv

  __lconv_init

  __p__acmdln

  __p__fmode

  __set_app_type

  __setusermatherr

  _amsg_exit

  _cexit

  _fmode

  _fpreset

  _initterm

  _iob

  _onexit

  abort

  calloc

  exit

  fprintf

  free

  fwrite

  malloc

  memcmp

  memcpy

  memmove

  memset

  signal

  strlen

  strncmp

  vfprintf

  ws2_32

  WSACleanup

  WSAGetLastError

  WSASocketW

  WSAStartup

  closesocket

  connect

  freeaddrinfo

  getaddrinfo

  ioctlsocket

  recv

  send

  setsockopt

  shutdown

  advapi32

  RegCloseKey

  RegEnumKeyExW

  RegOpenKeyExW

  RegQueryInfoKeyW

  RegQueryValueExW

  crypt32

  CryptUnprotectData

  gdi32

  BitBlt

  CreateCompatibleDC

  CreateDIBSection

  DeleteObject

  GetCurrentObject

  GetObjectW

  SelectObject

  user32

  EnumDisplayDevicesW

  GetDC

  GetDesktopWindow

  GetKeyboardLayoutList

  GetSystemMetrics

  GetWindowRect

  Sections

  .text

  Size: 212KB - Virtual size: 212KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 56B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 12KB - Virtual size: 11KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  /4

  Size: 36KB - Virtual size: 35KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .bss

  Size: - Virtual size: 1KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .idata

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .CRT

  Size: 512B - Virtual size: 56B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .tls

  Size: 512B - Virtual size: 8B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE