General

Malware Config

Signatures

Files

• bb2c0f8952c81ef515102521083091df311b71929dc075a506a93cc5d8855527.exe

  .exe windows:4 windows x86 arch:x86

  b34f154ec913d2d2c435cbd644e91687

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  SetEnvironmentVariableW

  SetFileAttributesW

  Sleep

  GetTickCount

  GetFileSize

  GetModuleFileNameW

  GetCurrentProcess

  CopyFileW

  SetCurrentDirectoryW

  GetFileAttributesW

  GetWindowsDirectoryW

  GetTempPathW

  GetCommandLineW

  GetVersion

  SetErrorMode

  lstrlenW

  lstrcpynW

  GetDiskFreeSpaceW

  ExitProcess

  GetShortPathNameW

  CreateThread

  GetLastError

  CreateDirectoryW

  CreateProcessW

  RemoveDirectoryW

  lstrcmpiA

  CreateFileW

  GetTempFileNameW

  WriteFile

  lstrcpyA

  MoveFileExW

  lstrcatW

  GetSystemDirectoryW

  GetProcAddress

  GetModuleHandleA

  GetExitCodeProcess

  WaitForSingleObject

  lstrcmpiW

  MoveFileW

  GetFullPathNameW

  SetFileTime

  SearchPathW

  CompareFileTime

  lstrcmpW

  CloseHandle

  ExpandEnvironmentStringsW

  GlobalFree

  GlobalLock

  GlobalUnlock

  GlobalAlloc

  FindFirstFileW

  FindNextFileW

  DeleteFileW

  SetFilePointer

  ReadFile

  FindClose

  lstrlenA

  MulDiv

  MultiByteToWideChar

  WideCharToMultiByte

  GetPrivateProfileStringW

  WritePrivateProfileStringW

  FreeLibrary

  LoadLibraryExW

  GetModuleHandleW

  user32

  GetSystemMenu

  SetClassLongW

  EnableMenuItem

  IsWindowEnabled

  SetWindowPos

  GetSysColor

  GetWindowLongW

  SetCursor

  LoadCursorW

  CheckDlgButton

  GetMessagePos

  LoadBitmapW

  CallWindowProcW

  IsWindowVisible

  CloseClipboard

  SetClipboardData

  EmptyClipboard

  OpenClipboard

  ScreenToClient

  GetWindowRect

  GetDlgItem

  GetSystemMetrics

  SetDlgItemTextW

  GetDlgItemTextW

  MessageBoxIndirectW

  CharPrevW

  CharNextA

  wsprintfA

  DispatchMessageW

  PeekMessageW

  ReleaseDC

  EnableWindow

  InvalidateRect

  SendMessageW

  DefWindowProcW

  BeginPaint

  GetClientRect

  FillRect

  DrawTextW

  EndDialog

  RegisterClassW

  SystemParametersInfoW

  CreateWindowExW

  GetClassInfoW

  DialogBoxParamW

  CharNextW

  ExitWindowsEx

  DestroyWindow

  GetDC

  SetTimer

  SetWindowTextW

  LoadImageW

  SetForegroundWindow

  ShowWindow

  IsWindow

  SetWindowLongW

  FindWindowExW

  TrackPopupMenu

  AppendMenuW

  CreatePopupMenu

  EndPaint

  CreateDialogParamW

  SendMessageTimeoutW

  wsprintfW

  PostQuitMessage

  gdi32

  SelectObject

  SetBkMode

  CreateFontIndirectW

  SetTextColor

  DeleteObject

  GetDeviceCaps

  CreateBrushIndirect

  SetBkColor

  shell32

  SHGetSpecialFolderLocation

  ShellExecuteExW

  SHGetPathFromIDListW

  SHBrowseForFolderW

  SHGetFileInfoW

  SHFileOperationW

  advapi32

  AdjustTokenPrivileges

  RegCreateKeyExW

  RegOpenKeyExW

  SetFileSecurityW

  OpenProcessToken

  LookupPrivilegeValueW

  RegEnumValueW

  RegDeleteKeyW

  RegDeleteValueW

  RegCloseKey

  RegSetValueExW

  RegQueryValueExW

  RegEnumKeyW

  comctl32

  ImageList_Create

  ImageList_AddMasked

  ImageList_Destroy

  ord17

  ole32

  OleUninitialize

  OleInitialize

  CoTaskMemFree

  CoCreateInstance

  Sections

  .text

  Size: 26KB - Virtual size: 25KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1KB - Virtual size: 171KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .ndata

  Size: - Virtual size: 308KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 84KB - Virtual size: 84KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• $PLUGINSDIR/BgImage.dll

  .dll windows:4 windows x86 arch:x86

  32b0f5880a0efd258c6be2f7a14f4a9f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  InitializeCriticalSection

  DeleteCriticalSection

  lstrlenW

  lstrcpyW

  lstrcpynW

  GlobalFree

  lstrcmpiW

  EnterCriticalSection

  GlobalAlloc

  LeaveCriticalSection

  user32

  UnregisterClassW

  CallWindowProcW

  LoadImageW

  DestroyWindow

  BeginPaint

  IsWindow

  SendMessageW

  DefWindowProcW

  RedrawWindow

  ShowWindow

  LoadCursorW

  RegisterClassW

  CreateWindowExW

  SetWindowLongW

  GetSystemMetrics

  SetWindowPos

  DrawTextW

  EndPaint

  FillRect

  gdi32

  GetObjectW

  DeleteDC

  DeleteObject

  CreateSolidBrush

  CreateCompatibleDC

  SelectObject

  SetMapMode

  GetMapMode

  CreateCompatibleBitmap

  CreateBitmap

  SetBkMode

  BitBlt

  DPtoLP

  SetBkColor

  SetTextColor

  winmm

  PlaySoundW

  Exports

  Exports

  AddImage

  AddText

  Clear

  Destroy

  Redraw

  SetBg

  SetReturn

  Sound

  Sections

  .text

  Size: 3KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 1024B - Virtual size: 630B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• $PLUGINSDIR/System.dll

  .dll windows:4 windows x86 arch:x86

  fc0224e99e736751432961db63a41b76

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetModuleHandleW

  GlobalFree

  GlobalSize

  lstrcpynW

  lstrcpyW

  GetProcAddress

  WideCharToMultiByte

  VirtualFree

  FreeLibrary

  lstrlenW

  LoadLibraryW

  GlobalAlloc

  MultiByteToWideChar

  VirtualAlloc

  VirtualProtect

  GetLastError

  user32

  wsprintfW

  ole32

  StringFromGUID2

  CLSIDFromString

  Exports

  Exports

  Alloc

  Call

  Copy

  Free

  Get

  Int64Op

  Store

  StrAlloc

  Sections

  .text

  Size: 8KB - Virtual size: 7KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1024B - Virtual size: 867B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 120B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 1024B - Virtual size: 638B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• $PLUGINSDIR/UserInfo.dll

  .dll windows:4 windows x86 arch:x86

  e1c0bd3d5b9f3f5cec7ea773ff66ac6e

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_32BIT_MACHINE

  IMAGE_FILE_DLL

  Imports

  kernel32

  GetVersion

  GetCurrentProcess

  GlobalAlloc

  GetCurrentThread

  GetModuleHandleW

  GetProcAddress

  GetLastError

  GlobalFree

  CloseHandle

  lstrcpynW

  advapi32

  OpenThreadToken

  OpenProcessToken

  GetTokenInformation

  AllocateAndInitializeSid

  EqualSid

  FreeSid

  GetUserNameW

  Exports

  Exports

  GetAccountType

  GetName

  GetOriginalAccountType

  Sections

  .text

  Size: 1024B - Virtual size: 694B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 1024B - Virtual size: 673B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 144B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 512B - Virtual size: 240B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Algeriske.der
• Meteorologically.ide
• Pulish207.Caj
• Stemmeurne/stempellovs.kly
• Stemmeurne/undertegningerne.cow
• basketaget.sti
• boktm_um.jpg

  .jpg
• elefanthuens.ree
• interpolating.txt
• knoglerne.dis
• lagostoma.soi
• problemformuleringer.dam