General

Malware Config

Signatures

Files

• dbc44a4aaa29d2c544e723bba06b33793fe7b8e744b65ef6930177d31760b0a6

  .exe windows:5 windows x86 arch:x86

  45575f470449b095482f6026dfd0df7a

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  PDB Paths

  C:\vmagent_new\bin\joblist\545556\out\Release\360ZipMgrTray.pdb

  Imports

  kernel32

  Sleep

  InterlockedCompareExchange

  InterlockedExchange

  LoadLibraryExW

  FreeResource

  CreateProcessW

  InitializeCriticalSection

  CreateFileW

  DeviceIoControl

  DeleteCriticalSection

  GetCurrentProcessId

  GetLogicalDriveStringsW

  WideCharToMultiByte

  lstrlenW

  FindFirstFileW

  GetFullPathNameW

  SetLastError

  FindNextFileW

  FindClose

  ReadFile

  WriteFile

  GetFileSize

  DeleteFileW

  GetSystemWindowsDirectoryW

  GetVersionExW

  WaitForSingleObject

  GetExitCodeProcess

  LocalFree

  SetFileAttributesW

  GetDriveTypeW

  QueryDosDeviceW

  OutputDebugStringW

  GetWindowsDirectoryW

  GetDiskFreeSpaceExW

  CreateEventW

  SetEvent

  LoadLibraryW

  FlushFileBuffers

  SetFilePointer

  WaitForMultipleObjects

  GetCurrentThread

  GetThreadContext

  VirtualQuery

  SetThreadPriority

  FlushInstructionCache

  VirtualAlloc

  OpenThread

  GetSystemInfo

  GetThreadPriority

  VirtualProtect

  GetCurrentThreadId

  SuspendThread

  ResumeThread

  GetFileSizeEx

  LocalAlloc

  CloseHandle

  OpenProcess

  GetModuleHandleExW

  FindResourceExW

  GetConsoleOutputCP

  WriteConsoleA

  SetStdHandle

  GetLocaleInfoA

  GetStringTypeW

  GetStringTypeA

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  GetTickCount

  QueryPerformanceCounter

  GetEnvironmentStringsW

  FreeEnvironmentStringsW

  GetEnvironmentStrings

  FreeEnvironmentStringsA

  GetConsoleMode

  GetConsoleCP

  SetHandleCount

  LCMapStringW

  LCMapStringA

  GetModuleFileNameA

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  ExitProcess

  InterlockedDecrement

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  MultiByteToWideChar

  lstrlenA

  GetLastError

  CreateMutexW

  GetSystemDirectoryW

  EnterCriticalSection

  FreeLibrary

  LeaveCriticalSection

  GetModuleFileNameW

  GetFileAttributesW

  GetCurrentProcess

  GetModuleHandleW

  GetProcAddress

  InterlockedIncrement

  VirtualFree

  HeapCreate

  RtlUnwind

  GetStartupInfoA

  GetCommandLineA

  GetStdHandle

  GetFileType

  WriteConsoleW

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  TerminateProcess

  CreateThread

  ExitThread

  TlsFree

  TlsAlloc

  ReleaseMutex

  HeapWalk

  HeapLock

  HeapUnlock

  TlsSetValue

  TlsGetValue

  SetFilePointerEx

  SetEndOfFile

  LocalFileTimeToFileTime

  GetSystemTimeAsFileTime

  SystemTimeToFileTime

  CreateFileA

  RaiseException

  GetProcessHeap

  HeapSize

  HeapReAlloc

  HeapFree

  HeapAlloc

  HeapDestroy

  lstrcpyW

  GetModuleHandleA

  user32

  PostQuitMessage

  TrackPopupMenu

  SetForegroundWindow

  GetCursorPos

  PostMessageW

  KillTimer

  SetTimer

  RegisterWindowMessageW

  DefWindowProcW

  AppendMenuW

  CreatePopupMenu

  LoadIconW

  wsprintfW

  RegisterClassW

  GetClassNameW

  FindWindowExW

  SendMessageTimeoutW

  GetAncestor

  WindowFromPoint

  GetShellWindow

  GetWindowInfo

  GetWindowThreadProcessId

  GetWindowRect

  GetDesktopWindow

  GetSystemMetrics

  GetWindow

  IsWindowVisible

  IsWindow

  GetForegroundWindow

  MonitorFromWindow

  DispatchMessageW

  TranslateMessage

  GetMessageW

  UpdateWindow

  ShowWindow

  CreateWindowExW

  advapi32

  GetUserNameW

  RegQueryValueExA

  SetNamedSecurityInfoW

  SetEntriesInAclW

  BuildExplicitAccessWithNameW

  GetNamedSecurityInfoW

  RegCloseKey

  RegQueryValueExW

  RegOpenKeyExW

  RegEnumKeyExW

  shell32

  ord165

  ShellExecuteW

  Shell_NotifyIconW

  ole32

  CoCreateGuid

  shlwapi

  PathAppendW

  PathRemoveFileSpecW

  PathFindFileNameW

  StrCmpIW

  PathIsRelativeW

  StrStrIA

  UrlUnescapeW

  StrCpyW

  StrStrIW

  PathStripToRootW

  PathFileExistsW

  PathCombineW

  PathCanonicalizeW

  wininet

  HttpQueryInfoW

  InternetCanonicalizeUrlW

  InternetReadFile

  InternetSetFilePointer

  InternetCrackUrlW

  InternetOpenW

  InternetOpenUrlW

  InternetCloseHandle

  InternetSetOptionW

  psapi

  GetModuleFileNameExW

  GetProcessImageFileNameW

  Sections

  .text

  Size: 260KB - Virtual size: 260KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 43KB - Virtual size: 43KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .data

  Size: 157KB - Virtual size: 178KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 42KB - Virtual size: 42KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 90KB - Virtual size: 92KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE