General

Malware Config

Signatures

Files

• fd36255962881eab2290cd3d289b396ba7ef76d6c59c11487b2f0938fdb6555f

  .exe windows:10 windows x64 arch:x64

  23d8604b0919bb8b4c1ab9b1dd29f0ab

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  Inspect.pdb

  Imports

  advapi32

  OpenProcessToken

  GetTokenInformation

  EventRegister

  EventUnregister

  EventWriteTransfer

  RegDeleteValueW

  RegCreateKeyExW

  RegSetValueExW

  RegQueryValueExW

  RegOpenKeyW

  RegCreateKeyW

  RegOpenKeyExW

  RegCloseKey

  kernel32

  GetModuleHandleW

  GetModuleFileNameW

  DeactivateActCtx

  ActivateActCtx

  LocalAlloc

  LocalFree

  GetTickCount

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  QueryPerformanceCounter

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  GetStartupInfoW

  ReleaseActCtx

  CreateActCtxW

  lstrlenW

  lstrcmpiW

  lstrcmpW

  FormatMessageW

  MulDiv

  LoadLibraryW

  OpenProcess

  GetLastError

  SetLastError

  SetEvent

  GetProcAddress

  GetModuleHandleExW

  WaitForSingleObject

  CreateEventW

  CreateThread

  LoadLibraryExA

  DelayLoadFailureHook

  FreeLibrary

  GetCurrentProcessId

  GetCurrentProcess

  Sleep

  HeapSetInformation

  CloseHandle

  GetVersionExA

  GetVersionExW

  gdi32

  LineTo

  MoveToEx

  CreatePolygonRgn

  CreateSolidBrush

  CreateRectRgn

  CombineRgn

  GetObjectW

  SetTextColor

  StretchBlt

  SetBkColor

  SelectObject

  GetTextExtentPoint32W

  GetStockObject

  CreateCompatibleBitmap

  CreateCompatibleDC

  CreateRectRgnIndirect

  DeleteDC

  DeleteObject

  GetDeviceCaps

  Polygon

  user32

  CheckMenuItem

  ChildWindowFromPointEx

  GetSysColor

  GetWindowLongW

  GetWindowLongPtrW

  SetWindowLongPtrW

  GetParent

  SetParent

  GetClassNameW

  GetWindowThreadProcessId

  CheckMenuRadioItem

  LoadCursorW

  LoadIconW

  LoadImageW

  SystemParametersInfoW

  wsprintfW

  GetGUIThreadInfo

  UnhookWinEvent

  SetWinEventHook

  PeekMessageW

  IsWindow

  GetDlgCtrlID

  GetClassInfoW

  GetDesktopWindow

  FillRect

  DrawTextW

  RegisterClassW

  MapWindowPoints

  MessageBoxA

  SetWindowPlacement

  SetProcessWindowStation

  OpenWindowStationW

  GetThreadDesktop

  CloseDesktop

  SetThreadDesktop

  OpenInputDesktop

  OpenDesktopW

  GetMenu

  GetSystemMetrics

  TranslateAcceleratorW

  LoadAcceleratorsW

  EnableWindow

  KillTimer

  SetTimer

  ReleaseCapture

  SetCapture

  GetFocus

  SetFocus

  GetCursorPos

  SetCursor

  MessageBeep

  MessageBoxW

  GetWindowRect

  GetClientRect

  SetWindowTextW

  InvalidateRect

  GetDialogBaseUnits

  CreatePopupMenu

  DrawMenuBar

  SetMenu

  LoadMenuW

  MoveWindow

  IsRectEmpty

  PostThreadMessageW

  SetWindowRgn

  ReleaseDC

  GetDC

  SetForegroundWindow

  InsertMenuItemW

  DeleteMenu

  RemoveMenu

  ModifyMenuW

  AppendMenuW

  InsertMenuW

  GetMenuItemCount

  GetMenuItemID

  GetSubMenu

  SendDlgItemMessageW

  IsDlgButtonChecked

  CheckDlgButton

  GetDlgItemTextW

  SetDlgItemTextW

  GetDlgItem

  EndDialog

  DialogBoxParamW

  IsIconic

  SetWindowPos

  ShowWindow

  DestroyWindow

  CreateWindowExW

  RegisterClassExW

  CallWindowProcW

  PostQuitMessage

  DefWindowProcW

  PostMessageW

  SendMessageW

  UnregisterHotKey

  RegisterHotKey

  DispatchMessageW

  TranslateMessage

  GetMessageW

  LoadStringW

  EnableMenuItem

  WindowFromPoint

  msvcrt

  _wtof

  _onexit

  __dllonexit

  _unlock

  _lock

  ?terminate@@YAXXZ

  _commode

  _fmode

  _acmdln

  __C_specific_handler

  _initterm

  __setusermatherr

  _ismbblead

  iswdigit

  _exit

  exit

  __set_app_type

  __getmainargs

  _amsg_exit

  _XcptFilter

  free

  _callnewh

  malloc

  memcpy

  _purecall

  memset

  __CxxFrameHandler3

  _vsnwprintf

  wcstol

  wcstod

  _cexit

  _wtoi

  wprintf

  oleacc

  AccessibleObjectFromWindow

  AccessibleObjectFromEvent

  AccessibleObjectFromPoint

  AccessibleChildren

  GetRoleTextW

  GetStateTextW

  WindowFromAccessibleObject

  ole32

  CoMarshalInterThreadInterfaceInStream

  CoCreateInstance

  CoTaskMemFree

  CoInitialize

  CoUninitialize

  CoInitializeEx

  CoGetInterfaceAndReleaseStream

  oleaut32

  SysStringLen

  SafeArrayGetDim

  SysAllocStringLen

  SysAllocString

  VariantClear

  SafeArrayDestroy

  SafeArrayGetUBound

  SafeArrayGetLBound

  SafeArrayAccessData

  SafeArrayUnaccessData

  SafeArrayGetVartype

  VariantInit

  SysFreeString

  comctl32

  CreateToolbarEx

  version

  GetFileVersionInfoW

  GetFileVersionInfoSizeW

  VerQueryValueW

  Sections

  .text

  Size: 120KB - Virtual size: 120KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 83KB - Virtual size: 82KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 42KB - Virtual size: 43KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .didat

  Size: 512B - Virtual size: 16B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 34KB - Virtual size: 34KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 572KB - Virtual size: 576KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE