6e124a134b3699e94b04a1af7232691b8fada7f1ba6581ab8da076b4af1daa30

Sharing

Copy URL Twitter E-mail

General

Target

6e124a134b3699e94b04a1af7232691b8fada7f1ba6581ab8da076b4af1daa30
Size

2.0MB
MD5

636a0022a79e6a0e762a9d2ff9e42e75
SHA1

27bf5d14c0301f1e5114628ec2d8fd77f2937695
SHA256

6e124a134b3699e94b04a1af7232691b8fada7f1ba6581ab8da076b4af1daa30
SHA512

cbd5bd85392e900f6f84e358c2a6ae971ca341071af8bb0e5085a607cbc159f3fdc65de43bd9297a9c8181367a0ab0d316fdcf165dee938bcb7c801b3fb721f9
SSDEEP

24576:XwZuqxugo+gSw9sQAMpjtBlYGqe4z7tS+8H36kd5isffF+cT12YxCq6IQRG1IlfP:OxwbNEG2hFrj

Score

N/A

Malware Config

Signatures

Files

6e124a134b3699e94b04a1af7232691b8fada7f1ba6581ab8da076b4af1daa30
.exe windows x86

58f1b30388d8a80a5256a8b2a72eb27d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptAcquireContextW
CryptCreateHash
RegQueryValueExW
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext

comctl32

ImageList_GetImageInfo
ImageList_Draw
ImageList_AddMasked

etinfo

?mgRefreshMenuText@@YAXPAVCMenu@@PBG@Z
?mgSetSectionName@@YAXPBG@Z
?mgShowSplash@@YAXPBGI@Z
?mgShowAboutDlg@@YAXPBG0I@Z
?mgRefreshDlgText@@YAXPAUHWND__@@PBG@Z
?mgLoadLocateString@@YAPBGPBG@Z
?mgSetSectionName@@YAXPBG@Z
?ETF_GetFontWidth@@YANG@Z
?ETF_GetFontData@@YAPAUmgTypePoint@@GAAHAAN@Z
?mgGetUnicode@@YAPAGABVCString@@@Z

etout

?union_edge_notch@@YAH_NNNNPAVmgPatternData@@ABVmgLines@@AAV2@@Z
?mgClosePlot@@YAXPAX@Z
?mgEndCut@@YAXPAXH@Z
?mgOutPattern@@YAXPAXPAVmgPatternData@@ABVtransf@@H@Z
?mgBeginCut@@YAXPAXH@Z
?mgOutDockLine@@YAXPAXH@Z
?mgCurrentViewIsEmpty@@YA_NPAX@Z
?mgLineTo@@YAXPAXNN@Z
?mgMoveTo@@YAXPAXNN@Z
?mgSetLineColor@@YAXPAXNNN@Z
?mgEditPlotSetting@@YA_NH@Z
?mgEditPlotSetting@@YA_NHQAY0EA@G@Z
?mgEditPlot@@YA_NXZ
?mgLoadPlotSetting@@YAXQAY0EA@G@Z
?mgSetCurlMatrix@@YA_NPAXNNABVtransf@@@Z
?mgOutPattern@@YAXPAXPAVmgPatternData@@ABVtransf@@@Z
?mgRefreshNotchData@@YAXPAVmgPatternData@@@Z
?mgMoveOutView@@YAXPAXH@Z
?mgOpenPlot@@YAPAXPBGNNNNAAVCSize@@@Z

gdi32

GetEnhMetaFileW
PatBlt
PlayEnhMetaFile
SetPixelFormat
ChoosePixelFormat
SwapBuffers
CombineRgn
CreateRectRgn
CreatePolygonRgn
CreateRoundRectRgn
FrameRgn
FillRgn
CreateSolidBrush
SelectObject
DeleteDC
CloseEnhMetaFile
DeleteEnhMetaFile
CancelDC
GetTextMetricsW
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreatePen
GetBkColor
DeleteObject
CreateFontW
GetCurrentObject
CreateFontIndirectW
GetTextExtentPoint32W
GetStockObject
GetObjectW
RealizePalette
GetDIBits
SelectPalette
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
GetSystemPaletteEntries
DescribePixelFormat
CreatePalette

glu32

gluPickMatrix
gluProject
gluUnProject
gluBuild2DMipmaps

kernel32

GetPrivateProfileStringW
WideCharToMultiByte
MultiByteToWideChar
Sleep
GetModuleHandleW
GetProcAddress
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
CreateDirectoryW
CloseHandle
CreateMutexW
GetLastError
GetTickCount
MulDiv
GlobalLock
GlobalUnlock
lstrlenW
GlobalSize
GlobalAlloc
GlobalReAlloc
GlobalFree
GetStartupInfoW
GetModuleFileNameW
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
LoadLibraryA

mfc42

ord2818

mfc42u

ord3084
ord4270
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6017
ord6168
ord5869
ord5783
ord5790
ord5674
ord5732
ord5575
ord5567
ord6056
ord5860
ord3591
ord755
ord6190
ord470
ord3568
ord2371
ord5047
ord3688
ord1699
ord430
ord786
ord2453
ord3313
ord5568
ord6385
ord1567
ord2910
ord942
ord519
ord6307
ord6279
ord6278
ord2756
ord4166
ord537
ord5441
ord703
ord404
ord3211
ord4037
ord2496
ord5899
ord5506
ord1645
ord429
ord3749
ord3747
ord6124
ord2626
ord6126
ord6136
ord3976
ord5854
ord5599
ord2099
ord6597
ord5977
ord2442
ord3871
ord4155
ord4327
ord2813
ord3806
ord2810
ord2088
ord384
ord2644
ord1662
ord5436
ord6379
ord5446
ord6390
ord4538
ord3269
ord4616
ord3574
ord439
ord736
ord5681
ord4221
ord712
ord4370
ord4847
ord1672
ord2506
ord6048
ord1767
ord5276
ord4419
ord3592
ord324
ord2362
ord4229
ord6330
ord4704
ord3092
ord3393
ord3728
ord810
ord2294
ord6880
ord4279
ord3995
ord6193
ord1172
ord2078
ord6325
ord6668
ord3909
ord1672
ord1016
ord1672
ord1672
ord4392
ord3577
ord3397
ord616
ord925
ord4294
ord3312
ord6195
ord3798
ord5949
ord3087
ord5783
ord1826
ord712
ord4528
ord2871
ord1016
ord4369
ord4846
ord2507
ord4828
ord6159
ord355
ord2440
ord4224
ord3332
ord940
ord668
ord3176
ord2773
ord2762
ord3179
ord3172
ord3494
ord356
ord1761
ord2634
ord5579
ord922
ord3170
ord2036
ord5830
ord2355
ord3605
ord656
ord2081
ord816
ord562
ord6211
ord613
ord289
ord3792
ord1851
ord4241
ord3864
ord2119
ord2383
ord5096
ord5099
ord4462
ord3345
ord975
ord2875
ord4148
ord2375
ord4422
ord796
ord554
ord529
ord402
ord642
ord609
ord807
ord6205
ord2486
ord2619
ord2618
ord4158
ord5783
ord2858
ord4451
ord5251
ord4431
ord5280
ord4211
ord1899
ord1768
ord2871
ord2871
ord1768
ord4736
ord4970
ord4942
ord4352
ord712
ord5283
ord4829
ord768
ord2859
ord4253
ord6865
ord712
ord2286
ord2354
ord2359
ord1900
ord1683
ord2520
ord5284
ord4433
ord2046
ord4419
ord771
ord1008
ord496
ord4254
ord4709
ord3737
ord2144
ord6375
ord6871
ord4609
ord4606
ord4604
ord4269
ord6371
ord4480
ord2546
ord2504
ord4282
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord4074
ord4692
ord5303
ord5285
ord5710
ord3733
ord561
ord815
ord617
ord5297
ord5499
ord2627
ord986
ord411
ord1202
ord5208
ord296
ord4154
ord6113
ord2613
ord1131
ord2717
ord4199
ord5092
ord4613
ord1817
ord4233
ord712
ord2871
ord2871
ord6332
ord2502
ord2534
ord1672
ord1739
ord5573
ord3167
ord5649
ord4947
ord712
ord4381
ord3444
ord3193
ord6076
ord6171
ord4617
ord4420
ord715
ord652
ord415
ord338
ord4817
ord5637
ord996
ord4414
ord4607
ord1937
ord4268
ord4583
ord4893
ord4335
ord4884
ord4525
ord4539
ord2688
ord712
ord2688
ord2688
ord2682
ord2682
ord1016
ord5231
ord3743
ord1719
ord4426
ord813
ord560
ord2527
ord4717
ord4458
ord4343
ord3218
ord3216
ord1672
ord1093
ord2585
ord1143
ord777
ord4312
ord6268
ord2034
ord860
ord6640
ord5679
ord927
ord941
ord4273
ord2879
ord5706
ord5438
ord1971
ord6150
ord2522
ord4358
ord2871
ord5467
ord4116
ord2381
ord5076
ord1702
ord1705
ord6049
ord5230
ord6365
ord5244
ord2436
ord3593
ord327
ord4230
ord2079
ord5275
ord6331
ord4335
ord4335
ord1011
ord5070
ord3395
ord3732
ord5256
ord4502
ord6006
ord1255
ord6567
ord3701
ord1230
ord2070
ord2372
ord1672
ord4390
ord3569
ord924
ord2413
ord3870
ord3502
ord809
ord556
ord2397
ord2114
ord2559
ord353
ord2688
ord2795
ord958
ord6308
ord4172
ord2593
ord3175
ord3178
ord3171
ord3609
ord5769
ord6139
ord6874
ord6136
ord2385
ord1229
ord1263
ord4292
ord4128
ord3614
ord1863
ord293
ord2505
ord641
ord2606
ord538
ord861
ord540
ord800
ord354
ord5180
ord665
ord6381
ord323
ord1633
ord2965
ord2801
ord713
ord567
ord559
ord489
ord6238
ord1634
ord5781
ord640
ord3566
ord2406
ord3621
ord3658
ord3687
ord5250
ord674
ord825
ord401
ord4421
ord4621
ord1011
ord1016
ord2871
ord2871
ord3825
ord414
ord1173
ord1197
ord2836
ord818
ord812
ord4418
ord2438
ord5257
ord4435
ord5286
ord2377
ord712
ord2871
ord3657
ord5817
ord5267
ord1259
ord1647
ord1941
ord2755
ord4124
ord535
ord4272
ord858
ord2854
ord1165
ord5871
ord2746

msvcrt

__CxxFrameHandler
_ftol
wcstoul
wcstok
wcscmp
memmove
_wcsicmp
wcslen
_exit
wcscpy
wcstod
rand
srand
time
malloc
atoi
atol
_wtoi
swscanf
_CIacos
_CxxThrowException
free
isalpha
isdigit
isalnum
_CIpow
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_CIasin
_controlfp

opengl32

glSelectBuffer
glRenderMode
glVertex2d
glLogicOp
glColor3d
glVertex3d
glLoadName
glPushMatrix
glInitNames
glPushName
glPopMatrix
glFlush
glClearColor
glClear
glBlendFunc
glHint
glTranslated
glCallLists
glRasterPos3f
glListBase
wglUseFontBitmapsW
wglGetCurrentDC
glLineWidth
glVertex2f
glPolygonMode
glLineStipple
glTexCoord2f
glCallList
glEndList
glPixelStorei
glTexParameteri
glNewList
glRotatef
glScalef
glGenLists
glVertex2dv
glRotated
glGetDoublev
glGetIntegerv
glViewport
glTranslatef
glVertex3fv
glDisable
glEnd
glVertex3f
glBegin
glEnable
glColor3f
glPointSize
wglCreateContext
wglDeleteContext
wglMakeCurrent
glOrtho
glLoadIdentity
glMatrixMode

shell32

ShellExecuteW

user32

LoadImageW
DestroyCursor
GetWindowRect
DrawTextW
OffsetRect
DrawEdge
InflateRect
FrameRect
FillRect
GetSysColor
SetCursor
LoadCursorW
ReleaseDC
GetDC
SetRect
GetParent
SystemParametersInfoW
DefWindowProcW
GetClassInfoW
IsWindow
SendMessageW
IntersectRect
GetKeyState
KillTimer
GetClientRect
ScreenToClient
GetCursorPos
InvalidateRect
IsClipboardFormatAvailable
TabbedTextOutW
GetSystemMetrics
GrayStringW
GetMessagePos
EnableWindow
PostMessageW
InvertRect
PtInRect
SetTimer
ClipCursor
SetCapture
ReleaseCapture
GetCapture
GetWindow
SetForegroundWindow
RedrawWindow
GetIconInfo
GetMenu
GetActiveWindow
PeekMessageW
DrawFocusRect
DrawStateW
SetWindowRgn
GetWindowLongW
SetWindowLongW
SetClassLongW
ClientToScreen
WindowFromPoint
IsRectEmpty
IsWindowVisible
UpdateWindow
GetDoubleClickTime
GetFocus
CopyRect

wibu

CmAccess2
CmCrypt
CmGetBoxContents2
CmGetBoxes
CmGetLastErrorCode
CmGetVersion

Sections

__wibu00
Size: 824KB - Virtual size: 824KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu01
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

__wibu02
Size: 980KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mackt
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58f1b30388d8a80a5256a8b2a72eb27d

Headers

File Characteristics

Imports

advapi32

comctl32

etinfo

etout

gdi32

glu32

kernel32

mfc42

mfc42u

msvcrt

opengl32

shell32

user32

wibu

Sections

__wibu00 Size: 824KB - Virtual size: 824KB

__wibu01 Size: 86KB - Virtual size: 88KB

__wibu02 Size: 980KB - Virtual size: 984KB

.rsrc Size: 94KB - Virtual size: 94KB

.mackt Size: 16KB - Virtual size: 16KB

__wibu00
Size: 824KB - Virtual size: 824KB

__wibu01
Size: 86KB - Virtual size: 88KB

__wibu02
Size: 980KB - Virtual size: 984KB

.rsrc
Size: 94KB - Virtual size: 94KB

.mackt
Size: 16KB - Virtual size: 16KB