56601c2ed8f5f4ca171f9844c0b051d5090fdc323b9d04e45aec42e3de5837f3

Sharing

Copy URL Twitter E-mail

General

Target

56601c2ed8f5f4ca171f9844c0b051d5090fdc323b9d04e45aec42e3de5837f3
Size

231KB
MD5

27398fedfa9865f22c8caf4dad4273bd
SHA1

26710f94dd0598529bb0e5ada6101152df53086c
SHA256

56601c2ed8f5f4ca171f9844c0b051d5090fdc323b9d04e45aec42e3de5837f3
SHA512

d6a185cf4b132185b757b1b2e38034451574c61b2e6ef0a07280cdfbe202abd2a872a7dbccf55ab384d2310ca07154a7ac73f0f350100fbb8a7e9917ca5efe83
SSDEEP

6144:f2UFOK5ugeeNMPaZRupn+aZGVXpEqI2JX6gAy/Aw1:fvEc8B+XLEqIeX6gAy/l

Score

N/A

Malware Config

Signatures

Files

56601c2ed8f5f4ca171f9844c0b051d5090fdc323b9d04e45aec42e3de5837f3
.dll windows x86

1c5d8902ffeb20beee2bd10ebeb38fd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ot11-openthreads

??EAtomic@OpenThreads@@QAEIXZ

osg62-osg

?notify@osg@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@W4NotifySeverity@1@@Z
?setName@Object@osg@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?unref@Referenced@osg@@QBEXXZ
?releaseGLObjects@Object@osg@@UBEXPAVState@2@@Z
?resizeGLObjectBuffers@Object@osg@@UAEXI@Z
?setThreadSafeRefUnref@Referenced@osg@@UAEX_N@Z
?computeDataVariance@Object@osg@@UAEXXZ

osg62-osgdb

?isSameKindAs@DatabaseRevision@osgDB@@UBE_NPBVObject@osg@@@Z
?libraryName@DatabaseRevision@osgDB@@UBEPBDXZ
?className@DatabaseRevision@osgDB@@UBEPBDXZ
??1DatabaseRevision@osgDB@@MAE@XZ
??1DatabaseRevisions@osgDB@@MAE@XZ
?findDataFile@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@PBVOptions@1@W4CaseSensitivity@1@@Z
?clone@ReaderWriter@osgDB@@UBEPAVObject@osg@@ABVCopyOp@4@@Z
?getPluginStringData@Options@osgDB@@QBE?BV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?cloneType@DatabaseRevision@osgDB@@UBEPAVObject@osg@@XZ
?className@DatabaseRevisions@osgDB@@UBEPBDXZ
?libraryName@DatabaseRevisions@osgDB@@UBEPBDXZ
?isSameKindAs@DatabaseRevisions@osgDB@@UBE_NPBVObject@osg@@@Z
?clone@DatabaseRevisions@osgDB@@UBEPAVObject@osg@@ABVCopyOp@4@@Z
?cloneType@DatabaseRevisions@osgDB@@UBEPAVObject@osg@@XZ
??0DatabaseRevisions@osgDB@@QAE@XZ
?getFilePath@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?setDatabasePath@DatabaseRevisions@osgDB@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getLowerCaseFileExtension@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?getNameLessExtension@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
??0DatabaseRevision@osgDB@@QAE@XZ
?setDatabasePath@DatabaseRevision@osgDB@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setFilesAdded@DatabaseRevision@osgDB@@QAEXPAVFileList@2@@Z
?setFilesRemoved@DatabaseRevision@osgDB@@QAEXPAVFileList@2@@Z
?setFilesModified@DatabaseRevision@osgDB@@QAEXPAVFileList@2@@Z
?addRevision@DatabaseRevisions@osgDB@@QAEXPAVDatabaseRevision@2@@Z
??1FileList@osgDB@@MAE@XZ
?className@FileList@osgDB@@UBEPBDXZ
?libraryName@FileList@osgDB@@UBEPBDXZ
?isSameKindAs@FileList@osgDB@@UBE_NPBVObject@osg@@@Z
?clone@FileList@osgDB@@UBEPAVObject@osg@@ABVCopyOp@4@@Z
?cloneType@FileList@osgDB@@UBEPAVObject@osg@@XZ
??0FileList@osgDB@@QAE@XZ
??0ReadResult@ReaderWriter@osgDB@@QAE@PAVObject@osg@@W4ReadStatus@012@@Z
??1ReadResult@ReaderWriter@osgDB@@QAE@XZ
?getFilesAdded@DatabaseRevision@osgDB@@QBEPBVFileList@2@XZ
?getFilesRemoved@DatabaseRevision@osgDB@@QBEPBVFileList@2@XZ
?getFilesModified@DatabaseRevision@osgDB@@QBEPBVFileList@2@XZ
?removeReaderWriter@Registry@osgDB@@QAEXPAVReaderWriter@2@@Z
?instance@Registry@osgDB@@SAPAV12@_N@Z
?addReaderWriter@Registry@osgDB@@QAEXPAVReaderWriter@2@@Z
?getFileExtension@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
??0ofstream@osgDB@@QAE@PBDH@Z
??1ofstream@osgDB@@UAE@XZ
??_Dofstream@osgDB@@QAEXXZ
?writeShader@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVShader@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeShader@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVShader@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?writeNode@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVNode@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeNode@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVNode@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?writeHeightField@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVHeightField@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeHeightField@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVHeightField@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?writeImage@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVImage@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeImage@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVImage@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readShader@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readShader@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readNode@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readNode@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readHeightField@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readHeightField@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readImage@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readImage@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?openArchive@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4ArchiveStatus@12@IPBVOptions@2@@Z
?openArchive@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?fileExists@ReaderWriter@osgDB@@UBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?cloneType@ReaderWriter@osgDB@@UBEPAVObject@osg@@XZ
??0ReaderWriter@osgDB@@QAE@XZ
?supportsExtension@ReaderWriter@osgDB@@IAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??1ReaderWriter@osgDB@@UAE@XZ
?supportedFeatures@ReaderWriter@osgDB@@UBE?AW4Features@12@XZ
?acceptsExtension@ReaderWriter@osgDB@@UBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?supportedOptions@ReaderWriter@osgDB@@UBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
?supportedExtensions@ReaderWriter@osgDB@@UBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
?supportedProtocols@ReaderWriter@osgDB@@UBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
?libraryName@ReaderWriter@osgDB@@UBEPBDXZ
??0ReadResult@ReaderWriter@osgDB@@QAE@W4ReadStatus@012@@Z
?isSameKindAs@ReaderWriter@osgDB@@UBE_NPBVObject@osg@@@Z
?clone@DatabaseRevision@osgDB@@UBEPAVObject@osg@@ABVCopyOp@4@@Z

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??_7ios_base@std@@6B@
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Unlock@_Mutex@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??$?6DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?_Lock@_Mutex@std@@QAEXXZ

msvcr90

_encode_pointer
__dllonexit
_unlock
_lock
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
_invalid_parameter_noinfo
??0exception@std@@QAE@XZ
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
__CxxFrameHandler3
_onexit
_decode_pointer
_malloc_crt
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
__RTDynamicCast

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c5d8902ffeb20beee2bd10ebeb38fd0

Headers

DLL Characteristics

File Characteristics

Imports

ot11-openthreads

osg62-osg

osg62-osgdb

msvcp90

msvcr90

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text Size: 195KB - Virtual size: 196KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 195KB - Virtual size: 196KB