6678f3af97c09f2a3008dc90fa132fdb334e8f406a1529d2bc12341e45a19fcf

Sharing

Copy URL Twitter E-mail

General

Target

6678f3af97c09f2a3008dc90fa132fdb334e8f406a1529d2bc12341e45a19fcf
Size

869KB
MD5

a1ba25165c5b118e57d816465ce2d511
SHA1

fa5692e51931cf0fd4aa839df440293a0c905ff4
SHA256

6678f3af97c09f2a3008dc90fa132fdb334e8f406a1529d2bc12341e45a19fcf
SHA512

020d948e504840b9738cc0a3aa26e252943693f8e869f3773b3b63b039cdf62fccd135d069cacb7a1e2b6b45f61a8ed5aa0ab6557bb635c9ab7bf73b21aca080
SSDEEP

12288:iWa84An335hYmQNJqgISyGQLJiUJ1N8KkxYwFf6KQwjUZ9bBn2YnkwkKIAcM/c/F:i2POJNI/hLFKdQKPopDbbIllxY

Score

N/A

Malware Config

Signatures

Files

6678f3af97c09f2a3008dc90fa132fdb334e8f406a1529d2bc12341e45a19fcf
.exe windows x86

5de30381860a37bae37101074673b571

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glTexCoord3s
glCopyTexImage1D
glColor3i
glRecti
glCopyTexSubImage1D
glIndexub
glTexCoord2f
glGetMapfv
glColor4iv
glMatrixMode
glPointSize
glInterleavedArrays
glPushName
glColor3s

sqlwoa

_CreateFontIndirect@4
_GetDlgItemText@16
_CommDlg_OpenSave_GetFolderPath@12
_FreeEnvironmentStrings@4
_CreateDialogIndirectParam@20
_SendMessage@16
_GetWindowTextLength@4
_GetFileTitle@12
_GetWindowLong@8
_CallWindowProc@20
_LoadString@16
_FindResource@12
_SetProp@12
_DefWindowProc@16
_LoadIcon@8
_CharUpper@4
_MoveFile@8
_GetModuleFileName@12
_GetComputerName@8
_FormatMessage@28
_CharLower@4
_GetProp@8
_CreateFont@56

d3dim700

SetPriority
PaletteUpdateNotify
SurfaceFlipNotify
DestroyTexture
D3DTextureUpdate
GetPriority
FlushD3DDevices
D3DRealloc
PaletteAssociateNotify
D3DFree
D3DBreakVBLock

ntdll

RtlSecondsSince1980ToTime
NtQueryTimer
RtlLockBootStatusData
log
RtlInitializeCriticalSection
NtReadFile
tan
RtlInitializeResource
RtlUlonglongByteSwap
RtlDeleteResource
ZwPrivilegeObjectAuditAlarm
ZwReadFileScatter
NtOpenThread
ZwNotifyChangeKey
mbstowcs
RtlAddAccessDeniedObjectAce
NtLoadKey2
ZwAcceptConnectPort
NtCreateMailslotFile

kernel32

CreateSemaphoreA
EndUpdateResourceA
GetPrivateProfileSectionW
SetConsoleCursorMode
SwitchToFiber
HeapValidate
IsBadCodePtr
SetVolumeMountPointA
GetWriteWatch
EnumSystemCodePagesA
GetTickCount
SetConsoleCP
GetDefaultCommConfigA
GetCurrentProcessId
LoadLibraryA
CallNamedPipeA
PostQueuedCompletionStatus
SetLocalTime
SetConsoleHardwareState
SetConsolePalette
GetStdHandle
GetFileAttributesExA
PeekNamedPipe
CreateMemoryResourceNotification
SetErrorMode
FindNextFileW
LocalShrink
SetProcessShutdownParameters
OpenWaitableTimerA

samlib

SamDeleteAlias
SamDeleteGroup
SamShutdownSamServer
SamQueryInformationUser
SamAddMemberToGroup
SamTestPrivateFunctionsUser
SamLookupIdsInDomain
SamLookupNamesInDomain

clusapi

MoveClusterGroup
SetClusterResourceName
GetClusterResourceTypeKey
AddClusterResourceDependency
GetClusterKey
GetClusterNodeKey
ClusterNetworkEnum
ClusterGroupGetEnumCount
ClusterGroupCloseEnum
SetClusterNetworkPriorityOrder
ClusterRegQueryInfoKey
ClusterRegEnumValue
GetClusterResourceKey
CloseClusterNode

msvcirt

?tie@ios@@QAEPAVostream@@PAV2@@Z
??1logic_error@@UAE@XZ
?attach@filebuf@@QAEPAV1@H@Z
?eatwhite@istream@@QAEXXZ
?read@istream@@QAEAAV1@PACH@Z
?close@fstream@@QAEXXZ
?setb@streambuf@@IAEXPAD0H@Z
??4istream_withassign@@QAEAAVistream@@PAVstreambuf@@@Z
??_8iostream@@7Bistream@@@
??0ofstream@@QAE@ABV0@@Z
?fail@ios@@QBEHXZ
??_8fstream@@7Bistream@@@
?setbuf@fstream@@QAEPAVstreambuf@@PADH@Z
??0logic_error@@QAE@ABV0@@Z
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
??_Gistrstream@@UAEPAXI@Z
??_7iostream@@6B@
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
??6ostream@@QAEAAV0@PBD@Z
??_Eostrstream@@UAEPAXI@Z
?get@istream@@QAEHXZ
??0ifstream@@QAE@PBDHH@Z

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5de30381860a37bae37101074673b571

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

sqlwoa

d3dim700

ntdll

kernel32

samlib

clusapi

msvcirt

Sections

.text Size: 399KB - Virtual size: 399KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 174KB - Virtual size: 1.7MB

.rsrc Size: 188KB - Virtual size: 187KB

.reloc Size: 1024B - Virtual size: 824B

.text
Size: 399KB - Virtual size: 399KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 174KB - Virtual size: 1.7MB

.rsrc
Size: 188KB - Virtual size: 187KB

.reloc
Size: 1024B - Virtual size: 824B