28e4284fc77aca2c66aaea0e39f388953876a3dcb3249b7909f95421dd27bf8f

Sharing

Copy URL Twitter E-mail

General

Target

28e4284fc77aca2c66aaea0e39f388953876a3dcb3249b7909f95421dd27bf8f
Size

852KB
MD5

9139af33d0069bae5d467ef3eba4c850
SHA1

85c4ee382b31437fec6536b108b9a9c3d25c1a38
SHA256

28e4284fc77aca2c66aaea0e39f388953876a3dcb3249b7909f95421dd27bf8f
SHA512

07cf272a256c36f57f0868000582ea89168193e8e2c91735a7c6c47a9f7c856a5add3b2c575016a1f6d35b8542e4b7120395f1d7511e023fa1169ea51250e74f
SSDEEP

24576:TQYw/0xq20bj6g9ENX9B8+hjDTOdvh+sIyBMgPMiZ:T80xd0ydD8yjDTOdvW2uy

Score

N/A

Malware Config

Signatures

Files

28e4284fc77aca2c66aaea0e39f388953876a3dcb3249b7909f95421dd27bf8f
.exe windows x86

b3037f96ce64aa3b6e253e5ac45cc158

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VDMOperationStarted
VirtualAlloc
GlobalHandle
SetFirmwareEnvironmentVariableA
GetFileAttributesExA
GetEnvironmentStringsA
ShowConsoleCursor
GetTimeZoneInformation
GlobalAddAtomA
FreeResource
GetLogicalDriveStringsW
GetSystemDefaultLCID
ReleaseSemaphore
lstrcmpiW
GetConsoleAliasExesA
FreeUserPhysicalPages
GetWriteWatch
LoadLibraryA
SetThreadIdealProcessor
EnumCalendarInfoExA
lstrcat

d3d8thk

OsThunkDdGetMoCompBuffInfo
OsThunkDdUnlock
OsThunkDdBeginMoCompFrame
OsThunkDdGetScanLine
OsThunkD3dContextDestroyAll
OsThunkDdFlipToGDISurface
OsThunkDdDestroySurface
OsThunkDdEndMoCompFrame
OsThunkDdSetGammaRamp
OsThunkDdWaitForVerticalBlank
OsThunkDdAddAttachedSurface
OsThunkDdAttachSurface
OsThunkDdLockD3D
OsThunkD3dValidateTextureStageState
OsThunkDdCreateMoComp
OsThunkDdUpdateOverlay
OsThunkDdSetExclusiveMode
OsThunkDdGetDxHandle
OsThunkDdCreateDirectDrawObject
OsThunkDdGetMoCompGuids
OsThunkDdGetFlipStatus

clusapi

GetClusterNetInterfaceKey
ChangeClusterResourceGroup
GetClusterNetInterfaceState
RemoveClusterResourceDependency
OpenClusterResource
GetClusterKey
EvictClusterNodeEx
ClusterResourceTypeOpenEnum
GetClusterNetworkKey
ClusterCloseEnum
GetClusterInformation
ClusterResourceCloseEnum
ClusterGroupGetEnumCount
GetClusterNodeState
GetClusterFromNetwork
SetClusterResourceName
RegisterClusterNotify
CloseClusterResource
SetClusterGroupNodeList
ClusterControl

mswsock

GetTypeByNameW
StartWsdpService
NSPStartup
EnumProtocolsW
GetNameByTypeA
WSARecvEx
s_perror
GetAddressByNameW
WSPStartup
NPLoadNameSpaces
GetServiceA
GetServiceW
AcceptEx
GetAddressByNameA
EnumProtocolsA
GetTypeByNameA
SetServiceA
GetAcceptExSockaddrs

Sections

.text
Size: 736KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3037f96ce64aa3b6e253e5ac45cc158

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

d3d8thk

clusapi

mswsock

Sections

.text Size: 736KB - Virtual size: 736KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 736KB - Virtual size: 736KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB