2c935e573d5849092d65de60efbc3be4c024d6460a47200cb43ed93be4010a26

Sharing

Copy URL Twitter E-mail

General

Target

2c935e573d5849092d65de60efbc3be4c024d6460a47200cb43ed93be4010a26
Size

273KB
MD5

8195b3bc9b1790ee90056a5495785a40
SHA1

878f4fc4950c822ad5dcc7c802fc746dd5e774b3
SHA256

2c935e573d5849092d65de60efbc3be4c024d6460a47200cb43ed93be4010a26
SHA512

a263bd18a3ef20c4bb39c820005539f77698c95246697f71e153855ea3d00cacee24bf5d6c22b5b5f2c469f74cae2f6dc0d194deaeb7d55f9755cb19393f4041
SSDEEP

6144:dZ545DyKZ7K8dYivaCJtn80kl03mEU7XMdpFsje:7545DyKZ7K8aQ538Bl02Hgsje

Score

N/A

Malware Config

Signatures

Files

2c935e573d5849092d65de60efbc3be4c024d6460a47200cb43ed93be4010a26
.exe windows x86

93060569c955554cc53f84615ecb905a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterHotKey
DlgDirListComboBoxA
SetFocus
GetTabbedTextExtentW
OpenWindowStationA
SetMenuItemInfoA
DdeNameService
CloseWindowStation
SetSystemCursor
CascadeWindows
BeginPaint
LoadImageA

opengl32

glFlush
glBegin
glVertex3f
glColor3f
glEnd

dbghelp

SymEnumerateSymbols
SymUnloadModule64
StackWalk
SymGetSymFromAddr64
SymGetSymFromAddr
SymFunctionTableAccess64
SymGetModuleInfo

kernel32

TlsFree
CreateFileW
SetStdHandle
WriteConsoleW
CloseHandle
SetEnvironmentVariableA
CompareStringW
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapSize
LoadLibraryW
IsProcessorFeaturePresent
RtlUnwind
LCMapStringW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
FreeLibrary
BackupRead
ReadConsoleA
GetCommModemStatus
HeapDestroy
InterlockedDecrement
InterlockedIncrement
GetTimeFormatA
GetDateFormatA
GetLastError
HeapReAlloc
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
TerminateProcess
GetCurrentProcess
TlsAlloc
TlsGetValue
TlsSetValue
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
IsValidCodePage
Sleep
GetUserDefaultLCID
GetLocaleInfoW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
GetTimeZoneInformation
HeapCreate
ExitProcess
WriteFile
GetStdHandle

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

93060569c955554cc53f84615ecb905a

Headers

DLL Characteristics

File Characteristics

Imports

user32

opengl32

dbghelp

kernel32

Sections

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 171KB - Virtual size: 172KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 171KB - Virtual size: 172KB