d50ad01c72a466381dee0769b0b6474a2b4478b1bd1d1541b577d352053aafb7

Sharing

Copy URL Twitter E-mail

General

Target

d50ad01c72a466381dee0769b0b6474a2b4478b1bd1d1541b577d352053aafb7
Size

169KB
MD5

0bc7423486cbbd2143c67a6c3d70f731
SHA1

2c8b68d3aa9157923b6564da990ff1e72a780b1b
SHA256

d50ad01c72a466381dee0769b0b6474a2b4478b1bd1d1541b577d352053aafb7
SHA512

131ae58eda4caaee0258034f491026191cbf38d58ae5abc4b82c765770e931a19095ffc25eea9fd18f6778e537761e50c03a1927d4d584a3b5b93e667e8d3f63
SSDEEP

3072:NSLG41yGM9xwp6yn3nZlIlUWVBO+SvOlD4+BP9YULVvhKA7qkR:NSVyhc3Xz1sqvOD4sP9jLVvD

Score

N/A

Malware Config

Signatures

Files

d50ad01c72a466381dee0769b0b6474a2b4478b1bd1d1541b577d352053aafb7
.exe windows x86

e36991fce66dfb38a323cdc31314c1bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetParent
GetDC
GetDesktopWindow
GetSystemMetrics
CharNextA

kernel32

GetCurrentProcessId
GetOEMCP
CopyFileA
GetVersion
GetProcessHeap
GetTickCount
IsDebuggerPresent
lstrlenW
lstrcmpA
GetACP
GetCommandLineA
RemoveDirectoryA
GetConsoleOutputCP
GetWindowsDirectoryA
DeleteFileW
GetCurrentProcess
GetModuleHandleW
GlobalFindAtomW
SetCurrentDirectoryA
GetCommandLineW
GetCurrentThreadId
GetStartupInfoA
GetDriveTypeA
GlobalFindAtomA
lstrlenA
GetUserDefaultLangID
VirtualAlloc
VirtualFree
GetModuleHandleA
lstrcmpiW
DeleteFileA
GetThreadLocale
MulDiv
lstrcmpiA

gdi32

CreateFontIndirectA
GetObjectA
DeleteObject
GetDeviceCaps
SaveDC
CreatePalette
GetTextMetricsA
CreatePen
CreateCompatibleDC
SetTextColor
CreateSolidBrush
SelectPalette
GetPixel
LineTo
DeleteDC
SetStretchBltMode
GetStockObject
PatBlt
SelectObject
SetTextAlign
GetClipBox
RestoreDC
RectVisible
SetMapMode

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Xnoqi Qn
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Ysideocb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e36991fce66dfb38a323cdc31314c1bb

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Xnoqi Qn Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Ysideocb Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 11KB - Virtual size: 11KB

Xnoqi Qn
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Ysideocb
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 29KB