0c6b80ae959d515f209c58e32910e842d6b6ea917f7f97efff2403378b4a3a94

Sharing

Copy URL Twitter E-mail

General

Target

0c6b80ae959d515f209c58e32910e842d6b6ea917f7f97efff2403378b4a3a94
Size

558KB
MD5

c7a4d025b3bd4218944e6ae1e8854d60
SHA1

840a94a3ab84bf84e8d5abc282cafeaf83c01208
SHA256

0c6b80ae959d515f209c58e32910e842d6b6ea917f7f97efff2403378b4a3a94
SHA512

b77edc533a7a0d6d8808fb3e5c4112150937e1b748017b1355cd0fa4cc971a08dcd063bf85149ef54508be0082990c8ec07e7e13afbce2c6d941d4eeb38181bf
SSDEEP

12288:0qI1R9gHmn/pNV+vC1jNRApVlNVuntngE8Hp6QDwWnNRM7tGUaVn2lKe:0RRn/pHt1/QV292pwWnQ8FV2lKe

Score

N/A

Malware Config

Signatures

Files

0c6b80ae959d515f209c58e32910e842d6b6ea917f7f97efff2403378b4a3a94
.exe windows x86

ef3cd4a00f7f0bc863331841e09a3a7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluTessVertex
gluBeginSurface
gluQuadricNormals
gluTessNormal
gluProject
gluTessBeginPolygon
gluTessCallback
gluGetTessProperty

ole32

CoDisconnectObject
CoGetStdMarshalEx
OleCreateEx
CoAddRefServerProcess
OleQueryLinkFromData
OleCreateLink
StgCreatePropStg
CoIsHandlerConnected
OleCreateStaticFromData
CreateOleAdviseHolder
StgOpenStorage
OleCreateFromData
CreatePointerMoniker
CLSIDFromString

kernel32

CompareStringA
EnterCriticalSection
IsBadReadPtr
GetUserDefaultLangID
ReleaseMutex
HeapDestroy
GetTimeFormatA
HeapUnlock
VirtualAlloc
FoldStringA
HeapAlloc
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
VirtualAllocEx
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

winspool.drv

SetJobW
DeletePrinterDriverExA
DeletePrinterConnectionA
AdvancedDocumentPropertiesA
EnumPrinterDriversA
GetJobA
ClosePrinter
EnumPrintersA
DeletePrinterKeyA
EnumJobsA
GetPrinterDriverW

ws2_32

gethostbyname
socket
send
gethostname
ntohl
inet_addr

ntdsapi

DsGetRdnW
DsInheritSecurityIdentityA

Sections

.text
Size: 510KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef3cd4a00f7f0bc863331841e09a3a7d

Headers

File Characteristics

Imports

glu32

ole32

kernel32

winspool.drv

ws2_32

ntdsapi

Sections

.text Size: 510KB - Virtual size: 509KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 306KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 510KB - Virtual size: 509KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 306KB

.rsrc
Size: 41KB - Virtual size: 41KB