4e6cdb26e9557536548a33866d8dddbcecb1d3016315be76e8d9824f6dfd7bed

Sharing

Copy URL Twitter E-mail

General

Target

4e6cdb26e9557536548a33866d8dddbcecb1d3016315be76e8d9824f6dfd7bed
Size

4.9MB
MD5

f4ffaee53befec01bf1dfcde1db39c55
SHA1

2c0683fff34d5aab6149476da82c20f25ee6ad10
SHA256

4e6cdb26e9557536548a33866d8dddbcecb1d3016315be76e8d9824f6dfd7bed
SHA512

b6325048429b1fd736e12e618d19afca3af5c763fa87143aee98b7e8693236651f91ea497edf5e85d8e1c026cc3f1b4ae2a52279ddd1cb322c2bf46cde8d3720
SSDEEP

49152:+H1WV21Vhj/FhXo/9K6N0eb/0r0/voVZp9OVS/NPHyTXPTqB2v1QtwAB6:+VWViHjthY/1j0r0u9OVOHy3qkv1b2

Score

N/A

Malware Config

Signatures

Files

4e6cdb26e9557536548a33866d8dddbcecb1d3016315be76e8d9824f6dfd7bed
.exe windows x86

052878006f13da28f3da715240956f56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_SetInverseMatrix@8
_VECTOR3Length@4
_COLORtoDWORD@16
_WriteTGA@24
_Normalize@8
_SetRotationYMatrix@8
_SetRotationXMatrix@8
_TransformVector3_VPTR2@16
_RotatePositionWithPivot@24
_CalcDistance@8
_MatrixMultiply2@12
_TransformV3TOV4@16
_CrossProduct@12

wsock32

htons
inet_addr
gethostbyname
WSAGetLastError
WSAStartup
socket
send
recv
ioctlsocket
connect
closesocket
WSACleanup

dinput8

DirectInput8Create

wininet

InternetOpenA
InternetConnectA
InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlA
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA

kernel32

InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
HeapValidate
GetSystemInfo
VirtualFree
VirtualAlloc
GetVersionExW
FreeLibraryAndExitThread
GetThreadTimes
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
CreateDirectoryW
GetFileAttributesExW
GetFileSize
CloseHandle
GetLocalTime
OpenFile
IsDBCSLeadByte
ReadFile
GetCurrentDirectoryA
CreateFileA
GetTickCount
DeleteFileA
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetSystemDefaultLangID
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObject
CreatePipe
CreateProcessA
GetStartupInfoA
lstrlenA
SetCurrentDirectoryA
lstrcmpA
lstrcpyA
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
OpenProcess
TerminateProcess
CreateThread
GetCurrentThread
GetThreadContext
SetEvent
WaitForMultipleObjects
Sleep
lstrcmpiA
lstrcatA
CreateEventA
GetLogicalDriveStringsA
GetModuleHandleA
QueryDosDeviceA
GetPriorityClass
CreateToolhelp32Snapshot
Process32First
QueryDepthSList
Module32First
Module32Next
InterlockedCompareExchange
MulDiv
WriteFile
CreateDirectoryA
ExitProcess
CreateFileMappingA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
InterlockedExchange
GetCurrentProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
GetCurrentThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
GetTempPathA
SetFileAttributesA
CopyFileA
GetSystemTime
HeapQueryInformation
HeapSize
HeapReAlloc
SetFilePointerEx
FlushFileBuffers
FindNextFileW
FindFirstFileExW
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetOEMCP
GetACP
IsValidCodePage
WriteConsoleW
OutputDebugStringW
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
GetModuleFileNameW
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
UnregisterWaitEx
GetTimeZoneInformation
SetStdHandle
CreateFileW
GetModuleHandleExW
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
Process32Next
FileTimeToSystemTime
AreFileApisANSI
ExitThread
GetCommandLineA
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
CreateSemaphoreW
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
RtlUnwind
GetStringTypeW
GetSystemTimeAsFileTime
EncodePointer
GetExitCodeThread
DuplicateHandle
UnhandledExceptionFilter
SetLastError
LoadLibraryW
SetEndOfFile
CreateEventW
FindClose
SetEnvironmentVariableA
TlsAlloc

user32

EnumWindows
wsprintfA
SetRect
MessageBoxA
CharNextA
CharPrevA
OpenClipboard
GetClientRect
LoadCursorFromFileA
SetCursor
LoadIconA
ShowCursor
UpdateWindow
GetSystemMetrics
RegisterClassExA
DefWindowProcA
UnregisterHotKey
RegisterHotKey
PeekMessageA
DispatchMessageA
TranslateMessage
ShowWindow
ReleaseDC
GetDC
ScreenToClient
GetCursorPos
ReleaseCapture
SetCapture
IsClipboardFormatAvailable
GetClipboardData
OffsetRect
GetWindowThreadProcessId
CreateWindowExA
GetWindowTextA
CopyRect
PostMessageA
EmptyClipboard
SetClipboardData
CloseClipboard

gdi32

RemoveFontResourceExA
AddFontResourceExA
SelectObject
GetTextExtentPoint32A
DeleteObject
CreateFontIndirectA
GetStockObject

advapi32

OpenProcessToken
OpenThreadToken
AdjustTokenPrivileges
LookupPrivilegeValueA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoInitializeEx
CoFreeUnusedLibraries
CoInitializeSecurity
CoUninitialize

oleaut32

VariantClear
VariantInit
SysAllocString
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetDim
SysFreeString

freeimage

_FreeImage_SaveJPEG@12
_FreeImage_ConvertTo16Bits565@4
_FreeImage_Load@12
_FreeImage_GetBits@4
_FreeImage_Unload@4
_FreeImage_GetInfo@4

psapi

GetProcessImageFileNameA

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 401KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 975KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

052878006f13da28f3da715240956f56

Headers

DLL Characteristics

File Characteristics

Imports

soundlib

winmm

ss3dgfunc

wsock32

dinput8

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

freeimage

psapi

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 401KB - Virtual size: 401KB

.data Size: 975KB - Virtual size: 1.2MB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 169KB - Virtual size: 169KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 401KB - Virtual size: 401KB

.data
Size: 975KB - Virtual size: 1.2MB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 169KB - Virtual size: 169KB