b667a7def9ab0ea8182dc42c9575c1a961e036c7d4731c1c44f3a55bbfd610d3

Sharing

Copy URL

Twitter E-mail

General

Target

b667a7def9ab0ea8182dc42c9575c1a961e036c7d4731c1c44f3a55bbfd610d3
Size

168KB
MD5

0aa4fc9173748eb61af5f0f0dc1d7470
SHA1

aa92a2746e8f8e044ee91c045e0c5cab3d3b08c3
SHA256

b667a7def9ab0ea8182dc42c9575c1a961e036c7d4731c1c44f3a55bbfd610d3
SHA512

ec03806f7bd0788e25e5a427d703ea7ca7cb0c6c0cd52e304b04adcf98a5ede946a34a45de546fba4cd83ce24621aa8f56b0a7770ce992be225db7d232711c85
SSDEEP

3072:75gSboC4hlxj29vLEsCy7+c5nfrp8KaWvKPnoaNl1Au:75gEqR2NAsv7BnTpW+snD

Score

N/A

Malware Config

Signatures

Files

b667a7def9ab0ea8182dc42c9575c1a961e036c7d4731c1c44f3a55bbfd610d3
.exe windows x86

ab63460912907a892fc335caa3e5f3e0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
CreatePalette
SetStretchBltMode
DeleteDC
RectVisible
RestoreDC
SelectObject
SaveDC
LineTo
PatBlt
GetStockObject
GetDeviceCaps
CreateSolidBrush
GetClipBox
CreatePen
GetObjectA
SetMapMode
DeleteObject
CreateFontIndirectA
SetTextColor
GetTextMetricsA
SelectPalette
CreateCompatibleDC
SetTextAlign

user32

GetDC
GetSystemMetrics
GetDesktopWindow
GetParent
CharNextA
TranslateMessage

kernel32

lstrcmpiW
lstrlenW
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetThreadLocale
QueryPerformanceCounter
GetCurrentProcess
lstrcmpiA
GetModuleHandleW
RemoveDirectoryA
GetConsoleOutputCP
IsDebuggerPresent
lstrcmpA
GetProcessHeap
GetCurrentThread
GetACP
MulDiv
GetStartupInfoA
DeleteFileW
SetCurrentDirectoryA
lstrlenA
GetUserDefaultLangID
GetModuleHandleA
CopyFileA
DeleteFileA
GetWindowsDirectoryA
GetOEMCP
VirtualAlloc
VirtualFree
GlobalFindAtomA
GetVersion
GetDriveTypeA
GlobalFindAtomW
GetCommandLineW
GetCommandLineA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ojcn Bys
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Lnhpilad
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ziglybp
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hevwpud
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab63460912907a892fc335caa3e5f3e0

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Ojcn Bys Size: 512B - Virtual size: 4KB

.rdata Size: 24KB - Virtual size: 24KB

Lnhpilad Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 29KB - Virtual size: 57KB

ziglybp Size: - Virtual size: 66KB

hevwpud Size: - Virtual size: 4KB

.text
Size: 11KB - Virtual size: 11KB

Ojcn Bys
Size: 512B - Virtual size: 4KB

.rdata
Size: 24KB - Virtual size: 24KB

Lnhpilad
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 29KB - Virtual size: 57KB

ziglybp
Size: - Virtual size: 66KB

hevwpud
Size: - Virtual size: 4KB