5433d7c1dc507dd98fd0ef8811b08fdef4220a728f141331a039f31b2058a34a

Sharing

Copy URL

Twitter E-mail

General

Target

5433d7c1dc507dd98fd0ef8811b08fdef4220a728f141331a039f31b2058a34a
Size

612KB
MD5

0d42a14f0381d2c190fd55765285ea4d
SHA1

9ee8cf590a2f7b1cd8d6ee472aa673d52afcf04c
SHA256

5433d7c1dc507dd98fd0ef8811b08fdef4220a728f141331a039f31b2058a34a
SHA512

f9608ac10b9a9c4c67ec4cb47c4afbb951f3f3c2e9fc814950a30e01bbd12ab0552c8c43405bb82137f56cae919590f163c1eef713ecd2eaf3d4f6bafeb3f3a7
SSDEEP

12288:rJ72o+xixStQ6nXiINpopakmtCiiFgvrv3K:X+xix+Q6nXiIUyFvrv3K

Score

N/A

Malware Config

Signatures

Files

5433d7c1dc507dd98fd0ef8811b08fdef4220a728f141331a039f31b2058a34a
.exe windows x86

7ef341dbe93ee0925204fb46c3fe96ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleInformation
VerifyConsoleIoHandle
FreeLibraryAndExitThread
WaitForDebugEvent
GetSystemTime
CallNamedPipeW
WriteConsoleInputVDMW
IsValidLocale
EnumResourceLanguagesW
_llseek
GetVDMCurrentDirectories
IsBadHugeReadPtr
SetConsolePalette
GlobalFree
GetExitCodeThread
TransactNamedPipe
ReadConsoleOutputA
FindNextVolumeA
GetFileAttributesW
FreeEnvironmentStringsA
GetTapePosition
FileTimeToDosDateTime
SetTimeZoneInformation
GetProcessAffinityMask
_lopen
DefineDosDeviceA
DuplicateConsoleHandle
GetDateFormatW
GetLocalTime
FindNextVolumeMountPointW
EnumTimeFormatsA
ContinueDebugEvent
GetModuleHandleA
GlobalReAlloc
OpenWaitableTimerW
GetNumberOfConsoleInputEvents
SetFileApisToOEM
Process32FirstW
WaitForMultipleObjects
CreateEventW
GetShortPathNameA
InterlockedDecrement
ReadConsoleOutputW
GetStringTypeExW
CreateThread
SetCurrentDirectoryA
LoadLibraryA
GetVersion
VirtualAlloc
GetProcAddress
GetStartupInfoA

gdi32

GetTextExtentExPointA
DrawEscape
CopyEnhMetaFileW
SetWinMetaFileBits
GetCharWidthW
ExtSelectClipRgn
GetPaletteEntries
SetICMMode
CopyEnhMetaFileA
DeleteMetaFile
CreateDCW
GetBkColor
LPtoDP
DeleteColorSpace
GetCharABCWidthsW
SetMapperFlags
PlayMetaFileRecord
CancelDC
gdiPlaySpoolStream
BitBlt
TranslateCharsetInfo
GetKerningPairsA
CreateDIBPatternBrushPt
GetAspectRatioFilterEx
GetTextMetricsA
GetRasterizerCaps
PolyPolygon
CreateFontIndirectW
GetRegionData
PatBlt
GdiFlush
ExtTextOutW
GetICMProfileW
OffsetWindowOrgEx
StartDocW
GetLogColorSpaceW
TextOutW
CreateCompatibleDC
EndFormPage
PtInRegion
GetDeviceCaps
GetCurrentPositionEx
SetBkMode
GetTextExtentPoint32A
SelectObject
GetEnhMetaFileDescriptionW
GetTextExtentPointI
GetBkMode
GetNearestPaletteIndex
ExtTextOutA
GetSystemPaletteEntries
SetViewportExtEx
FrameRgn
CreateColorSpaceA
MoveToEx
CreateFontA
GdiDeleteSpoolFileHandle
Polyline
GetMetaFileW
GdiEndDocEMF
SetPixel
CreateDIBPatternBrush
DPtoLP
CloseEnhMetaFile
GetBitmapBits
GetDIBits
CreateHatchBrush
GetRandomRgn
SetAbortProc
GetPath
PolyBezier
GetStretchBltMode
GetCharacterPlacementA
GdiGetDC
ResizePalette
Ellipse
GetICMProfileA
RemoveFontMemResourceEx
SetArcDirection
GetCharABCWidthsFloatA

advapi32

ElfClearEventLogFileA
OpenSCManagerA
SetEntriesInAclA
RegReplaceKeyA
CryptEnumProviderTypesA
AccessCheckByTypeAndAuditAlarmW
OpenServiceA
BuildImpersonateTrusteeA
GetTokenInformation
BuildTrusteeWithSidA
SetSecurityDescriptorOwner
BuildExplicitAccessWithNameW
LsaLookupPrivilegeValue
CryptSetProviderExW
CryptContextAddRef
CryptHashSessionKey
LookupPrivilegeValueW
SystemFunction014
I_ScSetServiceBitsW
ElfChangeNotify
SystemFunction015
GetSecurityInfoExA
ClearEventLogW
ConvertAccessToSecurityDescriptorA
GetLengthSid
CryptSetKeyParam
AddAce
RegEnumKeyExA
FreeSid
LsaAddPrivilegesToAccount
ChangeServiceConfig2A
SystemFunction018
CryptCreateHash
ReportEventA
AdjustTokenPrivileges
RegDeleteKeyW
RegRestoreKeyA
GetSecurityDescriptorGroup
SystemFunction019
BackupEventLogA
SetSecurityInfoExA
SetEntriesInAuditListA
ElfOpenEventLogW
LsaSetDomainInformationPolicy
LsaQueryDomainInformationPolicy
SystemFunction007
SystemFunction017
QueryServiceStatus
StartServiceCtrlDispatcherW
LsaRetrievePrivateData
EnumDependentServicesA
SystemFunction004
IsValidSid
CryptVerifySignatureW
AddAccessAllowedObjectAce
LookupPrivilegeValueA
LookupAccountSidA
SystemFunction033
GetAccessPermissionsForObjectA
SystemFunction005
GetExplicitEntriesFromAclA
GetNamedSecurityInfoA
LsaSetSystemAccessAccount
GetOldestEventLogRecord
ConvertSecurityDescriptorToStringSecurityDescriptorA
RegCreateKeyExW
DestroyPrivateObjectSecurity
CryptDecrypt
GetAuditedPermissionsFromAclW
FreeEncryptionCertificateHashList
SetSecurityDescriptorControl
SystemFunction001
GetCurrentHwProfileA
QueryServiceLockStatusW
AllocateAndInitializeSid
CryptExportKey
LsaEnumerateTrustedDomains
StartServiceW
QueryServiceObjectSecurity
LsaGetQuotasForAccount
GetAce
LsaQueryTrustedDomainInfo
LogonUserA
ObjectOpenAuditAlarmW
SystemFunction011
GetOverlappedAccessResults
GetSecurityDescriptorSacl
ChangeServiceConfig2W
ConvertToAutoInheritPrivateObjectSecurity
GetExplicitEntriesFromAclW
GetSidIdentifierAuthority
EnumDependentServicesW
ConvertSidToStringSidA
CryptSetProviderW
SystemFunction023
LsaSetSecurityObject

opengl32

glColor3bv
glColor3ub
glIndexMask
glGenLists
glColor3f
glHint
glGetTexEnvfv
glIndexfv
glTexCoord1i
glMaterialiv
glMap2d
glColor4i
glColor4ui
glIndexs
wglUseFontOutlinesW
glFrontFace
glTexCoord2iv
glRasterPos4d
glRasterPos4s
glDeleteLists
glNormalPointer
glRasterPos2sv
glPixelMapusv
glVertex3d
glStencilMask
glClear
glCallLists
glVertex2iv
wglGetPixelFormat
glTexGeni
GlmfInitPlayback
glColor4b
glEnd
glVertex2i
wglUseFontBitmapsA
glTexCoord4s
wglSetLayerPaletteEntries
glIndexiv
glLightModelf
glColor4bv
glIndexubv
glTexGeniv
glNormal3d
glColor3usv
glRasterPos3sv
glFinish
glGetLightiv
glPrioritizeTextures
glTexCoord1d
glPixelStoref
glEdgeFlagPointer
glNewList
glRectiv
glColor3s
glColor4fv
glScissor
glGetPointerv
glFrustum
glVertex3dv
glRasterPos2dv
glTexParameterfv
glLightModeliv
glTexParameterf
glColor3b
glPolygonStipple
glTexImage1D
glTexCoord4f
glPixelZoom
glBegin
glRotatef
glColor3i
glTexCoord4dv
glDepthMask
glTexCoord1s
glDeleteTextures
glPixelMapfv
glGetError
glFogfv
glRasterPos2s
wglMakeCurrent
glPolygonMode
glVertex3i
glTexParameteri
glEvalCoord2dv
glTexEnvf
glVertex4i
glRasterPos3iv
glDrawBuffer
glTexCoord4fv
wglGetCurrentContext
glEvalCoord1d
glDebugEntry
glLineStipple
glVertex2fv
glLoadName
glMaterialf
glGetBooleanv
glGetTexParameteriv
glNormal3bv
glGetIntegerv

shlwapi

StrToIntA
PathGetArgsW

winmm

mmioStringToFOURCCA
mmioInstallIOProcW
midiInOpen
mmioStringToFOURCCW
joyReleaseCapture
timeGetDevCaps
NotifyCallbackData
waveOutGetErrorTextW
mmioFlush
waveInGetNumDevs
CloseDriver
waveInOpen
mciGetErrorStringW
waveOutGetVolume
joy32Message
midiOutShortMsg
waveOutSetVolume
mmioSetBuffer
waveOutReset
midiOutGetErrorTextA
mciGetDriverData
joySetThreshold
mixerOpen
midiInGetID
waveOutGetErrorTextA
midiOutUnprepareHeader
timeBeginPeriod
mmioRenameW
auxGetVolume
waveOutGetPitch
sndPlaySoundW
midiOutSetVolume
midiStreamOpen
midiOutReset
mmioWrite
midiStreamProperty
midiInGetDevCapsW
mixerMessage
mmioAscend
mciSetYieldProc
mmioAdvance
waveInGetErrorTextA
mmsystemGetVersion
mmioSetInfo
midiInPrepareHeader
midiOutCachePatches
WOWAppExit
auxOutMessage
tid32Message
mciSendCommandA
mciDriverNotify
DefDriverProc
waveOutClose
waveInStart
mciDriverYield
timeKillEvent
timeEndPeriod
WOW32ResolveMultiMediaHandle
SendDriverMessage
mmioClose
mixerGetControlDetailsA
sndPlaySoundA
midiStreamPause
midiOutCacheDrumPatches
midiInGetNumDevs
midiOutGetErrorTextW
wid32Message
mciGetDeviceIDA
DrvGetModuleHandle
waveInGetPosition
mmioOpenA
midiOutGetVolume
mmioCreateChunk
mmTaskYield
waveInAddBuffer
mmDrvInstall
mciGetErrorStringA

msvcrt

__setusermatherr
_execvpe
_pwctype
_wfindnexti64
_mbsnbicmp
_mbscoll
_environ
strspn
_wcsnicoll
strncmp
fwrite
_mbsnbcmp
_nextafter
_wspawnle
fwprintf
_spawnle
strcmp
__p__iob
_wcmdln
fprintf
fsetpos
_wspawnv
printf
iswcntrl
_get_sbh_threshold
_heapused
_ui64tow
_wctime
_control87
__iscsymf
__p__pctype
_inpw
_getdcwd
_unlink
__lc_codepage
_locking
_fputchar
tolower
fgetc
putchar
fread
fseek
_seterrormode
_futime
fputc
__p__winmajor
_fpieee_flt
isdigit
_timezone
iswprint
_ismbchira
memchr
_mbsrchr
_tzname
sprintf
_strtime
_open_osfhandle
_endthread
_getdllprocaddr
_ismbcpunct
iswpunct
_mbsnbcat
wcscoll
fclose
fputs
strtok
fgetpos
_wfindfirst
iswdigit
_getdrives
strncat
ferror
_mbsnextc
strstr
_ultoa
_mbsnccnt
feof
_CItan
_daylight
_lseeki64
__p__environ
_initterm
fopen
_wstrtime
ftell
_ismbcalpha
_flsbuf
_atoldbl
_ismbcdigit
iswctype
_i64tow
toupper
_mbspbrk
_putws
_execlpe
wcsftime
_wstat
_wtoi
memset
_mbccpy
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_mbclen
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbsnbcpy
_mbsstr
_mbsnicmp

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 540KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7ef341dbe93ee0925204fb46c3fe96ff

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

opengl32

shlwapi

winmm

msvcrt

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 540KB - Virtual size: 538KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 540KB - Virtual size: 538KB