4e289636714d0a568be3af0e608c05f5e92c7e75694ad8b3a211405f33ab9895

Sharing

Copy URL Twitter E-mail

General

Target

4e289636714d0a568be3af0e608c05f5e92c7e75694ad8b3a211405f33ab9895
Size

313KB
MD5

06869990e6d991193345b5d0ed2ed394
SHA1

257a82bc7d49441365fe1a0a9e9b6e55c85476fc
SHA256

4e289636714d0a568be3af0e608c05f5e92c7e75694ad8b3a211405f33ab9895
SHA512

05f46420b17a4cd88e8cb808236e7372f785655b6e6688ffa241d97812172970184998385a69b5432256647ab1ffab43b253e85bef1821e0eadf2cb4261a04ae
SSDEEP

6144:wLgj5/Ktoi8EMkzHbsOKOvELgeeNMPaZRupn+aZGVXpEqI2JX6gAy/Aw/:Go5C38ezHpEc8B+XLEqIeX6gAy/v

Score

N/A

Malware Config

Signatures

Files

4e289636714d0a568be3af0e608c05f5e92c7e75694ad8b3a211405f33ab9895
.dll windows x86

008d45a5e843335c6a306d8354995d25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ot11-openthreads

??EAtomic@OpenThreads@@QAEIXZ

osg62-osg

?getDataPointer@Image@osg@@UBEPBXXZ
?className@Image@osg@@UBEPBDXZ
?libraryName@Image@osg@@UBEPBDXZ
?isSameKindAs@Image@osg@@UBE_NPBVObject@2@@Z
?compare@Image@osg@@UBEHABV12@@Z
?clone@Image@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Image@osg@@UBEPAVObject@2@XZ
??0Image@osg@@QAE@XZ
?releaseGLObjects@Object@osg@@UBEXPAVState@2@@Z
?resizeGLObjectBuffers@Object@osg@@UAEXI@Z
?computeDataVariance@Object@osg@@UAEXXZ
?allocateImage@Image@osg@@UAEXHHHIIH@Z
?setThreadSafeRefUnref@Referenced@osg@@UAEX_N@Z
??_7CopyOp@osg@@6B@
??0Image@osg@@QAE@ABV01@ABVCopyOp@1@@Z
?flipVertical@Image@osg@@QAEXXZ
??1CopyOp@osg@@UAE@XZ
?unref@Referenced@osg@@QBEXXZ
?setFileName@Image@osg@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1Image@osg@@MAE@XZ
?setFrameLastRendered@Image@osg@@UAEXPBVFrameStamp@2@@Z
?sendKeyEvent@Image@osg@@UAE_NH_N@Z
?sendPointerEvent@Image@osg@@UAE_NHHH@Z
?update@Image@osg@@UAEXPAVNodeVisitor@2@@Z
?isImageTranslucent@Image@osg@@UBE_NXZ
?copySubImage@Image@osg@@UAEXHHHPBV12@@Z
?scaleImage@Image@osg@@UAEXHHHI@Z
?readImageFromCurrentTexture@Image@osg@@UAEXI_NI@Z
?readPixels@Image@osg@@UAEXHHHHII@Z
?setImage@Image@osg@@UAEXHHHHIIPAEW4AllocationMode@12@H@Z
?getTotalDataSize@Image@osg@@UBEIXZ

osg62-osgdb

?removeReaderWriter@Registry@osgDB@@QAEXPAVReaderWriter@2@@Z
?instance@Registry@osgDB@@SAPAV12@_N@Z
?addReaderWriter@Registry@osgDB@@QAEXPAVReaderWriter@2@@Z
?getFileExtension@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z
?findDataFile@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@PBVOptions@1@W4CaseSensitivity@1@@Z
?getImage@ReadResult@ReaderWriter@osgDB@@QAEPAVImage@osg@@XZ
??0ReadResult@ReaderWriter@osgDB@@QAE@ABV012@@Z
??1ReadResult@ReaderWriter@osgDB@@QAE@XZ
??0ReadResult@ReaderWriter@osgDB@@QAE@W4ReadStatus@012@@Z
??0ReadResult@ReaderWriter@osgDB@@QAE@PAVObject@osg@@W4ReadStatus@012@@Z
?writeShader@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVShader@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeShader@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVShader@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?writeNode@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVNode@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeNode@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVNode@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?writeHeightField@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVHeightField@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeHeightField@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVHeightField@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?writeObject@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVObject@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?writeObject@ReaderWriter@osgDB@@UBE?AVWriteResult@12@ABVObject@osg@@AAV?$basic_ostream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readShader@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readShader@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readNode@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readNode@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?readHeightField@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?readHeightField@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?openArchive@ReaderWriter@osgDB@@UBE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4ArchiveStatus@12@IPBVOptions@2@@Z
?openArchive@ReaderWriter@osgDB@@UBE?AVReadResult@12@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@PBVOptions@2@@Z
?fileExists@ReaderWriter@osgDB@@UBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@2@@Z
?supportedFeatures@ReaderWriter@osgDB@@UBE?AW4Features@12@XZ
?acceptsExtension@ReaderWriter@osgDB@@UBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?supportedOptions@ReaderWriter@osgDB@@UBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
?supportedExtensions@ReaderWriter@osgDB@@UBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
?supportedProtocols@ReaderWriter@osgDB@@UBEABV?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@U?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V12@@std@@@2@@std@@XZ
?libraryName@ReaderWriter@osgDB@@UBEPBDXZ
?isSameKindAs@ReaderWriter@osgDB@@UBE_NPBVObject@osg@@@Z
?clone@ReaderWriter@osgDB@@UBEPAVObject@osg@@ABVCopyOp@4@@Z
?cloneType@ReaderWriter@osgDB@@UBEPAVObject@osg@@XZ
??0ReaderWriter@osgDB@@QAE@XZ
?supportsExtension@ReaderWriter@osgDB@@IAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
??1ReaderWriter@osgDB@@UAE@XZ
?getLowerCaseFileExtension@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z

msvcp90

?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBDH@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@1@H@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??_D?$basic_istringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z

msvcr90

memcpy
_setjmp3
__CxxFrameHandler3
longjmp
??2@YAPAXI@Z
exit
fprintf
_iob
sprintf
sscanf
getenv
malloc
free
_unlock
__clean_type_info_names_internal
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
??3@YAXPAX@Z

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentProcessId

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

008d45a5e843335c6a306d8354995d25

Headers

DLL Characteristics

File Characteristics

Imports

ot11-openthreads

osg62-osg

osg62-osgdb

msvcp90

msvcr90

kernel32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text Size: 195KB - Virtual size: 196KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 195KB - Virtual size: 196KB