a62960ded418136d191da755084b766ca0797ea794f5a041b98c7c4664c9a053

Sharing

Copy URL Twitter E-mail

General

Target

a62960ded418136d191da755084b766ca0797ea794f5a041b98c7c4664c9a053
Size

827KB
MD5

782f7420eb34f2719cf9942e6cdf8e10
SHA1

7cc7ef79f0145fd9a829d3b26d4f95099548f0cd
SHA256

a62960ded418136d191da755084b766ca0797ea794f5a041b98c7c4664c9a053
SHA512

336c6cc3d8a42efb23ccdbb1de5e2d2f27896a676f32e8adbef2d66e90804284138f3d462c0996e448316eef39838e9fd7286671dd9df2b9d99529192f6aed9f
SSDEEP

12288:HaURDn/gPKXW4hk1aSs6IUmLOzRHh6QHs2yO569qSQtWckGb6gLTtPitroLzGtHO:HaURpNOm6zjy9cmgftKoG1Z6oCd9

Score

N/A

Malware Config

Signatures

Files

a62960ded418136d191da755084b766ca0797ea794f5a041b98c7c4664c9a053
.exe windows x86

b0199e860446fe5766fa0ec8dc659c8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wspawnlp
atoi
_ismbchira
__p__commode
__unguarded_readlc_active
_ui64tow
_EH_prolog
_spawnlp
_ltow
_rotl
??_Gbad_typeid@@UAEPAXI@Z
__set_app_type
_beginthread
_global_unwind2
_getdrives
_makepath
_ismbcl0
_wcstoui64
_mbclen
clock
??9type_info@@QBEHABV0@@Z
__getmainargs
exit
system

opengl32

glColor4usv
glStencilMask
wglDescribeLayerPlane
glNormal3s
glIsList
glVertex2dv
glRasterPos4sv
glColor3uiv
glBindTexture
glCallLists
glPixelMapusv
glColorMaterial
glScissor
glTexCoord1fv

activeds

ADsEncodeBinaryData
DllGetClassObject
ReallocADsStr
ADsBuildEnumerator
DllCanUnloadNow
ADsGetLastError
AdsTypeToPropVariant2
SecurityDescriptorToBinarySD
ADsDecodeBinaryData
ADsBuildVarArrayStr
ADsFreeEnumerator
ADsGetObject
AllocADsStr
FreeADsMem
ConvertSecDescriptorToVariant
PropVariantToAdsType2
ADsSetLastError

kernel32

GetCurrentThread
GlobalReAlloc
CancelIo
IsBadReadPtr
LockResource
AddLocalAlternateComputerNameA
GetPrivateProfileSectionA
GetNumaNodeProcessorMask
GetModuleHandleW
LoadLibraryW
VirtualFree
GlobalGetAtomNameA
RegisterWaitForInputIdle
BuildCommDCBAndTimeoutsW
OpenEventW
GetConsoleHardwareState
FindNextFileA
GetLocaleInfoW
FindResourceW
GetCurrentConsoleFont
GlobalUnfix
SetThreadExecutionState
AddLocalAlternateComputerNameW
LocalCompact
ConvertFiberToThread
SetUserGeoID
GetConsoleMode
IsValidLocale
FreeEnvironmentStringsW
SetVolumeMountPointA
GetFileAttributesExW
CreateJobObjectW
EnumResourceLanguagesW

dpwsockx

DPWS_BuildIPMessageHeader
SPInit
DPWS_GetEnumPort

Sections

.text
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0199e860446fe5766fa0ec8dc659c8b

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

opengl32

activeds

kernel32

dpwsockx

Sections

.text Size: 400KB - Virtual size: 400KB

.rdata Size: 160KB - Virtual size: 160KB

.data Size: 157KB - Virtual size: 1.5MB

.rsrc Size: 106KB - Virtual size: 106KB

.reloc Size: 1024B - Virtual size: 880B

.text
Size: 400KB - Virtual size: 400KB

.rdata
Size: 160KB - Virtual size: 160KB

.data
Size: 157KB - Virtual size: 1.5MB

.rsrc
Size: 106KB - Virtual size: 106KB

.reloc
Size: 1024B - Virtual size: 880B