966c61dfc4f37bb248cdf1c553a987dd6ab7f7dfea55b08acd94da3846a25ac0

Sharing

Copy URL Twitter E-mail

General

Target

966c61dfc4f37bb248cdf1c553a987dd6ab7f7dfea55b08acd94da3846a25ac0
Size

122KB
MD5

9ba59fb1ba9db01962ac398453e537ae
SHA1

0e45b639bf3fd946fef2fe4fd737f0b4a0e6a66b
SHA256

966c61dfc4f37bb248cdf1c553a987dd6ab7f7dfea55b08acd94da3846a25ac0
SHA512

d6f0103da5e90b21447593678a092e840898abbefafd7fff50d19ef5d833df32ea949b27b20897e90dd43139313d80b88ee9d82affbed08f50b6a2d00200c922
SSDEEP

3072:aRBbuy43qxa1bF0feA6VCtqVcL4mnuuxz:Tdaxa1vBAqQ44uu

Score

N/A

Malware Config

Signatures

Files

966c61dfc4f37bb248cdf1c553a987dd6ab7f7dfea55b08acd94da3846a25ac0
.exe windows x86

a314eea5546358d60d077965680ee5a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt20

_CIasin

d3d9

D3DPERF_BeginEvent
PSGPError
D3DPERF_SetRegion
Direct3DShaderValidatorCreate9
D3DPERF_SetMarker
DebugSetMute
D3DPERF_EndEvent
D3DPERF_SetOptions
DebugSetLevel
Direct3DCreate9
D3DPERF_QueryRepeatFrame
PSGPSampleTexture
D3DPERF_GetStatus

sqlwid

_lwrite_
strerror_
_ttof
wstrlen
_lcreat_
OpenFile_
GetProcAddress_
GetEnvironmentStrings_
_lopen_
_hwrite_

lz32

GetExpandedNameA
LZStart
LZOpenFileA
LZCopy
LZClose
CopyLZFile
LZCloseFile
LZCreateFileW
LZDone
LZRead
LZSeek
GetExpandedNameW
LZInit
LZOpenFileW

kernel32

PulseEvent
IsProcessorFeaturePresent
WaitForMultipleObjects
GetTapeParameters
Module32NextW
GetWindowsDirectoryA
RegisterConsoleOS2
OpenJobObjectW
GetCommandLineA
SetProcessAffinityMask
NlsGetCacheUpdateCount
EnumResourceTypesA
GetStringTypeA
DnsHostnameToComputerNameW
SetTermsrvAppInstallMode
GetCalendarInfoW
VirtualAlloc
GetConsoleCharType
SetHandleCount
FreeLibraryAndExitThread
SetConsoleCursorMode
CreateWaitableTimerA
SetWaitableTimer
IsDebuggerPresent
FillConsoleOutputCharacterW
GetDefaultCommConfigA
GetTimeFormatA
LoadModule
InterlockedExchange
OpenWaitableTimerA
SetConsoleInputExeNameW
GetConsoleInputWaitHandle
EnumResourceTypesW
lstrcpynA
Process32FirstW
lstrcpyA
MoveFileWithProgressW

rtm

RtmLookupIPDestination
RtmDeleteRouteList
RtmGetChangeStatus
DeleteFromTable
RtmFindNextHop
RtmGetNextHopInfo
MgmGetMfe
RtmReleaseDestInfo
RtmCreateRouteList
RtmGetRouteAge
RtmGetFirstRoute
RtmGetNetworkCount
MgmInitialize
RtmInvokeMethod
RtmReleaseRoutes
DumpTable
RtmGetInstanceInfo
RtmGetEnumDests
RtmCloseEnumerationHandle
RtmGetNextHopPointer
RtmWriteInstanceConfig
RtmGetAddressFamilyInfo
RtmUpdateAndUnlockRoute
RtmEnumerateGetNextRoute

advpack

GetVersionFromFile

htui

HTUI_ColorAdjustment
HTUI_DeviceColorAdjustmentW
HTUI_ColorAdjustmentW
HTUI_DeviceColorAdjustmentA
HTUI_ColorAdjustmentA
HTUI_DeviceColorAdjustment

perfnet

CloseNetSvcsObject

cabview

DllGetClassObject
Uninstall
DllCanUnloadNow

Sections

.data
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a314eea5546358d60d077965680ee5a2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt20

d3d9

sqlwid

lz32

kernel32

rtm

advpack

htui

perfnet

cabview

Sections

.data Size: - Virtual size: 496KB

.text Size: 1024B - Virtual size: 600B

.reloc Size: 512B - Virtual size: 76B

.rdata Size: 119KB - Virtual size: 119KB

.rsrc Size: 1024B - Virtual size: 724B

.data
Size: - Virtual size: 496KB

.text
Size: 1024B - Virtual size: 600B

.reloc
Size: 512B - Virtual size: 76B

.rdata
Size: 119KB - Virtual size: 119KB

.rsrc
Size: 1024B - Virtual size: 724B