59f572a387d0f042667d821b9bdb4e9031fceb94e03053652debe04361b5fba5

Sharing

Copy URL Twitter E-mail

General

Target

59f572a387d0f042667d821b9bdb4e9031fceb94e03053652debe04361b5fba5
Size

403KB
MD5

e5891c444eb4f54572bcae4f959a02c6
SHA1

efa37ba5a5aaa1a24ee13c5ab9299dbef3cd8560
SHA256

59f572a387d0f042667d821b9bdb4e9031fceb94e03053652debe04361b5fba5
SHA512

787760e70be0e096b39569e706eebc2b7365b278c13aab06c50b4128b0e98276cfcb5dbdf5e17e87e18eb15b238ca1944197cf0eaa648af4801da22d9180f1b0
SSDEEP

12288:W10qorz1Oyoho7AAVnhcwKzl8KHcf5vaC:K09z8nhoUCh6Bax

Score

N/A

Malware Config

Signatures

Files

59f572a387d0f042667d821b9bdb4e9031fceb94e03053652debe04361b5fba5
.dll windows x86

c052fa8184dabee9536cd23f7ead9781

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA

kernel32

GetSystemTimeAsFileTime
GetTickCount
GlobalReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsProcessorFeaturePresent
LoadLibraryA
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReadFileScatter
RequestWakeupLatency
ResetWriteWatch
RtlUnwind
SetUnhandledExceptionFilter
SwitchToThread
TerminateProcess
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
_lclose
GetProcessPriorityBoost
GetProcessAffinityMask
GetProcAddress
GetModuleHandleA
GetLastError
GetFullPathNameW
GetFileSizeEx
GetFileSize
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FlushViewOfFile
FindResourceW
ExitProcess
EnterCriticalSection
DebugBreak
CreateMutexA
CreateFileA
CloseHandle
CancelWaitableTimer

gdi32

TranslateCharsetInfo
SetTextColor
SetMapMode
MoveToEx
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetFontLanguageInfo
GetCharacterPlacementW
GetCharacterPlacementA
GdiGetDC
ExtTextOutW
ExtTextOutA
EudcLoadLinkW
DeleteDC
CreatePolygonRgn
CreateFontIndirectW
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC

ole32

CreateStreamOnHGlobal

msvcrt

_lock
qsort
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIsin
_CIsqrt
_CxxThrowException
_XcptFilter
__p___argv
_amsg_exit
_controlfp
_finite
_fstati64
_initterm
_isnan
_onexit
_purecall
_stricmp
_unlock
_vsnprintf
_vsnwprintf
floor
iswalpha
iswdigit
iswpunct
iswspace
malloc
memcpy
memmove
memset

Exports

Exports

FindShaderComment
LoadMemory
MatrixShadow
MatrixTranslation
OpenObject2
mpegInSeekSample64TS

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c052fa8184dabee9536cd23f7ead9781

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 203KB - Virtual size: 203KB

.data Size: 69KB - Virtual size: 70KB

.rsrc Size: 51KB - Virtual size: 51KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 203KB - Virtual size: 203KB

.data
Size: 69KB - Virtual size: 70KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 4KB - Virtual size: 4KB