a6d01cc6146cfeb85774cf298230d83fac187e38768f8622dbb3b86b39cf9849

Sharing

Copy URL

Twitter E-mail

General

Target

a6d01cc6146cfeb85774cf298230d83fac187e38768f8622dbb3b86b39cf9849
Size

128KB
MD5

797a0e2f3b7e0e83a6eb3fe7ecc93d02
SHA1

589a624c2b33d4bf5b49ffc44653af23b8b74731
SHA256

a6d01cc6146cfeb85774cf298230d83fac187e38768f8622dbb3b86b39cf9849
SHA512

b1dee8d21f051bc5c74bfdf62eeae948b0eedb38beb9bc121437970830f7da6fb1d0d52edaae2463ca0d442015111541080626164dad5d63b2a6367149e29c78
SSDEEP

3072:cw6tBbk82/cwHuZ8Tjhg2AMQLSR3vj+Zc9FZ8eMLW/TJMD3iA:cw6t1k8YfHNT8A+Zc3+VUJx

Score

N/A

Malware Config

Signatures

Files

a6d01cc6146cfeb85774cf298230d83fac187e38768f8622dbb3b86b39cf9849
.dll windows x86

ca365c44aee3ff5056d7aea00f8e8f1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateWaitableTimerW
LoadLibraryA
FindCloseChangeNotification
MoveFileWithProgressW
ResumeThread
GlobalSize
ReadConsoleOutputCharacterA
LocalFlags
lstrlenA
IsValidLocale
GetStringTypeW
GetConsoleInputExeNameA
GetModuleHandleA
UpdateResourceA
QueryInformationJobObject
InitAtomTable
GetConsoleAliasesA
GetFullPathNameA
GlobalCompact
OpenProcess
GetAtomNameW
GlobalLock
UnlockFile
OpenFileMappingA
VerLanguageNameW
Heap32ListNext
GetExitCodeProcess
GetVersion
SetProcessPriorityBoost
DeleteTimerQueue
FindResourceW
VirtualFree
WriteConsoleInputVDMW
SetThreadPriorityBoost
BuildCommDCBAndTimeoutsW
GetSystemTime
GetHandleInformation
GetConsoleAliasesW
FindFirstVolumeW
OpenEventA
FindNextVolumeW
MoveFileWithProgressA
OpenFile
ReadConsoleA
OpenFileMappingW
SetConsoleMaximumWindowSize
GetBinaryTypeA
GetConsoleMode
FlushConsoleInputBuffer
CancelWaitableTimer
GetPrivateProfileStringA
Thread32First
IsBadReadPtr
WritePrivateProfileStringA
GenerateConsoleCtrlEvent
GetShortPathNameA
GetConsoleCursorInfo
DuplicateConsoleHandle
GetStringTypeExA
VirtualAlloc
GetProcAddress
GetNamedPipeInfo
DeviceIoControl
Heap32Next
ScrollConsoleScreenBufferA
QueryDosDeviceW
GetNamedPipeHandleStateA
SetHandleCount
GetVDMCurrentDirectories
QueueUserWorkItem
WritePrivateProfileStructA
IsBadHugeReadPtr
GetFileAttributesA
OpenMutexW
SetFilePointer
SetCalendarInfoA
SetLastError
TransactNamedPipe
SetErrorMode
VerLanguageNameA

user32

GetGUIThreadInfo
MessageBoxExA
SetWindowPos
DdeQueryStringW
CheckRadioButton
SendDlgItemMessageA
TranslateAcceleratorA
DdeQueryNextServer
RegisterClipboardFormatW
VkKeyScanA
UnregisterDeviceNotification
TrackPopupMenu
DrawEdge
DdeAbandonTransaction
GetPropA
MonitorFromRect
SetRectEmpty
GetDCEx
LoadImageA
EnumDisplaySettingsA
IsCharAlphaNumericW
ImpersonateDdeClientWindow
CreateDialogParamW
SendDlgItemMessageW
DragObject
GetWindowDC
GetProcessDefaultLayout
DeferWindowPos
GetWindowPlacement
GetIconInfo
SetProcessWindowStation
CreateIconFromResourceEx
DialogBoxParamA
FindWindowExW
MapVirtualKeyExW
SetUserObjectSecurity
LoadBitmapW
IsCharLowerW
SetCursor

gdi32

GetBoundsRect
GdiGetDC
GetCharABCWidthsW
GetTextFaceA
BitBlt
PolyPolyline
CreateScalableFontResourceA
RemoveFontResourceW
RectVisible
SetArcDirection
ExtEscape
CreateFontIndirectExA
GetCharABCWidthsFloatW
AddFontResourceA
DPtoLP
SetPixelV
GetICMProfileA
ExtTextOutW
EndDoc
SetAbortProc
GetBitmapBits
GetCharWidthI
SelectClipPath
GetTextCharsetInfo
SetRectRgn
UpdateICMRegKeyW
GdiStartDocEMF
GetMetaRgn
GetObjectA
SetDCBrushColor
AddFontMemResourceEx
Ellipse
GetClipBox
DeleteMetaFile
SetBitmapBits
ResetDCW
GetCharWidthW
SetBkMode
GetSystemPaletteUse
Polyline
GetMetaFileA
PolyTextOutA
CreateFontA
ArcTo

advapi32

ObjectOpenAuditAlarmA
ConvertStringSidToSidA
RegSetValueA
CryptEnumProvidersW
LsaLookupPrivilegeName
BuildImpersonateTrusteeA
CreateProcessAsUserA
SystemFunction004
GetOldestEventLogRecord
AccessCheckByTypeResultListAndAuditAlarmW
RegCloseKey
LsaQuerySecurityObject
SystemFunction023
SystemFunction007
ElfRegisterEventSourceA
BuildImpersonateExplicitAccessWithNameW
GetServiceDisplayNameA
CancelOverlappedAccess
CryptSetProvParam
RegOverridePredefKey
SetSecurityInfoExA

comctl32

ImageList_BeginDrag
ImageList_GetIconSize
ImageList_Create
_TrackMouseEvent
FlatSB_GetScrollPos
PropertySheetW
ImageList_SetIconSize
ord17
ImageList_LoadImageA
ord4
ImageList_AddMasked
FlatSB_SetScrollProp
InitializeFlatSB
ord13
ImageList_GetImageCount
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetImageInfo
CreateToolbarEx
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
ImageList_Duplicate
PropertySheetA
ImageList_SetFilter
FlatSB_ShowScrollBar
FlatSB_SetScrollRange
ImageList_ReplaceIcon
InitCommonControlsEx
ord14
ImageList_EndDrag
ImageList_Copy
ImageList_SetDragCursorImage
DrawStatusTextW
ImageList_LoadImageW
ImageList_Merge
UninitializeFlatSB
ImageList_SetImageCount
ord6
ImageList_AddIcon
DestroyPropertySheetPage
ord7
ImageList_SetOverlayImage
ImageList_DragLeave
ImageList_SetBkColor
ImageList_Add
ord16
FlatSB_GetScrollInfo
ord8
FlatSB_EnableScrollBar
FlatSB_GetScrollProp
ImageList_Write
ImageList_DragMove
ImageList_DrawIndirect
ord3
ImageList_Read
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Remove
CreatePropertySheetPageA
ImageList_Replace
CreatePropertySheetPageW
ImageList_GetImageRect
ord2
CreateStatusWindowW
ord5
ImageList_DragEnter
FlatSB_SetScrollPos
ImageList_GetIcon
ImageList_Draw
ord15
ImageList_Destroy

opengl32

glMapGrid2d
glStencilFunc
GlmfEndGlsBlock
glDebugEntry
glAccum
glTexCoord1f
glColor3uiv
wglUseFontOutlinesW
glDrawArrays
glColorPointer
glVertex4d
glTexCoord2i
glDeleteLists
glMap1d
glTexGenf
glLineStipple
glCopyTexSubImage1D
glDepthMask
glMap1f
glEvalCoord2fv
glTexCoord1i
glNewList
glIsList
glGetFloatv
glLightModelf
glVertex2fv
glGetPolygonStipple
glLoadIdentity
glColor4usv
glTexCoord2fv
glRasterPos2sv
glGetTexImage
glPrioritizeTextures
glGetPixelMapfv
glIndexfv
glNormalPointer
glFeedbackBuffer
glLightiv
glPolygonStipple
glLightModeliv
glPixelTransferf
glEdgeFlagv
glTexImage1D
glColor4dv
glGetTexLevelParameterfv
GlmfEndPlayback
glFlush
glRotated
wglCreateContext
wglGetProcAddress
glRasterPos4s
glRasterPos3sv
glColor3ub
glTexParameterfv
glGetTexEnvfv
glRectdv
glVertex3fv
glRasterPos3f
glTexCoordPointer
glVertex4fv
glBlendFunc
glGetTexLevelParameteriv
wglUseFontOutlinesA
glFogiv
glVertex3d
glColor3s
glMap2f
glRasterPos4f
glTexEnvi
glTexSubImage2D
glDrawBuffer
glColor3bv
glLogicOp
glNormal3bv
glMateriali
glArrayElement
glListBase
glTexCoord4d
glPixelMapuiv
glTexGendv
glColorMask
wglGetLayerPaletteEntries
glVertex4dv
wglDescribeLayerPlane
glIndexs
glVertex3iv
glRasterPos2i
glRasterPos4iv
glTexCoord4i
glRasterPos4i
glRectsv
glPixelTransferi
GlmfInitPlayback
glRasterPos3iv
wglGetPixelFormat
glFinish
glGetError
glStencilMask
glDrawPixels
glColor4iv
glRasterPos2d
glTexCoord4f
glGetMapiv
wglCreateLayerContext
glGetTexGendv
glPushName
glGetMaterialfv
glTexCoord1iv

version

VerQueryValueW
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
VerFindFileW
GetFileVersionInfoSizeA
VerFindFileA
VerInstallFileA
VerInstallFileW
GetFileVersionInfoA

winmm

waveOutWrite
waveOutGetNumDevs
mixerGetControlDetailsA
waveOutGetPosition
joyGetPosEx
CloseDriver
midiStreamOut
mixerGetLineControlsA
midiOutLongMsg
midiOutSetVolume
mciSetDriverData
joyGetNumDevs
timeSetEvent
mmioStringToFOURCCW
DefDriverProc
mmioAdvance
joySetThreshold
midiOutMessage
waveOutSetPlaybackRate
mmioStringToFOURCCA
mciExecute
waveInGetID
midiOutGetErrorTextA
GetDriverModuleHandle
joySetCapture
waveInReset
PlaySoundA
timeGetDevCaps
waveOutSetPitch
waveOutPrepareHeader
midiOutGetErrorTextW
PlaySoundW
WOW32DriverCallback
mod32Message
waveOutGetVolume
joyGetPos
midiInGetDevCapsW
mmioOpenW
DriverCallback
waveInGetNumDevs
WOWAppExit
midiInGetID
timeEndPeriod
mmsystemGetVersion
joyGetDevCapsW
mciGetErrorStringA
timeKillEvent
waveInGetErrorTextA
mciGetYieldProc
midiOutGetID
mixerOpen
mmioCreateChunk
waveOutClose
waveOutOpen
midiDisconnect
midiStreamOpen

winspool.drv

AddMonitorA
AddPrinterDriverExW
GetSpoolFileHandle
StartDocPrinterA
SetFormA
DeletePrintProvidorA
AddPortExA
GetPrinterDriverDirectoryW

msvcrt

isxdigit
sprintf
wcscpy
_hypot
feof
mktime
_searchenv
labs
ungetc
_tzname
raise
_initterm
_wexecvpe
_CIsinh
_execve
_fullpath
abort
__fpecode
fread
vprintf
vswprintf
fwprintf
_wgetdcwd
_eof
fseek
__p___argv
_mbsicoll
fclose
mblen
_execlp
fputc
_set_sbh_threshold
__p__wcmdln
_ismbcspace
_stat
scanf
isgraph
__unDName
strtod
_onexit
iscntrl
_unlink
_strerror
strlen
fsetpos
atof
_wcsicoll
__p__wenviron
__crtCompareStringA
gmtime
fopen
_endthreadex
_CIsin
_safe_fdiv
ferror
fputs
__dllonexit
_atodbl
_i64toa
__initenv
fwrite
wcsstr
_flsbuf
_read
realloc
_makepath
_heapchk
__iscsym
_wspawnvp
_popen
fprintf
memset
_mbsnextc
_sleep
toupper
_ismbcalpha
_utime
mbtowc
_jn
_pctype
ftell
wcspbrk
_seterrormode
asin
signal
log
_clearfp
ungetwc
printf
_chdrive
tmpfile
_copysign

Exports

Exports

Oouvzesjbi
Qbnb
Qklvnvq
Rvvngh
Vysfzl

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca365c44aee3ff5056d7aea00f8e8f1a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

opengl32

version

winmm

winspool.drv

msvcrt

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 52KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 52KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 7KB