960b661fd7d09ca8fbe3c7d36194cb8afbabc37e097b612688bbccd1056cace2

Sharing

Copy URL Twitter E-mail

General

Target

960b661fd7d09ca8fbe3c7d36194cb8afbabc37e097b612688bbccd1056cace2
Size

821KB
MD5

9955cc25cb8b9409c34a1fe670725bc9
SHA1

6d19a4ecba6bab8b00063734dae59bf1215557d1
SHA256

960b661fd7d09ca8fbe3c7d36194cb8afbabc37e097b612688bbccd1056cace2
SHA512

571dc991a355cd48256070ac4815bc8703f057b70b01cff3a58b60d13d5990ec06e489e25ef26dca7b140fb952b25c559bda77ef0f4cfc341c8ac4d55530daf0
SSDEEP

24576:iCszGksOFxhbp4Yjl2leph0wwM13Nplyhs:iCszrDFfjlVL0lyp4

Score

N/A

Malware Config

Signatures

Files

960b661fd7d09ca8fbe3c7d36194cb8afbabc37e097b612688bbccd1056cace2
.exe windows x86

3e257ec76d1460d860476f6ec06fe81d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dnsapi

DnsIpv6StringToAddress
DnsApiSetDebugGlobals
DnsCreateReverseNameStringForIpAddress
Dns_CreateMulticastSocket
DnsWriteQuestionToBuffer_W
NetInfo_Build
Dns_CleanupWinsock
Dns_InitializeMsgRemoteSockaddr

glu32

gluTessBeginPolygon
gluDeleteQuadric
gluTessProperty
gluCylinder
gluNewQuadric
gluBeginTrim
gluUnProject
gluLookAt
gluNurbsCurve
gluTessVertex
gluProject
gluBeginSurface
gluScaleImage
gluQuadricDrawStyle
gluPerspective
gluEndPolygon
gluGetNurbsProperty
gluQuadricNormals
gluQuadricCallback
gluNurbsProperty
gluBeginPolygon
gluDisk
gluErrorString
gluDeleteNurbsRenderer
gluEndSurface
gluPartialDisk
gluEndCurve

w32topl

ToplHeapDestroy
ToplDeleteSpanningTreeEdges
ToplVertexGetId
ToplGetSpanningTreeEdgesForVtx
ToplGraphInit
ToplGraphCreate
ToplSTHeapInit
ToplEdgeFree

kernel32

CancelIo
_hread
GetOEMCP
MoveFileExA
HeapCreate
LoadLibraryW
SetEndOfFile
WriteFileEx
GetSystemDirectoryA
RemoveDirectoryW
DnsHostnameToComputerNameW
ReadProcessMemory

cmpbk32

PhoneBookUnload
PhoneBookLoad
PhoneBookFreeFilter
PhoneBookGetPhoneType
PhoneBookGetPhoneNonCanonicalA
PhoneBookEnumNumbers
PhoneBookGetCurrentCountryId
PhoneBookEnumCountries
PhoneBookGetCountryNameW
PhoneBookGetCountryId
PhoneBookGetPhoneCanonicalA
PhoneBookGetPhoneDescA
PhoneBookGetRegionNameA
PhoneBookCopyFilter
PhoneBookEnumNumbersWithRegionsZero
PhoneBookEnumRegions
PhoneBookHasPhoneType
PhoneBookGetCountryNameA
PhoneBookMatchFilter

gdi32

EnumICMProfilesA
PtInRegion
EngCreateClip
XFORMOBJ_iGetXform
EngFillPath
GdiEntry2
GetMapMode
DdEntry23
cGetTTFFromFOT
GetCharABCWidthsI
SelectObject
SetDeviceGammaRamp
GetTextCharsetInfo
EngMultiByteToUnicodeN
CreateDIBPatternBrushPt
GetSystemPaletteUse
EngStretchBltROP
DdEntry39
CreateCompatibleDC
EnumFontsA
EngMultiByteToWideChar
EngCreateSemaphore
GdiStartDocEMF
EngAlphaBlend
CreateDCA
MirrorRgn

wininet

InternetEnumPerSiteCookieDecisionA
ForceNexusLookupExW
GopherFindFirstFileW
FtpRemoveDirectoryW
GopherGetLocatorTypeW
FtpPutFileW
InternetReadFileExA
GetUrlCacheEntryInfoA
SetUrlCacheGroupAttributeA
InternetGetPerSiteCookieDecisionW
CreateUrlCacheGroup
InternetAutodial
InternetFindNextFileW
InternetCheckConnectionW
InternetSetCookieExW
ShowClientAuthCerts
GetUrlCacheEntryInfoExW
InternetCanonicalizeUrlA
FindFirstUrlCacheEntryW
InternetGoOnlineA
InternetTimeToSystemTimeW
InternetGoOnlineW
InternetConfirmZoneCrossingA
CommitUrlCacheEntryA

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e257ec76d1460d860476f6ec06fe81d

Headers

DLL Characteristics

File Characteristics

Imports

dnsapi

glu32

w32topl

kernel32

cmpbk32

gdi32

wininet

Sections

.text Size: 388KB - Virtual size: 388KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 120KB - Virtual size: 119KB

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 388KB - Virtual size: 388KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 120KB - Virtual size: 119KB

.reloc
Size: 1024B - Virtual size: 840B