8409243a751d84062f21d10ca6472c563b0836fb3efe6a9164bc0d162ef63798

Sharing

Copy URL

Twitter E-mail

General

Target

8409243a751d84062f21d10ca6472c563b0836fb3efe6a9164bc0d162ef63798
Size

832KB
MD5

e8b6172441f6b7b603aa16446fa3fbf3
SHA1

85d730a972b7febb98188f05ec94563e47d61cc9
SHA256

8409243a751d84062f21d10ca6472c563b0836fb3efe6a9164bc0d162ef63798
SHA512

0b12118f16653912928f1c7165560753e0f2d57507a8a84a00b06bbf931534783ef029b0013e82f7fc6335d6bf993ad596592c9ab96466b2721d656f2002608d
SSDEEP

24576:6/gG45LiqTxnrETGSZtksQeE5zRYMoGoYMPyssP:8uxnyGSTksQeqzXoYuyss

Score

N/A

Malware Config

Signatures

Files

8409243a751d84062f21d10ca6472c563b0836fb3efe6a9164bc0d162ef63798
.exe windows x86

d5d4c8e05be4f7c4a14e326e6a955116

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__pctype_func
iswpunct
_strcmpi
_wremove
_tzname
??0bad_cast@@QAE@ABV0@@Z
wcsxfrm
div
atan
_wspawnv
_CIcos
__p__commode
__p__winver
__getmainargs
exit
_execvp
__set_app_type
_ftime
_scprintf
freopen
??_E__non_rtti_object@@UAEPAXI@Z
_CIasin
_swab
_outp
strtoul
_strnicmp
_wfsopen
_chdrive
isalpha
_adj_fprem1

untfs

??0NTFS_ATTRIBUTE_RECORD@@QAE@XZ
?ResetIterator@NTFS_INDEX_TREE@@QAEXXZ
??0NTFS_MFT_INFO@@QAE@XZ
??1NTFS_SA@@UAE@XZ
??0NTFS_FILE_RECORD_SEGMENT@@QAE@XZ
??0NTFS_BAD_CLUSTER_FILE@@QAE@XZ
?Initialize@NTFS_MFT_INFO@@QAEEVBIG_INT@@PAVNTFS_UPCASE_TABLE@@EE_K@Z
?Flush@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVNTFS_BITMAP@@PAVNTFS_INDEX_TREE@@E@Z
??0NTFS_EXTENT_LIST@@QAE@XZ
?QueryAttributeList@NTFS_FRS_STRUCTURE@@QAEEPAVNTFS_ATTRIBUTE_LIST@@@Z
?Initialize@NTFS_BITMAP_FILE@@QAEEPAVNTFS_MASTER_FILE_TABLE@@@Z
?Initialize@NTFS_LOG_FILE@@QAEEPAVNTFS_MASTER_FILE_TABLE@@@Z
??1NTFS_INDEX_TREE@@UAE@XZ
?SetVolumeFlag@NTFS_SA@@QAEEGPAE@Z
?QueryAttribute@NTFS_FILE_RECORD_SEGMENT@@QAEEPAVNTFS_ATTRIBUTE@@PAEKPBVWSTRING@@@Z
?Read@NTFS_FRS_STRUCTURE@@UAEEXZ
?IsFree@NTFS_BITMAP@@QBEEVBIG_INT@@0@Z
?Read@NTFS_ATTRIBUTE@@QAEEPAXVBIG_INT@@KPAK@Z
?CreateDataAttribute@NTFS_LOG_FILE@@QAEEVBIG_INT@@KPAVNTFS_BITMAP@@@Z
?ReadList@NTFS_ATTRIBUTE_LIST@@QAEEXZ
?ReadSet@NTFS_FRS_STRUCTURE@@QAEEPAVTLINK@@@Z
ChkdskEx
?MakeNonresident@NTFS_ATTRIBUTE@@UAEEPAVNTFS_BITMAP@@@Z
?CompareFileName@NTFS_MFT_INFO@@SGEPAXKPAU_FILE_NAME@@PAG@Z
Chkdsk
??1NTFS_BOOT_FILE@@UAE@XZ
?Initialize@NTFS_MFT_INFO@@QAEEXZ
?QueryExtent@NTFS_EXTENT_LIST@@QBEEKPAVBIG_INT@@00@Z
?QueryVolumeFlagsAndLabel@NTFS_SA@@QAEGPAE00PAVWSTRING@@@Z

opengl32

glColor3iv
glRasterPos2dv
glRasterPos4s
glNormal3d
glGetClipPlane
glBindTexture
glMap1d
wglDescribeLayerPlane
glColor4ub
wglChoosePixelFormat
glTexCoordPointer
glLightiv
glVertex2i
glGetBooleanv
glTexCoord2sv
glNormal3dv
glClear
glPixelStorei
glLightModeliv
glIndexf
glStencilFunc

esent

JetSetColumn@28
JetStopBackupInstance
JetGotoPosition
JetTruncateLogInstance
JetBackup
JetOpenTable
JetSetTableSequential
JetResetCounter
JetEndSession
JetBeginTransaction@4
JetUpdate
JetGetIndexInfo
JetGetSecondaryIndexBookmark
JetDeleteColumn2
JetComputeStats
JetAttachDatabase
JetGotoSecondaryIndexBookmark
JetGetColumnInfo
JetDelete@8
JetDeleteColumn
JetOpenDatabase
JetUpdate@20
JetInit3
JetAttachDatabase2
JetRollback
JetGetLS
JetDeleteIndex

kernel32

GetAtomNameA
GetProfileStringW
GetExitCodeThread
GetLastError
SetMailslotInfo
GetLocaleInfoA
SuspendThread
GetVolumePathNameA
GetConsoleTitleA
ResumeThread
SetCriticalSectionSpinCount
GetEnvironmentStringsA
CreateTapePartition
PurgeComm
GetOverlappedResult
LocalFlags
GetCurrentThread
GetSystemDefaultUILanguage
LZCloseFile
SystemTimeToTzSpecificLocalTime
GetProcessVersion
TzSpecificLocalTimeToSystemTime
FindClose
FileTimeToSystemTime
LoadLibraryW

user32

EndDialog

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5d4c8e05be4f7c4a14e326e6a955116

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

untfs

opengl32

esent

kernel32

user32

Sections

.text Size: 408KB - Virtual size: 407KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 181KB - Virtual size: 1.6MB

.rsrc Size: 142KB - Virtual size: 142KB

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 408KB - Virtual size: 407KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 181KB - Virtual size: 1.6MB

.rsrc
Size: 142KB - Virtual size: 142KB

.reloc
Size: 1024B - Virtual size: 840B