1ebda70b187db6cd961087fd1f01d372da5d6b17d8e291d040fe075ff90b7065

General

Target

1ebda70b187db6cd961087fd1f01d372da5d6b17d8e291d040fe075ff90b7065
Size

578KB
MD5

97ae991cf04b026aa585ceadfb1b6f20
SHA1

64bd879cc3a0a4a1ca5696eda7bbf954bf170a18
SHA256

1ebda70b187db6cd961087fd1f01d372da5d6b17d8e291d040fe075ff90b7065
SHA512

1e9a6b2a4147e6a26388e825b1431f9bb2be9bbe0b746281261afb46787912fcf325d1538209072af889959b3eb85d48d3d26c772ff491c401590ce65dfa3ee3
SSDEEP

12288:CJHDnbXU+pMl2yAmeOBXgKodq9L1eZ7MYDorH9WeRbSkkoE6:EjbXnpMlVAmPBXhxQ7bDgtRi6

Score

N/A

Malware Config

Signatures

Files

1ebda70b187db6cd961087fd1f01d372da5d6b17d8e291d040fe075ff90b7065
.exe windows x86

e128d3d9b39a8171792e962e6a26e9f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetHandleInformation
GetVersion
GetModuleHandleA
IsValidLocale
GetConsoleCommandHistoryA
RtlFillMemory
FreeLibrary
GetProcAddress
GetSystemTime
GetLocalTime
AssignProcessToJobObject
CreateNamedPipeW
EraseTape
SetCurrentDirectoryA
SetConsoleMaximumWindowSize
GetStartupInfoA

opengl32

glGetTexGeniv
glMapGrid1f
glIndexubv
glPixelMapuiv
glInterleavedArrays
glGetTexLevelParameterfv
wglMakeCurrent
glIndexfv
glVertex4sv
glGetLightiv
wglDeleteContext
glClear
glTexCoord1sv
glPixelZoom
glTexCoord4dv
wglCreateContext
glGetTexGendv
glTexGenfv
glPolygonMode
glColor4d
glGetMaterialiv

shell32

StrCmpNIA

shlwapi

PathCombineW
PathIsFileSpecW
PathRemoveFileSpecW
StrDupA
StrIsIntlEqualA
SHDeleteValueA
SHGetValueW
PathAddBackslashW
UrlEscapeW
GetMenuPosFromID
PathRemoveBlanksA
PathMakePrettyA
StrToIntA
SHQueryInfoKeyW
PathParseIconLocationW
PathIsRelativeW
PathFindFileNameW
PathStripToRootA
SHEnumKeyExA
StrPBrkW

msvcrt

ferror
_gcvt
_loaddll
_fmode
fseek
_dup2
feof
fclose
fread
gets
_strupr
__p__tzname
_eof
printf
fsetpos
fprintf
sprintf
memset
_y0
__p__daylight
_getdrive
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_mbccpy
_winmajor
ftell
_putch
_unlink
__p__timezone
__p__winmajor
strstr
_umask
fwrite
fputc
fopen
fwprintf
tolower
fputs
_unloaddll
_ismbcsymbol
_mbsnbicoll
_getch

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 528KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e128d3d9b39a8171792e962e6a26e9f8

Headers

File Characteristics

Imports

kernel32

opengl32

shell32

shlwapi

msvcrt

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 528KB - Virtual size: 525KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 528KB - Virtual size: 525KB