c7cbe4d994b8cc3029bafb1abdc1d628d81be6b5452d305b06dcf998082dff39

Sharing

Copy URL Twitter E-mail

General

Target

c7cbe4d994b8cc3029bafb1abdc1d628d81be6b5452d305b06dcf998082dff39
Size

432KB
MD5

51e41094b9e75e9ca30a6824ae722543
SHA1

9c7309b9fa7a6cf8c98b5952cb3892e7b0910b6a
SHA256

c7cbe4d994b8cc3029bafb1abdc1d628d81be6b5452d305b06dcf998082dff39
SHA512

7ea1635eaf312f27466c37317192581e83f965c051ce778baaebd3ca1e5b2c3650e5e825a0aef726c590f030cd1851891b56d06bdeda8675a3e4a589529d1720
SSDEEP

12288:YPAY2ZQPeYqdGu5AM57t7YwUo9A8ruDO9qb:YPZ2ZQPeYq4HQIyA8AOQ

Score

N/A

Malware Config

Signatures

Files

c7cbe4d994b8cc3029bafb1abdc1d628d81be6b5452d305b06dcf998082dff39
.exe windows x86

846b526a267d2a0b704a0c959c0a85d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

_CIlog10

ntlanman

NPFormatNetworkName
NPEnumResource
DllMain
NPGetResourceInformation
NPGetConnection
NPCloseEnum
NPGetCaps
NPGetUniversalName
NPGetConnection3
NPGetReconnectFlags
NPGetResourceParent
NPGetUser
NPCancelConnection
NPOpenEnum
I_SystemFocusDialog
NPGetConnectionPerformance
NPAddConnection
NPAddConnection3

wsock32

WSACancelBlockingCall
EnumProtocolsW
WSAAsyncGetProtoByName
dn_expand
getprotobyname
GetAddressByNameW
WSAAsyncGetHostByAddr
GetNameByTypeW
recv
send
TransmitFile
WSACancelAsyncRequest
listen
getsockopt
socket
inet_ntoa
ioctlsocket
setsockopt
htons
inet_addr
WSApSetPostRoutine
gethostname
WSAAsyncSelect
SetServiceW
gethostbyname
NPLoadNameSpaces
GetNameByTypeA
getsockname
WSASetBlockingHook
SetServiceA
sendto
MigrateWinsockConfiguration
GetAcceptExSockaddrs
GetTypeByNameW
getpeername
select
ntohs
WSAAsyncGetServByName
WSAGetLastError
WSARecvEx
EnumProtocolsA
GetServiceW
WSAAsyncGetServByPort
getprotobynumber
WSAIsBlocking
closesocket
WSAUnhookBlockingHook

msafd

WSPStartup

secur32

GetUserNameExW
CompleteAuthToken
UnsealMessage
LsaCallAuthenticationPackage
LsaEnumerateLogonSessions
AddSecurityPackageA
AcquireCredentialsHandleW
QueryCredentialsAttributesA
GetComputerObjectNameA
AddCredentialsW
SecpFreeMemory
EnumerateSecurityPackagesW
QueryCredentialsAttributesW
RevertSecurityContext
QuerySecurityPackageInfoA
SaslEnumerateProfilesA
LsaDeregisterLogonProcess
SecpTranslateName
ImportSecurityContextA
DecryptMessage
FreeCredentialsHandle
LsaRegisterLogonProcess
InitSecurityInterfaceW
QueryContextAttributesA
TranslateNameW
DeleteSecurityPackageW
InitializeSecurityContextA
DeleteSecurityContext
LsaLogonUser
SaslIdentifyPackageW
LsaRegisterPolicyChangeNotification
SaslAcceptSecurityContext
AcquireCredentialsHandleA
QuerySecurityContextToken
AddCredentialsA
ImportSecurityContextW
SaslIdentifyPackageA
GetUserNameExA
AddSecurityPackageW
GetSecurityUserInfo
SealMessage
EnumerateSecurityPackagesA

opengl32

glColor4ub
glTexEnvfv
glRasterPos4d
glTexCoord2fv
glTexCoord2dv
glTexGeniv
glNormal3dv
glTexCoord2f
glRasterPos2fv
glTranslatef
glIndexiv
glGetTexLevelParameterfv
glRasterPos2iv
glNormal3i
glTexParameterfv
wglGetLayerPaletteEntries
glRasterPos3i
glRectiv
glColor3d
glAccum
GlmfInitPlayback
glEvalCoord1f
glColorMask
glVertex4d
glVertex4f
glGetTexParameterfv
glPixelMapuiv
glDisable
glVertex4i
glMapGrid2d
glBindTexture
glRasterPos4fv
glGetPixelMapuiv
glVertex4dv
glTexCoord3d
glCopyTexSubImage1D
glTexCoord4f
glRenderMode
glFogfv
glTexCoord4d
glGetFloatv
glPixelZoom
glColor4f
glGetClipPlane
glViewport
glIndexMask

w32topl

ToplEdgeSetToVertex
ToplGraphDestroy
ToplListFree
ToplGraphSetVertexIter
ToplGraphFree
ToplGraphMakeRing
ToplListNumberOfElements
ToplHeapCreate
ToplIterGetObject
ToplVertexSetId
ToplHeapInsert
ToplVertexGetParent
ToplEdgeSetFromVertex
ToplGraphCreate
ToplListAddElem
ToplHeapDestroy
ToplVertexInit
ToplEdgeGetWeight
ToplVertexCreate
ToplGraphAddVertex
ToplHeapIsElementOf
ToplGraphFindEdgesForMST
ToplIterFree
ToplEdgeDestroy
ToplVertexGetInEdge
ToplHeapIsEmpty
ToplGraphInit
ToplGraphNumberOfVertices
ToplEdgeCreate
ToplVertexGetId
ToplHeapExtractMin
ToplFree
ToplListCreate
ToplGraphRemoveVertex
ToplEdgeSetWeight
ToplEdgeFree
ToplVertexDestroy
ToplListSetIter
ToplVertexSetParent
ToplVertexNumberOfInEdges
ToplIterCreate
ToplVertexFree
ToplSetAllocator
ToplEdgeDisassociate
ToplListRemoveElem
ToplIterAdvance
ToplEdgeInit
ToplVertexGetOutEdge
ToplIsToplException

kernel32

GetSystemDefaultUILanguage
SetThreadPriorityBoost
SetConsoleCursorInfo
RegisterWaitForSingleObject
VirtualAlloc
CancelWaitableTimer
SetLastConsoleEventActive
ScrollConsoleScreenBufferW
ReadFile
SetDefaultCommConfigW
SetErrorMode
GetThreadTimes
GetVolumePathNameW
EndUpdateResourceW
GetDiskFreeSpaceExA
RequestDeviceWakeup
SetConsoleNlsMode
Heap32ListFirst
SetTimerQueueTimer
FoldStringA
EnumLanguageGroupLocalesW
GetStartupInfoW
Module32First
BeginUpdateResourceW
BuildCommDCBAndTimeoutsA
LoadLibraryA
SetTermsrvAppInstallMode
GetProcAddress
OpenJobObjectW
MapUserPhysicalPagesScatter
GetModuleHandleA
WriteConsoleA
GetThreadContext
CreateSemaphoreW

dsauth

StoreCreateObjectVA
DhcpDsInitDS
DhcpEnumServersDS
DhcpAddServerDS
StoreBeginSearch
DhcpDsAddServer
StoreEndSearch
StoreGetHandle
StoreSearchGetNext
StoreCleanupHandle
DhcpDeleteServerDS
DhcpDsGetRoot
DhcpDsGetAttribs
DhcpDsDelServer
DhcpDsCleanupDS
DhcpDsEnumServers
DhcpDsGetLists
StoreCollectAttributes
DhcpDsValidateService
StoreDeleteObject
StoreSetSearchSubTree
StoreInitHandle
StoreSetSearchOneLevel
DhcpDsSetLists

msxbde40

DllUnregisterServer
DllRegisterServer

mspatcha

GetFilePatchSignatureW
ApplyPatchToFileW
TestApplyPatchToFileA
ApplyPatchToFileExW
ApplyPatchToFileA
ApplyPatchToFileByHandlesEx
ApplyPatchToFileExA
GetFilePatchSignatureA
ApplyPatchToFileByHandles
TestApplyPatchToFileByHandles
TestApplyPatchToFileW

d3d8

ValidateVertexShader
Direct3DCreate8
DebugSetMute

Sections

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

846b526a267d2a0b704a0c959c0a85d4

Headers

File Characteristics

Imports

crtdll

ntlanman

wsock32

msafd

secur32

opengl32

w32topl

kernel32

dsauth

msxbde40

mspatcha

d3d8

Sections

.rdata Size: 21KB - Virtual size: 21KB

.data Size: - Virtual size: 2.0MB

.text Size: 408KB - Virtual size: 407KB

.rsrc Size: 2KB - Virtual size: 1KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: - Virtual size: 2.0MB

.text
Size: 408KB - Virtual size: 407KB

.rsrc
Size: 2KB - Virtual size: 1KB