ae6862ecb063a868dc39023ec2330a70cbb8f3e1eb9649e9b32556cceb79e5ec

Sharing

Copy URL Twitter E-mail

General

Target

ae6862ecb063a868dc39023ec2330a70cbb8f3e1eb9649e9b32556cceb79e5ec
Size

822KB
MD5

ef9ad8e13c77c3aa684b3a6a3cf1d29b
SHA1

2690882bcb91a9400824709fe4d039e7ec916088
SHA256

ae6862ecb063a868dc39023ec2330a70cbb8f3e1eb9649e9b32556cceb79e5ec
SHA512

38b2008cfb36e9068a216f1f9aa4be6d6c2be544fcca206f22673d1a14f6244477dd3228c4c057fe4d5718c1aa0be0855757f0b1474446f9c0d650355e44df17
SSDEEP

12288:LMhmshmslnxB+3jInV68XuiGO6YozrzxCtCY2XLNvfHx/tqwtJQbhbxDvw:LMpQsSInV68XuqRErtM27Nvu8J0Dvw

Score

N/A

Malware Config

Signatures

Files

ae6862ecb063a868dc39023ec2330a70cbb8f3e1eb9649e9b32556cceb79e5ec
.exe windows x86

d3bcabb143fadccd1fc552971f8ca559

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlCopyString
RtlComputeImportTableHash
ZwOpenEventPair
NtLockFile
ZwDuplicateObject
NtOpenFile
ZwWaitHighEventPair
ZwResetEvent
LdrSetAppCompatDllRedirectionCallback
NtQueryKey
NtTerminateJobObject
NtDuplicateToken
RtlLookupElementGenericTable
towlower
CsrCaptureTimeout
KiRaiseUserExceptionDispatcher
NtAccessCheckByTypeResultList
wcstombs
ZwCreateSection
NtQueryFullAttributesFile
ZwCreateMailslotFile
NtLoadDriver
NtOpenSection
ZwAccessCheckByTypeAndAuditAlarm
ZwCloseObjectAuditAlarm
ZwOpenFile
RtlRestoreLastWin32Error
NtEnumerateKey

glu32

gluLoadSamplingMatrices
gluDeleteQuadric
gluBeginSurface
gluDeleteTess
gluEndTrim
gluErrorString
gluQuadricOrientation
gluNurbsCurve
gluQuadricCallback
gluBeginCurve
gluUnProject
gluNewTess
gluTessBeginContour
gluScaleImage
gluProject
gluNewNurbsRenderer
gluSphere
gluBuild2DMipmaps
gluDisk
gluTessProperty
gluQuadricTexture
gluCylinder
gluPerspective
gluNextContour
gluGetTessProperty
gluErrorUnicodeStringEXT
gluTessVertex
gluQuadricDrawStyle
gluGetString

ole32

STGMEDIUM_UserMarshal
StgOpenStorageOnILockBytes
WriteClassStg
WriteStringStream
HkOleRegisterObject
OleCreateDefaultHandler
DllGetClassObjectWOW
CreateDataCache
CreateFileMoniker
CoRegisterMessageFilter
CreateDataAdviseHolder
CoInitializeSecurity
OleRegEnumFormatEtc
CoGetClassVersion
OleCreateEmbeddingHelper
OleGetAutoConvert
OleRegEnumVerbs
CLIPFORMAT_UserSize

kernel32

SetCalendarInfoW
QueryPerformanceCounter
WriteConsoleInputVDMW
GetVolumeNameForVolumeMountPointW
GetConsoleAliasExesLengthA
SetFileApisToOEM
SetTimerQueueTimer
FormatMessageA
GlobalSize
GetSystemTimeAdjustment
Toolhelp32ReadProcessMemory
OpenConsoleW
GetCurrentThread
IsBadStringPtrW
WritePrivateProfileStringA
LocalShrink
GetExitCodeProcess
SetComPlusPackageInstallStatus
CreateHardLinkA
BaseDumpAppcompatCache
lstrcpyW
BaseCheckAppcompatCache
LoadLibraryW
GetModuleHandleW
RemoveDirectoryA
GetLocaleInfoA
HeapLock

advapi32

QueryTraceA
QueryServiceLockStatusA
CryptDestroyKey
RegDeleteKeyW
CryptReleaseContext
InstallApplication
IsTokenUntrusted
QueryServiceLockStatusW
GetSecurityDescriptorRMControl
LsaLookupNames
ConvertSecurityDescriptorToStringSecurityDescriptorW
CreateProcessAsUserW

Sections

.text
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3bcabb143fadccd1fc552971f8ca559

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

glu32

ole32

kernel32

advapi32

Sections

.text Size: 363KB - Virtual size: 363KB

.rdata Size: 122KB - Virtual size: 121KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 145KB - Virtual size: 145KB

.reloc Size: 1024B - Virtual size: 828B

.text
Size: 363KB - Virtual size: 363KB

.rdata
Size: 122KB - Virtual size: 121KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 145KB - Virtual size: 145KB

.reloc
Size: 1024B - Virtual size: 828B