ef1195f43b2696e9ebc3d75b1013c9ecaf80b8162556b52193e8decd6dbbcbb9

Sharing

Copy URL

Twitter E-mail

General

Target

ef1195f43b2696e9ebc3d75b1013c9ecaf80b8162556b52193e8decd6dbbcbb9
Size

116KB
MD5

14322cc9cc07a665242c07129df33e70
SHA1

b364373f2aad2a15011286337b10594ed8c3de26
SHA256

ef1195f43b2696e9ebc3d75b1013c9ecaf80b8162556b52193e8decd6dbbcbb9
SHA512

50809acb32b333cc3e33ad364ec1735557f9e7c1ca55c1f474faea5da8e190bf9f43f70730e46007a80ef7a52e95735982e185f15a257b0c2e3a5f8bb05dea28
SSDEEP

3072:OJ2iQ53FZNHbm7pzaIc8E7gO/HuNsisTaxm:OEic8AgaLi5c

Score

N/A

Malware Config

Signatures

Files

ef1195f43b2696e9ebc3d75b1013c9ecaf80b8162556b52193e8decd6dbbcbb9
.dll windows x86

0d3a6c108754803d5f87874dc9d8ac63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
OpenSemaphoreW
GetLocaleInfoA
OpenConsoleW
QueryPerformanceCounter
OpenWaitableTimerA
SetEnvironmentVariableA
ReadConsoleOutputA
GetProfileStringA
SetConsoleWindowInfo
CloseConsoleHandle
DosDateTimeToFileTime
GetFileAttributesW
GetCurrentDirectoryA
VirtualProtect
WaitForDebugEvent
WriteConsoleOutputW
GetProcAddress
GetCompressedFileSizeW
FatalAppExitW
SetLocaleInfoA
EnumDateFormatsW
SetConsoleNumberOfCommandsA
SetEndOfFile
Heap32ListFirst
WaitForMultipleObjectsEx
GetProfileIntW
ReadConsoleOutputCharacterW
UnlockFileEx
GetTickCount
GetModuleHandleA
FindFirstFileExA
OpenFile
LocalFree
GetThreadTimes
TlsAlloc
GetNamedPipeHandleStateW
VerLanguageNameW
SetNamedPipeHandleState
SetLastError
GetLocalTime
WriteProfileSectionA
WriteConsoleOutputCharacterW
FreeEnvironmentStringsA
RtlZeroMemory
SetComputerNameW
GlobalHandle
RegisterWowBaseHandlers
GlobalFlags
SetConsoleKeyShortcuts
GetSystemTime
GetPrivateProfileSectionNamesA
SetConsoleScreenBufferSize
CancelWaitableTimer
InitializeCriticalSection
FreeLibrary
SetUnhandledExceptionFilter
SetCommBreak
SetThreadPriorityBoost
GetProcessPriorityBoost
ReadConsoleW
FileTimeToDosDateTime
ExpungeConsoleCommandHistoryA
LocalShrink
SetDefaultCommConfigW
OpenFileMappingA
BackupRead
GetCommModemStatus
GetComputerNameA
CreateMutexA
GlobalDeleteAtom
GetStringTypeW
CreateConsoleScreenBuffer
ReadConsoleOutputCharacterA
DeleteVolumeMountPointW
CreateEventW
CompareStringA
SetSystemTime
GetProcessHeaps
OutputDebugStringA
VerifyConsoleIoHandle
SetSystemTimeAdjustment
ConvertDefaultLocale
GetThreadPriority
VirtualFreeEx
DebugBreak
GetHandleInformation
GetVersion
LoadLibraryA
VirtualAlloc
IsValidLocale

gdi32

GetCharWidthI
TranslateCharsetInfo
CreatePatternBrush
CreateMetaFileA
DescribePixelFormat
SetDIBits
DeleteDC
GdiPlayDCScript
EndPath
GetCharWidthW
CloseFigure
GetColorAdjustment
EqualRgn
FillPath
SetMetaFileBitsEx
UpdateICMRegKeyW
GetMetaRgn
GdiEndPageEMF
StrokeAndFillPath
PolyBezierTo
PatBlt
ExcludeClipRect
EndPage
CopyEnhMetaFileW
GetCharWidthA
CreateRectRgnIndirect
SelectObject
ExtCreateRegion
Arc
CreateScalableFontResourceA
GetGlyphOutlineW
GetTextExtentPointA
IntersectClipRect
ExtTextOutW
GetColorSpace
AbortDoc
GetViewportExtEx
GetTextFaceW
ExtTextOutA
LineTo
CreateCompatibleBitmap
FillRgn
GdiDeleteSpoolFileHandle
GetSystemPaletteUse
GetDeviceCaps
StretchBlt
GetFontUnicodeRanges
ScaleViewportExtEx
CancelDC
SetWindowOrgEx
ScaleWindowExtEx
ColorCorrectPalette
CreateRectRgn
GdiComment
EndDoc
DeviceCapabilitiesExW
SetTextColor
SetBkColor
RemoveFontResourceExW
SetPixelFormat
SetPixelV
GetGlyphIndicesW
SetICMMode
GetRgnBox
GetOutlineTextMetricsW
CombineRgn
CreateFontIndirectW
GetObjectA
CreateCompatibleDC
CreateDIBPatternBrushPt
SetWorldTransform
UpdateICMRegKeyA
GetEnhMetaFileHeader
BeginPath
GetStockObject

advapi32

SetEntriesInAuditListA
CryptGenRandom
RegNotifyChangeKeyValue
RegCreateKeyA
FreeSid
CryptVerifySignatureW
AccessCheck
CryptHashSessionKey
ReadEventLogW
CryptDuplicateHash
StartServiceCtrlDispatcherA
GetTrusteeTypeA
SystemFunction024
QueryServiceObjectSecurity
CryptSetProvParam
AdjustTokenGroups
LsaGetQuotasForAccount
ElfOpenBackupEventLogW
ConvertToAutoInheritPrivateObjectSecurity
LogonUserA
LsaCreateAccount
OpenEventLogA
LsaOpenPolicy
RegDeleteKeyA
RegisterServiceCtrlHandlerA
BuildImpersonateExplicitAccessWithNameW
CryptHashData
GetSecurityDescriptorLength
ImpersonateSelf
OpenServiceW
AccessCheckAndAuditAlarmW
SystemFunction008
GetSidIdentifierAuthority
DuplicateToken
GetFileSecurityW
LookupPrivilegeDisplayNameW
ConvertStringSidToSidW
GetPrivateObjectSecurity
ConvertSidToStringSidW
LsaQueryInfoTrustedDomain
GetSecurityDescriptorSacl
CloseServiceHandle
ChangeServiceConfigW
CryptSetProviderA

opengl32

glRasterPos4s
glTexCoord1dv
glVertex3s
glLightModeli
glGetString
glGetTexGeniv
wglMakeCurrent
glColor4i
glMap2f
glEnableClientState
glTexCoord2s
glGetMaterialfv
glRasterPos3f
glLightfv
glColor4d
glColor4f
glRasterPos3fv
glLoadMatrixd
glGetPolygonStipple
glColor3i
wglSetLayerPaletteEntries
glPixelTransferi
glTexCoord4i
glPixelStorei
glShadeModel
glVertex3d
glEnd
wglUseFontOutlinesW
glVertex4i
glMapGrid2d
glColor3sv
wglGetPixelFormat
glColor4ui
glGetIntegerv
glLighti
glColor3bv
glColor3us
glGetTexGenfv
glDrawElements
glArrayElement
glRectdv
glDepthFunc
glColor3f
glFlush
glColor3ub
wglDeleteContext
wglCreateContext
glMap2d
glLineWidth
glCopyTexImage1D
GlmfEndPlayback
glIsEnabled
glColor3s
glTranslatef
glIndexf
glCallLists
glTexCoord3d
glGetMaterialiv
glPrioritizeTextures
glTexCoord3dv
glMultMatrixd
glLightModelfv

shell32

ExtractIconW
StrCmpNA
SHBrowseForFolderW
FreeIconList
ord179
StrCmpNIA
SHGetSpecialFolderPathW
SHUpdateRecycleBinIcon
ord180
StrChrA
StrStrIW
StrStrA
SHInvokePrinterCommandA
SHFreeNameMappings
DoEnvironmentSubstA
Shell_NotifyIconW
DoEnvironmentSubstW
StrRStrIA
StrRChrA
ExtractIconExA
DuplicateIcon
StrStrW
StrRStrA
StrRChrW
StrRChrIA
CommandLineToArgvW
SheChangeDirExW
SHLoadInProc
SHFileOperationW
SHFileOperationA
SHGetFileInfoW
StrChrW
SHGetDesktopFolder
SHGetMalloc
SHGetSpecialFolderPathA
SHFormatDrive
SheGetDirA
DragQueryFileAorW
StrNCmpA
DragQueryPoint
RegenerateUserEnvironment
ShellHookProc
SHGetDataFromIDListW
ExtractAssociatedIconW
FindExecutableA
SHGetDiskFreeSpaceA
SHGetDataFromIDListA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetInstanceExplorer
SHBrowseForFolderA
ExtractAssociatedIconExA
Shell_NotifyIconA
FindExecutableW
SHAppBarMessage
InternalExtractIconListW
StrChrIA
SHQueryRecycleBinW
ExtractIconExW
StrStrIA
SHGetSettings
StrNCmpW
StrRChrIW
StrCmpNIW
SHEmptyRecycleBinA
StrChrIW
StrNCmpIW
SheSetCurDrive
SHInvokePrinterCommandW
SHAddToRecentDocs
SHEmptyRecycleBinW
DragFinish
ShellAboutW
StrNCmpIA
ExtractAssociatedIconExW
StrRStrIW
DragQueryFileW
DragAcceptFiles
StrCmpNW
ExtractAssociatedIconA
SHGetPathFromIDListW
CheckEscapesW
SHGetFileInfoA
ExtractIconA
ShellAboutA

msvcrt

_mbsicoll
_mbsnbcmp
_mbsspn
_mbsdec
_mbsncoll
_mbsstr
_mbscspn
_mbsninc
_mbsnbcoll
_access
_wrename
_filelengthi64
asin
malloc
strcoll
__lc_codepage
_gcvt
strerror
qsort
fputc
fclose
fputs
_ftime
tmpnam
strcpy
_mbsbtype
_fpclass
fscanf
__p__daylight
_Strftime
_expand
_execlpe
_hypot
__unguarded_readlc_active
_wrmdir
_wunlink
memset
_splitpath
_CIacos
_dup2
fopen
strcmp
fseek
_mbsdup
iswlower
_CIsqrt
__p__wenviron
_tolower
fwrite
__set_app_type
_wcsncoll
_CItanh
fwprintf
_logb
_lsearch
_atoldbl
memchr
isleadbyte
printf
system
_EH_prolog
__crtGetLocaleInfoW
fabs
_cabs
__p___initenv
_strdup
_outpd
__unDName
_findfirst
_initterm
_msize
_mbsnbcat
strtod
fprintf
_tzname
_scalb
_unlock
sprintf
towlower
localtime
_ungetch
_CxxThrowException
_unlink
ferror
iswcntrl
_adjust_fdiv
_getpid
_mbsnset
_i64toa
_mbsncat
_outp
vfprintf
_mbctokata
__p___argv
_creat
fsetpos
getwc
_wspawnlp
feof
ftell
_putws
fread
_i64tow

Exports

Exports

Etlxjel
Hmxk
Jqftdacq
Ncsmkbcxs
Nkgfptvomv
Qzwyj
Sagzd
Tbztsovie
Ygxbodnmcx
Zojstajbr

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d3a6c108754803d5f87874dc9d8ac63

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

opengl32

shell32

msvcrt

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 52KB - Virtual size: 50KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 52KB - Virtual size: 50KB

.reloc
Size: 8KB - Virtual size: 5KB