b21e31cfa9c75fec08df9aa2ef2e863e772cf9784b29ccc2fd8fb6bdd0c00bb8

Sharing

Copy URL Twitter E-mail

General

Target

b21e31cfa9c75fec08df9aa2ef2e863e772cf9784b29ccc2fd8fb6bdd0c00bb8
Size

169KB
MD5

bf6d9171ec1b175f40f99f4167029528
SHA1

a2eb392b08d3a7b2b8f80cfb07c209e46cc9d304
SHA256

b21e31cfa9c75fec08df9aa2ef2e863e772cf9784b29ccc2fd8fb6bdd0c00bb8
SHA512

12b20090c5db30b944c0e5ec0058e813e606404d9c6c2b086f3ecce2387afeb35e54726fc3f81d3ddbe840a59578999a6b7067b27685e46296b87643e3ede5ac
SSDEEP

3072:m3xCtKq0WiAaEIsng0CUkXdHJcA13VIbsmZ0jV8v:ExUKyvajs+UopcAN1ev

Score

N/A

Malware Config

Signatures

Files

b21e31cfa9c75fec08df9aa2ef2e863e772cf9784b29ccc2fd8fb6bdd0c00bb8
.exe windows x86

d2066710d0a97d494f64295483d20c73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
TranslateMessage
GetParent
GetDesktopWindow
CharNextA
GetDC

gdi32

GetTextMetricsA
GetDeviceCaps
DeleteObject
CreateCompatibleDC
CreateFontIndirectA
GetStockObject
RestoreDC
RectVisible
GetPixel
GetClipBox
CreatePen
SetTextColor
LineTo
CreatePalette
PatBlt
SetStretchBltMode
DeleteDC
SetMapMode
CreateSolidBrush
SaveDC
SelectObject
SelectPalette
GetObjectA
SetTextAlign

kernel32

GetCurrentProcessId
DeleteFileW
GlobalFindAtomW
GetTickCount
lstrcmpiA
lstrlenA
RemoveDirectoryA
lstrlenW
MulDiv
GetCurrentThreadId
GetStartupInfoA
GetModuleHandleW
GlobalFindAtomA
GetCommandLineA
GetDriveTypeA
lstrcmpA
GetWindowsDirectoryA
GetUserDefaultLangID
SetCurrentDirectoryA
GetACP
DeleteFileA
GetCommandLineW
IsDebuggerPresent
GetConsoleOutputCP
lstrcmpiW
GetCurrentProcess
VirtualAlloc
VirtualFree
GetCurrentThread
QueryPerformanceCounter
GetProcessHeap
GetThreadLocale
CopyFileA
GetOEMCP
GetModuleHandleA

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Gycbqtgb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Wmgqxjlj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2066710d0a97d494f64295483d20c73

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Gycbqtgb Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Wmgqxjlj Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 30KB - Virtual size: 108KB

.text
Size: 10KB - Virtual size: 10KB

Gycbqtgb
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Wmgqxjlj
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 30KB - Virtual size: 108KB