c97587b1aa39e5e33452fbf07f8466cc4d7ed4c35240c07a24b14e4030ca80c7

Sharing

Copy URL Twitter E-mail

General

Target

c97587b1aa39e5e33452fbf07f8466cc4d7ed4c35240c07a24b14e4030ca80c7
Size

819KB
MD5

95ce4cd42953de2801a7afc81500c057
SHA1

92688d5efe0cd9aff8aa67b5030e8c6772b179b4
SHA256

c97587b1aa39e5e33452fbf07f8466cc4d7ed4c35240c07a24b14e4030ca80c7
SHA512

a1a54e21abb8fb4c59ad2dfd584785cf308467c39027ac33be730c45fa5fc913358ba5ac67e96ae7e234d1ef4eea298c395fe1bb6d3743a0cf24ba2d3e967992
SSDEEP

12288:blE4LLPQs2xpx8S0h/HxksfegRanKa/NLIRcC93xKYThsOrDan+g+X3USiYrTI0t:JpPCC/R3R4/NcHC+aNE33iYrU0t

Score

N/A

Malware Config

Signatures

Files

c97587b1aa39e5e33452fbf07f8466cc4d7ed4c35240c07a24b14e4030ca80c7
.exe windows x86

2de30c4071069f8d80f60d60d87178ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromILockBytes
GetConvertStg
ReadFmtUserTypeStg
StgOpenStorageOnHandle
CoRegisterSurrogate
HBITMAP_UserFree
HMETAFILE_UserUnmarshal
OleRegEnumVerbs
HICON_UserSize
CoGetContextToken
CoGetObjectContext
CoTestCancel
CreateErrorInfo
OleLoadFromStream
OleCreateLinkEx
CoCreateGuid
CoRetireServer
UpdateDCOMSettings
OleRegGetUserType
CoPushServiceDomain
CoTaskMemAlloc
HBRUSH_UserUnmarshal
CoDosDateTimeToFileTime
HMETAFILE_UserMarshal
HBITMAP_UserUnmarshal

kernel32

MoveFileExW
EnumLanguageGroupLocalesW
VirtualAlloc
FindNextChangeNotification
LoadLibraryA
GetSystemTimeAsFileTime
GetTapePosition
SleepEx
GetNamedPipeHandleStateA
GetHandleInformation
LockFile
SetHandleContext
GetComputerNameA
CreateThread
RemoveDirectoryW
FindActCtxSectionGuid
GetFileType
VirtualFree
ExitProcess
SetComputerNameA
DeleteAtom
OpenFile
GetCurrencyFormatA
ExpandEnvironmentStringsA
GetModuleHandleA
QueryPerformanceCounter
SetLocalPrimaryComputerNameA
GlobalGetAtomNameW
WritePrivateProfileSectionA
SetConsoleLocalEUDC

glu32

gluBuild2DMipmaps
gluNewTess
gluNurbsProperty
gluNewQuadric
gluQuadricCallback
gluDeleteQuadric
gluScaleImage
gluBeginCurve
gluOrtho2D
gluEndCurve
gluLoadSamplingMatrices
gluNurbsCurve
gluQuadricNormals
gluQuadricOrientation
gluGetTessProperty
gluBeginSurface
gluEndTrim
gluEndPolygon
gluErrorUnicodeStringEXT
gluQuadricTexture
gluBeginTrim
gluPerspective
gluErrorString
gluTessNormal
gluSphere
gluNextContour
gluDeleteNurbsRenderer

oleaut32

VarCyRound
VarI2FromDate
VarBoolFromDec
VarDateFromUI1
VarCyInt
VarDecFix
VariantClear
SafeArrayCreateVector
VarFormatFromTokens
VectorFromBstr
VarR4FromI2
OleCreatePropertyFrame
SetVarConversionLocaleSetting
VarI2FromUI2
VarParseNumFromStr
VarUI1FromStr
OleLoadPictureFile
VarBstrCat
VarDecFromStr
VarUI8FromI8
VarCyAbs
OleIconToCursor
VarMod
VarI2FromUI1
VarR4FromR8
VarBstrCmp

Sections

.text
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2de30c4071069f8d80f60d60d87178ad

Headers

DLL Characteristics

File Characteristics

Imports

ole32

kernel32

glu32

oleaut32

Sections

.text Size: 372KB - Virtual size: 372KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 180KB - Virtual size: 1.6MB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 1024B - Virtual size: 896B

.text
Size: 372KB - Virtual size: 372KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 180KB - Virtual size: 1.6MB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 1024B - Virtual size: 896B