bb91c5f02cdd8a52b58b557fc296906cf8f0680ac5330c060a7be8de5e1e001d

Sharing

Copy URL

Twitter E-mail

General

Target

bb91c5f02cdd8a52b58b557fc296906cf8f0680ac5330c060a7be8de5e1e001d
Size

854KB
MD5

6c87d5162538f6c5c57ec04ede8469a6
SHA1

0697520f233eeb19dab49d7ba0999a874d322860
SHA256

bb91c5f02cdd8a52b58b557fc296906cf8f0680ac5330c060a7be8de5e1e001d
SHA512

6af1ad5a59e86ecc26c61d87a5bba038b3c2abfdbd75e4d963193b35c780182e30246ebcd3b2c159056f10fcd1b52505f4101b234d0becad3c240826488f56de
SSDEEP

24576:j+qzkT/ZAivqXWz+8UVJww6MListxS7L1eQ:jy/ZAiVzxG6miv7Z

Score

N/A

Malware Config

Signatures

Files

bb91c5f02cdd8a52b58b557fc296906cf8f0680ac5330c060a7be8de5e1e001d
.exe windows x86

3bc9ba2d2eaa596439037d8576d4337e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleNumberOfCommandsA
GlobalGetAtomNameW
SystemTimeToTzSpecificLocalTime
GetProcAddress
GlobalAddAtomA
GetConsoleAliasExesLengthA
CreateActCtxA
GetProcessHeap
GetModuleFileNameA
LoadResource
VirtualAlloc
LCMapStringA
LoadLibraryA
HeapCreate
GetProcessWorkingSetSize
GetAtomNameA
CommConfigDialogW
ReadConsoleOutputA
BaseFlushAppcompatCache
CreateDirectoryExA
IsValidCodePage
SetVolumeLabelA
RtlMoveMemory
IsValidLocale
BindIoCompletionCallback
IsBadWritePtr
GetFileSize
BackupRead
LockFile
DeleteFiber
UnregisterConsoleIME
lstrcmpA
AddAtomA
GetConsoleDisplayMode
GetEnvironmentVariableA
GetTickCount
CreateRemoteThread
SetFilePointerEx
DeleteTimerQueueTimer
PeekConsoleInputW
LocalFlags

opengl32

glRectsv
glNormal3fv
glEvalCoord1f
GlmfEndGlsBlock
glMapGrid2d
glVertex4f
glTexCoord3sv
GlmfInitPlayback
glGetLightfv
glPixelTransferf
glGetTexParameterfv
glTexEnvf
glCopyTexSubImage2D
glPushAttrib
wglDescribeLayerPlane
wglGetLayerPaletteEntries
glRecti
glSelectBuffer
glFeedbackBuffer
wglUseFontBitmapsW
glIndexMask
glVertex3dv
glCallLists
glTexImage2D

winsta

_WinStationReInitializeSecurity
ServerLicensingGetPolicyInformationA
WinStationShadowStop
WinStationRenameW
WinStationShutdownSystem
ServerLicensingClose
ServerLicensingSetPolicy
ServerLicensingGetPolicyInformationW
WinStationConnectA
WinStationIsHelpAssistantSession
WinStationQueryLicense
WinStationOpenServerA
WinStationQueryLogonCredentialsW
WinStationSendWindowMessage
WinStationReset
WinStationGetTermSrvCountersValue
ServerLicensingGetPolicy
_WinStationUpdateSettings
WinStationRegisterConsoleNotification

rastapi

PortSetIoCompletionPort
DeviceEnum
DeviceListen
PortTestSignalState
PortReceive
DeviceSetDevConfig
PortGetIOHandle
PortSetInfo
SetCommSettings
PortGetInfo
PortCompressionSetInfo
PortClose
PortChangeCallback
PortGetStatistics
PortGetPortState
GetConnectInfo
DeviceSetInfo

Sections

.text
Size: 755KB - Virtual size: 754KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bc9ba2d2eaa596439037d8576d4337e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

opengl32

winsta

rastapi

Sections

.text Size: 755KB - Virtual size: 754KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 4KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 755KB - Virtual size: 754KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 4KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB