9a2e1c1e1ce5a1e38fb3de1de1ff6a412a5546bc0b1a9b9dd8296d3c8fdefc00

Sharing

Copy URL Twitter E-mail

General

Target

9a2e1c1e1ce5a1e38fb3de1de1ff6a412a5546bc0b1a9b9dd8296d3c8fdefc00
Size

42KB
MD5

8bfd5771a2994d51cb975f09c22f3554
SHA1

2bb407dca194c1682456812b1e43c0fa704ac55f
SHA256

9a2e1c1e1ce5a1e38fb3de1de1ff6a412a5546bc0b1a9b9dd8296d3c8fdefc00
SHA512

f0ef6972d873488d22f68efbc90c158e87bfedb48b92b4fac9ca76bff97d8e754adf142d433c9c3478a6cdb3be8bfe403b252ced0db6a6633683688a2f136609
SSDEEP

768:0yo39dZL2EZjLdpTKlFwfXuVtaR0YQUykG/mROidrLao:elZ3OlFwfXYdvUyr/mROiFLao

Score

N/A

Malware Config

Signatures

Files

9a2e1c1e1ce5a1e38fb3de1de1ff6a412a5546bc0b1a9b9dd8296d3c8fdefc00
.exe windows x86

e7575f0536a1738850658cf8e76c86cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

duser

GetGadgetTicket
PeekMessageExA
CreateGadget
DUserPostEvent
GetStdColorBrushF
InitGadgetComponent
CreateAction
SetGadgetMessageFilter
GetGadgetRect
GetStdColorI
DUserGetRotatePRID
DUserRegisterSuper
DUserGetAlphaPRID
GetActionTimeslice
UtilDrawOutlineRect
RegisterGadgetMessageString
InitGadgets
SetActionTimeslice
GetGadgetRgn
DUserSendEvent
GetDebug
GetGadgetAnimation
UtilGetColor
GetGadgetSize
GetStdColorName
GetStdColorPenI
FindGadgetMessages
GetGadgetCenterPoint
RemoveGadgetProperty
InvalidateGadget
GetGadgetMessageFilter
AttachWndProcA
WaitMessageEx
UtilBuildFont
IsGadgetParentChainStyle
GetGadgetBufferInfo
GetStdColorBrushI
IsStartDelete

dbghelp

SymGetOptions
SymEnumSymbols
SymFunctionTableAccess
SymGetModuleBase64
MapDebugInformation
SymGetSymNext64
SymLoadModule64
SymCleanup
ImagehlpApiVersionEx
ImagehlpApiVersion
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetSymFromAddr
FindDebugInfoFile
SearchTreeForFile
SymSetSearchPath
SymGetSymPrev
MiniDumpReadDumpStream
SymGetModuleInfo
StackWalk
ImageRvaToSection
SymFunctionTableAccess64
SymGetLineNext64
GetTimestampForLoadedLibrary
SymEnumerateModules64
SymGetLineNext
SymEnumTypes
SymFromAddr
SymUnloadModule64
SymGetSearchPath
SymRegisterFunctionEntryCallback
MakeSureDirectoryPathExists
SymEnumerateSymbols64

opengl32

glPopMatrix
glPassThrough
glGetMaterialfv
glViewport
glNormal3sv
glEvalCoord2d
glLineStipple
glColor3d
glGetTexLevelParameterfv
glRasterPos3dv
glTexGend
glTexImage2D
glRasterPos4d
glPixelStoref
glVertex2fv
glTexCoord4dv
glTexCoord4fv
glColor4bv
glNormal3b
glStencilOp
wglUseFontBitmapsW
glTexGeniv
glArrayElement
glMap1d
glVertex4d
glEvalPoint2
glIndexs
glTexCoord2f
glCopyTexSubImage2D
wglChoosePixelFormat
glRasterPos4s
glScissor
glTexSubImage1D
glDrawBuffer
glGetTexParameterfv
glDeleteTextures
glVertex3dv
glIndexub
glMaterialiv
glMaterialf
glCallLists
glColor4f
glVertex3iv
GlmfCloseMetaFile

icm32

CMCheckColorsInGamut
CMDeleteTransform
CMConvertColorNameToIndex
CMTranslateColors
CMCreateMultiProfileTransform
CMGetNamedProfileInfo
CMCheckRGBs
CMCreateTransformW
CMTranslateRGBsExt
CMCreateProfileW
CMCreateTransformExt
CMCheckColors
CMTranslateRGBs
CMIsProfileValid
CMCreateTransformExtW
CMTranslateRGB
CMCreateDeviceLinkProfile
CMConvertIndexToColorName
CMGetInfo
CMCreateProfile
CMCreateTransform

msdart

?SetSpinCount@CCritSec@@SGKPAPAVCCriticalSection@@K@Z
?SetDefaultSpinCount@CFakeLock@@SGXG@Z
?IsWriteUnlocked@CSpinLock@@QBE_NXZ
?SetDefaultSpinCount@CCritSec@@SGXG@Z
?Apply@CLKRLinearHashTable@@QAEKP6G?AW4LK_ACTION@@PBXPAX@Z1W4LK_LOCKTYPE@@@Z
?ReadUnlock@CReaderWriterLock2@@QAEXXZ
?sm_wDefaultSpinCount@CCritSec@@1GA
?ReadOrWriteLock@CReaderWriterLock3@@QAE_NXZ
?InsertHead@CDoubleList@@QAEXQAVCListEntry@@@Z
??0CReaderWriterLock2@@QAE@XZ
?_AddRefRecord@CLKRLinearHashTable@@ABEXPBXH@Z
?IsEmpty@CLockedDoubleList@@QBE_NXZ
?DeleteRecord@CLKRLinearHashTable@@QAE?AW4LK_RETCODE@@PBX@Z
?IsWriteLocked@CReaderWriterLock@@QBE_NXZ
?ConvertExclusiveToShared@CSpinLock@@QAEXXZ
?IsUsable@CLKRLinearHashTable@@QBE_NXZ
?SetDefaultSpinAdjustmentFactor@CFakeLock@@SGXN@Z
?DeleteIf@CLKRLinearHashTable@@QAEKP6G?AW4LK_PREDICATE@@PBXPAX@Z1@Z
?WriteUnlock@CReaderWriterLock@@QAEXXZ
?NumSubTables@CLKRHashTable@@QBEHXZ
?IsReadUnlocked@CLKRHashTable@@QBE_NXZ
?sm_wDefaultSpinCount@CReaderWriterLock2@@1GA
?NumSubTables@CLKRLinearHashTable@@QBEHXZ
?TryWriteLock@CCritSec@@QAE_NXZ
MpGetHeapHandle
?ValidSignature@CLKRHashTable@@QBE_NXZ
?IsWin95@CMdVersionInfo@@SAHXZ
??1CSingleList@@QAE@XZ
?Pop@CSingleList@@QAEQAVCSingleListEntry@@XZ

kernel32

GlobalAddAtomA
GetTempFileNameW
GetVolumeInformationW
LeaveCriticalSection
QueryDepthSList
HeapSummary
FindNextVolumeW
GetEnvironmentStrings
GetConsoleTitleA
ContinueDebugEvent
CreateSocketHandle
ReadConsoleInputW
VerifyConsoleIoHandle
VirtualAlloc
GetBinaryType
EnumSystemLocalesW
SetConsoleMaximumWindowSize
ExitProcess
SetProcessShutdownParameters
HeapQueryInformation
GetCPInfo
FindFirstFileA
GetNextVDMCommand
ReadConsoleW
AreFileApisANSI
GetConsoleAliasExesW
SetCalendarInfoW
LoadLibraryA
IsProcessorFeaturePresent
DeleteCriticalSection
WritePrivateProfileSectionA
AllocateUserPhysicalPages
FreeEnvironmentStringsA
WideCharToMultiByte
EnumUILanguagesA
_lclose
RtlMoveMemory
PeekConsoleInputA
GetModuleHandleW
GetModuleHandleExW
EnterCriticalSection
ConsoleMenuControl
Module32FirstW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7575f0536a1738850658cf8e76c86cc

Headers

DLL Characteristics

File Characteristics

Imports

duser

dbghelp

opengl32

icm32

msdart

kernel32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 61KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 61KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 1024B