8aa26f503bf7ce496e5716c68ebbfac3406cf7f9e0ed8b4f17e68560af51cc84

Sharing

Copy URL Twitter E-mail

General

Target

8aa26f503bf7ce496e5716c68ebbfac3406cf7f9e0ed8b4f17e68560af51cc84
Size

167KB
MD5

1d578c430884eea89e96d06b49361120
SHA1

867bc7e3512f37154e5341c12f246c9a92e36fb4
SHA256

8aa26f503bf7ce496e5716c68ebbfac3406cf7f9e0ed8b4f17e68560af51cc84
SHA512

6bfa363fe53cd455dc500a80a304c00d2b6f405069dde4673499ad80a272a48d1e22bd8ca0f05ca967fa1afaed54e570909a380e8d67c69b03904869f7905425
SSDEEP

3072:8xnN20OhB5uBfAY4L5S1FEn+KOhYiosAROp:8Hqg4LorcbRW

Score

N/A

Malware Config

Signatures

Files

8aa26f503bf7ce496e5716c68ebbfac3406cf7f9e0ed8b4f17e68560af51cc84
.exe windows x86

1403c54cc2213bbeb6d33c1c77f8f96b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDC
CharNextA
GetDesktopWindow
TranslateMessage
GetParent

kernel32

lstrlenA
IsDebuggerPresent
lstrlenW
RemoveDirectoryA
MulDiv
SetCurrentDirectoryA
GetConsoleOutputCP
GetTickCount
GetWindowsDirectoryA
GlobalFindAtomW
GetCommandLineA
GetCurrentProcessId
GetOEMCP
GetUserDefaultLangID
GetModuleHandleW
lstrcmpiA
CopyFileA
GetCurrentThreadId
GetModuleHandleA
GetCommandLineW
GlobalFindAtomA
GetACP
GetProcessHeap
DeleteFileW
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
lstrcmpA
lstrcmpiW
GetVersion
GetDriveTypeA
GetThreadLocale
GetStartupInfoA
VirtualAlloc
VirtualFree

gdi32

LineTo
CreateCompatibleDC
SaveDC
RestoreDC
GetPixel
SetTextColor
CreatePen
CreateSolidBrush
PatBlt
GetTextMetricsA
RectVisible
GetDeviceCaps
DeleteDC
SelectObject
SetMapMode
CreateFontIndirectA
SetTextAlign
GetClipBox
SetStretchBltMode
SelectPalette
GetObjectA
GetStockObject
DeleteObject
CreatePalette

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Ovbmv Yj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Bueorg H
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1403c54cc2213bbeb6d33c1c77f8f96b

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Ovbmv Yj Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Bueorg H Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 29KB - Virtual size: 29KB

.text
Size: 10KB - Virtual size: 10KB

Ovbmv Yj
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Bueorg H
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 29KB - Virtual size: 29KB