90479e98de57bbbd938efa76d4bf48d8a344228cf22620843790530352c53977

Sharing

Copy URL Twitter E-mail

General

Target

90479e98de57bbbd938efa76d4bf48d8a344228cf22620843790530352c53977
Size

860KB
MD5

7834fa2837eb97250b5ae33d922408d6
SHA1

1cdbf2f0c6e63388639b2232d7a82a1679ab0926
SHA256

90479e98de57bbbd938efa76d4bf48d8a344228cf22620843790530352c53977
SHA512

b520dbe06b9b8bd8aa7df2bbc8998c9876c064260d02508a3183cbb592052984efc76909a2ca56c3ea47695ad043d766904c622249002dc6132f4f52857f0300
SSDEEP

24576:KxGgaiflXxMzREZmZcignObd1SnYFZZ0a7ns2DBIiS9bGizWyFMMsKo:fgFNxMlEsZBN/XFZPs6BfS9S+RuMsK

Score

N/A

Malware Config

Signatures

Files

90479e98de57bbbd938efa76d4bf48d8a344228cf22620843790530352c53977
.exe windows x86

ee8cbbdf5e2d4f6b72556022a30c8bf9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIStreamCreate
EditStreamClone
AVIStreamOpenFromFile
EditStreamSetInfo
AVIStreamGetFrame
AVIFileRelease
AVISaveVW
EditStreamSetName
IID_IAVIStream
AVIStreamSetFormat
IID_IAVIFile
AVIStreamRead
DllGetClassObject
AVIFileOpenW
AVIFileGetStream
AVIFileInfoA
EditStreamSetInfoW
AVIStreamInfoA
EditStreamSetInfoA
AVIStreamAddRef
AVISaveOptions
AVIStreamOpenFromFileA
AVIStreamTimeToSample
AVIMakeCompressedStream
AVIFileReadData
AVIStreamLength
AVIFileCreateStreamW
AVIPutFileOnClipboard
AVIClearClipboard
AVIFileOpen
AVIFileInfoW
AVIStreamInfo
AVIStreamReadData
CreateEditableStream
AVIStreamReadFormat
AVIStreamBeginStreaming
AVIFileEndRecord
AVIFileOpenA
EditStreamCut
AVISaveA

glu32

gluEndSurface
gluEndPolygon
gluEndCurve
gluQuadricNormals
gluLoadSamplingMatrices
gluGetNurbsProperty
gluDeleteQuadric
gluErrorString
gluTessProperty
gluTessNormal
gluNurbsCallback
gluTessVertex
gluTessBeginContour
gluDeleteTess
gluBuild1DMipmaps
gluErrorUnicodeStringEXT
gluPerspective
gluOrtho2D
gluGetTessProperty
gluProject
gluPickMatrix
gluSphere
gluScaleImage
gluTessCallback
gluCylinder
gluNurbsSurface
gluTessEndPolygon
gluDeleteNurbsRenderer
gluQuadricOrientation
gluBeginTrim
gluNewTess
gluNewNurbsRenderer
gluBeginCurve
gluNurbsCurve
gluNurbsProperty
gluBuild2DMipmaps
gluQuadricDrawStyle
gluUnProject
gluDisk
gluTessBeginPolygon
gluLookAt
gluQuadricCallback

kernel32

GetProcessHeap
QueryPerformanceCounter
SetFileAttributesA
VerifyVersionInfoA
ReadConsoleOutputCharacterW
GetConsoleAliasExesLengthA
Process32NextW
CloseProfileUserMapping
GlobalHandle
OpenProfileUserMapping
GlobalGetAtomNameW
GetTimeFormatW
GetTempPathA
LZCreateFileW
GetComputerNameW
GetDriveTypeW
FreeLibraryAndExitThread
CommConfigDialogW
lstrcmpiA
lstrcmpiW
VerSetConditionMask
GlobalSize
EnumLanguageGroupLocalesW
PrepareTape
QueueUserWorkItem
FindNextVolumeMountPointW
MulDiv
GetAtomNameA
CancelDeviceWakeupRequest
FileTimeToLocalFileTime
SetTapePosition
ReadConsoleInputA
VDMOperationStarted
WaitForMultipleObjects
EnumResourceLanguagesA
GetConsoleTitleA
GetLastError
ExpandEnvironmentStringsA
EnumSystemLanguageGroupsA
GetExitCodeProcess
GetConsoleCommandHistoryA
SetConsoleLocalEUDC
SetComputerNameA
LoadLibraryA
GetOEMCP
EnumResourceTypesA
GetComputerNameExA
SetDefaultCommConfigA
ReadDirectoryChangesW
SetFileApisToOEM
FindActCtxSectionGuid
GetConsoleScreenBufferInfo
GetProfileIntW
GetConsoleAliasExesLengthW
GetACP
RtlZeroMemory
SetVolumeLabelW
_llseek
WriteProcessMemory
GetVersion
OpenJobObjectW
FindAtomA
GlobalAddAtomA
VirtualAlloc
CallNamedPipeA

wininet

HttpCheckDavCompliance
FindNextUrlCacheContainerW
FtpDeleteFileW
GetUrlCacheConfigInfoA
InternetSetOptionExW
InternetReadFileExA
FtpCreateDirectoryW
HttpSendRequestExW
InternetGetConnectedStateExW
InternetTimeFromSystemTimeW
InternetConfirmZoneCrossingW
HttpOpenRequestA
FtpGetFileSize
FtpRenameFileW
InternetWriteFile
SetUrlCacheEntryInfoA
InternetQueryOptionW
HttpSendRequestW
RetrieveUrlCacheEntryStreamA
DeleteUrlCacheEntryA
InternetWriteFileExA
InternetAlgIdToStringW
IsHostInProxyBypassList
DeleteUrlCacheGroup
ForceNexusLookup
FindCloseUrlCache
GopherCreateLocatorA
InternetSetStatusCallbackW
FtpCreateDirectoryA
FtpGetCurrentDirectoryA
UnlockUrlCacheEntryFileA

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee8cbbdf5e2d4f6b72556022a30c8bf9

Headers

DLL Characteristics

File Characteristics

Imports

avifil32

glu32

kernel32

wininet

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 351KB - Virtual size: 351KB

.data Size: 156KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 351KB - Virtual size: 351KB

.data
Size: 156KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B