5a7f4f5297c8384ec04758e3aac8470adfed017fff1c766430b0265edef55950

Sharing

Copy URL Twitter E-mail

General

Target

5a7f4f5297c8384ec04758e3aac8470adfed017fff1c766430b0265edef55950
Size

831KB
MD5

d023d1554c3a025b5d592e489122ea3c
SHA1

7ae3832db58028de74c0f01ad59e0e5083aabd7f
SHA256

5a7f4f5297c8384ec04758e3aac8470adfed017fff1c766430b0265edef55950
SHA512

33995cf3a0638b6f96f3b6457aa12948cc7d8c71b78a08b5d215469dddc1635d8bc929d25c0bc2f78ae9687f380c59b298fd0a46f3d1b48d0cde08898e04bf81
SSDEEP

12288:6RzD0Ip0p+xK0urng/OCg4KmZehRCqOeVsGxBbUTzavV5FjQM2wn9:6OIpoM2g/3g4PwhEJe3ja2vaw9

Score

N/A

Malware Config

Signatures

Files

5a7f4f5297c8384ec04758e3aac8470adfed017fff1c766430b0265edef55950
.exe windows x86

67c98842a01154d4dc204a85be6e3239

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
CreateTapePartition
InitializeCriticalSection
GetLogicalDrives
QueryPerformanceCounter
FormatMessageW
VerifyVersionInfoW
SetConsoleNumberOfCommandsW
SetFileApisToANSI
GetModuleHandleW
LoadLibraryW
GetCalendarInfoA
UnregisterConsoleIME
ReadProcessMemory
GetSystemDirectoryW
DeleteAtom
GetConsoleKeyboardLayoutNameW
CreateMailslotW
GetCurrentThread
SetPriorityClass
AllocateUserPhysicalPages
GetSystemWow64DirectoryA
SetConsoleIcon
DosPathToSessionPathW
SetProcessPriorityBoost
QueryDosDeviceW
GetUserDefaultUILanguage
GetCurrencyFormatA
GetCurrencyFormatW

user32

OffsetRect
InsertMenuA
DrawIcon
PtInRect
DefRawInputProc
DdeSetUserHandle
CopyImage
GetRawInputDeviceInfoW
CallMsgFilterA
DispatchMessageW
SetTimer
PrintWindow
GetWindowRgnBox
EnumWindowStationsA
WINNLSEnableIME
DlgDirListComboBoxW
GetDlgItem
ToUnicodeEx
CharNextExA
EnumDesktopsW

opengl32

glRasterPos4fv
glNormal3b
glNormal3dv
glEvalCoord1fv
glPolygonOffset
glInterleavedArrays
glRects
glRasterPos3s
wglSwapBuffers

winmm

mciSendStringA
mixerGetLineInfoA
mixerGetDevCapsW
midiInGetErrorTextA
timeGetTime
mmioDescend
mciDriverNotify
waveOutGetDevCapsW
timeBeginPeriod
mixerSetControlDetails
midiOutUnprepareHeader
mmioSetBuffer
midiOutClose
midiInGetID
waveInGetPosition
mciLoadCommandResource
mixerGetDevCapsA
mmioOpenW
waveOutGetErrorTextA
mmsystemGetVersion
midiStreamOpen
mmTaskCreate
joyReleaseCapture
joyGetPos

dhcpcsvc

DhcpPersistentRequestParams
DhcpRemoveDNSRegistrations
McastRequestAddress
DhcpNotifyConfigChange
McastEnumerateScopes
DhcpEnumClasses
DhcpRequestOptions
DhcpDelPersistentRequestParams
DhcpOpenGlobalEvent
DhcpUndoRequestParams
DhcpNotifyConfigChangeEx
DhcpRenewIpAddressLeaseEx
DhcpDeRegisterOptions
DhcpRegisterParamChange
DhcpAcquireParameters
DhcpReleaseIpAddressLeaseEx
DhcpStaticRefreshParams
DhcpCApiInitialize
McastApiCleanup

advapi32

LsaQueryInfoTrustedDomain
RegEnumKeyA
GetManagedApplications
FreeInheritedFromArray
WmiQuerySingleInstanceMultipleW
GetMultipleTrusteeOperationW
CredRenameW
WmiMofEnumerateResourcesA

Sections

.text
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67c98842a01154d4dc204a85be6e3239

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

opengl32

winmm

dhcpcsvc

advapi32

Sections

.text Size: 388KB - Virtual size: 387KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 157KB - Virtual size: 1.6MB

.rsrc Size: 162KB - Virtual size: 161KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 388KB - Virtual size: 387KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 157KB - Virtual size: 1.6MB

.rsrc
Size: 162KB - Virtual size: 161KB

.reloc
Size: 1024B - Virtual size: 844B