031772a9ae89546cb109ae9a6921647cba8ca14497c1e1ffcb4ceb831493cdd3

Sharing

Copy URL Twitter E-mail

General

Target

031772a9ae89546cb109ae9a6921647cba8ca14497c1e1ffcb4ceb831493cdd3
Size

115KB
MD5

5337ba08a692f81f5f022dd4f9ffb2b0
SHA1

957a830328f25f1365977a08bf00742fdf7c01da
SHA256

031772a9ae89546cb109ae9a6921647cba8ca14497c1e1ffcb4ceb831493cdd3
SHA512

5d4c41ccb3ee4ee79338f3698874b6217f0a210e602ac122ceaffc1b42fc6d99159e73c449db51a89e9ea714ce57129d241d29f55f2a0b88dea0d9b075410c32
SSDEEP

1536:qVKTBCDR01Aj7TG/ZbJYXtMgoA1G5aTr2/+EuwbywcuqeR4VzIHFttEVzIHFttzU:kKmvYJ+tMgoAEcIud7jV+EV+zV+

Score

N/A

Malware Config

Signatures

Files

031772a9ae89546cb109ae9a6921647cba8ca14497c1e1ffcb4ceb831493cdd3
.exe windows x86

71ed969fd11eba58d1a8fe7b70f79d6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

glu32

gluNurbsSurface
gluProject
gluNurbsCurve
gluNurbsCallback
gluNewNurbsRenderer
gluTessEndPolygon
gluBeginSurface
gluTessCallback
gluQuadricDrawStyle
gluQuadricNormals

user32

ChildWindowFromPointEx
IsChild
DestroyWindow
GetDesktopWindow
DialogBoxParamA
GetLastActivePopup
GetNextDlgGroupItem
EndDeferWindowPos
BeginDeferWindowPos
ShowWindowAsync
MessageBoxA

comctl32

ord17
FlatSB_GetScrollProp
DestroyPropertySheetPage
CreatePropertySheetPageA
PropertySheetA
ord6
FlatSB_SetScrollRange
FlatSB_SetScrollProp
CreatePropertySheetPageW
FlatSB_SetScrollInfo
ord5

advapi32

RegSaveKeyA
ClearEventLogW
ReportEventA
RegQueryValueA
GetTokenInformation
RegCreateKeyExA
RegisterEventSourceA

kernel32

WritePrivateProfileStringA
GetProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStructA
GetModuleHandleA
GetProcAddress
VirtualAlloc
GetLastError
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
WriteFile
InitializeCriticalSection
DeleteCriticalSection
ReadFile
GetCurrentDirectoryA
GetDriveTypeA
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar
SetStdHandle
CloseHandle
CreateFileA
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetEndOfFile
LCMapStringA
LCMapStringW

secur32

ApplyControlToken
DecryptMessage
CompleteAuthToken
VerifySignature
DeleteSecurityContext
ExportSecurityContext
EncryptMessage
AcceptSecurityContext
FreeCredentialsHandle
MakeSignature

ws2_32

listen
bind
setsockopt
accept
getprotobyname
getsockname
getprotobynumber
gethostname
shutdown
sendto
ioctlsocket
select
socket
inet_addr

activeds

ord5
ord17
ord15
ord18
ord3
ord7
ord4
ord14
ord19

dciman32

DCIBeginAccess

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71ed969fd11eba58d1a8fe7b70f79d6d

Headers

File Characteristics

Imports

glu32

user32

comctl32

advapi32

kernel32

secur32

ws2_32

activeds

dciman32

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 73KB - Virtual size: 73KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 73KB - Virtual size: 73KB