a781899ea36bf7288ee0f78c2fd7678d7788ec87cef175a50e328b95ac7a948d

Sharing

Copy URL Twitter E-mail

General

Target

a781899ea36bf7288ee0f78c2fd7678d7788ec87cef175a50e328b95ac7a948d
Size

865KB
MD5

6bf02bd7799f7ba2a0e062e25c5c65f8
SHA1

d5dea6804ea1b335e381ae88662fa73ffb1c38bd
SHA256

a781899ea36bf7288ee0f78c2fd7678d7788ec87cef175a50e328b95ac7a948d
SHA512

0d43833f6e81ce211680406344b034914079ed77d5a9633a27fd3954db26431d81e42c50e295db38072b5fcc6bf40108f85c55264ae1c98435da19e8a356f08f
SSDEEP

24576:j3tJzX/EK1UfT0LjRWOdEqwA2e6jSk5FAL7gJ/1L:/EK1UfwJPdEvAjwlJ/1

Score

N/A

Malware Config

Signatures

Files

a781899ea36bf7288ee0f78c2fd7678d7788ec87cef175a50e328b95ac7a948d
.exe windows x86

b0772f94b92d514be67de8b5a8868d1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

GlmfInitPlayback
glFlush
glLightModeliv
glFogiv
GlmfEndGlsBlock
glColor3i
glTexCoord2i
glOrtho
glAreTexturesResident
glLightfv
glClipPlane
glRasterPos2s
glPolygonOffset
glTexCoord1f
glTexCoord2dv
glFogi
glTexCoord4sv
glDisable
glEnableClientState
glCopyTexSubImage1D
glRasterPos4sv
glPixelStorei
glColor4us
glRectf
wglGetCurrentDC
glClearDepth
glTexCoord4iv
glTexGend
glMaterialf
glPolygonStipple
glTexParameteriv
glColor4uiv
glArrayElement
glPixelMapusv
glDrawElements
glRasterPos4i

cfgmgr32

CM_Set_HW_Prof_FlagsA
CM_Query_Arbitrator_Free_Size_Ex
CM_Dup_Range_List
CM_Get_Device_IDW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ExA
CM_Get_Log_Conf_Priority
CM_Add_ID_ExA
CM_Get_Device_Interface_List_ExA
CM_Open_Class_Key_ExA
CM_Add_Res_Des
CM_Get_Class_Name_ExA
CM_Create_DevNodeA
CM_Get_Device_Interface_ListW
CM_Free_Res_Des_Ex
CM_Find_Range
CM_Setup_DevNode_Ex
CM_Get_HW_Prof_FlagsA
CM_Get_Hardware_Profile_Info_ExW
CM_Get_Device_Interface_Alias_ExW
CM_Remove_SubTree_Ex
CM_Get_Device_Interface_List_Size_ExW
CM_Enumerate_EnumeratorsW
CM_Create_DevNode_ExA
CM_Modify_Res_Des_Ex
CM_Get_DevNode_Registry_PropertyA
CM_Remove_SubTree
CM_Get_DevNode_Registry_Property_ExA
CMP_Report_LogOn
CM_Open_Class_Key_ExW
CM_Run_Detection_Ex
CM_Get_Class_NameW
CM_Add_Empty_Log_Conf_Ex
CM_Move_DevNode_Ex
CM_Uninstall_DevNode
CM_Request_Eject_PC_Ex
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Next_Log_Conf_Ex
CM_Delete_DevNode_Key
CM_Delete_Class_Key
CM_Get_DevNode_Status
CM_Add_Range
CM_Open_Class_KeyA
CMP_WaitServicesAvailable
CM_Query_And_Remove_SubTreeA
CM_Uninstall_DevNode_Ex
CM_Set_DevNode_Problem
CM_Modify_Res_Des
CM_Delete_DevNode_Key_Ex
CM_Get_Device_ID_List_ExW
CM_Unregister_Device_Interface_ExW
CM_Query_Remove_SubTree_Ex
CM_Enumerate_Classes
CM_Get_Next_Res_Des
CM_Enable_DevNode
CM_Query_Remove_SubTree
CM_Set_DevNode_Registry_PropertyA
CM_Create_DevNodeW
CM_Get_Device_Interface_List_Size_ExA
CM_Get_Device_ID_List_Size_ExA
CM_Get_Version
CM_Register_Device_Interface_ExA
CM_Query_Arbitrator_Free_Data
CM_Get_Res_Des_Data_Size
CM_Locate_DevNode_ExW
CM_Get_Global_State
CM_Set_HW_Prof_Flags_ExA
CM_Add_IDW
CM_Is_Dock_Station_Present

shlwapi

SHRegGetUSValueW
SHDeleteValueW
PathRemoveFileSpecW
PathAddExtensionW
PathCanonicalizeW
SHRegDeleteUSValueA
PathBuildRootW
StrCmpNIA
wvnsprintfW
UrlHashA
PathFindOnPathA
SHAutoComplete
PathMakeSystemFolderA
ColorAdjustLuma
PathIsLFNFileSpecA
SHRegGetBoolUSValueW
PathFindNextComponentW
PathIsSameRootA
PathFindExtensionA
StrCmpNIW
PathGetArgsA
PathFindSuffixArrayW
SHGetValueW
PathSetDlgItemPathA
SHEnumValueA
SHCreateShellPalette
PathUndecorateW
StrCatBuffW
SHEnumKeyExA
StrDupA

msasn1

ASN1BEREncObjectIdentifier2
ASN1BEREncEoid
ASN1DecAlloc
ASN1BEREncZeroMultibyteString
ASN1BERDecS16Val
ASN1CEREncOctetString
ASN1BERDecUTF8String
ASN1BEREoid2DotVal
ASN1BERDecS32Val
ASN1BERDecOpenType
ASN1BERDecNull
ASN1BEREncLength
ASN1intxisuint32
ASN1BERDecEoid
ASN1CEREncEndBlk
ASN1BEREncCheck
ASN1ztcharstring_free
ASN1CEREncFlushBlkElement
ASN1BERDecOctetString
ASN1ztchar16string_free
ASN1BERDecZeroCharString
ASN1BERDecZeroMultibyteString
ASN1BEREncMultibyteString
ASN1BERDecLength
ASN1ztchar16string_cmp
ASN1CEREncZeroMultibyteString
ASN1BEREncTag
ASN1BERDecOctetString2
ASN1CEREncUTCTime
ASN1BERDecGeneralizedTime
ASN1BEREncChar16String
ASN1_Decode
ASN1BERDecOpenType2
ASN1BERDecZeroChar16String
ASN1CEREncChar32String
ASN1CEREncCharString
ASN1BERDecU8Val
ASN1intx_sub

kernel32

SetSystemPowerState
GetSystemDirectoryA
FatalAppExitW
OpenSemaphoreA
GetSystemWow64DirectoryW
SetLocaleInfoA
GlobalFindAtomW
SetProcessAffinityMask
Thread32Next
GetWindowsDirectoryA
FindNextFileW
GlobalAlloc
LoadLibraryA
CreateEventA
SetCommConfig
WaitCommEvent
GetLocaleInfoW
_lclose
GetCompressedFileSizeW
lstrlenW
SetSystemTime
EnumDateFormatsW
CreateProcessInternalA
GetCurrencyFormatW
VirtualAlloc
VirtualFree
FindNextVolumeMountPointA
SetConsoleTitleA
PrivCopyFileExW

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 354KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0772f94b92d514be67de8b5a8868d1c

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

cfgmgr32

shlwapi

msasn1

kernel32

Sections

.text Size: 337KB - Virtual size: 337KB

.rdata Size: 171KB - Virtual size: 171KB

.data Size: 354KB - Virtual size: 1.8MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 337KB - Virtual size: 337KB

.rdata
Size: 171KB - Virtual size: 171KB

.data
Size: 354KB - Virtual size: 1.8MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B