d6391978e6d487cfc5e2add8809e27729b0d7978b29b64dedd8862e57ea3edcb

Sharing

Copy URL

Twitter E-mail

General

Target

d6391978e6d487cfc5e2add8809e27729b0d7978b29b64dedd8862e57ea3edcb
Size

11.8MB
MD5

6438a643a3e5328f0e7eedb1fe338a97
SHA1

f5d55fe0a03bdf995a05b525be9591980a54b94f
SHA256

d6391978e6d487cfc5e2add8809e27729b0d7978b29b64dedd8862e57ea3edcb
SHA512

19feb387781c1731a4ec1950f19ad3cd6a2b29336bf782781c1e230a59d8a56930e56f6cf80333b8c795b2938b8350bacc251b68092653f1c789e196ab1a339d
SSDEEP

196608:33d4GdB42AZde2jnLzLPn6+Mf0eCgp399SrsWL1x/++N5jwU/pJ6OG7wAdT8LN5R:1dBNqLPn6+MGgp399SrsWL1x/++N5jwY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6391978e6d487cfc5e2add8809e27729b0d7978b29b64dedd8862e57ea3edcb

Files

d6391978e6d487cfc5e2add8809e27729b0d7978b29b64dedd8862e57ea3edcb
.exe windows:4 windows x86

83a905f2398de6629cd2eca690ef80f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
SetWindowLongA

gdi32

SetPixelFormat
ChoosePixelFormat
SwapBuffers
CreateFontA

glu32

gluTessCallback
gluErrorString
gluProject
gluNewTess
gluTessVertex
gluTessEndPolygon
gluLookAt
gluUnProject
gluBuild2DMipmaps
gluTessEndContour
gluTessBeginPolygon
gluPickMatrix
gluTessBeginContour

opengl32

wglMakeCurrent
glVertex2f
glPopMatrix
glHint
glColor3ub
glReadPixels
glGenLists
glLoadIdentity
glDisable
glDeleteLists
glRenderMode
glBindTexture
glTexParameteri
glGenTextures
glVertex3dv
glTranslatef
glLightfv
glDepthFunc
glDrawBuffer
glLoadName
glLogicOp
glFlush
glPushMatrix
wglCreateContext
glTexImage2D
glNewList
glEndList
glGetDoublev
glEnd
glPixelStorei
glPushName
glSelectBuffer
glClearColor
glScalef
wglUseFontOutlinesA
glColor3f
glPolygonMode
glPolygonStipple
glColor4ub
glOrtho
glEnable
glInitNames
glLineWidth
glLineStipple
glRotatef
wglDeleteContext
glViewport
glBlendFunc
glBegin
glGetIntegerv
glClear
glPointSize
glCallList

msvbvm60

EVENT_SINK_GetIDsOfNames
ord582
__vbaVarTstGt
__vbaVarSub
ord583
ord690
__vbaStrI2
__vbaNextEachAry
ord584
_CIcos
_adj_fptan
ord585
__vbaStrI4
__vbaVarMove
ord586
__vbaVarVargNofree
ord587
__vbaAryMove
__vbaFreeVar
__vbaLineInputStr
ord588
__vbaGosubReturn
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFpCDblR8
EVENT_SINK_Invoke
__vbaNextEachVar
__vbaFreeObjList
ord516
__vbaR8Sgn
ord517
_adj_fprem1
ord518
__vbaRecAnsiToUni
ord626
__vbaResume
__vbaVarCmpNe
__vbaForEachCollAd
__vbaStrCat
__vbaWriteFile
__vbaLsetFixstr
ord660
__vbaRecDestruct
__vbaSetSystemError
ord662
__vbaHresultCheckObj
ord557
ord558
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
Zombie_GetTypeInfo
__vbaVarCmpGe
__vbaAryDestruct
__vbaLateMemSt
ord591
__vbaVarForInit
__vbaVarPow
__vbaStrBool
__vbaBoolStr
ord593
__vbaForEachCollObj
__vbaExitProc
ord300
ord594
ord301
__vbaObjSet
ord595
__vbaOnError
ord302
ord596
_adj_fdiv_m16i
ord303
ord597
__vbaObjSetAddref
_adj_fdivr_m16i
ord304
__vbaVarIndexLoad
ord598
ord305
ord306
__vbaStrFixstr
ord520
__vbaBoolVar
__vbaForEachCollVar
ord307
ord308
__vbaFPFix
ord309
__vbaVargVar
__vbaRefVarAry
__vbaBoolVarNull
__vbaVarTstLt
__vbaFpR8
_CIsin
__vbaErase
ord709
ord631
__vbaVargVarMove
ord632
__vbaVarCmpGt
__vbaNextEachCollObj
__vbaChkstk
ord526
__vbaFileClose
__vbaGosubFree
EVENT_SINK_AddRef
ord528
__vbaVarAbs
__vbaGenerateBoundsError
__vbaGet3
ord529
__vbaExitEachColl
__vbaStrCmp
__vbaPutOwner3
__vbaGet4
__vbaAryConstruct2
__vbaVarTstEq
__vbaR4Str
ord560
ord561
__vbaI2I4
__vbaObjVar
__vbaNextEachCollVar
DllFunctionCall
__vbaVarLateMemSt
__vbaVarOr
ord670
__vbaFpUI1
__vbaCastObjVar
__vbaStrR4
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaFixstrConstruct
__vbaLateIdCallLd
Zombie_GetTypeInfoCount
__vbaStrR8
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
ord310
__vbaObjIs
__vbaVarAnd
__vbaLateIdCallSt
ord311
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaVarMul
__vbaExceptHandler
ord312
ord711
ord313
__vbaInputFile
__vbaPrintFile
__vbaStrToUnicode
ord712
ord314
ord606
_adj_fprem
_adj_fdivr_m64
ord315
__vbaLateIdStAd
ord607
__vbaR8ErrVar
__vbaI2Str
__vbaGosub
__vbaVarDiv
ord714
ord316
ord608
__vbaVarCmpLe
ord716
__vbaFPException
__vbaInStrVar
ord717
ord319
__vbaGetOwner3
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord535
__vbaI2Var
ord644
__vbaStopExe
ord537
__vbaExitEachVar
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
ord648
__vbaR8Str
__vbaNew2
__vbaVarLateMemCallLdRf
__vbaVarInt
ord571
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
ord681
__vbaVarCmpLt
__vbaFreeStrList
ord576
_adj_fdivr_m32
__vbaPowerR8
__vbaR8Var
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
ord689
__vbaForEachAry
__vbaVarCmpEq
ord610
__vbaAryLock
__vbaLateMemCall
__vbaVarAdd
ord320
ord612
__vbaVarDup
__vbaStrToAnsi
ord321
__vbaVerifyVarObj
ord613
ord614
__vbaFpI2
__vbaVarTstGe
ord616
__vbaVarCopy
__vbaFpI4
__vbaVarLateMemCallLd
__vbaRecDestructAnsi
__vbaR8IntI2
ord617
__vbaVarSetObjAddref
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
__vbaStrMove
__vbaCastObj
__vbaStrVarCopy
ord619
__vbaR8IntI4
__vbaForEachVar
__vbaVarNeg
ord650
_allmul
__vbaLateIdSt
__vbaVarLateMemCallSt
__vbaLateMemCallSt
_CItan
__vbaNextEachCollAd
__vbaFPInt
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaI4ErrVar
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 11.8MB - Virtual size: 11.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83a905f2398de6629cd2eca690ef80f3

Headers

File Characteristics

Imports

user32

gdi32

glu32

opengl32

msvbvm60

Sections

.text Size: 11.8MB - Virtual size: 11.8MB

.data Size: 4KB - Virtual size: 134KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 11.8MB - Virtual size: 11.8MB

.data
Size: 4KB - Virtual size: 134KB

.rsrc
Size: 12KB - Virtual size: 8KB