GGplus[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

GGplus.exe
Size

68KB
MD5

7ae467589a1aed1dc1cd390f64b34b32
SHA1

9384f525eb4455c49e88e72cc1f4522aafee2e3a
SHA256

c39aa06004ec12050907077ff56952dde60de196928ad84a88a403ee47b0b033
SHA512

647fdf8a41887ce7d5ff9fbb2bee6a3d5a19560b78ece007137eea11b763a78eadda6b04727a724a26f304ebfb0666444fa1a6974793d730ce6d74e46ff7124b
SSDEEP

1536:4Ds+YdlWO2PnmhnM0OpttQg1OLeXkT638:4DsnlWO2PnmhnQttQgceUT638

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GGplus.exe

Files

GGplus.exe
.exe windows:4 windows x86

ecccc6ac474ede3661617f767dfcb76b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glClear

sdl

SDL_Init
SDL_WM_SetCaption
SDL_RWFromFile
SDL_LoadBMP_RW
SDL_WM_SetIcon
SDL_GL_SetAttribute
SDL_SetVideoMode
SDL_GL_SwapBuffers
SDL_PollEvent
SDL_Quit
SDL_GetMouseState
SDL_GetVideoInfo
SDL_SetModuleHandle
SDL_GetError

osg

??0TexEnv@osg@@QAE@XZ
?setAttributeAndModes@StateSet@osg@@QAEXPAVStateAttribute@2@I@Z
?setImage@Texture@osg@@QAEXPAVImage@2@@Z
??0Texture@osg@@QAE@XZ
??1Texture@osg@@MAE@XZ
??1TexEnv@osg@@MAE@XZ
??4Matrix@osg@@QAEAAV01@ABV01@@Z
?replaceDrawable@Geode@osg@@UAE?B_NPAVDrawable@2@0@Z
?removeDrawable@Geode@osg@@UAE?B_NPAVDrawable@2@@Z
?addDrawable@Geode@osg@@UAE?B_NPAVDrawable@2@@Z
?computeBound@Geode@osg@@MBE?B_NXZ
?traverse@Node@osg@@UAEXAAVNodeVisitor@2@@Z
?accept@Geode@osg@@UAEXAAVNodeVisitor@2@@Z
?className@Geode@osg@@UBEPBDXZ
?isSameKindAs@Geode@osg@@UBE_NPBVObject@2@@Z
?clone@Geode@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Geode@osg@@UBEPAVObject@2@XZ
??0Geode@osg@@QAE@XZ
??1Geode@osg@@MAE@XZ
?traverse@Switch@osg@@UAEXAAVNodeVisitor@2@@Z
?accept@Switch@osg@@UAEXAAVNodeVisitor@2@@Z
?className@Switch@osg@@UBEPBDXZ
?isSameKindAs@Switch@osg@@UBE_NPBVObject@2@@Z
?clone@Switch@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Switch@osg@@UBEPAVObject@2@XZ
?computeWorldToLocalMatrix@Transform@osg@@MBE?B_NAAVMatrix@2@PAVNodeVisitor@2@@Z
?computeLocalToWorldMatrix@Transform@osg@@MBE?B_NAAVMatrix@2@PAVNodeVisitor@2@@Z
?computeBound@Transform@osg@@MBE?B_NXZ
?accept@Transform@osg@@UAEXAAVNodeVisitor@2@@Z
?className@Transform@osg@@UBEPBDXZ
?isSameKindAs@Transform@osg@@UBE_NPBVObject@2@@Z
?clone@Transform@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Transform@osg@@UBEPAVObject@2@XZ
??0Switch@osg@@QAE@XZ
??0Transform@osg@@QAE@XZ
??1Switch@osg@@MAE@XZ
??1Transform@osg@@MAE@XZ
?computeBound@GeoSet@osg@@MBE?B_NXZ
?applyAttributeOperation@GeoSet@osg@@UAEIAAVAttributeFunctor@Drawable@2@@Z
?suppportsAttributeOperation@GeoSet@osg@@UBEIXZ
?getStats@GeoSet@osg@@UAE_NAAVStatistics@2@@Z
?drawImmediateMode@GeoSet@osg@@UAEXAAVState@2@@Z
?className@GeoSet@osg@@UBEPBDXZ
?isSameKindAs@GeoSet@osg@@UBE_NPBVObject@2@@Z
?clone@GeoSet@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@GeoSet@osg@@UBEPAVObject@2@XZ
?setNormalBinding@GeoSet@osg@@QAEXW4BindingType@12@@Z
?setNormals@GeoSet@osg@@QAEXPAVVec3@2@PAG@Z
?setTextureBinding@GeoSet@osg@@QAEXW4BindingType@12@@Z
?setTextureCoords@GeoSet@osg@@QAEXPAVVec2@2@PAG@Z
?setColors@GeoSet@osg@@QAEXPAVVec4@2@PAG@Z
?setCoords@GeoSet@osg@@QAEXPAVVec3@2@PAG@Z
?setPrimType@GeoSet@osg@@QAEXW4PrimitiveType@12@@Z
??0GeoSet@osg@@QAE@XZ
??1GeoSet@osg@@MAE@XZ
?yMax@BoundingBox@osg@@QAEAAMXZ
?yMin@BoundingBox@osg@@QAEAAMXZ
?cloneType@Texture@osg@@UBEPAVObject@2@XZ
?xMin@BoundingBox@osg@@QAEAAMXZ
?getBound@Drawable@osg@@QBEABVBoundingBox@2@XZ
?apply@Material@osg@@UBEXAAVState@2@@Z
?setStateSetModes@Material@osg@@UBEXAAVStateSet@2@I@Z
?compare@Material@osg@@UBEHABVStateAttribute@2@@Z
?getType@Material@osg@@UBE?BIXZ
?className@Material@osg@@UBEPBDXZ
?isSameKindAs@Material@osg@@UBE_NPBVObject@2@@Z
?clone@Material@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Material@osg@@UBEPAVObject@2@XZ
?setDiffuse@Material@osg@@QAEXW4Face@12@ABVVec4@2@@Z
??0Material@osg@@QAE@XZ
??1Material@osg@@MAE@XZ
?applyAttributeOperation@Drawable@osg@@UAEIAAVAttributeFunctor@12@@Z
?suppportsAttributeOperation@Drawable@osg@@UBEIXZ
?getStats@Drawable@osg@@UAE_NAAVStatistics@2@@Z
?setStateSet@Drawable@osg@@QAEXPAVStateSet@2@@Z
??0Matrix@osg@@QAE@XZ
??1Referenced@osg@@MAE@XZ
??_7Object@osg@@6B@
??_7Matrix@osg@@6B@
?unref@Referenced@osg@@QBEXXZ
?setOrtho2D@Camera@osg@@QAEXNNNN@Z
?setPerspective@Camera@osg@@QAEXNNNN@Z
?setLookAt@Camera@osg@@QAEXNNNNNNNNN@Z
?compile@StateAttribute@osg@@UBEXAAVState@2@@Z
?apply@Depth@osg@@UBEXAAVState@2@@Z
?setStateSetModes@Depth@osg@@UBEXAAVStateSet@2@I@Z
?compare@Depth@osg@@UBEHABVStateAttribute@2@@Z
?getType@Depth@osg@@UBE?BIXZ
?className@Depth@osg@@UBEPBDXZ
?isSameKindAs@Depth@osg@@UBE_NPBVObject@2@@Z
?clone@Depth@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Depth@osg@@UBEPAVObject@2@XZ
?className@StateSet@osg@@UBEPBDXZ
?isSameKindAs@StateSet@osg@@UBE_NPBVObject@2@@Z
?clone@StateSet@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@StateSet@osg@@UBEPAVObject@2@XZ
?replaceChild@Group@osg@@UAE_NPAVNode@2@0@Z
?removeChild@Group@osg@@UAE_NPAVNode@2@@Z
?addChild@Group@osg@@UAE_NPAVNode@2@@Z
?computeBound@Group@osg@@MBE?B_NXZ
?traverse@Group@osg@@UAEXAAVNodeVisitor@2@@Z
?xMax@BoundingBox@osg@@QAEAAMXZ
?ascend@Node@osg@@UAEXAAVNodeVisitor@2@@Z
?accept@Group@osg@@UAEXAAVNodeVisitor@2@@Z
?className@Group@osg@@UBEPBDXZ
?isSameKindAs@Group@osg@@UBE_NPBVObject@2@@Z
?clone@Group@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Group@osg@@UBEPAVObject@2@XZ
?setStateSet@Node@osg@@QAEXPAVStateSet@2@@Z
?setAttribute@StateSet@osg@@QAEXPAVStateAttribute@2@I@Z
?setMode@StateSet@osg@@QAEXII@Z
??0Depth@osg@@QAE@XZ
??0StateSet@osg@@QAE@XZ
??0Group@osg@@QAE@XZ
??1StateSet@osg@@MAE@XZ
??1Group@osg@@MAE@XZ
??1Depth@osg@@MAE@XZ
??0Camera@osg@@QAE@PAVDisplaySettings@1@@Z
?readEnvironmentalVariables@DisplaySettings@osg@@QAEXXZ
??_7DisplaySettings@osg@@6B@
??_7Referenced@osg@@6B@
?setDefaults@DisplaySettings@osg@@QAEXXZ
??1DisplaySettings@osg@@UAE@XZ
??1Camera@osg@@UAE@XZ
?dirtyDisplayList@Drawable@osg@@QAEXXZ
??1Matrix@osg@@UAE@XZ
?preMult@Matrix@osg@@QBE?AVVec3@2@ABV32@@Z
?invert@Matrix@osg@@QAE_NABV12@@Z
?makeRotate@Matrix@osg@@QAEXMMMM@Z
?setMatrix@Transform@osg@@QAEXABVMatrix@2@@Z
?clone@Texture@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?isSameKindAs@Texture@osg@@UBE_NPBVObject@2@@Z
?className@Texture@osg@@UBEPBDXZ
?getType@Texture@osg@@UBE?BIXZ
?compare@Texture@osg@@UBEHABVStateAttribute@2@@Z
?setStateSetModes@Texture@osg@@UBEXAAVStateSet@2@I@Z
?apply@Texture@osg@@UBEXAAVState@2@@Z
?compile@Texture@osg@@UBEXAAVState@2@@Z
?applyTexImage@Texture@osg@@MBEXIPAVImage@2@AAVState@2@@Z
?cloneType@TexEnv@osg@@UBEPAVObject@2@XZ
?clone@TexEnv@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?isSameKindAs@TexEnv@osg@@UBE_NPBVObject@2@@Z
?className@TexEnv@osg@@UBEPBDXZ
?getType@TexEnv@osg@@UBE?BIXZ
?compare@TexEnv@osg@@UBEHABVStateAttribute@2@@Z
?setStateSetModes@StateAttribute@osg@@UBEXAAVStateSet@2@I@Z
?apply@TexEnv@osg@@UBEXAAVState@2@@Z
?getMatrix@Transform@osg@@QBEABVMatrix@2@XZ
??0Matrix@osg@@QAE@ABV01@@Z
?makeTranslate@Matrix@osg@@QAEXMMM@Z
?postMult@Matrix@osg@@QAEXABV12@@Z

osgdb

?readNodeFile@osgDB@@YAPAVNode@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?readImageFile@osgDB@@YAPAVImage@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

osgutil

?setCamera@SceneView@osgUtil@@QAEXPAVCamera@osg@@@Z
?init@SceneView@osgUtil@@UAEXXZ
?app@SceneView@osgUtil@@UAEXXZ
?cull@SceneView@osgUtil@@UAEXXZ
?draw@SceneView@osgUtil@@UAEXXZ
?cullStage@SceneView@osgUtil@@MAEXPAVMatrix@osg@@0PAVCullVisitor@2@PAVRenderGraph@2@PAVRenderStage@2@@Z
?drawStage@SceneView@osgUtil@@MAEXPAVRenderStage@2@@Z
?setSceneData@SceneView@osgUtil@@QAEXPAVNode@osg@@@Z
?getRenderStage@SceneView@osgUtil@@QAEPAVRenderStage@2@XZ
?getCullVisitor@SceneView@osgUtil@@QAEPAVCullVisitor@2@XZ
?setCullingMode@CullVisitor@osgUtil@@QAEXI@Z
?getCamera@SceneView@osgUtil@@QAEPAVCamera@osg@@XZ
?setViewport@SceneView@osgUtil@@QAEXHHHH@Z
??0SceneView@osgUtil@@QAE@PAVDisplaySettings@osg@@@Z
??1SceneView@osgUtil@@MAE@XZ
?setDefaults@SceneView@osgUtil@@QAEXXZ

osgtext

?cloneType@Text@osgText@@UBEPAVObject@osg@@XZ
?clone@Text@osgText@@UBEPAVObject@osg@@ABVCopyOp@4@@Z
?isSameKindAs@Text@osgText@@UBE_NPBVObject@osg@@@Z
?className@Text@osgText@@UBEPBDXZ
?drawImmediateMode@Text@osgText@@UAEXAAVState@osg@@@Z
?computeBound@Text@osgText@@MBE?B_NXZ
?drawBoundingBox@Text@osgText@@UAEXXZ
?drawAlignment@Text@osgText@@UAEXXZ
?setDefaults@Text@osgText@@MAEXXZ
?calcBounds@Text@osgText@@MBEXPAVVec3@osg@@0@Z
?setText@Text@osgText@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setPosition@Text@osgText@@QAEXABVVec3@osg@@@Z
??1BitmapFont@osgText@@UAE@XZ
??0BitmapFont@osgText@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?cloneType@BitmapFont@osgText@@UBEPAVObject@osg@@XZ
??0Text@osgText@@QAE@XZ
?isSameKindAs@BitmapFont@osgText@@UBE_NPBVObject@osg@@@Z
?className@BitmapFont@osgText@@UBEPBDXZ
?create@Font@osgText@@UAE_NAAVState@osg@@@Z
?create@Font@osgText@@UAE_NAAVState@osg@@HI@Z
?output@Font@osgText@@UAEXAAVState@osg@@PBD@Z
?isOk@Font@osgText@@UBE_NXZ
?isCreated@Font@osgText@@UBE_NXZ
?getWidth@Font@osgText@@UBEMPBD@Z
?getHeight@Font@osgText@@UBEHXZ
?getAscender@Font@osgText@@UBEHXZ
?clear@Font@osgText@@MAEXXZ
?createFontObj@BitmapFont@osgText@@MAEPAVFTFont@@XZ
?getFont@Text@osgText@@QAEPAVFont@2@XZ
?setFont@Text@osgText@@QAEXPAVFont@2@@Z
?setAlignment@Text@osgText@@QAEXH@Z
??1Text@osgText@@MAE@XZ
?clone@BitmapFont@osgText@@UBEPAVObject@osg@@ABVCopyOp@4@@Z
?getDescender@Font@osgText@@UBEHXZ

msvcp70

??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?_Nomemory@std@@YAXXZ
?open@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXPBDH@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr70

fclose
fopen
fgetc
remove
_iob
fprintf
strrchr
strncpy
setbuf
setvbuf
freopen
_except_handler3
_pctype
_onexit
__dllonexit
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_callnewh
malloc
isalnum
tolower
atoi
_CxxThrowException
??0exception@@QAE@ABV0@@Z
atof
sprintf
_purecall
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ
__mb_cur_max
_isctype
_controlfp

kernel32

GetModuleHandleA
GetCommandLineA
FreeLibrary
LoadLibraryA
GetStartupInfoA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ecccc6ac474ede3661617f767dfcb76b

Headers

File Characteristics

Imports

opengl32

sdl

osg

osgdb

osgutil

osgtext

msvcp70

msvcr70

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 1KB