195ad2aa90677a902af65b2e41df8e41

Sharing

Copy URL Twitter E-mail

General

Target

195ad2aa90677a902af65b2e41df8e41
Size

823KB
MD5

195ad2aa90677a902af65b2e41df8e41
SHA1

73e73d5ed8a13c54507d9e13e053d982f51ffe7f
SHA256

41e5748e9353cca538a9d52e0b6dc909aa991f8235dfc0540e1ca00d680f8b72
SHA512

798889b0ac46b5bd397e44b8cd033593d85ebd3f6604e8ddd6e594770052ce7f7d1833662a3f359d0c250b917c7aaca2b4f06f3de7666ac9eccbe2930c31fa49
SSDEEP

24576:JOIK2XkSai3HBpW3so/AwcUaVhmVm/fOQCTef+eUjikr:JTXPtXBp/ofaVhLf3p9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
195ad2aa90677a902af65b2e41df8e41

Files

195ad2aa90677a902af65b2e41df8e41
.exe windows:5 windows x86 arch:x86

6daccfd91c0163bcfa009cac293ddc6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
LoadLibraryW
RegisterWaitForSingleObject
EnumDateFormatsExA
GetProcessAffinityMask
CancelTimerQueueTimer
GetNumaProcessorNode
GetCommConfig
GetSystemWow64DirectoryA
AddVectoredExceptionHandler
lstrcpynW
SetConsoleCursorMode
GetCalendarInfoA
Module32NextW
GetConsoleAliasW
RegisterWaitForInputIdle
GetModuleHandleA
RemoveDirectoryA
FindResourceExA
CompareStringW
FindVolumeClose
SetVolumeLabelA
LCMapStringW
EnumSystemGeoID
OpenConsoleW
FreeLibraryAndExitThread
CreateMutexW
FileTimeToDosDateTime

comctl32

ImageList_DragEnter
PropertySheet
ImageList_GetIconSize
ImageList_AddMasked
ImageList_SetIconSize
_TrackMouseEvent
ImageList_Create
CreateToolbar
ImageList_DragLeave
ImageList_Remove
ImageList_Draw
DestroyPropertySheetPage

glu32

gluDeleteQuadric
gluQuadricOrientation
gluQuadricTexture
gluNurbsCurve
gluBeginSurface
gluNurbsProperty
gluBuild2DMipmaps
gluLoadSamplingMatrices
gluDeleteTess
gluQuadricCallback
gluEndTrim
gluErrorString
gluNextContour
gluBeginPolygon
gluScaleImage
gluGetString
gluPerspective

wmi

WmiMofEnumerateResourcesW
OpenTraceA
WmiNotificationRegistrationA
UnregisterTraceGuids
CreateTraceInstanceId
WmiEnumerateGuids
WmiExecuteMethodW
StartTraceA
QueryAllTracesW
WmiDevInstToInstanceNameW
RegisterTraceGuidsW
WmiQueryGuidInformation

oleaut32

VarI2FromStr
VarI8FromUI2
VarDecFromI8
VarUI4FromUI2
SafeArrayGetElement
VarUI2FromStr
VarI8FromStr
VarI2FromI1
LPSAFEARRAY_Unmarshal

opengl32

glLoadName
glVertex3s
glCopyTexSubImage2D
glBegin
glTexCoord3f
GlmfCloseMetaFile
glColor4fv
glRasterPos2d
glTexCoord4d
glDrawPixels
glCopyTexImage2D
glColor4i
glGetLightiv
glTexCoord4s
glRasterPos4dv
glGetTexLevelParameterfv
glClearAccum
glRasterPos4d
glTexCoord3i
glRotated
glLineStipple

Sections

.text
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 189KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6daccfd91c0163bcfa009cac293ddc6d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

glu32

wmi

oleaut32

opengl32

Sections

.text Size: 380KB - Virtual size: 380KB

.rdata Size: 82KB - Virtual size: 81KB

.data Size: 189KB - Virtual size: 1.6MB

.rsrc Size: 170KB - Virtual size: 169KB

.reloc Size: 1024B - Virtual size: 852B

.text
Size: 380KB - Virtual size: 380KB

.rdata
Size: 82KB - Virtual size: 81KB

.data
Size: 189KB - Virtual size: 1.6MB

.rsrc
Size: 170KB - Virtual size: 169KB

.reloc
Size: 1024B - Virtual size: 852B