619a9b75d396fd68bc75b46e60abce9b

Sharing

Copy URL Twitter E-mail

General

Target

619a9b75d396fd68bc75b46e60abce9b
Size

496KB
MD5

619a9b75d396fd68bc75b46e60abce9b
SHA1

3a2fc071d65500f550cd7c2dda79cb6edb6831f4
SHA256

e9625943a9965e1542a635c341532730453b1cb76eebe3effce0146763134c6d
SHA512

49ae589379c35778be234a5b10ca0f37c3e1acd544d3cb8b02e48c92b9c339fa9d45fcaac35e377b5d5c7f156550a447d26d01206ecd508694c98913842750a3
SSDEEP

6144:dEplqAVtBxfAw07jHEh1e5MH0JuQHVofNU6VoNfitLKQt8zmQ:SYaWwOjHEh1bUkQHVoO6V+QLC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
619a9b75d396fd68bc75b46e60abce9b

Files

619a9b75d396fd68bc75b46e60abce9b
.dll windows:4 windows x86 arch:x86

090a691aace97420f964c206b70e4aef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
lstrlenA
lstrcpyA
LoadLibraryA
FreeLibrary
lstrcmpiA
GetLastError
GetPrivateProfileStringA
GetLocaleInfoW
SetEndOfFile
GetOEMCP
GetACP
IsBadCodePtr
ExitProcess
GetLocalTime
WriteFile
CreateFileA
SetFilePointer
ReadFile
CloseHandle
GetModuleHandleA
GetProcAddress
IsBadReadPtr
VirtualProtect
GetModuleFileNameA
IsBadWritePtr
SetStdHandle
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetVersionExA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
FlushFileBuffers
SetUnhandledExceptionFilter
SetEnvironmentVariableA
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
GetCurrentProcess
TerminateProcess
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
HeapReAlloc

user32

GetAsyncKeyState
PostMessageA
FindWindowA
GetWindowTextA
MessageBoxA

gdi32

CreateFontIndirectA
SelectObject
GetTextExtentPoint32A
CreateBitmapIndirect
DeleteObject
SetBkColor
SetTextColor
SetBkMode
TextOutA
GetObjectA
GetDIBits
CreateCompatibleDC

winmm

sndPlaySoundA
timeGetTime

opengl32

glBitmap
glEnd
glVertex3fv
glBegin
glColor4ub
glLineWidth
glBlendFunc
glEnable
glDisable
glViewport
glPopMatrix
glVertex2f
glFrustum
glVertex3f
glGetFloatv
glColor4f
glColor3f
glTexEnvi
glClearColor
glClear
wglGetCurrentDC
glRasterPos2f
glOrtho
glPushMatrix
glLoadIdentity

Exports

Exports

CreateInterface

Sections

.text
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

090a691aace97420f964c206b70e4aef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

opengl32

Exports

Exports

Sections

.text Size: 464KB - Virtual size: 461KB

.reloc Size: 28KB - Virtual size: 26KB

.text
Size: 464KB - Virtual size: 461KB

.reloc
Size: 28KB - Virtual size: 26KB