172f3346d95e49ab6924fc68e69a52f8

Sharing

Copy URL Twitter E-mail

General

Target

172f3346d95e49ab6924fc68e69a52f8
Size

160KB
MD5

172f3346d95e49ab6924fc68e69a52f8
SHA1

d1cd48e186ab195be3fd96dbb90112f4f88cdd19
SHA256

20fa6f520ec64c26ddd86bdde38cb76d0209c7f0f850739f864bfe5a5f7b05f4
SHA512

624e91992c517ba8a21bcc2dc664a6b3e1ff66d5588f3ede5176cdb01301de132e0327618e30b00ef4f52296158b19dc7678b86433fa96b93b45a7adc2a88020
SSDEEP

3072:rxr8mgX/O1dgP+Rzeh36nLv5CnxolihJPtloiwQwlNz9NdqFz9X/yBofW1rWh/:Jg21dg89QnxowhJpePv419jf2r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172f3346d95e49ab6924fc68e69a52f8

Files

172f3346d95e49ab6924fc68e69a52f8
.exe windows:5 windows x86 arch:x86

4a6cbdb44b45842d7049b77b3406a03f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glTexCoord2d
glVertex2s
glBitmap
glLightModeliv
glClearAccum
glNormal3b
glDisableClientState
glIndexd
glMatrixMode
glGetMapiv
glRasterPos3sv
glVertex3i
wglCreateLayerContext
glMapGrid2f
glMap2d
glDrawArrays
glColor4f
wglUseFontBitmapsW
glRasterPos4s
glPolygonMode
glTexCoord3sv
glRasterPos4f
glPopName
glVertex4s
glRasterPos2d
glInitNames
glLightiv
glRasterPos3iv
glPushAttrib
glEdgeFlagv
glTranslatef
glEdgeFlag
glColor3i
glColorMaterial
glRectd
glNormal3i
glMap2f
glIndexs
wglSetLayerPaletteEntries
glTexSubImage1D
glDeleteTextures
glEvalPoint2
glVertex2dv
glGetMapfv
glIndexiv
glGetTexGeniv
glEdgeFlagPointer
glFogfv
glNormal3f
glLoadMatrixf
glGetTexParameterfv
glColor3uiv
glTexCoord3s
glPixelMapuiv
glDebugEntry
glTexCoord1f
glGetLightfv
glGetTexLevelParameteriv
glAccum
glPolygonStipple
glNormal3s
glTexCoord4d
glGetPixelMapusv
glColor4d
glGetString
glTexCoord2fv
glVertex2fv
glLoadMatrixd
glMateriali
glLighti
glFogf
glVertex4fv
glScissor
glLineWidth
glColor4iv
wglRealizeLayerPalette
glNormal3d

mfcsubs

?AllocBuffer@CString@@IAEXH@Z
??P@YG_NABVCString@@PBG@Z
??O@YG_NABVCString@@PBG@Z
?Find@CString@@QBEHPBG@Z
??1CCriticalSection@@UAE@XZ
??0CString@@QAE@PBGH@Z
??8@YG_NABVCString@@0@Z
??_7CMapStringToPtr@@6B@
??1CMapStringToPtr@@UAE@XZ
?AfxExtractSubString@@YGHAAVCString@@PBGHG@Z
?FreeExtra@CStringArray@@QAEXXZ
??P@YG_NABVCString@@0@Z
??BCString@@QBEPBGXZ
?Left@CString@@QBE?AV1@H@Z
?SetAt@CString@@QAEXHG@Z
?LookupKey@CMapStringToPtr@@QBEHPBGAAPBG@Z
?IsEmpty@CMapStringToPtr@@QBEHXZ
??YCString@@QAEABV0@ABV0@@Z
?SetAt@CStringArray@@QAEXHPBG@Z
?UnlockBuffer@CString@@QAEXXZ
?SetSize@CStringArray@@QAEXHH@Z
??BCCriticalSection@@QAEPAU_RTL_CRITICAL_SECTION@@XZ
?Release@CString@@KGXPAUCStringData@@@Z
?Format@CString@@QAAXIZZ
?Copy@CStringArray@@QAEXABV1@@Z
??8@YG_NPBGABVCString@@@Z
?Init@CString@@IAEXXZ
?GetAssocAt@CMapStringToPtr@@IBEPAUCAssoc@1@PBGAAI@Z
??0CCriticalSection@@QAE@XZ
??4CString@@QAEABV0@ABV0@@Z
??ACMapStringToPtr@@QAEAAPAXPBG@Z
??_7CStringArray@@6B@
??1CSyncObject@@UAE@XZ
?ReleaseBuffer@CString@@QAEXH@Z
?GetAllocLength@CString@@QBEHXZ
?Lock@CCriticalSection@@QAEHXZ
??9@YG_NABVCString@@0@Z
?Lock@CCriticalSection@@UAEHK@Z
??H@YG?AVCString@@ABV0@0@Z
?InsertAt@CStringArray@@QAEXHPBGH@Z
??O@YG_NPBGABVCString@@@Z

msasn1

ASN1BEREncCharString
ASN1BERDecCharString
ASN1BERDotVal2Eoid
ASN1BERDecChar16String
ASN1BERDecFlush
ASN1bitstring_free
ASN1CEREncZeroMultibyteString
ASN1BERDecU16Val
ASN1BEREncFlush
ASN1CEREncNewBlkElement
ASN1open_cmp
ASN1BEREncU32
ASN1_FreeDecoded
ASN1intx_setuint32
ASN1intx2int32
ASN1Free
ASN1CEREncFlushBlkElement
ASN1BEREncEoid
ASN1DecSetError
ASN1_CreateModule
ASN1BERDecSXVal
ASN1DecAlloc
ASN1octetstring_free
ASN1BEREoid_free
ASN1BERDecUTCTime
ASN1BEREncChar32String
ASN1uint32_uoctets

kernel32

DeleteFileA
DefineDosDeviceW
GetSystemDefaultLCID
LoadResource
WriteProcessMemory
ReadFileScatter
EnumResourceTypesA
FlushInstructionCache
GetLocalTime
ExpandEnvironmentStringsW
DefineDosDeviceA
CreateWaitableTimerW
IsDebuggerPresent
AllocateUserPhysicalPages
GetHandleInformation
GetSystemInfo
GetConsoleAliasExesLengthA
GetLastError
GetSystemDirectoryW
GetCurrentThreadId
SetConsoleHardwareState
DeleteFileW
ReadFile
QueryDosDeviceW
BackupRead
GetBinaryTypeA
GetNumaNodeProcessorMask
FindActCtxSectionStringA
OpenProcess
LocalFlags
NlsGetCacheUpdateCount
LocalAlloc
SetUnhandledExceptionFilter
EnumCalendarInfoExA
LoadLibraryA
GlobalHandle
GlobalFindAtomW
SetConsoleActiveScreenBuffer
VirtualQuery
VirtualLock
CopyFileExA
WriteConsoleInputW
SetComputerNameExA
VirtualFreeEx
GetConsoleCommandHistoryW
GetThreadContext
LCMapStringW
OpenEventA
GetUserDefaultUILanguage
VirtualAlloc
FreeEnvironmentStringsA
IsBadReadPtr
GetFileAttributesExW
SetTimeZoneInformation
Process32NextW
HeapLock
GetEnvironmentVariableW
SetFilePointerEx
FindFirstVolumeA
ReadConsoleInputExA
GlobalUnWire
ReleaseMutex
GetModuleHandleW

user32

DrawFrame
GetActiveWindow
GetReasonTitleFromReasonCode
ShowWindow
LoadMenuA
CopyRect
GetCursorPos
GetWindowTextLengthW
SendNotifyMessageW
SetWindowWord
VkKeyScanExW
IsWindowInDestroy
MessageBoxTimeoutW
DdeCmpStringHandles
DialogBoxParamW
FindWindowA
EnumDesktopsA
QuerySendMessage
GetGuiResources
IsServerSideWindow
BeginDeferWindowPos
AlignRects
EnumPropsA
ScrollDC
IsCharAlphaNumericW
GetAppCompatFlags2
SetDoubleClickTime
FindWindowExA
ShowWindowAsync
DdeNameService
GetDlgItem
AdjustWindowRect
LoadKeyboardLayoutW

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a6cbdb44b45842d7049b77b3406a03f

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

mfcsubs

msasn1

kernel32

user32

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 105KB - Virtual size: 242KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 960B

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 105KB - Virtual size: 242KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 960B