8807c583f2b1361c5909e31a2698dcd8

Sharing

Copy URL Twitter E-mail

General

Target

8807c583f2b1361c5909e31a2698dcd8
Size

863KB
MD5

8807c583f2b1361c5909e31a2698dcd8
SHA1

98a59475687a697ebc583747fab5278971fea08e
SHA256

7ee5c3d16decd0197a3851fcc5f16d69327a7ac85b1bf6ad24080efd281251f7
SHA512

17f8d0d15d58557a7507bb6767b7a3ce493491e2cae5fa9fd955382f12a467cf006b05503131d1b047487cdaace50eaf3807a43faff0650f9056c34c329a90d4
SSDEEP

12288:JzMQNLVJ6xrF+DsIYOoqkzWo9ZpIp90dKAGMUYYDX+ugHUbrQ11chW6:Jix8DsgojpEkKnYYT/gsrrZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8807c583f2b1361c5909e31a2698dcd8

Files

8807c583f2b1361c5909e31a2698dcd8
.exe windows:5 windows x86 arch:x86

928d572d5e36eaf1093997c91493e771

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msls31

LsSqueezeSubline
LsEnumLine
LsdnQueryPenNode
LsdnResetPenNode
LssbGetDurTrailInSubline
LsFetchAppendToCurrentSubline
LsSetCompression
LsFetchAppendToCurrentSublineResume
LsdnFinishByPen
LsEnumSubline
LsExpandSubline
LsGetMinDurBreaks
LsSetModWidthPairs
LsDestroyLine
LsTruncateSubline
LsCompressSubline
LsResetRMInCurrentSubline
LsLwMultDivR
LsFindPrevBreakSubline
LsMatchPresSubline
LsForceBreakSubline
LsGetReverseLsimethods
LsAppendRunToCurrentSubline
LsQueryCpPpointSubline
LsGetHihLsimethods
LsDestroySubline
LsCreateLine
LssbGetDurTrailWithPensInSubline
LsdnModifyParaEnding
LsGetTatenakayokoLsimethods

opengl32

glTexCoord4sv
glGetTexEnviv
glInterleavedArrays
glCopyTexImage1D
glBindTexture
glFogf
glRasterPos2s
wglGetCurrentDC
glEvalCoord2dv
glTexCoord2s
glLightf
wglSetLayerPaletteEntries
glTranslatef
glRasterPos2f
wglGetPixelFormat
glTexCoord1dv
glIndexMask
wglDescribeLayerPlane
glNormal3i
glVertex2d
glColor4iv
glIndexdv
glVertex2i
glVertex2sv
glTexCoord2f
glRasterPos3d
glNormal3iv
glTexCoord2iv
glTexCoord2fv
glRasterPos2dv
glDrawPixels
glScaled
glDrawBuffer
glTexGeniv
glVertex4d
glColor4f
glPopName
glTexCoord2i
glRenderMode
glEdgeFlagv
glGetTexImage

kernel32

GetBinaryType
WriteProcessMemory
FindResourceW
VirtualAlloc
GlobalAlloc
RtlCaptureContext
GetCommTimeouts
GetFirmwareEnvironmentVariableA
OutputDebugStringA
GetTickCount
GlobalFlags
VirtualFree
DeleteFileW
GetCPInfo
GetExpandedNameA
GetProcessPriorityBoost
GetLocaleInfoW
VerifyConsoleIoHandle
SetConsoleWindowInfo
GetComputerNameExW
ReleaseMutex
CommConfigDialogA
SetConsoleMaximumWindowSize
SetComputerNameExW
SignalObjectAndWait
SetConsoleKeyShortcuts
DefineDosDeviceA
GetSystemDefaultLangID
GetProcessIoCounters
IsValidLanguageGroup
GetNumaHighestNodeNumber
GetNextVDMCommand
WriteFileGather
GlobalCompact
GetVersion
InterlockedDecrement
BaseCheckAppcompatCache
LoadLibraryA
GetSystemWow64DirectoryW
GetVolumeNameForVolumeMountPointA
FlushFileBuffers
SetLocalPrimaryComputerNameW
GetUserDefaultLangID
VerLanguageNameA

advapi32

LsaQueryForestTrustInformation
SystemFunction012
GetSidIdentifierAuthority
FreeSid
ConvertAccessToSecurityDescriptorW
GetSidSubAuthorityCount
ElfDeregisterEventSource
SetPrivateObjectSecurity
InitializeSecurityDescriptor
RegUnLoadKeyW
RegisterEventSourceW
OpenEventLogA
CredMarshalCredentialA
SetKernelObjectSecurity
SetNamedSecurityInfoW
QueryServiceStatus
PrivilegedServiceAuditAlarmA
LogonUserExA
GetInformationCodeAuthzPolicyW
RegisterTraceGuidsW
CryptGetHashParam
SystemFunction035
BuildImpersonateTrusteeA
SystemFunction040
RemoveTraceCallback
EqualSid
AccessCheck
GetCurrentHwProfileW
ObjectOpenAuditAlarmA
RemoveUsersFromEncryptedFile

oleaut32

VarUI2FromI2
VarBoolFromI1
VariantChangeTypeEx
VarI8FromR4
VarBstrFromBool
VarR8FromUI2
VarUI2FromDate
VarR8FromI8
VarI8FromI2
VarI1FromI2
VarR8FromDate
VarUI1FromBool
VarCyFromUI8
VarAbs
VarR4FromR8
VarI4FromI2
OleCreateFontIndirect
VarDecDiv
VarEqv
VarI1FromUI2
VarI2FromR4
VarBstrFromCy
LoadTypeLib
VarR4FromUI2
VARIANT_UserMarshal
VarUI4FromR4
LHashValOfNameSysA
VarBstrFromUI8
OleLoadPicturePath
VarR8FromUI4
VarDateFromCy
VarParseNumFromStr
VarMul
VarBoolFromUI4
OleTranslateColor
VarUI2FromUI1
GetVarConversionLocaleSetting
VarWeekdayName

odbcjt32

SQLProcedureColumnsW
SQLAllocConnect
LoadByOrdinal
SQLDisconnect
SQLFetchScroll
AdvancedDialogProc
SQLGetConnectAttrW
SQLNumResultCols
SQLEndTran
SQLParamData
InvisibleSelectDb
SQLDriverConnectW
SQLProceduresW
SQLGetTypeInfoW
SQLSetStmtAttrW
SQLFreeHandle
SQLGetCursorNameW
ConfigDialogProc
SQLBindParameter
SQLAllocEnv
SQLFreeConnect
RepairCompactProc
SQLGetInfoW
SQLNativeSqlW
SQLBindCol
OpenDirHook
SQLRowCount
SQLPrepareW
SQLFreeEnv
SQLGetDescFieldW
ConfigDSNExW
SQLSpecialColumnsW

winmm

timeGetSystemTime
wod32Message
mciGetDeviceIDW
midiOutGetDevCapsA
mmioAscend
timeBeginPeriod
joyGetDevCapsW
midiInClose
mmTaskSignal
midiStreamStop
DriverCallback
waveInGetNumDevs
mixerSetControlDetails
midiOutPrepareHeader
midiOutMessage
PlaySound
mciSendStringW
mciGetYieldProc
midiInGetErrorTextW
midiOutGetDevCapsW
mciLoadCommandResource
midiInGetDevCapsW
DrvGetModuleHandle
mixerGetID
midiInStop

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

928d572d5e36eaf1093997c91493e771

Headers

DLL Characteristics

File Characteristics

Imports

msls31

opengl32

kernel32

advapi32

oleaut32

odbcjt32

winmm

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 343KB - Virtual size: 343KB

.data Size: 149KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 343KB - Virtual size: 343KB

.data
Size: 149KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B