c2b75cae2e3297315165c2838e54f18a

Sharing

Copy URL Twitter E-mail

General

Target

c2b75cae2e3297315165c2838e54f18a
Size

420KB
MD5

c2b75cae2e3297315165c2838e54f18a
SHA1

54e9fb78cb2d3d012cced6d70a1d052e44839df3
SHA256

35a45e74613f2b93d5df3652a7fb9e19c4a52604f1ff4b7080c8199bf8f61de6
SHA512

361904e4e914261491f941ce6b9913d846f7982c0a5d74a58c28faf5a7482ca3bc4b13c125362ef6bd516e035c3fb705ab2d9d5d924bf9c2537163910e110dd4
SSDEEP

6144:kbZAAUNvWDWsc8ae5IbTF8meutA1WE+35+fGJBV4ql06/20vh3HS19WkYV:kbZAAqfRe5I1iH1u5+fNqlV/r3S9Wk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2b75cae2e3297315165c2838e54f18a

Files

c2b75cae2e3297315165c2838e54f18a
.dll windows:4 windows x86 arch:x86

dca032ed76c055d978b5dde7b16b36bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetVersion
GlobalFix
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadHugeWritePtr
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
GetSystemTimeAsFileTime
ReadFile
ReleaseMutex
RtlUnwind
SetFileApisToOEM
SetSystemTime
SetUnhandledExceptionFilter
SetWaitableTimer
SetupComm
SizeofResource
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetProcessPriorityBoost
GetProcessAffinityMask
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
CloseHandle
GetLastError
GetFullPathNameW
GetFileType
GetFileSizeEx
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindResourceW
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
DebugBreak
CreateThread
CreateMutexA
CreateFileA
CreateConsoleScreenBuffer
QueryPerformanceFrequency

gdi32

TranslateCharsetInfo
SetTextColor
SetBkMode
SetBkColor
SelectObject
MoveToEx
GetWinMetaFileBits
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetGlyphOutlineA
GetFontLanguageInfo
GetColorAdjustment
GetCharacterPlacementA
ExtTextOutW
ExtTextOutA
DeleteDC
CreateRectRgnIndirect
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
DeleteObject

advapi32

SystemFunction001
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

ole32

CreateStreamOnHGlobal

msvcrt

_purecall
tolower
_CIacos
_CIatan
_CIatan2
_CIcos
_CIsin
_CIsqrt
_CxxThrowException
_XcptFilter
__CxxFrameHandler
__RTDynamicCast
__dllonexit
_amsg_exit
_controlfp
_finite
_fullpath
_initterm
_isnan
_lock
_mbscspn
_mbsrchr
_onexit
_stricmp
_unlock
_vsnprintf
_vsnwprintf
_wcmdln
_wcreat
_wexeclpe
calloc
floor
free
iswalpha
iswdigit
iswpunct
iswspace
malloc
mbtowc
memcpy
memmove
memset
qsort

Exports

Exports

FillTextureTX
GetSourcefv
LoadMeshHierarchyFromXInMemory
SchemaAddRef

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dca032ed76c055d978b5dde7b16b36bf

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 64KB - Virtual size: 64KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 64KB - Virtual size: 64KB

.reloc
Size: 5KB - Virtual size: 4KB