de6437a4d009befb5d435a40f41c39d8

Sharing

Copy URL Twitter E-mail

General

Target

de6437a4d009befb5d435a40f41c39d8
Size

1.8MB
MD5

de6437a4d009befb5d435a40f41c39d8
SHA1

1494682d9d749700f4982927fb4b92182fafba73
SHA256

26dd56510eaca53e1c14fb75d69f1088fbc1e161373f4df82c2f8b163afec552
SHA512

8fe94bbc441e8320cbf282d3086909340220bfb38e446475dd863f2369cf51b414c81b786f59c469271ad4234c03c717e062b87cfe98bc3b330edaa4940b3ea3
SSDEEP

24576:keRJ/H1CPUvDq8PFN7PIw1zvVh8xtqqmgWhWZysm+WoEZreiDT/RIUtdM0TlFZPX:Qgf+ytHJDDviQlFFa+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de6437a4d009befb5d435a40f41c39d8

Files

de6437a4d009befb5d435a40f41c39d8
.exe windows:4 windows x86 arch:x86

6efd6fb226b922f50b4c38389bacfe8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadCodePtr
IsBadReadPtr
CompareStringW
GetModuleHandleA
GetFileAttributesA
SetFileAttributesA
CopyFileA
GetLocalTime
CompareStringA
SetEndOfFile
SetFilePointer
LoadLibraryA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CreatePipe
LCMapStringA
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapSize
GetCurrentProcess
TerminateProcess
GetProcAddress
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetFileType
SetEnvironmentVariableA
GetModuleFileNameA
ExitProcess
GetVersion
GetCommandLineA
GetFullPathNameA
GetSystemTime
GetTimeZoneInformation
HeapFree
HeapAlloc
InterlockedIncrement
InterlockedDecrement
RaiseException
RtlUnwind
CreateDirectoryA
GetDriveTypeA
GetCurrentDirectoryA
lstrlenA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
LeaveCriticalSection
GetStartupInfoA
CreateProcessA
WaitForSingleObject
GetPrivateProfileStringA
GetFileSize
DeleteFileA
WriteFile
GetLastError
FormatMessageA
LocalFree
FindFirstFileA
FindNextFileA
FindClose
CreateFileA
ReadFile
CloseHandle
IsDBCSLeadByte
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
InterlockedExchange
Sleep
EnterCriticalSection
LCMapStringW

user32

FindWindowA
PostQuitMessage
SetFocus
GetSystemMetrics
SetCursorPos
DefWindowProcA
LoadIconA
LoadCursorA
EnumDisplaySettingsA
PostMessageA
MessageBoxA
GetWindowLongA
ChangeDisplaySettingsA
GetDC
UpdateWindow
ShowWindow
ReleaseDC
TranslateMessage
DispatchMessageA
PeekMessageA
IsWindow
ShowCursor
RegisterClassA
CreateWindowExA
CallWindowProcA
SetWindowLongA
GetWindowRect
GetCursorPos
wsprintfA
UnregisterClassA

gdi32

DescribePixelFormat
ChoosePixelFormat
GetStockObject
SetPixelFormat
GetDeviceGammaRamp
SetDeviceGammaRamp
CreateDCA
SwapBuffers
DeleteDC

shell32

ShellExecuteA

opengl32

glTexSubImage2D
glDrawPixels
glBitmap
glAlphaFunc
glNormal3dv
glPixelTransferf
glPushClientAttrib
glPopClientAttrib
glDeleteLists
glColor3f
glNormal3d
glTexEnvi
glDepthMask
glCopyTexImage2D
glScalef
glViewport
glTexGeni
glMatrixMode
glPolygonOffset
glPopAttrib
glRotatef
glLightfv
glPushAttrib
glTranslated
glColor4ubv
glColor3fv
glFogfv
glFogi
glFogf
glMultMatrixf
glVertex3fv
glNormal3f
wglGetProcAddress
glGetString
glDepthFunc
glPixelStorei
glShadeModel
glLightModeli
glLightModelf
glLightModelfv
glMaterialfv
glMaterialf
glHint
glReadPixels
glGetIntegerv
glGetTexLevelParameteriv
glLoadMatrixf
wglDeleteContext
glColor4f
glEnable
glDisable
glPopMatrix
glEnd
glVertex2f
glTexCoord2f
glBegin
glBindTexture
glPushMatrix
glTranslatef
glLoadIdentity
glClear
glClearColor
glTexParameteri
glTexImage2D
glGenTextures
glBlendFunc
glGetFloatv
glDeleteTextures
glLineWidth
glVertex3f
glPointSize
glCallList
glGenLists
glNewList
glNormal3fv
glEndList
glTexCoord2fv
wglCreateContext
wglGetCurrentContext
wglMakeCurrent
glCullFace

glu32

gluTessVertex
gluTessEndContour
gluNewTess
gluCylinder
gluBuild2DMipmaps
gluOrtho2D
gluPerspective
gluLookAt
gluNewQuadric
gluDeleteQuadric
gluDeleteTess
gluTessCallback
gluTessProperty
gluTessNormal
gluTessBeginContour
gluTessBeginPolygon
gluTessEndPolygon

winmm

timeGetTime

dinput

DirectInputCreateEx

ijl15

ord5
ord2
ord3

imm32

ImmSetConversionStatus
ImmGetCandidateListA
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmSetStatusWindowPos
ImmSetOpenStatus
ImmGetContext
ImmReleaseContext
ImmGetCompositionStringA

ws2_32

gethostbyname
inet_addr
WSAGetLastError
inet_ntoa
WSACleanup
WSAStartup
closesocket
gethostname
socket
WSASocketA
WSAConnect
recv
send
WSAAsyncSelect
htons

fmod

_FSOUND_Stream_GetTime@4
_FSOUND_IsPlaying@4
_FSOUND_SetMute@8
_FSOUND_GetFrequency@4
_FSOUND_StopSound@4
_FSOUND_Sample_Free@4
_FSOUND_Stream_Close@4
_FSOUND_SetOutput@4
_FSOUND_Init@12
_FSOUND_Close@0
_FSOUND_SetSFXMasterVolume@4
_FSOUND_Stream_Open@16
_FSOUND_SetVolume@8
_FSOUND_Stream_Play@8
_FSOUND_Stream_SetPosition@8
_FSOUND_Stream_SetTime@8
_FSOUND_Stream_Stop@4
_FSOUND_Sample_Load@20
_FSOUND_PlaySound@8
_FSOUND_Sample_SetMode@8
_FSOUND_Sample_SetMinMaxDistance@12
_FSOUND_3D_SetAttributes@12
_FSOUND_3D_SetRolloffFactor@4
_FSOUND_3D_SetDopplerFactor@4
_FSOUND_3D_Listener_SetAttributes@32
_FSOUND_Update@0
_FSOUND_SetFrequency@8

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysAllocStringLen
SysAllocString
SysFreeString

freetype

ord113
ord44
ord125
ord127
ord76
ord35
ord122
ord126
ord99
ord34
ord48
ord86

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6efd6fb226b922f50b4c38389bacfe8d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

opengl32

glu32

winmm

dinput

ijl15

imm32

ws2_32

fmod

ole32

oleaut32

freetype

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 172KB - Virtual size: 170KB

.data Size: 60KB - Virtual size: 121KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 172KB - Virtual size: 170KB

.data
Size: 60KB - Virtual size: 121KB

.rsrc
Size: 44KB - Virtual size: 42KB