3c80aff9302bdc8dbd20f9523817d4d9

Sharing

Copy URL Twitter E-mail

General

Target

3c80aff9302bdc8dbd20f9523817d4d9
Size

80KB
MD5

3c80aff9302bdc8dbd20f9523817d4d9
SHA1

b1fbfb85e3a40315a19528753f18b6b36c9f9ca2
SHA256

32f2e12b9e2f081dde807a40a85db0b15e5806389a4858dacd66fc7337e14b5f
SHA512

d9c8db09ac169f5743419d0cc08d47546655d22c893e32c005715b00edbcac5d3f27acf595376c08e7119c5dca16a49af7212b38e908ca79dafa61ff4a4b5c0a
SSDEEP

1536:b+WjMkQd8lS9Um/BuOEFlLiOMM+ixdXNjbsOqnSvMOOXX9X59hP8TWU4d7aTD1p9:b+cbQylS9UmJuOilxMGqnSvMOOXX9X5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c80aff9302bdc8dbd20f9523817d4d9

Files

3c80aff9302bdc8dbd20f9523817d4d9
.dll windows:4 windows x86 arch:x86

3a008cbd58fc4397d05bd1367b535d57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

osg

?clone@Geometry@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Geometry@osg@@UBEPAVObject@2@XZ
?computeInternalFormat@Texture2D@osg@@MBEXXZ
?compile@Texture@osg@@UBEXAAVState@2@@Z
?apply@Texture2D@osg@@UBEXAAVState@2@@Z
?getAssociatedModes@Texture2D@osg@@UBEXAAV?$vector@IV?$allocator@I@std@@@std@@@Z
?compare@Texture2D@osg@@UBEHABVStateAttribute@2@@Z
?isTextureAttribute@Texture@osg@@UBE_NXZ
?getType@Texture2D@osg@@UBEIXZ
?className@Texture2D@osg@@UBEPBDXZ
?libraryName@Texture2D@osg@@UBEPBDXZ
?isSameKindAs@Texture2D@osg@@UBE_NPBVObject@2@@Z
?clone@Texture2D@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Texture2D@osg@@UBEPAVObject@2@XZ
?compile@StateAttribute@osg@@UBEXAAVState@2@@Z
?apply@Material@osg@@UBEXAAVState@2@@Z
?getAssociatedModes@Material@osg@@UBEXAAV?$vector@IV?$allocator@I@std@@@std@@@Z
?compare@Material@osg@@UBEHABVStateAttribute@2@@Z
?isTextureAttribute@StateAttribute@osg@@UBE_NXZ
?getType@Material@osg@@UBEIXZ
?className@Material@osg@@UBEPBDXZ
?libraryName@Material@osg@@UBEPBDXZ
?isSameKindAs@Material@osg@@UBE_NPBVObject@2@@Z
?clone@Material@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@Material@osg@@UBEPAVObject@2@XZ
?className@StateSet@osg@@UBEPBDXZ
?libraryName@StateSet@osg@@UBEPBDXZ
?isSameKindAs@StateSet@osg@@UBE_NPBVObject@2@@Z
?clone@StateSet@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?cloneType@StateSet@osg@@UBEPAVObject@2@XZ
?setMode@CullFace@osg@@QAEXW4Mode@12@@Z
??0CullFace@osg@@QAE@XZ
?setStateSet@Node@osg@@QAEXPAVStateSet@2@@Z
??0Geode@osg@@QAE@XZ
?getTexCoordArray@Geometry@osg@@QAEPAVArray@2@I@Z
?getNormalArray@Geometry@osg@@QAEPAV?$TemplateArray@VVec3@osg@@$09$02$0BEAG@@2@XZ
?getVertexArray@Geometry@osg@@QAEPAV?$TemplateArray@VVec3@osg@@$09$02$0BEAG@@2@XZ
?isSameKindAs@Geometry@osg@@UBE_NPBVObject@2@@Z
?addPrimitiveSet@Geometry@osg@@QAE_NPAVPrimitiveSet@2@@Z
??0DrawArrayLengths@osg@@QAE@I@Z
?setTexCoordArray@Geometry@osg@@QAEXIPAVArray@2@@Z
?setNormalBinding@Geometry@osg@@QAEXW4AttributeBinding@12@@Z
?setNormalArray@Geometry@osg@@QAEXPAV?$TemplateArray@VVec3@osg@@$09$02$0BEAG@@2@@Z
?setVertexArray@Geometry@osg@@QAEXPAV?$TemplateArray@VVec3@osg@@$09$02$0BEAG@@2@@Z
?setStateSet@Drawable@osg@@QAEXPAVStateSet@2@@Z
??0Geometry@osg@@QAE@XZ
?setTextureAttributeAndModes@StateSet@osg@@QAEXIPAVStateAttribute@2@I@Z
?setWrap@Texture@osg@@QAEXW4WrapParameter@12@W4WrapMode@12@@Z
?setImage@Texture2D@osg@@QAEXPAVImage@2@@Z
??0Texture2D@osg@@QAE@XZ
?setMode@StateSet@osg@@QAEXII@Z
?setRenderingHint@StateSet@osg@@QAEXH@Z
?setEmission@Material@osg@@QAEXW4Face@12@ABVVec4@2@@Z
?setSpecular@Material@osg@@QAEXW4Face@12@ABVVec4@2@@Z
?setShininess@Material@osg@@QAEXW4Face@12@M@Z
?setDiffuse@Material@osg@@QAEXW4Face@12@ABVVec4@2@@Z
?setAmbient@Material@osg@@QAEXW4Face@12@ABVVec4@2@@Z
?setAttributeAndModes@StateSet@osg@@QAEXPAVStateAttribute@2@I@Z
??0Material@osg@@QAE@XZ
??0StateSet@osg@@QAE@XZ
??1CullFace@osg@@MAE@XZ
??1StateSet@osg@@MAE@XZ
?className@Array@osg@@UBEPBDXZ
?libraryName@Array@osg@@UBEPBDXZ
?isSameKindAs@Array@osg@@UBE_NPBVObject@2@@Z
??1Array@osg@@MAE@XZ
??0Array@osg@@QAE@W4Type@01@HI@Z
?unref@Referenced@osg@@QBEXXZ
?ref@Referenced@osg@@QBEXXZ
??0Array@osg@@QAE@ABV01@ABVCopyOp@1@@Z
??1Geode@osg@@MAE@XZ
??1DrawArrayLengths@osg@@MAE@XZ
??1Geometry@osg@@MAE@XZ
??1Material@osg@@MAE@XZ
??1Texture2D@osg@@MAE@XZ
?libraryName@Geometry@osg@@UBEPBDXZ
?className@Geometry@osg@@UBEPBDXZ
?asGeometry@Geometry@osg@@UBEPBV12@XZ
?asGeometry@Geometry@osg@@UAEPAV12@XZ
?compile@Drawable@osg@@UBEXAAVState@2@@Z
?drawImplementation@Geometry@osg@@UBEXAAVState@2@@Z
?supports@Geometry@osg@@UBE_NAAVPrimitiveFunctor@Drawable@2@@Z
?supports@Geometry@osg@@UBE_NAAVConstAttributeFunctor@Drawable@2@@Z
?supports@Geometry@osg@@UBE_NAAVAttributeFunctor@Drawable@2@@Z
?accept@Geometry@osg@@UBEXAAVPrimitiveFunctor@Drawable@2@@Z
?accept@Geometry@osg@@UBEXAAVConstAttributeFunctor@Drawable@2@@Z
?accept@Geometry@osg@@UAEXAAVAttributeFunctor@Drawable@2@@Z
?computeBound@Drawable@osg@@MBE_NXZ
?cloneType@DrawArrayLengths@osg@@UBEPAVObject@2@XZ
?clone@DrawArrayLengths@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?isSameKindAs@DrawArrayLengths@osg@@UBE_NPBVObject@2@@Z
?libraryName@DrawArrayLengths@osg@@UBEPBDXZ
?className@DrawArrayLengths@osg@@UBEPBDXZ
?draw@DrawArrayLengths@osg@@UBEXXZ
?accept@DrawArrayLengths@osg@@UBEXAAVPrimitiveFunctor@Drawable@2@@Z
?index@DrawArrayLengths@osg@@UBEII@Z
?getNumIndices@DrawArrayLengths@osg@@UBEIXZ
?offsetIndices@DrawArrayLengths@osg@@UAEXH@Z
?getNumPrimitives@DrawArrayLengths@osg@@UBEIXZ
?cloneType@Geode@osg@@UBEPAVObject@2@XZ
?clone@Geode@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?isSameKindAs@Geode@osg@@UBE_NPBVObject@2@@Z
?libraryName@Geode@osg@@UBEPBDXZ
?className@Geode@osg@@UBEPBDXZ
?asGroup@Node@osg@@UBEPBVGroup@2@XZ
?asGroup@Node@osg@@UAEPAVGroup@2@XZ
?asTransform@Node@osg@@UBEPBVTransform@2@XZ
?asTransform@Node@osg@@UAEPAVTransform@2@XZ
?accept@Geode@osg@@UAEXAAVNodeVisitor@2@@Z
?ascend@Node@osg@@UAEXAAVNodeVisitor@2@@Z
?traverse@Node@osg@@UAEXAAVNodeVisitor@2@@Z
?computeBound@Geode@osg@@MBE_NXZ
?addDrawable@Geode@osg@@UAE_NPAVDrawable@2@@Z
?removeDrawable@Geode@osg@@UAE_NII@Z
?removeDrawable@Geode@osg@@UAE_NPAVDrawable@2@@Z
?replaceDrawable@Geode@osg@@UAE_NPAVDrawable@2@0@Z
?setDrawable@Geode@osg@@UAE_NIPAVDrawable@2@@Z
?cloneType@CullFace@osg@@UBEPAVObject@2@XZ
?clone@CullFace@osg@@UBEPAVObject@2@ABVCopyOp@2@@Z
?isSameKindAs@CullFace@osg@@UBE_NPBVObject@2@@Z
?libraryName@CullFace@osg@@UBEPBDXZ
?className@CullFace@osg@@UBEPBDXZ
?getType@CullFace@osg@@UBEIXZ
?compare@CullFace@osg@@UBEHABVStateAttribute@2@@Z
?getAssociatedModes@CullFace@osg@@UBEXAAV?$vector@IV?$allocator@I@std@@@std@@@Z
?apply@CullFace@osg@@UBEXAAVState@2@@Z
?getPrimitiveSet@Geometry@osg@@QAEPAVPrimitiveSet@2@I@Z
?notify@osg@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@std@@W4NotifySeverity@1@@Z

osgdb

?removeReaderWriter@Registry@osgDB@@QAEXPAVReaderWriter@2@@Z
??1ReaderWriter@osgDB@@UAE@XZ
?equalCaseInsensitive@osgDB@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBD@Z
??0ReaderWriter@osgDB@@QAE@XZ
?readObject@ReaderWriter@osgDB@@UAE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@12@@Z
?readImage@ReaderWriter@osgDB@@UAE?AVReadResult@12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@12@@Z
?writeObject@ReaderWriter@osgDB@@UAE?AVWriteResult@12@ABVObject@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@12@@Z
?writeImage@ReaderWriter@osgDB@@UAE?AVWriteResult@12@ABVImage@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@12@@Z
?writeNode@ReaderWriter@osgDB@@UAE?AVWriteResult@12@ABVNode@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBVOptions@12@@Z
?instance@Registry@osgDB@@SAPAV12@XZ
?addReaderWriter@Registry@osgDB@@QAEXPAVReaderWriter@2@@Z
?readImageFile@osgDB@@YAPAVImage@osg@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?getLowerCaseFileExtension@osgDB@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@@Z

msvcp70

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?close@?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Nomemory@std@@YAXXZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?find_first_not_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIABV12@I@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??Bios_base@std@@QBEPAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDH@Z
?bad@ios_base@std@@QBE_NXZ

msvcr70

_CxxThrowException
??3@YAXPAX@Z
__CxxFrameHandler
atof
atoi
strrchr
??1exception@@UAE@XZ
??0exception@@QAE@XZ
malloc
_callnewh
??1type_info@@UAE@XZ
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
?terminate@@YAXXZ
_except_handler3
sqrt
??0exception@@QAE@ABV0@@Z

kernel32

DisableThreadLibraryCalls

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a008cbd58fc4397d05bd1367b535d57

Headers

File Characteristics

Imports

osg

osgdb

msvcp70

msvcr70

kernel32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB