5a01f89e579893305ff43dc914979f5b

Sharing

Copy URL Twitter E-mail

General

Target

5a01f89e579893305ff43dc914979f5b
Size

112KB
MD5

5a01f89e579893305ff43dc914979f5b
SHA1

0ab3709a571d8eb2f16daccc774a88ae43d6dd10
SHA256

9698eec753998c70be190413f1d02bb150d69d32fd952944da46e7d5e6b7dbea
SHA512

81f195171a5d8bfe7408efb78c0b20862241b42c1298ff2f25d296d630410c5b0adb7a808cf0d21a9ef5e6c5d700942ac3c945a8ee22bd887e363212dfacfb76
SSDEEP

1536:zm7yVwHlCIXGXzc8448U8oPP1jSW5A8RESk10M3L6jjj4RFoq87dy7:yeVTIXGDybU8oX3Gr0+L+f4Qq8Zy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a01f89e579893305ff43dc914979f5b

Files

5a01f89e579893305ff43dc914979f5b
.dll windows:5 windows x86 arch:x86

7b05912702ace8497b89d5f99df9367a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\swiftshader\src\GLES2\libEGL\Win32\Release\libEGL.pdb

Imports

kernel32

TlsSetValue
GetProcAddress
LoadLibraryA
TlsAlloc
TlsFree
GetLastError
SetLastError
GetCurrentThreadId
GetCurrentProcessId
FreeLibrary
CreateFileW
GetStringTypeW
LCMapStringW
WriteConsoleW
ReadFile
MultiByteToWideChar
GetProcessHeap
SetEndOfFile
SetFilePointer
TlsGetValue
EncodePointer
DecodePointer
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
IsProcessorFeaturePresent
Sleep
HeapSize
GetModuleHandleW
ExitProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
CloseHandle
InterlockedIncrement
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
WriteFile
GetModuleFileNameW
HeapReAlloc
LoadLibraryW
CreateFileA
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage

user32

GetPropA
RemovePropA
GetClientRect
SetPropA
SetWindowLongA
InvalidateRect
CallWindowProcA
GetWindowThreadProcessId
GetDC
ReleaseDC
IsWindow

gdi32

GetDeviceCaps

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglCopyBuffers
eglCreateContext
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreateWindowSurface
eglDestroyContext
eglDestroySurface
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetProcAddress
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b05912702ace8497b89d5f99df9367a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB