Installer[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

Installer.rar
Size

13.6MB
MD5

0fc70d6bb5d57f790902f0002b68330f
SHA1

841dd1f069dbcf8acb259bab1c29e01cd5015681
SHA256

6a23494ce00e7b06127b055750f4836491a979948bcad5468b57574f87b321b2
SHA512

2623f229e34f9bc4aedbc028afa429a7ce7b683990d478339509a6db904012ee66afb26b547b52a6471c1d414bba3f0b85e0c8c1b160376a9c888085b91d8697
SSDEEP

393216:XykUPxJjORf4+hL4wwvuW7gP0x0zhctNDD6K5q:Xt2xFOxJR43UzhW6Oq

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Installer/Install.exe
unpack001/Installer/scriрts/libGLESv2.old
unpack001/Installer/update/IA2Marshal.dat

Files

Installer.rar
.rar

Password: 1515
Installer/Install.exe
.exe windows:4 windows x86 arch:x86

Password: 1515

56a78d55f3f7af51443e58e0ce2fb5f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$INTERNET_CACHE/Abilities
$INTERNET_CACHE/Bermuda
$INTERNET_CACHE/Emperor
$INTERNET_CACHE/Forty
$INTERNET_CACHE/Ignore
$INTERNET_CACHE/Inquiries
$INTERNET_CACHE/Iron
$INTERNET_CACHE/Keeping
$INTERNET_CACHE/Kid
$INTERNET_CACHE/Lexmark
$INTERNET_CACHE/Lexus
$INTERNET_CACHE/Loved
$INTERNET_CACHE/Managing
$INTERNET_CACHE/Melissa
$INTERNET_CACHE/Norm
$INTERNET_CACHE/Que
$INTERNET_CACHE/Quilt
$INTERNET_CACHE/Terrorist
$INTERNET_CACHE/Visited
$INTERNET_CACHE/Wrap
Installer/scriрts/Readme.api
Installer/scriрts/Resource.dat
Installer/scriрts/libGLESv2.old
.dll windows:6 windows x64 arch:x64

Password: 1515

94c7fb29a0a5d69da0d7bfab13142024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/var/tmp/build/firefox-bed2324647cb/obj-mingw/gfx/angle/targets/libGLESv2/libGLESv2.pdb

Imports

mozglue

_aligned_free
_aligned_malloc
_strdup
calloc
free
malloc
moz_xmalloc
realloc

dxgi

CreateDXGIFactory
CreateDXGIFactory1

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
Direct3DCreate9

kernel32

AcquireSRWLockExclusive
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
FreeLibrary
GetCurrentDirectoryA
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesExA
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadId
InitOnceExecuteOnce
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSRWLockExclusive
RtlLookupFunctionEntry
RtlRestoreContext
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEnvironmentVariableA
Sleep
SleepConditionVariableSRW
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte

user32

CreateWindowExW
DestroyWindow
GetClientRect
InvalidateRect
IsIconic
IsWindow
WindowFromDC

api-ms-win-crt-convert-l1-1-0

_strtod_l
_strtoi64_l
_strtoui64_l
atoi
mbrtowc
mbsrtowcs
strtod
strtol
strtoul
wcrtomb
wcrtomb_s
wcstod
wcstol
wcstombs
wcstoul

api-ms-win-crt-math-l1-1-0

__setusermatherr
cosh
sinh
tan
tanh

api-ms-win-crt-private-l1-1-0

memchr
memcmp
memcpy
memmove
strrchr
strstr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__sys_nerr
_assert
_beginthreadex
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_errno
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
_register_thread_local_exe_atexit_callback
abort
exit
strerror
strerror_s

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
_close
_lseek
_open
_read
_wopen
_write
fclose
fflush
fopen
fputc
fputs
fread
fseek
ftell
fwrite
getc
ungetc

api-ms-win-crt-string-l1-1-0

_isctype_l
_iswalpha_l
_iswcntrl_l
_iswdigit_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_strcoll_l
_strnicmp
_strxfrm_l
_tolower_l
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsxfrm_l
islower
isspace
isupper
iswctype
isxdigit
mbrlen
memset
strcmp
strlen
strncmp
tolower
toupper
wcslen

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
__pctype_func
_configthreadlocale
_create_locale
_free_locale
localeconv
setlocale

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_strftime_l
_tzset

api-ms-win-crt-multibyte-l1-1-0

_mbtowc_l

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
getenv

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Exports

Exports

ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
EGL_BindAPI
EGL_BindTexImage
EGL_ChooseConfig
EGL_ClientWaitSync
EGL_ClientWaitSyncKHR
EGL_CopyBuffers
EGL_CreateContext
EGL_CreateDeviceANGLE
EGL_CreateImage
EGL_CreateImageKHR
EGL_CreateNativeClientBufferANDROID
EGL_CreatePbufferFromClientBuffer
EGL_CreatePbufferSurface
EGL_CreatePixmapSurface
EGL_CreatePlatformPixmapSurface
EGL_CreatePlatformPixmapSurfaceEXT
EGL_CreatePlatformWindowSurface
EGL_CreatePlatformWindowSurfaceEXT
EGL_CreateStreamKHR
EGL_CreateStreamProducerD3DTextureANGLE
EGL_CreateSync
EGL_CreateSyncKHR
EGL_CreateWindowSurface
EGL_DebugMessageControlKHR
EGL_DestroyContext
EGL_DestroyImage
EGL_DestroyImageKHR
EGL_DestroyStreamKHR
EGL_DestroySurface
EGL_DestroySync
EGL_DestroySyncKHR
EGL_DupNativeFenceFDANDROID
EGL_GetCompositorTimingANDROID
EGL_GetCompositorTimingSupportedANDROID
EGL_GetConfigAttrib
EGL_GetConfigs
EGL_GetCurrentContext
EGL_GetCurrentDisplay
EGL_GetCurrentSurface
EGL_GetDisplay
EGL_GetError
EGL_GetFrameTimestampSupportedANDROID
EGL_GetFrameTimestampsANDROID
EGL_GetMscRateANGLE
EGL_GetNativeClientBufferANDROID
EGL_GetNextFrameIdANDROID
EGL_GetPlatformDisplay
EGL_GetPlatformDisplayEXT
EGL_GetProcAddress
EGL_GetSyncAttrib
EGL_GetSyncAttribKHR
EGL_GetSyncValuesCHROMIUM
EGL_HandleGPUSwitchANGLE
EGL_Initialize
EGL_LabelObjectKHR
EGL_MakeCurrent
EGL_PostSubBufferNV
EGL_PresentationTimeANDROID
EGL_ProgramCacheGetAttribANGLE
EGL_ProgramCachePopulateANGLE
EGL_ProgramCacheQueryANGLE
EGL_ProgramCacheResizeANGLE
EGL_QueryAPI
EGL_QueryContext
EGL_QueryDebugKHR
EGL_QueryDeviceAttribEXT
EGL_QueryDeviceStringEXT
EGL_QueryDisplayAttribANGLE
EGL_QueryDisplayAttribEXT
EGL_QueryStreamKHR
EGL_QueryStreamu64KHR
EGL_QueryString
EGL_QueryStringiANGLE
EGL_QuerySurface
EGL_QuerySurfacePointerANGLE
EGL_ReacquireHighPowerGPUANGLE
EGL_ReleaseDeviceANGLE
EGL_ReleaseHighPowerGPUANGLE
EGL_ReleaseTexImage
EGL_ReleaseThread
EGL_SetBlobCacheFuncsANDROID
EGL_SignalSyncKHR
EGL_StreamAttribKHR
EGL_StreamConsumerAcquireKHR
EGL_StreamConsumerGLTextureExternalAttribsNV
EGL_StreamConsumerGLTextureExternalKHR
EGL_StreamConsumerReleaseKHR
EGL_StreamPostD3DTextureANGLE
EGL_SurfaceAttrib
EGL_SwapBuffers
EGL_SwapBuffersWithDamageKHR
EGL_SwapBuffersWithFrameTokenANGLE
EGL_SwapInterval
EGL_Terminate
EGL_WaitClient
EGL_WaitGL
EGL_WaitNative
EGL_WaitSync
EGL_WaitSyncKHR
_ZN2gl10AlphaFuncxEji
_ZN2gl10BeginQueryEjj
_ZN2gl10BindBufferEjj
_ZN2gl10BlendColorEffff
_ZN2gl10BlendFunciEjjj
_ZN2gl10BufferDataEjxPKvj
_ZN2gl10ClearColorEffff
_ZN2gl10ClipPlanefEjPKf
_ZN2gl10ClipPlanexEjPKi
_ZN2gl10ColorMaskiEjhhhh
_ZN2gl10DeleteSyncEP8__GLsync
_ZN2gl10DrawArraysEjii
_ZN2gl10EnableiEXTEjj
_ZN2gl10EnableiOESEjj
_ZN2gl10GenBuffersEiPj
_ZN2gl10GenQueriesEiPj
_ZN2gl10GetLightfvEjjPf
_ZN2gl10GetLightxvEjjPi
_ZN2gl10GetQueryivEjjPi
_ZN2gl10GetStringiEjj
_ZN2gl10IsEnablediEjj
_ZN2gl10IsQueryEXTEj
_ZN2gl10LineWidthxEi
_ZN2gl10MaterialfvEjjPKf
_ZN2gl10MaterialxvEjjPKi
_ZN2gl10MatrixModeEj
_ZN2gl10PointSizexEi
_ZN2gl10PushMatrixEv
_ZN2gl10ReadBufferEj
_ZN2gl10ReadPixelsEiiiijjPv
_ZN2gl10SetFenceNVEjj
_ZN2gl10ShadeModelEj
_ZN2gl10TexGenfOESEjjf
_ZN2gl10TexGeniOESEjji
_ZN2gl10TexGenxOESEjji
_ZN2gl10TexImage2DEjiiiiijjPKv
_ZN2gl10TexImage3DEjiiiiiijjPKv
_ZN2gl10TranslatefEfff
_ZN2gl10TranslatexEiii
_ZN2gl10Uniform1fvEiiPKf
_ZN2gl10Uniform1ivEiiPKi
_ZN2gl10Uniform1uiEij
_ZN2gl10Uniform2fvEiiPKf
_ZN2gl10Uniform2ivEiiPKi
_ZN2gl10Uniform2uiEijj
_ZN2gl10Uniform3fvEiiPKf
_ZN2gl10Uniform3ivEiiPKi
_ZN2gl10Uniform3uiEijjj
_ZN2gl10Uniform4fvEiiPKf
_ZN2gl10Uniform4ivEiiPKi
_ZN2gl10Uniform4uiEijjjj
_ZN2gl10UseProgramEj
_ZN2gl11BindSamplerEjj
_ZN2gl11BindTextureEjj
_ZN2gl11ClearColorxEiiii
_ZN2gl11ClearDepthfEf
_ZN2gl11ClearDepthxEi
_ZN2gl11DepthRangefEff
_ZN2gl11DepthRangexEii
_ZN2gl11DisableiEXTEjj
_ZN2gl11DisableiOESEjj
_ZN2gl11DrawBuffersEiPKj
_ZN2gl11DrawTexfOESEfffff
_ZN2gl11DrawTexiOESEiiiii
_ZN2gl11DrawTexsOESEsssss
_ZN2gl11DrawTexxOESEiiiii
_ZN2gl11EndQueryEXTEj
_ZN2gl11GenFencesNVEiPj
_ZN2gl11GenSamplersEiPj
_ZN2gl11GenTexturesEiPj
_ZN2gl11GetBooleanvEjPh
_ZN2gl11GetIntegervEjPi
_ZN2gl11GetPointervEjPPv
_ZN2gl11GetShaderivEjjPi
_ZN2gl11GetTexEnvfvEjjPf
_ZN2gl11GetTexEnvivEjjPi
_ZN2gl11GetTexEnvxvEjjPi
_ZN2gl11LightModelfEjf
_ZN2gl11LightModelxEji
_ZN2gl11LinkProgramEj
_ZN2gl11LoadMatrixfEPKf
_ZN2gl11LoadMatrixxEPKi
_ZN2gl11MultMatrixfEPKf
_ZN2gl11MultMatrixxEPKi
_ZN2gl11ObjectLabelEjjiPKc
_ZN2gl11PixelStoreiEji
_ZN2gl11ReadnPixelsEiiiijjiPv
_ZN2gl11SampleMaskiEjj
_ZN2gl11StencilFuncEjij
_ZN2gl11StencilMaskEj
_ZN2gl11TestFenceNVEj
_ZN2gl11TexGenfvOESEjjPKf
_ZN2gl11TexGenivOESEjjPKi
_ZN2gl11TexGenxvOESEjjPKi
_ZN2gl11Uniform1uivEiiPKj
_ZN2gl11Uniform2uivEiiPKj
_ZN2gl11Uniform3uivEiiPKj
_ZN2gl11Uniform4uivEiiPKj
_ZN2gl11UnmapBufferEj
_ZN2gl12AttachShaderEjj
_ZN2gl12BlendBarrierEv
_ZN2gl12ClearStencilEi
_ZN2gl12ColorPointerEijiPKv
_ZN2gl12CreateShaderEj
_ZN2gl12DeleteShaderEj
_ZN2gl12DetachShaderEjj
_ZN2gl12DrawElementsEjijPKv
_ZN2gl12DrawTexfvOESEPKf
_ZN2gl12DrawTexivOESEPKi
_ZN2gl12DrawTexsvOESEPKs
_ZN2gl12DrawTexxvOESEPKi
_ZN2gl12GetFenceivNVEjjPi
_ZN2gl12GetProgramivEjjPi
_ZN2gl12GetUniformfvEjiPf
_ZN2gl12GetUniformivEjiPi
_ZN2gl12LightModelfvEjPKf
_ZN2gl12LightModelxvEjPKi
_ZN2gl12LoadIdentityEv
_ZN2gl12MapBufferOESEjj
_ZN2gl12ShaderBinaryEiPKjjPKvi
_ZN2gl12ShaderSourceEjiPKPKcPKi
_ZN2gl12TexBufferEXTEjjj
_ZN2gl12TexBufferOESEjjj
_ZN2gl12TexStorage2DEjijii
_ZN2gl12TexStorage3DEjijiii
_ZN2gl13ActiveTextureEj
_ZN2gl13BeginQueryEXTEjj
_ZN2gl13BlendEquationEj
_ZN2gl13BlendFunciEXTEjjj
_ZN2gl13BlendFunciOESEjjj
_ZN2gl13BufferSubDataEjxxPKv
_ZN2gl13ClearBufferfiEjifi
_ZN2gl13ClearBufferfvEjiPKf
_ZN2gl13ClearBufferivEjiPKi
_ZN2gl13ColorMaskiEXTEjhhhh
_ZN2gl13ColorMaskiOESEjhhhh
_ZN2gl13CompileShaderEj
_ZN2gl13CreateProgramEv
_ZN2gl13DeleteBuffersEiPKj
_ZN2gl13DeleteProgramEj
_ZN2gl13DeleteQueriesEiPKj
_ZN2gl13FinishFenceNVEj
_ZN2gl13GenQueriesEXTEiPj
_ZN2gl13GetBooleani_vEjjPh
_ZN2gl13GetClipPlanefEjPf
_ZN2gl13GetClipPlanexEjPi
_ZN2gl13GetInteger64vEjPx
_ZN2gl13GetIntegeri_vEjjPi
_ZN2gl13GetMaterialfvEjjPf
_ZN2gl13GetMaterialxvEjjPi
_ZN2gl13GetQueryivEXTEjjPi
_ZN2gl13GetUniformuivEjiPj
_ZN2gl13GetnUniformfvEjiiPf
_ZN2gl13GetnUniformivEjiiPi
_ZN2gl13IsEnablediEXTEjj
_ZN2gl13IsEnablediOESEjj
_ZN2gl13IsFramebufferEj
_ZN2gl13IsVertexArrayEj
_ZN2gl13MemoryBarrierEj
_ZN2gl13NormalPointerEjiPKv
_ZN2gl13PolygonOffsetEff
_ZN2gl13PopDebugGroupEv
_ZN2gl13ProgramBinaryEjjPKvi
_ZN2gl13TexImage3DOESEjijiiiijjPKv
_ZN2gl13TexParameterfEjjf
_ZN2gl13TexParameteriEjji
_ZN2gl13TexParameterxEjji
_ZN2gl13TexSubImage2DEjiiiiijjPKv
_ZN2gl13TexSubImage3DEjiiiiiiijjPKv
_ZN2gl13VertexPointerEijiPKv
_ZN2gl14BindBufferBaseEjjj
_ZN2gl14BlendEquationiEjj
_ZN2gl14ClearBufferuivEjiPKj
_ZN2gl14ClientWaitSyncEP8__GLsyncjy
_ZN2gl14CopyTexImage2DEjijiiiii
_ZN2gl14DeleteFencesNVEiPKj
_ZN2gl14DeleteSamplersEiPKj
_ZN2gl14DeleteTexturesEiPKj
_ZN2gl14DrawBuffersEXTEiPKj
_ZN2gl14GenerateMipmapEj
_ZN2gl14GetObjectLabelEjjiPiPc
_ZN2gl14GetPointervKHREjPPv
_ZN2gl14GetTexGenfvOESEjjPf
_ZN2gl14GetTexGenivOESEjjPi
_ZN2gl14GetTexGenxvOESEjjPi
_ZN2gl14GetnUniformuivEjiiPj
_ZN2gl14IsRenderbufferEj
_ZN2gl14IsSemaphoreEXTEj
_ZN2gl14MapBufferRangeEjxxj
_ZN2gl14ObjectLabelKHREjjiPKc
_ZN2gl14ObjectPtrLabelEPKviPKc
_ZN2gl14PolygonOffsetxEii
_ZN2gl14PushDebugGroupEjjiPKc
_ZN2gl14ReadnPixelsEXTEiiiijjiPv
_ZN2gl14SampleCoverageEfh
_ZN2gl14TexBufferRangeEjjjxx
_ZN2gl14TexParameterfvEjjPKf
_ZN2gl14TexParameterivEjjPKi
_ZN2gl14TexParameterxvEjjPKi
_ZN2gl14UnmapBufferOESEj
_ZN2gl14VertexAttrib1fEjf
_ZN2gl14VertexAttrib2fEjff
_ZN2gl14VertexAttrib3fEjfff
_ZN2gl14VertexAttrib4fEjffff
_ZN2gl15BindBufferRangeEjjjxx
_ZN2gl15BindFramebufferEjj
_ZN2gl15BindVertexArrayEj
_ZN2gl15BlitFramebufferEiiiiiiiijj
_ZN2gl15DispatchComputeEjjj
_ZN2gl15GenFramebuffersEiPj
_ZN2gl15GenVertexArraysEiPj
_ZN2gl15GetActiveAttribEjjiPiS0_PjPc
_ZN2gl15GetInteger64i_vEjjPx
_ZN2gl15GetShaderSourceEjiPiPc
_ZN2gl15MultiTexCoord4fEjffff
_ZN2gl15MultiTexCoord4xEjiiii
_ZN2gl15PatchParameteriEji
_ZN2gl15PointParameterfEjf
_ZN2gl15PointParameterxEji
_ZN2gl15QueryCounterEXTEjj
_ZN2gl15QueryMatrixxOESEPiS0_
_ZN2gl15SampleCoveragexEih
_ZN2gl15TexCoordPointerEijiPKv
_ZN2gl15TexParameterIivEjjPKi
_ZN2gl15TexStorage1DEXTEjiji
_ZN2gl15TexStorage2DEXTEjijii
_ZN2gl15TexStorage3DEXTEjijiii
_ZN2gl15ValidateProgramEj
_ZN2gl15VertexAttrib1fvEjPKf
_ZN2gl15VertexAttrib2fvEjPKf
_ZN2gl15VertexAttrib3fvEjPKf
_ZN2gl15VertexAttrib4fvEjPKf
_ZN2gl15VertexAttribI4iEjiiii
_ZN2gl16BindImageTextureEjjihijj
_ZN2gl16BindRenderbufferEjj
_ZN2gl16BindVertexBufferEjjxi
_ZN2gl16BufferStorageEXTEjxPKvj
_ZN2gl16CopyImageSubDataEjjiiiijjiiiiiii
_ZN2gl16DeleteQueriesEXTEiPKj
_ZN2gl16FogfContextANGLEEPvjf
_ZN2gl16FogxContextANGLEEPvji
_ZN2gl16GenRenderbuffersEiPj
_ZN2gl16GenSemaphoresEXTEiPj
_ZN2gl16GetActiveUniformEjjiPiS0_PjPc
_ZN2gl16GetInteger64vEXTEjPx
_ZN2gl16GetMultisamplefvEjjPf
_ZN2gl16GetProgramBinaryEjiPiPjPv
_ZN2gl16GetShaderInfoLogEjiPiPc
_ZN2gl16GetTexImageANGLEEjijjPv
_ZN2gl16GetnUniformfvEXTEjiiPf
_ZN2gl16GetnUniformivEXTEjiiPi
_ZN2gl16HintContextANGLEEPvjj
_ZN2gl16IsFramebufferOESEj
_ZN2gl16IsVertexArrayOESEj
_ZN2gl16MinSampleShadingEf
_ZN2gl16PointParameterfvEjPKf
_ZN2gl16PointParameterxvEjPKi
_ZN2gl16PopDebugGroupKHREv
_ZN2gl16ProgramBinaryOESEjjPKvi
_ZN2gl16ProgramUniform1fEjif
_ZN2gl16ProgramUniform1iEjii
_ZN2gl16ProgramUniform2fEjiff
_ZN2gl16ProgramUniform2iEjiii
_ZN2gl16ProgramUniform3fEjifff
_ZN2gl16ProgramUniform3iEjiiii
_ZN2gl16ProgramUniform4fEjiffff
_ZN2gl16ProgramUniform4iEjiiiii
_ZN2gl16SampleMaskiANGLEEjj
_ZN2gl16TexParameterIuivEjjPKj
_ZN2gl16TexSubImage3DOESEjiiiiiiijjPKv
_ZN2gl16UniformMatrix2fvEiihPKf
_ZN2gl16UniformMatrix3fvEiihPKf
_ZN2gl16UniformMatrix4fvEiihPKf
_ZN2gl16UseProgramStagesEjjj
_ZN2gl16VertexAttribI4ivEjPKi
_ZN2gl16VertexAttribI4uiEjjjjj
_ZN2gl16WaitSemaphoreEXTEjjPKjjS1_S1_
_ZN2gl16WeightPointerOESEijiPKv
_ZN2gl17BlendEquationiEXTEjj
_ZN2gl17BlendEquationiOESEjj
_ZN2gl17BlendFuncSeparateEjjjj
_ZN2gl17ClearContextANGLEEPvj
_ZN2gl17CopyBufferSubDataEjjxxx
_ZN2gl17CopyTexSubImage2DEjiiiiiii
_ZN2gl17CopyTexSubImage3DEjiiiiiiii
_ZN2gl17DrawRangeElementsEjjjijPKv
_ZN2gl17EnableClientStateEj
_ZN2gl17FlushContextANGLEEPv
_ZN2gl17FogfvContextANGLEEPvjPKf
_ZN2gl17FogxvContextANGLEEPvjPKi
_ZN2gl17GenerateMipmapOESEj
_ZN2gl17GetAttribLocationEjPKc
_ZN2gl17GetBufferPointervEjjPPv
_ZN2gl17GetObjectLabelKHREjjiPiPc
_ZN2gl17GetObjectPtrLabelEPKviPiPc
_ZN2gl17GetProgramInfoLogEjiPiPc
_ZN2gl17GetQueryObjectuivEjjPj
_ZN2gl17GetTexParameterfvEjjPf
_ZN2gl17GetTexParameterivEjjPi
_ZN2gl17GetTexParameterxvEjjPi
_ZN2gl17GetUniformIndicesEjiPKPKcPj
_ZN2gl17GetVertexAttribfvEjjPf
_ZN2gl17GetVertexAttribivEjjPi
_ZN2gl17ImportMemoryFdEXTEjyji
_ZN2gl17IsMemoryObjectEXTEj
_ZN2gl17IsProgramPipelineEj
_ZN2gl17IsRenderbufferOESEj
_ZN2gl17MapBufferRangeEXTEjxxj
_ZN2gl17ObjectPtrLabelKHREPKviPKc
_ZN2gl17PopGroupMarkerEXTEv
_ZN2gl17ProgramParameteriEjji
_ZN2gl17ProgramUniform1fvEjiiPKf
_ZN2gl17ProgramUniform1ivEjiiPKi
_ZN2gl17ProgramUniform1uiEjij
_ZN2gl17ProgramUniform2fvEjiiPKf
_ZN2gl17ProgramUniform2ivEjiiPKi
_ZN2gl17ProgramUniform2uiEjijj
_ZN2gl17ProgramUniform3fvEjiiPKf
_ZN2gl17ProgramUniform3ivEjiiPKi
_ZN2gl17ProgramUniform3uiEjijjj
_ZN2gl17ProgramUniform4fvEjiiPKf
_ZN2gl17ProgramUniform4ivEjiiPKi
_ZN2gl17ProgramUniform4uiEjijjjj
_ZN2gl17PushDebugGroupKHREjjiPKc
_ZN2gl17SamplerParameterfEjjf
_ZN2gl17SamplerParameteriEjji
_ZN2gl17StencilOpSeparateEjjjj
_ZN2gl17TexBufferRangeEXTEjjjxx
_ZN2gl17TexBufferRangeOESEjjjxx
_ZN2gl17VertexAttribI4uivEjPKj
_ZN2gl18BindAttribLocationEjjPKc
_ZN2gl18BindFramebufferOESEjj
_ZN2gl18BindVertexArrayOESEj
_ZN2gl18BlendFuncSeparateiEjjjjj
_ZN2gl18CopyTexture3DANGLEEjijjiijhhh
_ZN2gl18DebugMessageInsertEjjjjiPKc
_ZN2gl18DeleteFramebuffersEiPKj
_ZN2gl18DeleteVertexArraysEiPKj
_ZN2gl18DisableClientStateEj
_ZN2gl18DrawArraysIndirectEjPKv
_ZN2gl18EnableContextANGLEEPvj
_ZN2gl18FinishContextANGLEEPv
_ZN2gl18FramebufferTextureEjjji
_ZN2gl18GenFramebuffersOESEiPj
_ZN2gl18GenVertexArraysOESEiPj
_ZN2gl18GetAttachedShadersEjiPiPj
_ZN2gl18GetDebugMessageLogEjiPjS0_S0_S0_PiPc
_ZN2gl18GetTexParameterIivEjjPi
_ZN2gl18GetUniformLocationEjPKc
_ZN2gl18GetVertexAttribIivEjjPi
_ZN2gl18IsSyncContextANGLEEPvP8__GLsync
_ZN2gl18LightfContextANGLEEPvjjf
_ZN2gl18LightxContextANGLEEPvjji
_ZN2gl18OrthofContextANGLEEPvffffff
_ZN2gl18OrthoxContextANGLEEPviiiiii
_ZN2gl18ProgramUniform1uivEjiiPKj
_ZN2gl18ProgramUniform2uivEjiiPKj
_ZN2gl18ProgramUniform3uivEjiiPKj
_ZN2gl18ProgramUniform4uivEjiiPKj
_ZN2gl18PushGroupMarkerEXTEiPKc
_ZN2gl18SamplerParameterfvEjjPKf
_ZN2gl18SamplerParameterivEjjPKi
_ZN2gl18ScalefContextANGLEEPvfff
_ZN2gl18ScalexContextANGLEEPviii
_ZN2gl18SignalSemaphoreEXTEjjPKjjS1_S1_
_ZN2gl18TexParameterIivOESEjjPKi
_ZN2gl18TexStorageMem2DEXTEjijiijy
_ZN2gl18TexStorageMem3DEXTEjijiiijy
_ZN2gl18UniformMatrix2x3fvEiihPKf
_ZN2gl18UniformMatrix2x4fvEiihPKf
_ZN2gl18UniformMatrix3x2fvEiihPKf
_ZN2gl18UniformMatrix3x4fvEiihPKf
_ZN2gl18UniformMatrix4x2fvEiihPKf
_ZN2gl18UniformMatrix4x3fvEiihPKf
_ZN2gl18VertexAttribFormatEjijhj
_ZN2gl19ActiveShaderProgramEjj
_ZN2gl19BindProgramPipelineEj
_ZN2gl19BindRenderbufferOESEjj
_ZN2gl19BufferStorageMemEXTEjxjy
_ZN2gl19ClientActiveTextureEj
_ZN2gl19Color4fContextANGLEEPvffff
_ZN2gl19Color4xContextANGLEEPviiii
_ZN2gl19CopyImageSubDataEXTEjjiiiijjiiiiiii
_ZN2gl19CopyImageSubDataOESEjjiiiijjiiiiiii
_ZN2gl19CopyTextureCHROMIUMEjijjiijhhh
_ZN2gl19DebugMessageControlEjjjiPKjh
_ZN2gl19DeleteRenderbuffersEiPKj
_ZN2gl19DeleteSemaphoresEXTEiPKj
_ZN2gl19DisableContextANGLEEPvj
_ZN2gl19DrawArraysInstancedEjiii
_ZN2gl19EnableiContextANGLEEPvjj
_ZN2gl19GenProgramPipelinesEiPj
_ZN2gl19GenRenderbuffersOESEiPj
_ZN2gl19GetActiveUniformsivEjiPKjjPi
_ZN2gl19GetFragDataIndexEXTEjPKc
_ZN2gl19GetFragDataLocationEjPKc
_ZN2gl19GetInternalformativEjjjiPi
_ZN2gl19GetProgramBinaryOESEjiPiPjPv
_ZN2gl19GetQueryObjectivEXTEjjPi

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Installer/scriрts/sirius.lua.example
Installer/update/Accessible.tlb
Installer/update/IA2Marshal.dat
.dll regsvr32 windows:6 windows x64 arch:x64

Password: 1515

89556f266a5e711ccfbd9bae475375d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/var/tmp/build/firefox-bed2324647cb/obj-mingw/accessible/interfaces/ia2/IA2Marshal.pdb

Imports

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrOleAllocate
NdrOleFree
NdrStubCall2
NdrStubForwardingFunction

ole32

HWND_UserFree
HWND_UserMarshal
HWND_UserSize
HWND_UserUnmarshal

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort

api-ms-win-crt-private-l1-1-0

memcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

mozglue

calloc
free

api-ms-win-crt-string-l1-1-0

strlen
strncmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Installer/update/update-settings.ini
Installer/update/updater.ini

Sharing

General

Malware Config

Signatures

Files

Password: 1515

Password: 1515

56a78d55f3f7af51443e58e0ce2fb5f6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 172KB

.ndata Size: - Virtual size: 64KB

.rsrc Size: 7KB - Virtual size: 7KB

Password: 1515

94c7fb29a0a5d69da0d7bfab13142024

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mozglue

dxgi

d3d9

kernel32

user32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

advapi32

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.buildid Size: 512B - Virtual size: 140B

.data Size: 144KB - Virtual size: 172KB

.pdata Size: 126KB - Virtual size: 126KB

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 56KB - Virtual size: 55KB

Password: 1515

89556f266a5e711ccfbd9bae475375d1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

rpcrt4

ole32

oleaut32

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

mozglue

api-ms-win-crt-string-l1-1-0

Exports

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 172KB

.ndata
Size: - Virtual size: 64KB

.rsrc
Size: 7KB - Virtual size: 7KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.buildid
Size: 512B - Virtual size: 140B

.data
Size: 144KB - Virtual size: 172KB

.pdata
Size: 126KB - Virtual size: 126KB

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 56KB - Virtual size: 55KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 28KB - Virtual size: 28KB

.buildid
Size: 512B - Virtual size: 139B

.data
Size: 4KB - Virtual size: 4KB

.pdata
Size: 512B - Virtual size: 312B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 2KB - Virtual size: 1KB