6e6a9660c35a4d76331f7b056ee4bc5142e6e38088b87645320dad5f38b3189a

Sharing

Copy URL Twitter E-mail

General

Target

6e6a9660c35a4d76331f7b056ee4bc5142e6e38088b87645320dad5f38b3189a
Size

821KB
MD5

8409f4adaadccce74e5f511ada6c2c9a
SHA1

346df9bb064f88bb49167703c9e04b3ebc98e769
SHA256

6e6a9660c35a4d76331f7b056ee4bc5142e6e38088b87645320dad5f38b3189a
SHA512

d57d5192e21e9692be1bb12cf7957a00bc4c057221586675c36a0257090316e2098c1621d29531323204fcf017f49743d6e88f7e2e4f9b8552eda1b1a53ea6b6
SSDEEP

24576:LylfA8Xxt6B2eag3CpwUTI2bOlVkPXWFL:GldxMv73whbxPXWl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e6a9660c35a4d76331f7b056ee4bc5142e6e38088b87645320dad5f38b3189a

Files

6e6a9660c35a4d76331f7b056ee4bc5142e6e38088b87645320dad5f38b3189a
.exe windows:5 windows x86 arch:x86

c7c340959dfe52dc9216f0e33da5cd47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosPathToSessionPathW
LoadLibraryW
RemoveDirectoryW
SetComputerNameExA
GetProcessWorkingSetSize
FindFirstFileExA
WriteConsoleInputA
FileTimeToSystemTime
GetProcAddress
AllocateUserPhysicalPages
TermsrvAppInstallMode
SetLastError
DebugBreak
WriteProfileStringW
FindResourceExW
GetACP
EnumResourceTypesW
HeapCreate

ntdll

RtlMoveMemory
RtlConvertToAutoInheritSecurityObject
RtlxAnsiStringToUnicodeSize
NtCreateMutant
NtSuspendProcess
ZwOpenDirectoryObject
RtlRaiseException
_splitpath
ZwCreateFile
RtlConvertSharedToExclusive
RtlNewSecurityObject
ZwQueryTimer
ZwSaveMergedKeys
ZwCreateProcess
RtlEqualLuid
NtSetInformationFile
RtlQueryTimeZoneInformation
LdrQueryImageFileExecutionOptions
DbgUiIssueRemoteBreakin

opengl32

wglUseFontBitmapsW
GlmfBeginGlsBlock
glRasterPos2iv
wglSetPixelFormat
glColor4d
glMapGrid2f
wglUseFontBitmapsA
glVertex4dv
glGetMaterialfv
glRecti
glMultMatrixd
glClear
glRasterPos2i
glColor4i
glEvalCoord1dv
glTexCoord1f
glTexGendv
glGetDoublev
wglGetCurrentContext
glNormal3iv
glAccum
glEvalMesh1
glGetLightfv
glEdgeFlagv
glGetBooleanv
glTexCoord3sv
glTexSubImage1D
glMaterialiv
glDepthFunc

crtdll

isdigit
__fpecode
_fputchar
_control87
_searchenv
floor
strstr
_aexit_rtn_dll
_ismbcupper
_putch
_winmajor_dll
_heapwalk

msasn1

ASN1BERDecPeekTag
ASN1_CloseModule
ASN1octetstring_cmp
ASN1BEREncRemoveZeroBits
ASN1BERDecZeroMultibyteString
ASN1BEREncObjectIdentifier
ASN1BEREncZeroMultibyteString
ASN1CEREncNewBlkElement
ASN1_Encode
ASN1_Decode
ASN1_FreeDecoded
ASN1BERDecS16Val
ASN1intx_uoctets
ASN1intx2uint32
ASN1BEREncChar32String
ASN1CEREncOctetString
ASN1_CloseDecoder

msjtes40

DllMain

Sections

.text
Size: 389KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7c340959dfe52dc9216f0e33da5cd47

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

opengl32

crtdll

msasn1

msjtes40

Sections

.text Size: 389KB - Virtual size: 388KB

.rdata Size: 113KB - Virtual size: 113KB

.data Size: 157KB - Virtual size: 1.5MB

.rsrc Size: 159KB - Virtual size: 159KB

.reloc Size: 1024B - Virtual size: 832B

.text
Size: 389KB - Virtual size: 388KB

.rdata
Size: 113KB - Virtual size: 113KB

.data
Size: 157KB - Virtual size: 1.5MB

.rsrc
Size: 159KB - Virtual size: 159KB

.reloc
Size: 1024B - Virtual size: 832B