47bbdd2c3a70da68b52ac2a41473545a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47bbdd2c3a70da68b52ac2a41473545a_JaffaCakes118
Size

1.8MB
MD5

47bbdd2c3a70da68b52ac2a41473545a
SHA1

6abce722f899ccf15000dad45566f28117ab74d0
SHA256

dbfb5fbfa8fd4844193157e4aa0ea3a23799589be10e726be928898a8c393a82
SHA512

e0efae3da51e766238a00660717b4009d6f7362830d6eee655bb67e395ee583bb380b2e7406b22201c16a5a31dd5114425c01251c83c565118cea64b8d4c5583
SSDEEP

24576:tyRy+0sAawHNHFhhzsJfaqUKRrEDGRDKmc3t3aKihy4QUJpMnbB43y9Lhn/jdeoi:kA+JAaM7hhYxRKG5KxDiQ14UB43eLJkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sgminer-lyra2z-win32/libcurl.dll
unpack001/sgminer-lyra2z-win32/pthreadGC2.dll
unpack001/sgminer-lyra2z-win32/sgminer.exe

Files

47bbdd2c3a70da68b52ac2a41473545a_JaffaCakes118
.zip
sgminer-lyra2z-win32/kernel/aes_helper.cl
sgminer-lyra2z-win32/kernel/alexkarnew.cl
sgminer-lyra2z-win32/kernel/alexkarold.cl
sgminer-lyra2z-win32/kernel/animecoin.cl
sgminer-lyra2z-win32/kernel/arebyp.cl
sgminer-lyra2z-win32/kernel/bitblock.cl
sgminer-lyra2z-win32/kernel/bitblockold.cl
sgminer-lyra2z-win32/kernel/blake.cl
sgminer-lyra2z-win32/kernel/blake256.cl
sgminer-lyra2z-win32/kernel/blake256r14.cl
sgminer-lyra2z-win32/kernel/blake256r8.cl
sgminer-lyra2z-win32/kernel/bmw.cl
sgminer-lyra2z-win32/kernel/bmw256.cl
sgminer-lyra2z-win32/kernel/bufius.cl
sgminer-lyra2z-win32/kernel/ckolivas.cl
sgminer-lyra2z-win32/kernel/credits.cl
sgminer-lyra2z-win32/kernel/cryptonight.cl
sgminer-lyra2z-win32/kernel/cryptonights.cl
sgminer-lyra2z-win32/kernel/cubehash.cl
sgminer-lyra2z-win32/kernel/cubehash256.cl
sgminer-lyra2z-win32/kernel/darkcoin-mod.cl
sgminer-lyra2z-win32/kernel/darkcoin.cl
sgminer-lyra2z-win32/kernel/diamond.cl
sgminer-lyra2z-win32/kernel/echo.cl
sgminer-lyra2z-win32/kernel/equihash-param.h
sgminer-lyra2z-win32/kernel/equihash.cl
sgminer-lyra2z-win32/kernel/fresh.cl
sgminer-lyra2z-win32/kernel/fugue.cl
sgminer-lyra2z-win32/kernel/fuguecoin.cl
sgminer-lyra2z-win32/kernel/groestl.cl
sgminer-lyra2z-win32/kernel/groestl256.cl
sgminer-lyra2z-win32/kernel/groestlcoin-v1.cl
sgminer-lyra2z-win32/kernel/groestlcoin.cl
sgminer-lyra2z-win32/kernel/hamsi.cl
sgminer-lyra2z-win32/kernel/hamsi_helper.cl
sgminer-lyra2z-win32/kernel/hamsi_helper_big.cl
sgminer-lyra2z-win32/kernel/inkcoin.cl
sgminer-lyra2z-win32/kernel/jh.cl
sgminer-lyra2z-win32/kernel/keccak.cl
sgminer-lyra2z-win32/kernel/keccak1600.cl
sgminer-lyra2z-win32/kernel/luffa.cl
sgminer-lyra2z-win32/kernel/lyra2.cl
sgminer-lyra2z-win32/kernel/lyra2Z.cl
sgminer-lyra2z-win32/kernel/lyra2re.cl
sgminer-lyra2z-win32/kernel/lyra2rev2.cl
sgminer-lyra2z-win32/kernel/lyra2v16.cl
sgminer-lyra2z-win32/kernel/lyra2v2.cl
sgminer-lyra2z-win32/kernel/marucoin-mod.cl
sgminer-lyra2z-win32/kernel/marucoin-modold.cl
sgminer-lyra2z-win32/kernel/marucoin.cl
sgminer-lyra2z-win32/kernel/maxcoin.cl
sgminer-lyra2z-win32/kernel/myriadcoin-groestl.cl
sgminer-lyra2z-win32/kernel/neoscrypt.cl
sgminer-lyra2z-win32/kernel/panama.cl
sgminer-lyra2z-win32/kernel/pluck.cl
sgminer-lyra2z-win32/kernel/psw.cl
sgminer-lyra2z-win32/kernel/quarkcoin.cl
sgminer-lyra2z-win32/kernel/qubitcoin.cl
sgminer-lyra2z-win32/kernel/shabal.cl
sgminer-lyra2z-win32/kernel/shavite.cl
sgminer-lyra2z-win32/kernel/sifcoin.cl
sgminer-lyra2z-win32/kernel/simd.cl
sgminer-lyra2z-win32/kernel/skein.cl
sgminer-lyra2z-win32/kernel/skein256.cl
sgminer-lyra2z-win32/kernel/talkcoin-mod.cl
sgminer-lyra2z-win32/kernel/twecoin.cl
sgminer-lyra2z-win32/kernel/vanilla.cl
sgminer-lyra2z-win32/kernel/whirlcoin.cl
sgminer-lyra2z-win32/kernel/whirlpool.cl
sgminer-lyra2z-win32/kernel/whirlpoolx.cl
sgminer-lyra2z-win32/kernel/wolf-aes.cl
sgminer-lyra2z-win32/kernel/wolf-skein.cl
sgminer-lyra2z-win32/kernel/x14.cl
sgminer-lyra2z-win32/kernel/x14old.cl
sgminer-lyra2z-win32/kernel/yescrypt-multi.cl
sgminer-lyra2z-win32/kernel/yescrypt.cl
sgminer-lyra2z-win32/kernel/yescrypt_essential.cl
sgminer-lyra2z-win32/kernel/zuikkis.cl
sgminer-lyra2z-win32/libcurl.dll
.dll windows:4 windows x86 arch:x86

fe7e5d10ec2acc1b04e47278572e26c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libcrypto-1_1

ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_length
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_TIME_print
BIO_ctrl
BIO_free
BIO_new
BIO_new_file
BIO_new_mem_buf
BIO_printf
BIO_puts
BIO_s_mem
BN_CTX_free
BN_CTX_new
BN_bin2bn
BN_bn2bin
BN_clear_free
BN_mod_exp
BN_new
BN_num_bits
BN_print
BN_rand
BN_set_word
CONF_modules_load_file
CRYPTO_free
CRYPTO_malloc
DES_ecb_encrypt
DES_set_key
DES_set_odd_parity
DH_get0_key
DH_get0_pqg
DSA_SIG_free
DSA_SIG_get0
DSA_SIG_new
DSA_SIG_set0
DSA_do_sign
DSA_do_verify
DSA_free
DSA_get0_key
DSA_get0_pqg
DSA_new
DSA_set0_key
DSA_set0_pqg
ENGINE_by_id
ENGINE_ctrl
ENGINE_ctrl_cmd
ENGINE_finish
ENGINE_free
ENGINE_get_first
ENGINE_get_id
ENGINE_get_next
ENGINE_init
ENGINE_load_builtin_engines
ENGINE_load_private_key
ENGINE_register_all_complete
ENGINE_set_default
ERR_clear_error
ERR_error_string_n
ERR_get_error
ERR_peek_error
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_get_app_data
EVP_CIPHER_CTX_key_length
EVP_CIPHER_CTX_new
EVP_CIPHER_CTX_reset
EVP_CIPHER_CTX_set_app_data
EVP_CIPHER_CTX_set_padding
EVP_CIPHER_meth_new
EVP_CIPHER_meth_set_cleanup
EVP_CIPHER_meth_set_do_cipher
EVP_CIPHER_meth_set_init
EVP_CIPHER_meth_set_iv_length
EVP_Cipher
EVP_CipherInit
EVP_DigestFinal
EVP_DigestInit
EVP_DigestUpdate
EVP_EncryptInit
EVP_EncryptUpdate
EVP_MD_CTX_free
EVP_MD_CTX_new
EVP_PKEY_copy_parameters
EVP_PKEY_free
EVP_PKEY_get0_DH
EVP_PKEY_get0_DSA
EVP_PKEY_get0_RSA
EVP_PKEY_get1_DSA
EVP_PKEY_get1_RSA
EVP_PKEY_id
EVP_aes_128_cbc
EVP_aes_128_ecb
EVP_aes_192_cbc
EVP_aes_192_ecb
EVP_aes_256_cbc
EVP_aes_256_ecb
EVP_bf_cbc
EVP_cast5_cbc
EVP_des_ede3_cbc
EVP_get_cipherbyname
EVP_get_digestbyname
EVP_md5
EVP_rc4
EVP_ripemd160
EVP_sha1
EVP_sha256
EVP_sha512
GENERAL_NAMES_free
HMAC_CTX_free
HMAC_CTX_new
HMAC_Final
HMAC_Init_ex
HMAC_Update
MD4_Final
MD4_Init
MD4_Update
MD5_Final
MD5_Init
MD5_Update
OCSP_BASICRESP_free
OCSP_RESPONSE_free
OCSP_basic_verify
OCSP_cert_status_str
OCSP_check_validity
OCSP_crl_reason_str
OCSP_resp_count
OCSP_resp_get0
OCSP_response_get1_basic
OCSP_response_status
OCSP_response_status_str
OCSP_single_get0_status
OPENSSL_init_crypto
OPENSSL_load_builtin_modules
OPENSSL_sk_num
OPENSSL_sk_pop
OPENSSL_sk_pop_free
OPENSSL_sk_value
OpenSSL_version_num
PEM_read_X509
PEM_read_bio_DSAPrivateKey
PEM_read_bio_PrivateKey
PEM_read_bio_RSAPrivateKey
PEM_write_bio_X509
PKCS12_PBE_add
PKCS12_free
PKCS12_parse
RAND_add
RAND_bytes
RAND_file_name
RAND_load_file
RAND_status
RSA_flags
RSA_free
RSA_get0_key
RSA_new
RSA_set0_crt_params
RSA_set0_factors
RSA_set0_key
RSA_sign
RSA_size
RSA_verify
SHA256_Final
SHA256_Init
SHA256_Update
UI_OpenSSL
UI_create_method
UI_destroy_method
UI_get0_user_data
UI_get_input_flags
UI_get_string_type
UI_method_get_closer
UI_method_get_opener
UI_method_get_reader
UI_method_get_writer
UI_method_set_closer
UI_method_set_opener
UI_method_set_reader
UI_method_set_writer
UI_set_result
X509V3_EXT_print
X509_EXTENSION_get_data
X509_EXTENSION_get_object
X509_LOOKUP_file
X509_NAME_ENTRY_get_data
X509_NAME_get_entry
X509_NAME_get_index_by_NID
X509_NAME_print_ex
X509_STORE_add_lookup
X509_STORE_set_flags
X509_check_issued
X509_free
X509_get0_extensions
X509_get0_notAfter
X509_get0_notBefore
X509_get0_signature
X509_get_X509_PUBKEY
X509_get_ext_d2i
X509_get_issuer_name
X509_get_pubkey
X509_get_serialNumber
X509_get_subject_name
X509_get_version
X509_load_crl_file
X509_signature_print
X509_verify_cert_error_string
d2i_OCSP_RESPONSE
d2i_PKCS12_fp
i2a_ASN1_OBJECT
i2d_X509_PUBKEY
i2t_ASN1_OBJECT

libssl-1_1

BIO_f_ssl
SSL_CIPHER_get_name
SSL_CTX_add_client_CA
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_set_alpn_protos
SSL_CTX_set_cipher_list
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_options
SSL_CTX_set_srp_password
SSL_CTX_set_srp_username
SSL_CTX_set_verify
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_SESSION_free
SSL_connect
SSL_ctrl
SSL_free
SSL_get0_alpn_selected
SSL_get1_session
SSL_get_certificate
SSL_get_current_cipher
SSL_get_error
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_privatekey
SSL_get_verify_result
SSL_new
SSL_pending
SSL_read
SSL_set_bio
SSL_set_connect_state
SSL_set_fd
SSL_set_session
SSL_shutdown
SSL_version
SSL_write
TLS_client_method

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

crypt32

CertFreeCertificateContext

kernel32

CloseHandle
CreateFileMappingA
DeleteCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsA
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
ReadFile
SetLastError
SetUnhandledExceptionFilter
Sleep
SleepEx
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoA
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__dllonexit
_access
_amsg_exit
_beginthreadex
_close
_errno
_exit
_fstati64
_getpid
_initterm
_iob
_lock
_lseeki64
_onexit
_open
_snwprintf
_stati64
_strtoi64
_sys_nerr
_strdup
_unlock
_vsnprintf
_read
_write
abort
atoi
calloc
fclose
feof
fflush
fgets
fopen
fputc
gmtime
fread
free
fseek
ftell
fwprintf
fwrite
getenv
isalnum
isalpha
isgraph
islower
isprint
isspace
isupper
isxdigit
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
raise
realloc
rewind
sprintf
sscanf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtol
strtoul
time
tolower
vfprintf
wcscpy
wcslen

normaliz

IdnToAscii
IdnToUnicode

user32

FindWindowA
MessageBoxW
SendMessageA

wldap32

ber_free
ldap_bind_s
ldap_err2string
ldap_first_attribute
ldap_first_entry
ldap_get_dn
ldap_get_values_len
ldap_init
ldap_memfree
ldap_msgfree
ldap_next_attribute
ldap_next_entry
ldap_search_s
ldap_set_option
ldap_simple_bind_s
ldap_sslinit
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSAGetLastError
WSAIoctl
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 577KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sgminer-lyra2z-win32/pthreadGC2.dll
.dll windows:4 windows x86 arch:x86

5d779cfdcc989deb214e59d1ee6b53c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetThreadContext
GetThreadPriority
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
OpenProcess
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__dllonexit
_beginthreadex
_endthreadex
_errno
_ftime
_iob
_setjmp
_winmajor
abort
calloc
exit
fflush
free
fwrite
longjmp
malloc
memcpy
vfprintf

Exports

Exports

pthreadCancelableTimedWait
pthreadCancelableWait
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setpshared
pthread_create
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_getconcurrency
pthread_getschedparam
pthread_getspecific
pthread_getunique_np
pthread_getw32threadhandle_np
pthread_getw32threadid_np
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_consistent
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getkind_np
pthread_mutexattr_getpshared
pthread_mutexattr_getrobust
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setkind_np
pthread_mutexattr_setpshared
pthread_mutexattr_setrobust
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_win32_process_attach_np
pthread_win32_process_detach_np
pthread_win32_test_features_np
pthread_win32_thread_attach_np
pthread_win32_thread_detach_np
ptw32_get_exception_services_code
ptw32_pop_cleanup
ptw32_push_cleanup
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 340B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sgminer-lyra2z-win32/sgminer.exe
.exe windows:4 windows x86 arch:x86

00307003355cba5345af83df448c8f9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW

libcurl

curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_reset
curl_easy_setopt
curl_easy_strerror
curl_global_cleanup
curl_global_init
curl_slist_append
curl_slist_free_all

kernel32

CloseHandle
CreateFileMappingA
CreateSemaphoreA
CreateWaitableTimerA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FlushConsoleInputBuffer
FormatMessageA
FreeLibrary
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetFileType
GetLargestConsoleWindowSize
GetLastError
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersion
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MapViewOfFile
MultiByteToWideChar
OpenProcess
PeekConsoleInputA
ReadConsoleInputA
ReadConsoleOutputA
ReleaseSemaphore
SetConsoleActiveScreenBuffer
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleTitleA
SetConsoleWindowInfo
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SleepEx
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleOutputA

msvcrt

_access
_close
_dup2
_execv
_fdopen
_isatty
_open
_read
_stat
_strdup
_write
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_errno
_iob
_isctype
_onexit
_pctype
_setmode
_snprintf
_stricmp
_strnicmp
_vsnprintf
abort
atexit
atof
atoi
atol
calloc
div
exit
exp
fclose
fflush
fgetc
floor
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
getenv
localeconv
localtime
log10
malloc
mbstowcs
memchr
memcmp
memmove
printf
putchar
qsort
raise
realloc
setlocale
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strncat
strncmp
strncpy
strrchr
strstr
strtod
strtok
strtol
system
time
tolower
toupper
vfprintf
wcslen
wcstombs

opencl

clBuildProgram
clCreateBuffer
clCreateCommandQueue
clCreateContextFromType
clCreateKernel
clCreateProgramWithBinary
clCreateProgramWithSource
clEnqueueNDRangeKernel
clEnqueueReadBuffer
clEnqueueWriteBuffer
clFinish
clGetDeviceIDs
clGetDeviceInfo
clGetPlatformIDs
clGetPlatformInfo
clGetProgramBuildInfo
clGetProgramInfo
clReleaseCommandQueue
clReleaseContext
clReleaseKernel
clReleaseMemObject
clReleaseProgram
clSetKernelArg

pthreadgc2

pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_create
pthread_detach
pthread_exit
pthread_join
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_self
pthread_setcancelstate
pthread_setcanceltype
pthread_testcancel
ptw32_pop_cleanup
ptw32_push_cleanup
sched_yield
sem_destroy
sem_init
sem_post
sem_timedwait
sem_trywait
sem_wait

user32

FindWindowA
GetKeyState
GetWindowThreadProcessId
MapVirtualKeyA
MessageBeep
SendMessageA
wsprintfA

winmm

timeBeginPeriod
timeEndPeriod

ws2_32

WSAGetLastError
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 411KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe7e5d10ec2acc1b04e47278572e26c0

Headers

DLL Characteristics

File Characteristics

Imports

libcrypto-1_1

libssl-1_1

advapi32

crypt32

kernel32

msvcrt

normaliz

user32

wldap32

ws2_32

Exports

Exports

Sections

.text Size: 577KB - Virtual size: 577KB

.data Size: 7KB - Virtual size: 6KB

.rdata Size: 119KB - Virtual size: 119KB

.bss Size: - Virtual size: 1KB

.edata Size: 2KB - Virtual size: 2KB

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 25KB - Virtual size: 24KB

5d779cfdcc989deb214e59d1ee6b53c4

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.data Size: 512B - Virtual size: 48B

.rdata Size: 512B - Virtual size: 420B

.eh_fram Size: 512B - Virtual size: 72B

.bss Size: - Virtual size: 340B

.edata Size: 4KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 1020B

.reloc Size: 1024B - Virtual size: 936B

00307003355cba5345af83df448c8f9e

Headers

File Characteristics

Imports

advapi32

libcurl

kernel32

msvcrt

opencl

pthreadgc2

user32

winmm

ws2_32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 14KB - Virtual size: 13KB

.rdata Size: 411KB - Virtual size: 410KB

/4 Size: 68KB - Virtual size: 68KB

.bss Size: - Virtual size: 52KB

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 76KB - Virtual size: 80KB

.text
Size: 577KB - Virtual size: 577KB

.data
Size: 7KB - Virtual size: 6KB

.rdata
Size: 119KB - Virtual size: 119KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 2KB - Virtual size: 2KB

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 25KB - Virtual size: 24KB

.text
Size: 55KB - Virtual size: 54KB

.data
Size: 512B - Virtual size: 48B

.rdata
Size: 512B - Virtual size: 420B

.eh_fram
Size: 512B - Virtual size: 72B

.bss
Size: - Virtual size: 340B

.edata
Size: 4KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 1020B

.reloc
Size: 1024B - Virtual size: 936B

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 14KB - Virtual size: 13KB

.rdata
Size: 411KB - Virtual size: 410KB

/4
Size: 68KB - Virtual size: 68KB

.bss
Size: - Virtual size: 52KB

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 76KB - Virtual size: 80KB