glmf32[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

glmf32.dll
Size

383KB
MD5

fec6f18406313a7a04caa4aee92576b9
SHA1

eb160668dd6f595d4f3a3395efd8ed8c6f7e417d
SHA256

5cb645b5c4ccde48441122b786688a98cf800ff7a1ea7e7d5e8fa62a9bda769f
SHA512

ed7cd9bfb9e25ec27f92a2fc2a2d7674d50015070a46f15881c4c2311a351b6d1015b58c7ba33be3c7ede93dd91b999e1d4976436c41eae22bef526bfafe6849
SSDEEP

6144:pLWfAaVO3w/z2H3GLLmyaAvE2QJClhpPzMujWHbEX2LRyxp/fm3jOZxjS:8e3ez2HWLqyaAvBQ+h54ujWHbEX2LRy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
glmf32.dll

Files

glmf32.dll
.dll windows:10 windows x86 arch:x86

2f21e55a3d7cbc98f6a2aa5612ad6421

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

glmf32.pdb

Imports

msvcrt

fseek
fgetpos
fsetpos
fread
setlocale
_HUGE
strtod
strtoul
isxdigit
_errno
strtol
fflush
clearerr
fwrite
_chsize
_finite
_XcptFilter
_amsg_exit
_initterm
_except_handler4_common
memmove
fclose
setbuf
fopen
ferror
ftell
sscanf_s
remove
malloc
fprintf
_vsnprintf
realloc
calloc
exit
gmtime
strstr
time
strncmp
getenv
free
_fileno
strtok
__iob_func
_ftol2
floor
memcpy
memset

kernel32

GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
TlsFree
DeleteCriticalSection
GetProcAddress
TlsAlloc
LoadLibraryA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
TlsGetValue

Exports

Exports

__glsParser_create
__glsParser_print
__glsString_appendChar
__glsString_assign
__glsString_init
glsAbortCall
glsAppRef
glsBeginCapture
glsBeginGLS
glsBeginObj
glsBinary
glsBlock
glsCallArray
glsCallArrayInContext
glsCallStream
glsCaptureFlags
glsCaptureFunc
glsChannel
glsCharubz
glsCommandAPI
glsCommandFunc
glsCommandString
glsComment
glsContext
glsCopyStream
glsDataPointer
glsDeleteContext
glsDeleteReadPrefix
glsDeleteStream
glsDisplayMapfv
glsEndCapture
glsEndGLS
glsEndObj
glsEnumString
glsError
glsFlush
glsGLRC
glsGLRCLayer
glsGenContext
glsGetAllContexts
glsGetCaptureDispatchTable
glsGetCaptureExecTable
glsGetCaptureFlags
glsGetCommandAlignment
glsGetCommandAttrib
glsGetCommandFunc
glsGetConsti
glsGetConstiv
glsGetConstubz
glsGetContextFunc
glsGetContextListl
glsGetContextListubz
glsGetContextPointer
glsGetContexti
glsGetContextubz
glsGetCurrentContext
glsGetCurrentTime
glsGetError
glsGetGLRCi
glsGetHeaderf
glsGetHeaderfv
glsGetHeaderi
glsGetHeaderiv
glsGetHeaderubz
glsGetLayerf
glsGetLayeri
glsGetOpcodeCount
glsGetOpcodes
glsGetStreamAttrib
glsGetStreamCRC32
glsGetStreamReadName
glsGetStreamSize
glsGetStreamType
glsHeaderGLRCi
glsHeaderLayerf
glsHeaderLayeri
glsHeaderf
glsHeaderfv
glsHeaderi
glsHeaderiv
glsHeaderubz
glsIsContext
glsIsContextStream
glsIsExtensionSupported
glsIsUTF8String
glsLong
glsLongHigh
glsLongLow
glsNullCommandFunc
glsNumb
glsNumbv
glsNumd
glsNumdv
glsNumf
glsNumfv
glsNumi
glsNumiv
glsNuml
glsNumlv
glsNums
glsNumsv
glsNumub
glsNumubv
glsNumui
glsNumuiv
glsNumul
glsNumulv
glsNumus
glsNumusv
glsPad
glsPixelSetup
glsPixelSetupGen
glsReadFunc
glsReadPrefix
glsRequireExtension
glsSwapBuffers
glsUCS1toUTF8z
glsUCS2toUTF8z
glsUCS4toUTF8
glsUCS4toUTF8z
glsUCStoUTF8z
glsULong
glsULongHigh
glsULongLow
glsUTF8toUCS1z
glsUTF8toUCS2z
glsUTF8toUCS4
glsUTF8toUCS4z
glsUTF8toUCSz
glsUnreadFunc
glsUnsupportedCommand
glsUpdateCaptureExecTable
glsWriteFunc
glsWritePrefix

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f21e55a3d7cbc98f6a2aa5612ad6421

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 350KB - Virtual size: 350KB

.data Size: 4KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 350KB - Virtual size: 350KB

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 24KB - Virtual size: 23KB