Static task
static1
General
-
Target
vrw_dll.exe
-
Size
264KB
-
MD5
bb6965458d1ed0b93a5c0cfad0eb7550
-
SHA1
5a682c9626e050e60cfb7b8849598d70aac36f1b
-
SHA256
d0b4a89c75ec93a43918a44b15616e08cd2568e97aa0db7cfb1608ac1be844da
-
SHA512
1c12b23f4760878986231d84b2f31e722260a475c3b88ff3e1a54c6278a4d92f475505dfe78c3f7fbd47509f20625831eaa3cc5f15050cb4bdbe6acf6915f7fd
-
SSDEEP
3072:XL2EgzKaF1G0NQftpxaH0w3OVWHonuTw9dz5fDUbo8jgS7eKyZh0DSjc9IVjKLMd:Kx1afJK0wewIuTw9dz1Mo8jzOKfTE
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource vrw_dll.exe
Files
-
vrw_dll.exe.exe windows:4 windows x86 arch:x86
c94e1d59ba7dcf3bd0310209f669a4c5
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
opengl32
glMultMatrixf
glOrtho
glLightfv
glLoadIdentity
glLineWidth
glVertex2f
glPushMatrix
glLineStipple
glTranslatef
glNewList
wglDeleteContext
glScalef
glViewport
glCallList
glDeleteLists
glRotatef
glPopMatrix
glMaterialfv
glMaterialf
glTexCoord2fv
glNormal3fv
glGetFloatv
glLoadMatrixf
glShadeModel
glVertex3f
glBegin
glVertex3fv
glEnd
glClearColor
glClear
glLightModeli
glDisable
glTexEnvf
glMatrixMode
glGenLists
glEndList
glFlush
glEnable
wglMakeCurrent
glTexParameterf
glHint
wglCreateContext
glPixelStorei
glPointSize
glBlendFunc
glDepthFunc
glColor3fv
glu32
gluSphere
gluQuadricOrientation
gluCylinder
gluQuadricNormals
gluQuadricDrawStyle
gluLookAt
gluPerspective
gluBuild2DMipmaps
gluDisk
gluNewQuadric
mfc40
ord1041
ord713
ord499
ord4450
ord2199
ord2557
ord3046
ord4845
ord2081
ord2515
ord3985
ord4676
ord3944
ord2218
ord503
ord719
ord3913
ord1493
ord3267
ord731
ord1061
ord729
ord1583
ord265
ord4163
ord2675
ord2681
ord5612
ord2195
ord2224
ord4659
ord5079
ord1510
ord4934
ord2774
ord5005
ord3902
ord4407
ord2100
ord3870
ord3007
ord2789
ord5385
ord5470
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord3345
ord3346
ord3340
ord2694
ord3580
ord4097
ord3908
ord578
ord325
ord4282
ord3727
ord706
ord836
ord760
ord3626
ord5031
ord483
ord4316
ord4096
ord3906
ord1035
ord5506
ord2327
ord1449
ord3656
ord486
ord5648
ord3963
ord2234
ord2197
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4715
ord3579
ord4165
ord4719
ord4703
ord5053
ord2960
ord3259
ord721
ord504
ord1014
ord2390
ord3583
ord1616
ord3735
ord3378
ord1851
ord2388
ord2092
ord2676
ord4547
ord4550
ord3948
ord3790
ord2913
ord4463
ord862
ord4414
ord2962
ord2529
ord2527
ord3649
ord5363
ord3577
ord1540
ord3890
ord4653
ord2085
ord4608
ord5647
ord3837
ord4698
ord2324
ord1445
ord3314
ord4296
ord3918
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4671
ord2140
ord1850
ord4691
ord4101
ord3910
ord364
ord600
ord4140
ord4150
ord3929
ord4153
ord1599
ord3731
ord2086
ord4186
ord2510
ord3643
ord5214
ord2200
ord341
ord570
ord5374
ord4704
ord4681
ord3859
ord4312
ord3158
ord1368
ord5360
ord3578
ord1539
ord4657
ord4694
ord3922
ord4677
ord3907
ord3134
ord315
ord3724
ord5492
ord2707
ord4173
ord702
ord4656
ord3606
ord476
ord5203
ord2181
ord2304
ord2303
ord5372
ord3030
ord5314
ord1843
ord4000
ord4417
ord1846
ord3938
ord3112
ord2533
ord3185
ord2115
ord5123
ord5207
ord1426
ord2876
ord4089
ord4086
ord4084
ord3761
ord873
ord371
ord1615
ord3655
ord2299
ord4521
ord3707
ord4088
ord4087
ord1700
ord3760
ord4065
ord4357
ord4007
ord3826
ord3833
ord4348
ord4021
ord4019
ord4002
ord4005
msvcrt40
_setmbcp
__set_app_type
_controlfp
__p___mb_cur_max
fgetc
__p__commode
_adjust_fdiv
__p__fmode
__getmainargs
_initterm
__setusermatherr
_XcptFilter
_onexit
__p__acmdln
?terminate@@YAXXZ
_except_handler3
__dllonexit
_adj_fptan
__CxxFrameHandler
??_Difstream@@QAEXXZ
??_Dofstream@@QAEXXZ
??0ofstream@@QAE@XZ
??0ifstream@@QAE@XZ
?close@ofstream@@QAEXXZ
?close@ifstream@@QAEXXZ
?open@ifstream@@QAEXPBDHH@Z
?sh_read@filebuf@@2HB
?read@istream@@QAEAAV1@PADH@Z
?open@ofstream@@QAEXPBDHH@Z
?sh_none@filebuf@@2HB
strchr
fprintf
__p__iob
?write@ostream@@QAEAAV1@PBDH@Z
malloc
free
?cerr@@3Vostream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z
??6ostream@@QAEAAV0@PBD@Z
_adj_fdivr_m32
_adj_fdivr_m64
sscanf
_adj_fdiv_m32
_adj_fdiv_r
_CIacos
_adj_fpatan
??6ostream@@QAEAAV0@N@Z
??6ostream@@QAEAAV0@E@Z
fclose
fscanf
tolower
atoi
fgets
strncmp
__p__pctype
_isctype
_exit
strstr
_adj_fdiv_m32i
sprintf
_purecall
fopen
printf
_mtunlock
?get@istream@@IAEAAV1@PADHH@Z
_mtlock
?openprot@filebuf@@2HB
_strdup
_getcwd
_ftol
_adj_fdiv_m64
??6ostream@@QAEAAV0@H@Z
?cout@@3Vostream_withassign@@A
ungetc
getc
fread
??6ostream@@QAEAAV0@J@Z
_unlink
exit
vsprintf
strtol
strtoul
atof
realloc
?adjustfield@ios@@2JB
strncpy
memchr
kernel32
WritePrivateProfileStringA
Sleep
GetPrivateProfileIntA
GetPrivateProfileStringA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetTickCount
GetVersion
GetModuleHandleA
GetStartupInfoA
CopyFileA
GetTempPathA
user32
PeekMessageA
TranslateMessage
DispatchMessageA
EnableWindow
SetCapture
ReleaseCapture
GetKeyState
RedrawWindow
FillRect
ReleaseDC
InvalidateRect
GetDC
SetCursor
SendMessageA
LoadCursorA
UpdateWindow
GetClientRect
wsprintfA
gdi32
SwapBuffers
SelectPalette
RealizePalette
CreateSolidBrush
CreatePalette
ChoosePixelFormat
SetPixelFormat
DeleteObject
GetPixelFormat
DescribePixelFormat
Sections
.text Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 22KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 15KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ