2409a22aed19b15e663052c7077d41e45fdd66c29a17160f7075595e1252c31bN

Sharing

Copy URL Twitter E-mail

General

Target

2409a22aed19b15e663052c7077d41e45fdd66c29a17160f7075595e1252c31bN
Size

720KB
MD5

97110dbde3db13b0f4c06243f339df30
SHA1

87e990a7249a29d6609a65aeaa3fdc1a675d06e6
SHA256

2409a22aed19b15e663052c7077d41e45fdd66c29a17160f7075595e1252c31b
SHA512

ac151560392ee52d8a15a336dbf00b0031a3f40b68152fab67a48e557b4e91ff88fa3c996845ab1f457968e7872a420a33600376a4b59c5583e83e1c26b8644d
SSDEEP

12288:gnJtmq+cgTHvCfmhuZqhjTQ/JvDwFTuzYJjKUVe:gnJEqgrvCnEhjTQ/JvDETuUJGb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2409a22aed19b15e663052c7077d41e45fdd66c29a17160f7075595e1252c31bN

Files

2409a22aed19b15e663052c7077d41e45fdd66c29a17160f7075595e1252c31bN
.exe windows:4 windows x86 arch:x86

e895c40f39db88e560fd393f2f2ee056

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\OctaveEngine\Internal\Project\Windows\OECake110b\OECake.pdb

Imports

opengl32

glAlphaFunc
glDeleteLists
glBegin
wglCreateContext
wglMakeCurrent
glGetDoublev
glTexCoord2f
glScalef
glPushMatrix
glClearColor
glMultMatrixf
wglGetCurrentDC
glViewport
glLoadIdentity
glVertex2f
glTranslatef
glColor3f
glCallList
glGetError
glRotated
glPointSize
glEndList
glColor4ub
glNewList
glColor4f
glPolygonMode
glBlendFunc
glMatrixMode
glEnable
glGenLists
glEnd
glPopAttrib
glDisable
glRectf
glLineWidth
glPopMatrix
glPushAttrib
glBindTexture
glTexImage2D
glDeleteTextures
glTexParameteri
glGenTextures
glOrtho
glClear
glGetIntegerv
glFinish
glCopyTexSubImage2D

glu32

gluUnProject
gluScaleImage
gluErrorString

glew32

glewInit
__glewActiveTexture
__glewUniform4f
__glewGetUniformLocation
__glewUniform2i
__glewLinkProgram
__glewCompileShader
__glewUniform4i
__glewGetProgramInfoLog
__glewUniform1f
__glewUniform3f
__glewCreateProgram
__glewDeleteProgram
__glewUniform1i
__glewUniform2f
__glewDetachShader
__glewDeleteShader
__glewCreateShader
__glewUseProgram
__glewShaderSource
__glewUniform3i
__glewAttachShader
__glewGetShaderInfoLog

mfc80

ord2021
ord1207
ord266
ord265
ord3591
ord911
ord565
ord3974
ord4861
ord4864
ord4379
ord4384
ord5529
ord4381
ord4399
ord4401
ord5563
ord4386
ord333
ord4777
ord2019
ord4591
ord4181
ord2367
ord764
ord2145
ord6067
ord943
ord5356
ord6725
ord2992
ord5915
ord2537
ord2425
ord1620
ord784
ord2731
ord2424
ord5969
ord1617
ord2657
ord2835
ord4019
ord4486
ord1362
ord4307
ord1557
ord2714
ord395
ord1402
ord1964
ord2540
ord3466
ord1656
ord2646
ord4244
ord1655
ord2533
ord1599
ord3718
ord1908
ord5200
ord3719
ord3709
ord5073
ord2644
ord6275
ord3949
ord4185
ord3403
ord4722
ord1600
ord5960
ord5235
ord5233
ord2144
ord923
ord928
ord606
ord932
ord357
ord930
ord751
ord934
ord2390
ord2410
ord562
ord2394
ord2400
ord2398
ord2396
ord2413
ord3648
ord2408
ord4299
ord2392
ord5148
ord2415
ord4277
ord2403
ord5165
ord2385
ord2246
ord2387
ord1913
ord2405
ord5205
ord2178
ord2615
ord2862
ord5009
ord2172
ord742
ord5012
ord1522
ord762
ord553
ord4265
ord6279
ord3945
ord3802
ord635
ord6277
ord4309
ord4135
ord2939
ord4904
ord2173
ord3345
ord1306
ord4967
ord2305
ord6090
ord2003
ord5226
ord5152
ord4568
ord5566
ord2248
ord4282
ord3830
ord4469
ord4467
ord6278
ord3801
ord593
ord6276
ord334
ord4326
ord2838
ord2063
ord4481
ord2018
ord4261
ord5583
ord3806
ord5225
ord5119
ord1010
ord5102
ord5175
ord959
ord6219
ord5382
ord3832
ord5975
ord4031
ord566
ord3333
ord3641
ord5182
ord6724
ord547
ord5912
ord2430
ord1401
ord4262
ord5203
ord605
ord4212
ord4735
ord4890
ord4580
ord2020
ord1671
ord1670
ord1551
ord354
ord3182
ord1920
ord2931
ord1091
ord5224
ord3948
ord5230
ord5213
ord4038
ord3683
ord757
ord3946
ord4014
ord4257
ord4852
ord4739
ord4705
ord1922
ord4222
ord3040
ord2768
ord5934
ord6043
ord368
ord3450
ord3645
ord4264
ord4482
ord4566
ord2614
ord2621
ord6238
ord2016
ord2051
ord616
ord5156
ord5592
ord1379
ord5412
ord2742
ord5495
ord781
ord578
ord1903
ord5214
ord310
ord2747
ord5833
ord1084
ord4125
ord630
ord385
ord2372
ord3682
ord4306
ord5151
ord5174
ord4273
ord3344
ord1361
ord756
ord4444
ord4443
ord4790
ord4204
ord4781
ord4980
ord1482
ord4172

msvcr80

_setjmp3
__CxxLongjmpUnwind
strncmp
_CIsqrt
_CIcos
_CIsin
ldiv
_CIatan2
_CIlog
isprint
_CIexp
printf
exit
fprintf
__iob_func
sscanf
getenv
strlen
longjmp
pow
qsort
exp
rand
log
sqrt
fabs
atan2
strstr
_snprintf
abort
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_CxxThrowException
_CIpow
memset
floor
__CxxFrameHandler3
memcpy
atof
fread
fseek
fscanf
fwrite
ferror
fopen
fgets
getc
fclose
ftell
feof
fflush
fputc
atoi
strtod
?what@exception@std@@UBEPBDXZ
memmove_s
ceil
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
_purecall
realloc
strncpy
sprintf
free
malloc
calloc
_hypot
_setmbcp
strcpy

kernel32

GetACP
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetThreadLocale
GetStartupInfoA
InterlockedCompareExchange
Sleep
SetCurrentDirectoryA
GetLocalTime
InterlockedExchange
GetVersionExA
TerminateProcess

user32

GetWindowRect
SetCapture
GetDC
ReleaseCapture
UpdateWindow
EnableWindow
MessageBoxA
SendMessageA

gdi32

SwapBuffers
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat

shell32

DragQueryFileA
DragQueryPoint

comctl32

InitCommonControlsEx

msvcp80

??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??$getline@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PADH@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@H@2@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??_D?$basic_ifstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?ignore@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@HH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?5DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YAAAV?$basic_istream@DU?$char_traits@D@std@@@0@AAV10@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??1locale@std@@QAE@XZ
??0locale@std@@QAE@PBDH@Z
??0locale@std@@QAE@ABV01@0H@Z
?empty@locale@std@@SA?AV12@XZ
?global@locale@std@@SA?AV12@ABV12@@Z
?classic@locale@std@@SAABV12@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

??0CxFile@@QAE@ABV0@@Z
??0CxFile@@QAE@XZ
??0CxIOFile@@QAE@ABV0@@Z
??0CxIOFile@@QAE@PAU_iobuf@@@Z
??0CxMemFile@@QAE@ABV0@@Z
??1CxFile@@UAE@XZ
??1CxIOFile@@UAE@XZ
??1CxImage@@UAE@XZ
??4CxFile@@QAEAAV0@ABV0@@Z
??4CxIOFile@@QAEAAV0@ABV0@@Z
??4CxMemFile@@QAEAAV0@ABV0@@Z
??_7CxFile@@6B@
??_7CxIOFile@@6B@
??_7CxImage@@6B@
??_7CxMemFile@@6B@
??_FCxIOFile@@QAEXXZ
??_FCxImage@@QAEXXZ
??_FCxMemFile@@QAEXXZ
??_OCxImage@@QAEXAAV0@@Z
?Close@CxIOFile@@UAE_NXZ
?Eof@CxIOFile@@UAE_NXZ
?Error@CxIOFile@@UAEJXZ
?Flush@CxIOFile@@UAE_NXZ
?GetC@CxIOFile@@UAEJXZ
?GetS@CxIOFile@@UAEPADPADH@Z
?Open@CxIOFile@@QAE_NPBD0@Z
?PutC@CxFile@@UAE_NE@Z
?PutC@CxIOFile@@UAE_NE@Z
?Read@CxIOFile@@UAEIPAXII@Z
?Scanf@CxIOFile@@UAEJPBDPAX@Z
?Seek@CxIOFile@@UAE_NJH@Z
?Size@CxIOFile@@UAEJXZ
?Tell@CxIOFile@@UAEJXZ
?Write@CxIOFile@@UAEIPBXII@Z

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e895c40f39db88e560fd393f2f2ee056

Headers

File Characteristics

PDB Paths

Imports

opengl32

glu32

glew32

mfc80

msvcr80

kernel32

user32

gdi32

shell32

comctl32

msvcp80

Exports

Exports

Sections

.text Size: 444KB - Virtual size: 443KB

.rdata Size: 176KB - Virtual size: 174KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 444KB - Virtual size: 443KB

.rdata
Size: 176KB - Virtual size: 174KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 92KB - Virtual size: 91KB