a8f767dcaecfe64a627e9e1e53d819befb0f2c8c7fb3f1be2b5fb8626d8e3035

Sharing

Copy URL Twitter E-mail

General

Target

a8f767dcaecfe64a627e9e1e53d819befb0f2c8c7fb3f1be2b5fb8626d8e3035
Size

136KB
MD5

847d9a1ff034ce974f639bf4424463e2
SHA1

c5728fcb101d22b7ad7d5fc14cc4a8f235e62993
SHA256

a8f767dcaecfe64a627e9e1e53d819befb0f2c8c7fb3f1be2b5fb8626d8e3035
SHA512

0c123f6122ed5ff64deb34595d8e325fb3368b5fae46b07355fb92112da7efc18a2b0f08c4e2090fe1154545ad79de1bdc3adcc7064ea495b7709ea344b00567
SSDEEP

3072:GE+fSrb+S+Y34D4BtkSHdfOjovvMbeY3xfP:M6rKSLCjuvMbeYxP

Score

N/A

Malware Config

Signatures

Files

a8f767dcaecfe64a627e9e1e53d819befb0f2c8c7fb3f1be2b5fb8626d8e3035
.exe windows x86

d7db93d405d0e8350e96261372a670a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW

kernel32

GetCommandLineW
GetCurrentDirectoryW
GetSystemDirectoryW
CloseHandle
CreateFileW
HeapSize
HeapReAlloc
LocalFree
WriteConsoleW
SetStdHandle
RtlUnwind
LoadLibraryW
FlushFileBuffers
HeapAlloc
IsProcessorFeaturePresent
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetLastError
GetProcAddress
ReadFile
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
HeapFree
Sleep
MultiByteToWideChar
GetStringTypeW
LCMapStringW

user32

MessageBoxW

shell32

CommandLineToArgvW
ord680

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
CoSetProxyBlanket

oleaut32

SysAllocString
SysFreeString

gameuxinstallhelper

GameExplorerUninstallW
GameExplorerInstallW

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 16.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7db93d405d0e8350e96261372a670a7

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

shell32

ole32

oleaut32

gameuxinstallhelper

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 56KB - Virtual size: 16.0MB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 56KB - Virtual size: 16.0MB

.rsrc
Size: 25KB - Virtual size: 25KB