18d817805bdc7b8b04ec6f9934d4248a131dc0ab51ee36f5855c73d8c5f15046

Sharing

Copy URL Twitter E-mail

General

Target

18d817805bdc7b8b04ec6f9934d4248a131dc0ab51ee36f5855c73d8c5f15046
Size

5.7MB
MD5

8c9a515ffcedf414b9725fb61bd5b80a
SHA1

fe5d69ad3f37f64f4666b433745425c6a1823b08
SHA256

18d817805bdc7b8b04ec6f9934d4248a131dc0ab51ee36f5855c73d8c5f15046
SHA512

a3dd6bc206315cf50b60026b58da8c00b4174aed1a2d691f36287c6daf120b03f7892bd93d55549bc4772b2dce61a60aa2137a3c8629b0c8027389472f945b56
SSDEEP

98304:Brgiit/HWTR5RD7BY8m/YqSy0toi39lVPkKgok24cSgGYxT0:Br2/WFv7BY8m/YqSyKomlVPkKgjSSgxB

Score

N/A

Malware Config

Signatures

Files

18d817805bdc7b8b04ec6f9934d4248a131dc0ab51ee36f5855c73d8c5f15046
.exe windows x86

70c76389d462b0ced5f58ff594f20596

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

D3DPERF_SetMarker
Direct3DCreate9

d3dx9_43

D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromSurface
D3DXVec3TransformCoord
D3DXMatrixInverse
D3DXMatrixMultiply
D3DXMatrixRotationAxis
D3DXVec3TransformNormal
D3DXMatrixRotationYawPitchRoll
D3DXMatrixMultiplyTranspose
D3DXVec4Transform
D3DXMatrixTranspose
D3DXFloat32To16Array
D3DXMatrixRotationQuaternion
D3DXFloat16To32Array
D3DXCompileShader
D3DXQuaternionRotationMatrix
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXSaveSurfaceToFileA
D3DXGetImageInfoFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXSaveSurfaceToFileInMemory
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXSaveTextureToFileA

dinput8

DirectInput8Create

winmm

timeBeginPeriod
timeEndPeriod
timeGetDevCaps

shell32

SHGetFolderPathA
SHGetFolderPathW
ShellExecuteA

shlwapi

PathAppendW

rpcrt4

UuidFromStringA

ws2_32

WSAStartup
connect
inet_addr
inet_ntoa
socket
setsockopt
ioctlsocket
htons
bind
WSAGetLastError
closesocket
sendto
recvfrom
ntohs
getsockname
__WSAFDIsSet
select
recv
send
gethostbyname

steam_api

SteamAPI_UnregisterCallback
SteamAPI_Init
SteamUser
SteamUtils
SteamApps
SteamUserStats
SteamFriends
SteamAPI_RunCallbacks
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamRemoteStorage

kernel32

LCMapStringW
CompareStringW
OutputDebugStringW
ReadConsoleW
GetConsoleMode
GetConsoleCP
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetFileType
GetStringTypeW
FileTimeToSystemTime
TlsAlloc
CreateDirectoryA
CreateDirectoryW
SetFilePointerEx
CancelIo
FindFirstFileExW
GetCurrentDirectoryW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleW
GetStartupInfoW
TlsFree
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
QueryPerformanceCounter
GlobalMemoryStatus
GetSystemInfo
LoadLibraryA
GetProcAddress
FreeLibrary
TlsGetValue
GetCurrentThreadId
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
InterlockedIncrement
Sleep
SetThreadPriority
SetThreadAffinityMask
InterlockedDecrement
InterlockedExchangeAdd
SwitchToThread
GetFileAttributesExA
GetFileAttributesA
MultiByteToWideChar
ReleaseSemaphore
DeleteFileA
CreateFileA
WriteFile
GetOverlappedResult
CreateFileW
GetFileSize
ReadFile
FindFirstFileW
FindNextFileW
FindClose
LoadResource
SizeofResource
LockResource
GetLastError
GetModuleHandleA
GetSystemDirectoryA
InterlockedCompareExchange
TlsSetValue
GetCurrentProcess
GetProcessAffinityMask
GetCurrentThread
GetModuleFileNameW
GetComputerNameA
SetThreadExecutionState
FreeConsole
GetLocalTime
HeapAlloc
GetProcessHeap
ExpandEnvironmentStringsA
GetSystemDefaultLCID
HeapFree
GetSystemDirectoryW
LoadLibraryW
GlobalMemoryStatusEx
GetDiskFreeSpaceExA
GetModuleFileNameA
SetFilePointer
SetEndOfFile
FormatMessageA
FlushFileBuffers
SetLastError
VirtualFree
LocalFree
VirtualAlloc
DeleteFileW
FindFirstFileA
FindNextFileA
GetCommandLineA
GetThreadPriority
CreateEventA
GetExitCodeThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
InterlockedExchange
RaiseException
QueryPerformanceFrequency
CreateEventW
WideCharToMultiByte
CreateThread
GetTickCount
SleepEx
WaitForMultipleObjectsEx
ReadFileEx
WriteFileEx
MoveFileExW
IsProcessorFeaturePresent
CompareFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetStdHandle
WriteConsoleA
ResumeThread
CreateMutexA
ReleaseMutex
EncodePointer
DecodePointer
ExitThread
LoadLibraryExW
GetDriveTypeW
GetSystemTimeAsFileTime
GetFileInformationByHandle
RtlUnwind
HeapReAlloc
IsDebuggerPresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
PeekNamedPipe
GetFullPathNameW
SetStdHandle
WriteConsoleW
GetTimeZoneInformation
SetEnvironmentVariableA
FindResourceA
GetFileAttributesExW
CreateSemaphoreA

user32

GetClientRect
CreateWindowExA
AdjustWindowRectEx
RegisterClassExA
LoadIconA
GetWindowPlacement
SetForegroundWindow
SendInput
ShowWindow
SetWindowPos
SetWindowLongA
GetSystemMetrics
DefWindowProcA
PostQuitMessage
GetWindowLongW
GetForegroundWindow
CallWindowProcW
UnregisterDeviceNotification
TranslateMessage
PeekMessageA
SystemParametersInfoA
LoadStringW
LoadStringA
GetWindowThreadProcessId
ToUnicodeEx
MapVirtualKeyExW
LoadKeyboardLayoutA
GetKeyboardLayout
SetCursor
SetCursorPos
GetWindowRect
ClipCursor
GetGUIThreadInfo
ClientToScreen
ScreenToClient
GetCursorPos
DestroyIcon
GetCursor
RegisterDeviceNotificationW
MessageBoxA
SetWindowLongW
CreateIconFromResourceEx
SetWindowTextW
InvalidateRect
DispatchMessageA
ValidateRect

gdi32

GetStockObject

advapi32

RegCreateKeyA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoInitializeEx
CoSetProxyBlanket

oleaut32

SysFreeString
SysAllocString

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 289KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70c76389d462b0ced5f58ff594f20596

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

d3dx9_43

dinput8

winmm

shell32

shlwapi

rpcrt4

ws2_32

steam_api

kernel32

user32

gdi32

advapi32

ole32

oleaut32

iphlpapi

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.text Size: 512B - Virtual size: 248B

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 66KB - Virtual size: 5.3MB

_RDATA Size: 5KB - Virtual size: 4KB

.rsrc Size: 292KB - Virtual size: 291KB

.reloc Size: 289KB - Virtual size: 292KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.text
Size: 512B - Virtual size: 248B

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 66KB - Virtual size: 5.3MB

_RDATA
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 292KB - Virtual size: 291KB

.reloc
Size: 289KB - Virtual size: 292KB