cs3kit[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cs3kit.exe
Size

145KB
MD5

e3dc940b3bf24175f930ef289b15a2c6
SHA1

67c6615b3ca69d9c57c0f156f550f7282eca5add
SHA256

0ab396bd1e036f09eead970e6cc0c844113b82ef6e8d2854dee75c9aab7a9928
SHA512

7918efef3723c414d8a2f30406532ff1504773f03eaefd1f72218b93247624270090dc100059c2c4453c857ff22ccc82c83a44aafb926059d3cab1081845eca7
SSDEEP

3072:us7tck9KZVRRE/1RYetxGuh6r1oM8KspuNFgyCLYJ3:9JZ9SVRR6Eu41JCL

Score

N/A

Malware Config

Signatures

Files

cs3kit.exe
.exe windows x86

953d05b7ba98e25712d53ffd7fd3f709

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
HeapReAlloc
HeapSize
RaiseException
GetOEMCP
GetCPInfo
GetACP
UnhandledExceptionFilter
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapFree
TlsGetValue
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
SetErrorMode
GlobalAddAtomA
GetVersionExA
SizeofResource
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
GetLastError
SetLastError
lstrcpyA
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
LCMapStringA
LCMapStringW
LocalReAlloc
WinExec
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
MulDiv
InterlockedDecrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
lstrcmpA
lstrlenA
GetModuleFileNameA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
GetProfileStringA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
CloseHandle

user32

ShowWindow
GetDC
ReleaseDC
GetWindowDC
BeginPaint
SetWindowTextA
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
CharUpperA
DestroyMenu
FindWindowA
InvalidateRect
OffsetRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IntersectRect
InflateRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScreenToClient
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
wsprintfA
GetClassInfoA
EqualRect
GetMenuItemCount
IsDlgButtonChecked
IsDialogMessageA
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
CheckRadioButton
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetSubMenu
GetMenuItemID
WinHelpA
RegisterClassA
GetClientRect
DrawIcon
SendMessageA
LoadIconA
CreateWindowExA
GetMenu
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
CharNextA
UnregisterClassA
DrawFocusRect
ShowCaret
HideCaret

gdi32

CreateBitmap
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetTextColor
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
PatBlt
CreateDIBitmap
CreateCompatibleDC
ScaleWindowExtEx
BitBlt
SetWindowExtEx

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

953d05b7ba98e25712d53ffd7fd3f709

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 15KB - Virtual size: 31KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 15KB - Virtual size: 31KB

.rsrc
Size: 13KB - Virtual size: 12KB