Static task
static1
General
-
Target
Dangan3Win.exe
-
Size
10.6MB
-
MD5
fd017df27c37ea69621c4f41e2330c91
-
SHA1
923fbe21391985faf826cff380ee56c15515d954
-
SHA256
a16be82c85826d19283983e8ee1455248318c3299e9f809bdcced7950f3d4aae
-
SHA512
1e10ab8eb7bfc33730008bc12c7132353a8ee8740a31aad92e19c1308d29c4dba79037f29070869cb57875b7915877c3509700fad03c214f6be9d51c47ba92de
-
SSDEEP
196608:hS4I8tEJwB0XKaDnG0T+YjKbUdpqf721J95DGSt:hS4I8tEJ2GKaDnG0SgKodpUS1J93
Malware Config
Signatures
Files
-
Dangan3Win.exe.exe windows x64
ca98e9860fddcbcfd5388675450fadd1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
steam_api64
SteamAPI_Init
SteamInternal_CreateInterface
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback
SteamAPI_RunCallbacks
SteamAPI_RestartAppIfNecessary
SteamAPI_Shutdown
SteamInternal_ContextInit
SteamAPI_GetHSteamUser
SteamAPI_GetHSteamPipe
kernel32
GetConsoleMode
CreateEventA
ResetEvent
SetThreadAffinityMask
GetProcessAffinityMask
GetThreadPriority
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
EnterCriticalSection
LeaveCriticalSection
Sleep
InitializeCriticalSection
DeleteCriticalSection
SetFilePointerEx
CreateFileA
GetFileSize
ReadFile
SetEndOfFile
WriteFile
CloseHandle
VerSetConditionMask
VerifyVersionInfoW
MoveFileW
MoveFileA
SetFilePointer
GetFileAttributesW
GetFileAttributesA
DeleteFileW
DeleteFileA
CreateDirectoryW
SwitchToThread
UnhandledExceptionFilter
CreateDirectoryA
ReadConsoleW
SetEnvironmentVariableA
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
GetFileType
GetTimeZoneInformation
FreeLibrary
SetConsoleCtrlHandler
GetModuleFileNameW
GetStdHandle
GetProcessHeap
SetEvent
CreateEventW
GetLastError
VirtualAlloc
VirtualFree
VirtualQuery
GetLocalTime
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
GetCurrentThreadId
SetThreadPriority
ResumeThread
GetModuleHandleW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
RtlLookupFunctionEntry
RtlUnwindEx
IsDebuggerPresent
IsProcessorFeaturePresent
RtlPcToFileHeader
RaiseException
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
GetSystemTimeAsFileTime
GetCommandLineA
CreateThread
ExitThread
LoadLibraryExW
HeapAlloc
FatalAppExitA
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
HeapSize
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CreateSemaphoreW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
IsValidCodePage
GetACP
GetOEMCP
OutputDebugStringW
user32
DispatchMessageW
ShowWindow
CreateWindowExW
LoadIconW
LoadCursorW
GetDesktopWindow
SetWindowLongW
RegisterClassExW
PeekMessageW
LoadImageW
FindWindowW
MessageBoxW
GetForegroundWindow
DefWindowProcW
GetWindowLongW
AdjustWindowRect
GetClientRect
ValidateRect
UpdateWindow
GetSystemMetrics
ReleaseCapture
SetCapture
ShowCursor
SetCursorPos
GetCursorPos
ClientToScreen
ScreenToClient
GetWindowRect
TranslateMessage
SetWindowPos
wtsapi32
WTSRegisterSessionNotification
dinput8
DirectInput8Create
d3d11
D3D11CreateDeviceAndSwapChain
dxgi
CreateDXGIFactory1
xinput9_1_0
XInputGetState
XInputSetState
mfplat
MFStartup
MFCreateAsyncResult
MFInvokeCallback
MFCopyImage
MFGetStrideForBitmapInfoHeader
MFCreateMediaType
MFShutdown
MFCreateAttributes
mfreadwrite
MFCreateSourceReaderFromURL
MFCreateSourceReaderFromByteStream
gdi32
GetStockObject
ole32
CoInitialize
CoUninitialize
PropVariantClear
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
oleaut32
SysFreeString
SysAllocString
Sections
.text Size: 7.1MB - Virtual size: 7.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.3MB - Virtual size: 4.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 399KB - Virtual size: 399KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 49B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.bind Size: 144KB - Virtual size: 144KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ