Static task
static1
General
-
Target
Ancient-cities.exe
-
Size
3.7MB
-
MD5
56211f38390f2d946bbf3ec567b2b157
-
SHA1
7772e5751c7eb40d5b9233e7e349ce86e6b36141
-
SHA256
8334ddf037f8b18cc6264eacf91965ce54c64a35a5a95fa94c0080f0b3850f97
-
SHA512
62663d291ffd896caaefd924aeb8f630d0155e77d8138a5927d499fba07fdb279812e20ca1c59d0f748877898a3a65df87bbf87443f7f11822a2afa108f2fadd
-
SSDEEP
49152:QNMyb6/oFHCLETE+ojyGfTSZeEmw56Zs7hfjIM+T3Z:i2wF1ojyWSZeEmds7hfjIMgZ
Malware Config
Signatures
Files
-
Ancient-cities.exe.exe windows x86
f33fcda20eb8c47dc4dd8a307a93901b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetCloseHandle
InternetWriteFile
HttpEndRequestW
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpSendRequestA
HttpOpenRequestA
InternetGetConnectedState
InternetConnectA
d3dx9_43
D3DXCreateTextureFromFileInMemoryEx
D3DXGetVertexShaderProfile
D3DXCompileShader
D3DXGetPixelShaderProfile
D3DXCreateTextureFromFileW
D3DXGetImageInfoFromFileInMemory
dbghelp
MiniDumpWriteDump
SymFromAddr
SymInitialize
winmm
mciGetErrorStringA
joyGetPos
joyGetPosEx
joyGetDevCapsA
timeGetTime
waveInGetDevCapsW
waveInGetNumDevs
waveInAddBuffer
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInOpen
waveInReset
waveInStart
waveInStop
mciSendStringA
ws2_32
connect
getaddrinfo
WSAAddressToStringA
freeaddrinfo
select
gethostname
__WSAFDIsSet
htons
htonl
ntohs
ntohl
closesocket
shutdown
WSAStartup
WSACleanup
getsockopt
setsockopt
ioctlsocket
socket
bind
listen
accept
recv
inet_ntoa
recvfrom
send
getpeername
inet_addr
sendto
WSAGetLastError
gdiplus
GdiplusShutdown
GdiplusStartup
comctl32
InitCommonControlsEx
kernel32
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
GetFullPathNameA
SetConsoleCtrlHandler
SetFilePointer
SetStdHandle
ReadFile
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
FatalAppExitA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetModuleFileNameA
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
SetLastError
GetStdHandle
SetHandleCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
DeleteFileA
HeapReAlloc
FindNextFileA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
SetFileAttributesW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapAlloc
HeapFree
HeapWalk
HeapValidate
RtlUnwind
CreateFileA
DebugBreak
MultiByteToWideChar
GetConsoleWindow
WideCharToMultiByte
OutputDebugStringW
FormatMessageW
GetProcAddress
LoadLibraryW
GetFullPathNameW
FreeEnvironmentStringsA
GetLastError
LocalFree
GetModuleHandleW
InterlockedDecrement
InterlockedIncrement
CreateThread
GetExitCodeThread
CloseHandle
DeleteFileW
Sleep
FreeLibrary
SetCurrentDirectoryA
GetCurrentDirectoryA
GetExitCodeProcess
CreateProcessW
GetEnvironmentVariableW
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
GetFileAttributesA
GetFileAttributesW
CreateDirectoryW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
SetWaitableTimer
CreateWaitableTimerW
SetThreadPriority
SetPriorityClass
GetCurrentProcess
GetCurrentThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExW
GetUserDefaultLCID
GetLocaleInfoW
GetSystemInfo
GlobalMemoryStatusEx
ExitProcess
lstrlenA
ExpandEnvironmentStringsW
GetModuleFileNameW
MoveFileA
SetUnhandledExceptionFilter
SetErrorMode
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
ExitThread
LoadLibraryA
SetEvent
CreateEventW
WaitForSingleObjectEx
RtlCaptureStackBackTrace
InitializeCriticalSectionAndSpinCount
LocalAlloc
InterlockedExchange
RaiseException
GetEnvironmentStrings
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEndOfFile
GetProcessHeap
GetCurrentDirectoryW
VirtualQuery
user32
SetDlgItemTextW
GetDlgItemTextW
EndDialog
CreateDialogParamW
SetWindowTextW
ScreenToClient
ReleaseDC
DrawTextW
GetDC
GetDlgItem
DialogBoxParamW
MoveWindow
ClientToScreen
GetMonitorInfoW
SetCursorPos
MapWindowPoints
GetCursorPos
wsprintfW
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnumDisplaySettingsW
ChangeDisplaySettingsW
SetWindowLongW
UpdateWindow
EnumDisplaySettingsExW
EnumDisplayDevicesA
ShowWindow
GetSystemMetrics
SetWindowTextA
IsClipboardFormatAvailable
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetFocus
MessageBoxA
SetDlgItemTextA
IsDialogMessageW
PeekMessageW
GetForegroundWindow
PostThreadMessageW
RegisterClassExW
CreateWindowExW
SendMessageW
SetCursor
GetClientRect
GetWindowRect
DestroyWindow
PostMessageW
SetFocus
DefWindowProcW
ReleaseCapture
SetCapture
BringWindowToTop
SetForegroundWindow
keybd_event
SetWindowPos
GetKeyState
CallNextHookEx
MessageBoxW
AdjustWindowRectEx
LoadImageW
GetAsyncKeyState
LoadCursorW
gdi32
GetDeviceCaps
CreateFontA
SelectObject
DeleteObject
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
shell32
SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathA
ole32
CoSetProxyBlanket
CoUninitialize
CoInitialize
CoCreateInstance
oleaut32
SysAllocString
VariantClear
SysFreeString
Sections
.text Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 852KB - Virtual size: 851KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 168KB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.mydata Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 86KB - Virtual size: 86KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ