PlantsVsZombies[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

PlantsVsZombies.exe
Size

3.8MB
MD5

18088f206faac63efba7f4c3cba1b01a
SHA1

47e463b8d74a2e8f3ba8e5656ee797a54440f75b
SHA256

fe3f9ae576dae3819228e4419059150e82da324d870b2286ff4e182f68ee40b3
SHA512

694a1928714a95e72023b0ef5e3ce6c88a5a62ab2f0c80f5f6eaafd4b72581aac3eba129b6df4ca25ffa1399f2b3e64e0acf832c4a451b1c741d19a69ad5e8ea
SSDEEP

98304:Ctb5adJ5gziY0aPgIOP67/XX4DEMK5olnBMSbKSIE:CRniYJPgFP67XX4DEMK5MBRbKS

Score

1^/10

Malware Config

Signatures

Files

PlantsVsZombies.exe
.exe windows x86

c56007e266e175244d8bc1bb28327ca0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
WinExec
GetModuleHandleA
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
RemoveDirectoryA
FindNextFileA
DeleteFileA
FindClose
FindFirstFileA
GetCurrentThread
SetThreadPriority
Sleep
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
LeaveCriticalSection
GetProcAddress
EnterCriticalSection
LoadLibraryA
CreateFileA
FreeLibrary
MulDiv
FileTimeToSystemTime
GetSystemDirectoryA
GetFileTime
CloseHandle
InterlockedDecrement
GetLocalTime
UnmapViewOfFile
VirtualQuery
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcess
InitializeCriticalSection
IsBadWritePtr
GetThreadPriority
DeleteCriticalSection
GetCurrentThreadId
GetVersionExA
OpenFileMappingA
CreateThread
CreateMutexW
GlobalLock
WaitForSingleObject
GetCommandLineA
GlobalAlloc
MultiByteToWideChar
GlobalUnlock
GetLastError
GlobalFree
InterlockedIncrement
LoadLibraryW
GetCurrentDirectoryW
GetWindowsDirectoryA
SetEvent
CreateEventA
SetFileTime
GetFileInformationByHandle
GetFileSize
FindResourceA
LoadResource
SizeofResource
LockResource
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
GetLocaleInfoA
ExitThread
ResumeThread
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetStartupInfoA
HeapFree
CreateDirectoryA
GetDriveTypeA
GetFullPathNameA
HeapReAlloc
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetACP
GetOEMCP
IsValidCodePage
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA

user32

OffsetRect
GetDC
DrawTextExW
GetClientRect
GetWindowInfo
FillRect
ClientToScreen
SetCaretPos
CreateCaret
DestroyCaret
ShowCaret
HideCaret
RegisterClassA
AdjustWindowRect
SetWindowTextA
SystemParametersInfoA
DispatchMessageA
CreateWindowExW
GetSysColorBrush
ShowWindow
GetSysColor
GetDesktopWindow
DefWindowProcA
CreateWindowExA
GetWindowLongA
SetWindowLongA
GetWindowTextA
TranslateMessage
IsDialogMessageA
BeginPaint
RegisterWindowMessageA
SetFocus
LoadIconA
GetFocus
DrawTextA
GetWindowRect
ReleaseDC
GetMessageA
DestroyWindow
EndPaint
DefWindowProcW
ChangeDisplaySettingsA
DialogBoxIndirectParamA
SetClipboardData
IsWindowVisible
RegisterClassW
ReleaseCapture
OpenClipboard
PostMessageA
GetCursorPos
DestroyCursor
EndDialog
GetDlgItem
GetSystemMetrics
PeekMessageA
GetClipboardData
InvalidateRect
GetWindowPlacement
EnumWindows
WindowFromPoint
IsWindowEnabled
EnumDisplaySettingsA
CreateCursor
SetForegroundWindow
SetCapture
IsIconic
RegisterWindowMessageW
SetActiveWindow
ScreenToClient
CloseClipboard
IsWindow
PostThreadMessageA
MoveWindow
SetTimer
AdjustWindowRectEx
LoadCursorA
MessageBoxW
SendMessageA
SetCursor
GetActiveWindow
MessageBoxA
EmptyClipboard

wininet

InternetConnectA
InternetReadFile
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
HttpQueryInfoA

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod
mixerOpen
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerGetControlDetailsA
PlaySoundA
mixerGetDevCapsA
mixerSetControlDetails

wsock32

gethostbyname
closesocket
__WSAFDIsSet
socket
recv
WSACleanup
inet_ntoa
send
htons
WSAGetLastError
select
ioctlsocket
WSAStartup
connect

netapi32

Netbios

gdi32

SetBkMode
CreateFontIndirectA
GetDeviceCaps
DeleteObject
CreateDIBSection
DeleteDC
SetTextColor
GetTextExtentPoint32W
SelectObject
CreateCompatibleDC
GetTextMetricsA
IntersectClipRect
GetObjectA
TextOutW
TextOutA
GetStockObject
CreateFontA
CreateSolidBrush

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Only1
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c56007e266e175244d8bc1bb28327ca0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

wininet

winmm

wsock32

netapi32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 324KB - Virtual size: 323KB

.data Size: 59KB - Virtual size: 852KB

.rsrc Size: 247KB - Virtual size: 247KB

Only1 Size: 256KB - Virtual size: 256KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 324KB - Virtual size: 323KB

.data
Size: 59KB - Virtual size: 852KB

.rsrc
Size: 247KB - Virtual size: 247KB

Only1
Size: 256KB - Virtual size: 256KB