Static task
static1
General
-
Target
rerev.exe
-
Size
13.4MB
-
MD5
f5fb316aceb95eb97e611ad54b80af1f
-
SHA1
9f8d29c979e0c8b47db62745fae8833de9433a57
-
SHA256
6e02ea7582cff909257d9ff13356513d265b285560c0799c5947401f07f040ee
-
SHA512
a9957802f9574c1733ac44ff7c6796a39a23fb727ed083de97f45e599a116272aa7098cca907343654e714bf52b11aaa9d7bb04d7b9d3cc531182b7c6db137a7
-
SSDEEP
98304:HUWqo1TrVm9h5inKTS/nXxuDRK2UUT2qzO45yXP/NyAJ59T+SgvSaIZ5U1nNVX:HUWqo1Tq5iKUnXxu1K2ZKqzeJ5/CNV
Malware Config
Signatures
Files
-
rerev.exe.exe windows x86
af648c665a140b5d27d117f8b9fd25bf
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
RtlUnwind
GetTimeZoneInformation
LCMapStringW
GetTickCount
SetStdHandle
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetLastError
TlsFree
GetConsoleCP
QueryPerformanceCounter
GetConsoleMode
FlushFileBuffers
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
HeapSize
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapReAlloc
RaiseException
GetModuleHandleW
GetSystemTimeAsFileTime
LocalAlloc
QueryPerformanceFrequency
SearchPathA
GetStartupInfoW
LeaveCriticalSection
EnterCriticalSection
HeapSetInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
GetProcessHeap
HeapAlloc
HeapFree
InterlockedExchange
LoadLibraryW
TryEnterCriticalSection
SetThreadPriority
GetSystemInfo
WriteConsoleW
CreateFileW
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
TlsSetValue
InterlockedDecrement
VirtualAlloc
VirtualFree
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GlobalLock
GlobalAlloc
GlobalUnlock
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
FindClose
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
DeleteFileA
MoveFileA
SetCurrentDirectoryA
GetModuleFileNameA
CopyFileA
SetEndOfFile
GetFileSize
CreateFileA
GetDiskFreeSpaceA
CloseHandle
SleepEx
ReadFileEx
ReadFile
WriteFile
SetFilePointer
FindNextFileA
FindFirstFileA
Sleep
GetCurrentThreadId
InterlockedExchangeAdd
InterlockedCompareExchange
GetOverlappedResult
GetExitCodeThread
WaitForMultipleObjects
SetEvent
DebugBreak
ResetEvent
WaitForSingleObject
ResumeThread
CreateEventA
SetThreadIdealProcessor
CreateThread
ReleaseMutex
GetCommandLineA
GetUserDefaultLangID
CreateMutexA
VerifyVersionInfoA
VerSetConditionMask
ExitProcess
GetCurrentProcess
GetModuleHandleA
GlobalFree
TerminateProcess
MultiByteToWideChar
GetCurrentProcessId
WideCharToMultiByte
CreateProcessA
FreeLibrary
GetProcAddress
LoadLibraryA
GetStdHandle
user32
MessageBoxA
DefWindowProcA
GetPropA
GetSystemMetrics
SetWindowLongA
GetCursorPos
ScreenToClient
GetClientRect
ClientToScreen
GetAsyncKeyState
UnregisterHotKey
RegisterHotKey
SendMessageA
SetWindowPos
FindWindowW
LoadAcceleratorsA
LoadIconW
RegisterClassExW
TranslateMessage
PeekMessageA
DispatchMessageW
RemovePropA
DestroyWindow
SetCursor
ShowCursor
DefWindowProcW
IsIconic
BeginPaint
CloseClipboard
SetClipboardData
EmptyClipboard
GetWindowThreadProcessId
SystemParametersInfoA
SendMessageW
UpdateWindow
ShowWindow
SetPropA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
AdjustWindowRect
EnableMenuItem
DeleteMenu
GetSystemMenu
CreateWindowExW
ClipCursor
PostQuitMessage
GetWindowRect
EndPaint
psapi
GetModuleFileNameExA
d3dx9_43
D3DXGetShaderOutputSemantics
D3DXGetShaderConstantTable
d3d9
D3DPERF_GetStatus
Direct3DCreate9
D3DPERF_SetOptions
dinput8
DirectInput8Create
xinput1_3
ord4
ord5
ord3
ord2
ws2_32
gethostbyname
closesocket
WSAGetLastError
socket
setsockopt
ioctlsocket
getsockname
connect
getsockopt
__WSAFDIsSet
WSACleanup
listen
bind
accept
recv
recvfrom
send
sendto
WSAStartup
select
iphlpapi
GetIfEntry
GetAdaptersAddresses
steam_api
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback
SteamUser
SteamMatchmaking
SteamNetworking
SteamAPI_Shutdown
SteamAPI_RunCallbacks
SteamRemoteStorage
SteamAPI_IsSteamRunning
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamHTTP
SteamUserStats
SteamUtils
SteamApps
SteamFriends
SteamAPI_Init
avifil32
AVIStreamWrite
AVIStreamRelease
AVIFileOpenA
AVIFileInit
AVIFileCreateStreamA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileRelease
AVIFileExit
msvfw32
ICCompressorChoose
ICCompressorFree
winmm
timeGetTime
timeEndPeriod
timeBeginPeriod
gdiplus
GdipLoadImageFromFile
GdipFree
GdipAlloc
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdipCloneImage
GdiplusStartup
imm32
ImmDisableIME
ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA
ImmGetDefaultIMEWnd
gdi32
GetStockObject
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
shell32
SHGetFolderPathA
DragAcceptFiles
ole32
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
oleaut32
SysAllocString
SysFreeString
Sections
.text Size: 11.7MB - Virtual size: 11.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 343KB - Virtual size: 854KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ