Static task
static1
General
-
Target
Dead Space.exe
-
Size
13.1MB
-
MD5
bc75e020d59ff561894de4c2633bd479
-
SHA1
2ec5ef0304166443bd6f12558b174f219ba2b536
-
SHA256
ac28008f5702da3ab1f6ea852c232a320fa973ea6eeea2223655dd3dae83dcc3
-
SHA512
9862d92df120177ffaaf9e8396ea17e2fbe223888a23eb87d4e53f3465d49feeb63d90bfe277d933f675e9931bd13477575c8e335b4a57fce58ad5de95d36094
-
SSDEEP
393216:2gUbl+0S6oVRYDWcoohWhOgSgiyy5i7m1NH:2lS6o0DVgSgE
Malware Config
Signatures
Files
-
Dead Space.exe.exe windows x86
95ff70660abaa77fe47fa5169d8e5971
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LeaveCriticalSection
GetExitCodeThread
EnterCriticalSection
TlsAlloc
TlsSetValue
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetProcAddress
GetThreadPriority
SetThreadPriority
SetThreadIdealProcessor
GetSystemInfo
SleepEx
GetTickCount
DeleteCriticalSection
CreateMutexA
WaitForSingleObject
Sleep
TryEnterCriticalSection
ReleaseMutex
InterlockedExchangeAdd
InterlockedCompareExchange
CreateSemaphoreA
InterlockedDecrement
ReleaseSemaphore
InterlockedExchange
TlsFree
RaiseException
QueueUserAPC
ResumeThread
InitializeCriticalSectionAndSpinCount
CreateThread
GetCurrentThreadId
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
CreateEventA
GetEnvironmentVariableA
SetThreadAffinityMask
GetProcessAffinityMask
FindNextFileA
FindFirstFileA
FindClose
IsBadWritePtr
VirtualAlloc
VirtualQuery
VirtualFree
GetSystemTimeAsFileTime
OutputDebugStringA
LoadLibraryA
FreeLibrary
GetFileSize
GetDiskFreeSpaceExW
FindNextFileW
WriteFile
SetFilePointer
ReadFile
GetDiskFreeSpaceW
GetVolumePathNameW
DeleteFileW
CreateFileW
FileTimeToSystemTime
FindFirstFileW
InitializeCriticalSection
DebugBreak
GetDriveTypeA
GetDiskFreeSpaceExA
GetPriorityClass
SetPriorityClass
GlobalFree
GlobalAlloc
GetDiskFreeSpaceA
GetLogicalDrives
RemoveDirectoryW
CreateDirectoryW
MoveFileW
GetFileSizeEx
SetFilePointerEx
VirtualProtect
GetFileAttributesA
SetEndOfFile
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetEnvironmentStringsW
TlsGetValue
LocalFree
GetVersionExA
GetUserDefaultLangID
GetCurrentProcessId
CloseHandle
GetModuleFileNameA
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
SetCurrentDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
SetConsoleCtrlHandler
FatalAppExitA
HeapSize
TerminateProcess
GetLastError
OpenEventA
GetStdHandle
SetLastError
IsValidCodePage
GetOEMCP
GetACP
InterlockedIncrement
GetCPInfo
GetModuleHandleA
ExitProcess
FormatMessageA
HeapValidate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
ExitThread
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetCommandLineA
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FileTimeToLocalFileTime
user32
SetWindowsHookExA
SystemParametersInfoA
GetAsyncKeyState
CallNextHookEx
AdjustWindowRect
UpdateWindow
SetForegroundWindow
PeekMessageA
SetActiveWindow
CreateWindowExA
IsWindowVisible
GetClientRect
DispatchMessageA
GetWindowRect
GetWindowLongA
RegisterClassA
ShowWindow
ValidateRect
UnhookWindowsHookEx
IntersectRect
DestroyWindow
LoadIconA
GetDesktopWindow
IsIconic
LoadCursorA
DefWindowProcA
TranslateMessage
PostQuitMessage
FindWindowA
EnumDisplayDevicesA
MessageBoxA
SetWindowLongA
MapVirtualKeyExA
GetKeyboardLayout
GetKeyState
ShowCursor
MessageBoxW
GetSystemMetrics
GetForegroundWindow
SendMessageA
SetWindowPos
advapi32
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumValueA
shell32
SHGetFolderPathAndSubDirA
SHGetFolderPathAndSubDirW
ole32
CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
oleaut32
SysFreeString
SysAllocString
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
dinput8
DirectInput8Create
d3d9
D3DPERF_GetStatus
Direct3DCreate9
D3DPERF_SetOptions
d3dx9_38
D3DXLoadSurfaceFromSurface
D3DXGetShaderConstantTable
dsound
ord9
ord1
ws2_32
recv
recvfrom
WSAGetLastError
getpeername
select
getsockname
gethostbyname
gethostname
WSACreateEvent
setsockopt
ioctlsocket
socket
closesocket
send
WSACloseEvent
WSASetEvent
WSARecv
WSARecvFrom
WSAResetEvent
WSAWaitForMultipleEvents
WSAGetOverlappedResult
WSAStartup
bind
WSACleanup
getsockopt
inet_addr
htons
sendto
accept
listen
shutdown
connect
__WSAFDIsSet
ntohs
inet_ntoa
WSAAsyncSelect
WSAIoctl
winmm
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
timeGetTime
xinput1_3
ord2
ord4
ord3
netapi32
Netbios
Exports
Exports
Sections
.text Size: 7.8MB - Virtual size: 7.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 880KB - Virtual size: 878KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4.1MB - Virtual size: 4.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 37B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 20KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.zeehole Size: 360KB - Virtual size: 357KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE