TestDrive2[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

TestDrive2.exe
Size

11.7MB
MD5

176a28af448139cca9cbe4da55bbd92d
SHA1

29caa7ae349cd559d34a010a70f5b4d9262c82d2
SHA256

491bc3163440db410c80b63b96364babed2487b39fbd910a0bf9012201b31809
SHA512

b9f12f409656496c96967830bdd914f63f43c3fec97c5c91116a920361f249513084b68a9dfb390afca90a9d3116eaf6d4f207db1a7be2d7986ec40ab7d89740
SSDEEP

196608:bN4Z/f/Rq+LuKCCN/d2879vayYYSSpwLYdqYT7XlcNSdRlUbO6uSjp:pCnR9uA2i9vvYYtQ4/qNSiKa

Score

1^/10

Malware Config

Signatures

Files

TestDrive2.exe
.exe windows x86

63fc26ab78a7ea2cbaeaafcbe3313854

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
Direct3DCreate9
D3DPERF_SetOptions

dsound

ord11
ord6

ws2_32

WSACleanup
WSAStartup
gethostbyname
connect
gethostname
listen
bind
send
recvfrom
WSAGetLastError
socket
closesocket
setsockopt
inet_ntoa
ntohs
WSAAsyncSelect
sendto
getservbyname
getsockname
ioctlsocket
inet_addr
htons
recv
htonl
select
__WSAFDIsSet
accept

msvcr90

__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
fabs
log
exp
acos
asin
atan
_adjust_fdiv
cos
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
sin
tanh
cosh
sinh
frexp
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
strcat
__CxxFrameHandler3
_fstat64
realloc
strcmp
getenv
wctomb
mbtowc
_getcwd
_findfirst64i32
_chdir
_rmdir
_mkdir
_findclose
_findnext64i32
_chmod
strcpy
strlen
rewind
strncpy_s
wcsstr
swscanf
_CIasin
memset
strtoul
__iob_func
ftell
fseek
_CIsqrt
_CIsin
_CIcos
_CIacos
memcpy
_aligned_free
_except_handler3
_aligned_malloc
_close
_read
_lseek
?_open@@YAHPBDHH@Z
strcspn
strpbrk
atol
strtok_s
_difftime64
printf
memmove_s
tolower
vsprintf
_stricmp
_strnicmp
_atoi64
srand
fflush
fprintf
strchr
fputs
fread
fwrite
free
malloc
qsort
ceil
rand
_localtime64_s
_mktime64
_ftime64
_localtime64
_time64
_strupr
strstr
_vsnprintf
strtok
toupper
strncat
strtod
memmove
puts
abort
atoi
_gcvt
_itoa
ldexp
sprintf_s
strncmp
sscanf
_snprintf
fclose
fopen
rename
remove
strncpy
_purecall
atof
_beginthreadex
_errno
strerror
_wassert
isalpha
_sopen_s
isprint
isdigit
strtol
_gmtime64
_strlwr
strrchr
sprintf
exit
_set_error_mode
isspace
_CxxThrowException
modf
wctob
abs
log10
strcpy_s
sqrt
fopen_s
floor
_CIpow
fputc
_mbscmp
_tempnam
_setmode
_CIatan
_CIlog10
_CIatan2
_CIexp
_CItan
_CIlog
_CIfmod
tan

winmm

timeGetTime

dbghelp

MiniDumpWriteDump

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses
GetIpAddrTable
GetIpForwardTable

xinput1_3

ord2
ord3

shlwapi

PathRemoveFileSpecA

crashhook

_crInstallA@4
_crAddFloatPropertyA@8
_crAddPropertyA@8
_crAddScreenshot@4
_crAddStackFile@0
_crUninstall@0
_crAddInt32PropertyA@8

kernel32

GetStartupInfoA
WriteFileEx
ReadFileEx
SleepEx
SetEndOfFile
GetDiskFreeSpaceExA
SetLastError
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
FileTimeToSystemTime
SetFilePointerEx
SetFilePointer
GetFileSize
MulDiv
MultiByteToWideChar
GetVersionExA
InterlockedCompareExchange
VirtualQuery
QueryPerformanceFrequency
QueryPerformanceCounter
VirtualAlloc
IsBadWritePtr
IsBadCodePtr
IsBadReadPtr
VirtualFree
WriteProcessMemory
GetSystemTimeAsFileTime
GetModuleHandleA
GetTickCount
GlobalMemoryStatus
GetUserDefaultLCID
IsDebuggerPresent
InterlockedDecrement
InterlockedIncrement
InterlockedExchangeAdd
GetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
GetExitCodeThread
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsFree
TlsAlloc
FreeLibrary
ReadFile
WriteFile
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
GetLocaleInfoA
OutputDebugStringA
TlsGetValue
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
SetUnhandledExceptionFilter
GlobalMemoryStatusEx
GetSystemInfo
CreateMutexA
InterlockedExchange
GetProcAddress
LoadLibraryA
lstrlenA
CreateFileA
ExitThread
CreateThread
GetLastError
FormatMessageA
SetThreadPriority
RaiseException
ResumeThread
CreateEventA
Sleep
LeaveCriticalSection
EnterCriticalSection
CloseHandle
ResetEvent
WaitForSingleObject
SetEvent
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
TerminateProcess
UnhandledExceptionFilter
ReleaseSemaphore
CreateSemaphoreA
HeapFree
GetProcessHeap
lstrlenW
WideCharToMultiByte
DebugBreak
WaitForMultipleObjects
IsProcessorFeaturePresent
VirtualProtect
TryEnterCriticalSection

user32

GetAsyncKeyState
PeekMessageA
DefWindowProcA
SetWindowsHookExA
DispatchMessageA
UnhookWindowsHookEx
SystemParametersInfoA
TranslateMessage
RegisterClassA
GetKeyboardLayout
PostMessageA
MessageBoxA
SetClassLongA
LoadImageA
GetWindowLongA
CallNextHookEx
LoadIconA
PostQuitMessage
DestroyWindow
LoadCursorA
MapVirtualKeyExA
GetCursorPos
GetClientRect
ClientToScreen
ShowCursor
GetKeyboardState
ToAsciiEx
FillRect
GetDC
ReleaseDC
RegisterWindowMessageA
GetMessageA
SetWindowLongA
SetCursorPos
SetWindowPos
ClipCursor
GetWindowRect
GetSystemMetrics
GetDesktopWindow
AdjustWindowRectEx
CreateWindowExA
SetWindowTextW
SetWindowTextA
UpdateWindow
ShowWindow

gdi32

SetBkColor
SetTextColor
CreateDIBSection
SetBkMode
SelectObject
SetMapMode
CreateSolidBrush
SetTextAlign
TextOutA
GetDeviceCaps
DeleteDC
DeleteObject
CreateFontA
CreateCompatibleDC
ExtTextOutA
GetTextExtentPoint32A
GetStockObject

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
OpenProcessToken
RegCloseKey

shell32

SHFileOperationA
ShellExecuteA
SHGetFolderPathA

ole32

CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize

oleaut32

SetErrorInfo
VariantInit
VariantClear
VariantChangeType
GetErrorInfo
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysAllocString
CreateErrorInfo

d3dx9_40

D3DXGetShaderConstantTable
D3DXSaveSurfaceToFileInMemory

dinput8

DirectInput8Create

Sections

.text
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 199KB - Virtual size: 5.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rld
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63fc26ab78a7ea2cbaeaafcbe3313854

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

dsound

ws2_32

msvcr90

winmm

dbghelp

version

iphlpapi

xinput1_3

shlwapi

crashhook

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

d3dx9_40

dinput8

Sections

.text Size: 9.9MB - Virtual size: 9.9MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 199KB - Virtual size: 5.2MB

.rsrc Size: 207KB - Virtual size: 206KB

.rld Size: 243KB - Virtual size: 243KB

.text
Size: 9.9MB - Virtual size: 9.9MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 199KB - Virtual size: 5.2MB

.rsrc
Size: 207KB - Virtual size: 206KB

.rld
Size: 243KB - Virtual size: 243KB