Static task
static1
General
-
Target
MBTL.exe
-
Size
6.9MB
-
MD5
43792e3164f9140f54ef3b4f5eef91e8
-
SHA1
c7f9f7da33618b290e90fd2b12cf4914007a8147
-
SHA256
75ce62430ece2f9ab141613acbae870dd593ef7beb3b4e5335c4edaca7241115
-
SHA512
397cc638c6b254d6568cfa36264b872ca960a4f2c24cf85fc239361d85bba5ea5a68d9b29197ac9448402fb6ed4af7ad65e2c0a002474b7f6bef71110c7710a6
-
SSDEEP
98304:BdYO/X/Zkds7rcNFzPDXKMJw6rQw3GfDPRiVqeUIBFzno15zTr:oOX+fzKM26rQw3GfDPgVqehnno15zTr
Malware Config
Signatures
Files
-
MBTL.exe.exe windows x86
b4647df4eafc1f678de57038ca645be8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
steam_api
SteamAPI_GetHSteamUser
SteamAPI_Init
SteamAPI_Shutdown
SteamAPI_RunCallbacks
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallback
SteamInternal_FindOrCreateGameServerInterface
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
kernel32
Sleep
OutputDebugStringA
CreateDirectoryA
DebugBreak
GetCurrentProcessId
GetEnvironmentVariableA
InitializeCriticalSection
DeleteCriticalSection
ReadFile
SetFilePointer
UnmapViewOfFile
CreateFileA
CloseHandle
CreateFileMappingA
GetFileSize
MapViewOfFile
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceFrequency
QueryPerformanceCounter
FindFirstFileA
WriteFile
FindNextFileA
FindClose
WaitForSingleObject
ExitThread
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
WaitForSingleObjectEx
DeleteFileA
CreateThread
ResetEvent
GetOverlappedResult
WideCharToMultiByte
WritePrivateProfileStringA
SwitchToThread
IsProcessorFeaturePresent
FillConsoleOutputCharacterA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
FillConsoleOutputAttribute
SetConsoleCursorPosition
GetTickCount
GetLocalTime
FileTimeToSystemTime
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
CreateMutexA
ReleaseMutex
FileTimeToLocalFileTime
SystemTimeToFileTime
GetSystemTime
GetExitCodeThread
GetTickCount64
GetFileTime
LoadLibraryA
FreeConsole
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
LCMapStringW
TerminateProcess
SetEvent
IsDebuggerPresent
GetStartupInfoW
LocalFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
GetCurrentThreadId
InitializeSListHead
GetCurrentProcess
user32
EnableWindow
KillTimer
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
IsWindowEnabled
GetDlgCtrlID
SetTimer
IsWindowVisible
GetFocus
PostQuitMessage
PeekMessageA
LoadIconA
TranslateMessage
LoadAcceleratorsA
DestroyWindow
DispatchMessageA
GetMonitorInfoA
MessageBoxA
EndDialog
EnumDisplayMonitors
MonitorFromPoint
SetWindowPos
ShowWindow
GetWindowInfo
SetWindowLongA
ClientToScreen
CallWindowProcA
IsDlgButtonChecked
CheckDlgButton
LoadCursorA
SetFocus
RegisterClassExA
BeginPaint
MoveWindow
AdjustWindowRect
GetPropA
DefWindowProcA
CreateWindowExA
wsprintfA
IsIconic
EndPaint
GetDesktopWindow
GetParent
GetSystemMetrics
ShowCursor
GetKeyState
GetKeyboardState
GetKeyboardType
SetWindowTextA
UpdateWindow
SendMessageA
GetCursorPos
SetRect
GetDC
GetClientRect
ReleaseDC
RemovePropA
SetPropA
GetWindowRect
GetWindowLongA
CheckRadioButton
gdi32
GetStockObject
shell32
ShellExecuteA
ole32
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoUninitialize
oleaut32
SysFreeString
SysAllocString
VariantInit
VariantClear
winmm
timeGetTime
timeEndPeriod
timeBeginPeriod
shlwapi
PathRemoveExtensionA
PathRemoveBackslashA
PathRemoveFileSpecA
PathFindExtensionA
PathIsDirectoryA
d3d9
Direct3DCreate9
d3dx9_42
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoordArray
D3DXCreateTexture
D3DXMatrixScaling
D3DXMatrixMultiply
D3DXMatrixRotationX
D3DXLoadSurfaceFromMemory
D3DXMatrixRotationZ
D3DXCreateEffect
D3DXMatrixRotationQuaternion
D3DXVec3TransformCoord
D3DXMatrixInverse
D3DXFillTexture
D3DXMatrixRotationY
D3DXCreateTextureFromFileInMemoryEx
D3DXMatrixTranslation
D3DXMatrixPerspectiveFovLH
D3DXSaveSurfaceToFileA
D3DXMatrixLookAtLH
D3DXVec3Normalize
D3DXGetImageInfoFromFileInMemory
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromSurface
D3DXQuaternionRotationAxis
dsound
ord11
xaudio2_9
ord1
ws2_32
closesocket
inet_pton
ntohs
socket
WSAStartup
ntohl
WSACleanup
ioctlsocket
htonl
htons
setsockopt
recvfrom
WSAGetLastError
bind
dinput8
DirectInput8Create
xinput1_3
ord2
vcruntime140
memmove
memcpy
_CxxThrowException
__std_exception_copy
__std_exception_destroy
strchr
strstr
memset
_purecall
__CxxFrameHandler3
_except_handler4_common
memchr
longjmp
__CxxLongjmpUnwind
__std_terminate
_setjmp3
__uncaught_exception
api-ms-win-crt-stdio-l1-1-0
__acrt_iob_func
_set_fmode
fclose
_get_stream_buffer_pointers
fsetpos
ungetc
__stdio_common_vsprintf
_fsopen
setvbuf
fgetpos
fwrite
fgetc
fseek
fputc
_fileno
_filelengthi64
_fseeki64
__p__commode
__stdio_common_vsprintf_s
puts
__stdio_common_vfprintf
__stdio_common_vswprintf
fopen_s
fread
__stdio_common_vsnprintf_s
fflush
ftell
fopen
api-ms-win-crt-string-l1-1-0
strncat_s
isalpha
isdigit
isxdigit
isalnum
iscntrl
strncat
strcpy_s
__strncnt
strnlen
isspace
strncpy
mblen
strcat_s
wcscpy_s
toupper
islower
strncmp
_wcsdup
tolower
isupper
ispunct
isprint
strtok
api-ms-win-crt-heap-l1-1-0
realloc
_get_heap_handle
free
malloc
_callnewh
_set_new_mode
calloc
api-ms-win-crt-utility-l1-1-0
qsort
rand
srand
api-ms-win-crt-runtime-l1-1-0
_configure_narrow_argv
_initialize_narrow_environment
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_register_thread_local_exe_atexit_callback
_wassert
_initialize_onexit_table
terminate
_crt_atexit
_cexit
_errno
_seh_filter_exe
_set_app_type
_controlfp_s
_get_narrow_winmain_command_line
abort
_initterm
_initterm_e
_exit
exit
_c_exit
system
api-ms-win-crt-convert-l1-1-0
strtoull
strtol
_atoi64
atof
strtod
strtoul
wcstombs
_itoa
atoi
wcstombs_s
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_stat64i32
_mkdir
_splitpath
rename
_unlock_file
remove
api-ms-win-crt-math-l1-1-0
floor
ceil
_libm_sse2_tan_precise
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_pow_precise
_libm_sse2_log_precise
_libm_sse2_log10_precise
ldexp
_libm_sse2_exp_precise
_libm_sse2_cos_precise
_CIfmod
roundf
_libm_sse2_atan_precise
_libm_sse2_asin_precise
_libm_sse2_acos_precise
_except1
_CIatan2
__setusermatherr
api-ms-win-crt-time-l1-1-0
_gmtime64
_time64
_localtime64
clock
api-ms-win-crt-locale-l1-1-0
setlocale
__pctype_func
_configthreadlocale
___lc_locale_name_func
___mb_cur_max_func
_unlock_locales
___lc_codepage_func
_lock_locales
api-ms-win-crt-environment-l1-1-0
getenv
Sections
.text Size: 4.6MB - Virtual size: 4.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.5MB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 486KB - Virtual size: 44.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 357KB - Virtual size: 360KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ