Static task
static1
Behavioral task
behavioral1
Sample
Creatures.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Creatures.exe
Resource
win10v2004-20230221-en
General
-
Target
Creatures.zip
-
Size
13.1MB
-
MD5
bab69d4b5e90da9ff769f49a8fecd97f
-
SHA1
0894e56bbe1cb15921a330942c05638a3e6febbf
-
SHA256
3a3ebe79d6ea3e12e7c9e0e044565f700d92600fdfda60c4a9cacc0e5c752987
-
SHA512
cd0c716e7097badd62bef43250f4ee197ae679c79f8526e35f0a3aa987a41dbe117500d0fe9718a203eede2e46d93a931f22674852f9c04b0d11dc3b5d0136fd
-
SSDEEP
98304:h9N2NSaRhcB35O1Yj6EKG0mPrEZvb8T1PHGkFfAVBUosYZnzBYT:h9ANkBP6EKG0mDEl8T1/TiVOojZnzBYT
Malware Config
Signatures
Files
-
Creatures.zip.zip
-
Creatures.exe.exe windows x86
ef0765f1f3cc8c246720c1fff425a5b7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
user32
DrawTextW
gdi32
CreateCompatibleDC
advapi32
GetUserNameW
shell32
CommandLineToArgvW
ole32
CoUninitialize
shlwapi
PathCompactPathExW
winmm
PlaySoundW
wtsapi32
WTSSendMessageW
Sections
.MPRESS1 Size: 5.1MB - Virtual size: 11.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 170KB - Virtual size: 170KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE