Static task
static1
General
-
Target
Blur.exe
-
Size
13.1MB
-
MD5
189bd8ffa10e550ec7d1b88aa950bbb7
-
SHA1
dcbd312a0ea26e36ff0967d567bcc890359ee8cb
-
SHA256
dba0264b7808a5e38d99c8c162ecd71ab06a48fbc424feb1b9a3bc1bff2fbf3f
-
SHA512
8257f4e9f3432652c0e026a6d786702187eb543c4aa26575f272d7d4711aaf768f48fc8191e8a6798c8c3172c7147b56a228b43e8b3b0ba186c30522f0b31612
-
SSDEEP
196608:e1SWHWioj69LbP136bItc6TV4YYAYTaqK:WSWH/BLbNf5VoGqK
Malware Config
Signatures
Files
-
Blur.exe.exe windows x86
eb7a302661f9446c6c5117f467b6ca1b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
binkw32
_BinkPause@8
_BinkSetVolume@12
_BinkSetIOSize@4
_BinkGetTrackID@8
_BinkGetTrackData@8
_BinkClose@4
_BinkCloseTrack@4
_BinkRegisterFrameBuffers@8
_BinkGetFrameBuffersInfo@8
_BinkNextFrame@4
_BinkDoFrame@4
_BinkWait@4
_BinkOpenTrack@8
_BinkOpen@8
_BinkSetSoundTrack@8
_BinkGetRects@8
_BinkShouldSkip@4
kernel32
TryEnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
CreateSemaphoreA
ReleaseSemaphore
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentProcessId
ResumeThread
SetThreadPriority
CreateThread
GetSystemTimeAsFileTime
QueryPerformanceFrequency
QueryPerformanceCounter
SetEndOfFile
GetFileSize
GetLastError
SetFilePointer
WriteFile
ReadFile
FlushFileBuffers
CreateDirectoryA
SetFileTime
CreateFileA
InterlockedExchange
InterlockedExchangeAdd
GetCurrentThreadId
DebugBreak
EnterCriticalSection
GetExitCodeProcess
PeekNamedPipe
CreateProcessA
CreatePipe
OutputDebugStringA
InitializeCriticalSection
RaiseException
GetSystemInfo
GetModuleFileNameA
IsDebuggerPresent
GetCurrentThread
VirtualAlloc
VirtualFree
SignalObjectAndWait
ResetEvent
GetTickCount
WaitForMultipleObjects
SwitchToThread
TerminateThread
GetExitCodeThread
SuspendThread
GetUserDefaultLCID
GlobalMemoryStatus
GetTimeZoneInformation
WideCharToMultiByte
GetStdHandle
GetFileType
GetVersionExA
GetVersion
FormatMessageA
DeleteCriticalSection
SetLastError
SleepEx
GetProcAddress
FreeLibrary
LoadLibraryA
DuplicateHandle
ExpandEnvironmentStringsA
GetModuleHandleA
WaitForSingleObject
SetEvent
CloseHandle
CreateEventA
Sleep
GetCurrentProcess
TerminateProcess
OpenMutexA
GlobalMemoryStatusEx
CreateMutexA
ReleaseMutex
InterlockedCompareExchange
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushConsoleInputBuffer
GetCurrentDirectoryA
user32
ShowWindow
GetDlgItem
DestroyWindow
SendMessageA
wsprintfW
CreateWindowExW
SystemParametersInfoA
DefWindowProcA
RegisterClassA
LoadCursorA
SetForegroundWindow
FindWindowA
GetKeyState
EnumDisplaySettingsA
EnumDisplayDevicesA
EnableWindow
CreateWindowExA
GetClientRect
GetUserObjectInformationW
AdjustWindowRect
SetWindowPos
GetCursorPos
GetWindowRect
ShowCursor
RegisterRawInputDevices
DispatchMessageA
TranslateMessage
PeekMessageA
UpdateWindow
LoadIconA
SetWindowLongA
GetRawInputData
PostQuitMessage
ClipCursor
RegisterClassExA
ClientToScreen
GetKeyboardLayoutNameA
IsIconic
GetForegroundWindow
GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetDC
gdi32
CreateDCA
DeleteDC
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
GetStockObject
advapi32
CryptAcquireContextA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptGenRandom
CryptCreateHash
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
shell32
SHGetFolderPathA
ShellExecuteA
ws2_32
recvfrom
send
recv
WSAGetLastError
connect
closesocket
WSACloseEvent
ntohl
accept
inet_addr
htons
htonl
sendto
WSAEventSelect
socket
listen
bind
setsockopt
gethostbyname
gethostname
__WSAFDIsSet
select
inet_ntoa
ioctlsocket
getsockname
getsockopt
WSASetLastError
shutdown
WSAEnumNetworkEvents
WSACleanup
WSAStartup
ntohs
dbghelp
SymSetSearchPath
SymUnloadModule64
SymLoadModule64
SymGetModuleInfo64
SymGetSymFromAddr64
SymGetLineFromAddr64
StackWalk64
SymGetModuleBase64
SymFunctionTableAccess64
psapi
EnumProcessModules
GetModuleInformation
d3d9
D3DPERF_SetOptions
Direct3DCreate9
d3dx9_42
D3DXMatrixOrthoLH
D3DXMatrixLookAtLH
D3DXGetShaderConstantTable
D3DXGetShaderInputSemantics
D3DXCreateTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemory
D3DXMatrixMultiply
D3DXMatrixInverse
D3DXMatrixTranspose
D3DXPlaneTransform
D3DXCreateCubeTextureFromFileInMemory
D3DXCompileShader
D3DXSaveSurfaceToFileA
D3DXPlaneNormalize
D3DXGetVertexShaderProfile
D3DXGetPixelShaderProfile
xinput1_3
ord2
ord3
dsound
ord2
ord11
msvcr90
_strnicmp
_chdir
_strupr
_strdup
_close
_fileno
_open
fgetc
setvbuf
fgetpos
fsetpos
_CIsinh
_CIcosh
_CItanh
frexp
_HUGE
ispunct
strpbrk
vfprintf
_setmode
ftell
signal
_wfsopen
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_free_locale
islower
setlocale
_calloc_crt
___lc_handle_func
___lc_codepage_func
isupper
__pctype_func
__crtLCMapStringA
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
_stat64
getenv
_lseeki64
_fstat64
_beginthreadex
fflush
fputc
fputs
fgets
_strtoi64
fseek
isxdigit
_time64
_read
ldexp
_CIfmod
_purecall
memcpy
strncpy_s
vsprintf_s
_copysign
__libm_sse2_sin
__libm_sse2_cos
__libm_sse2_tan
memset
__libm_sse2_atan2
fwrite
strtol
fopen
fclose
fprintf
_CIpow
__libm_sse2_pow
__libm_sse2_exp
_msize
_aligned_malloc
_aligned_free
sprintf
atoi
memmove_s
_vswprintf_c_l
_CIacos
_getch
_finite
strcpy_s
rand
_snprintf
__libm_sse2_atan
__libm_sse2_acos
vswprintf_s
strncmp
tolower
qsort
ceil
floor
wcsncat_s
wcsncpy_s
srand
memcpy_s
_invalid_parameter_noinfo
strstr
atof
_CIasin
__libm_sse2_asin
bsearch
mbstowcs_s
_clearfp
_controlfp_s
__libm_sse2_log
_isnan
_itoa_s
_gcvt
_gmtime64
_localtime64
_stat64i32
_access
_chmod
remove
rename
_findclose
_findfirst64i32
_getcwd
_findnext64i32
strchr
strrchr
printf
_except_handler3
free
malloc
_vsnprintf_s
isalnum
strncpy
vsprintf
_vsnprintf
memmove
_CxxThrowException
strcat_s
sscanf
strtod
strspn
strcspn
sprintf_s
localeconv
memchr
abort
modf
strerror
_errno
wcsstr
strncat_s
_wtoi
_wtof
strtok
swscanf
_stricmp
fread
feof
ferror
ungetc
freopen
getc
__iob_func
realloc
iscntrl
isdigit
isalpha
isspace
_setjmp3
exit
longjmp
strtoul
strncat
strcoll
_snwprintf_s
wcsncpy
wcstombs
calloc
toupper
memcmp
__CxxFrameHandler3
_vscprintf
strlen
strcmp
__sys_nerr
iphlpapi
GetAdaptersInfo
dinput8
DirectInput8Create
Sections
.text Size: 10.3MB - Virtual size: 10.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1.7MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ