iw3sp[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

iw3sp.exe
Size

2.9MB
MD5

77d460bfbfff90bcf930ecc654588000
SHA1

5e822a6a5e97a94db0ac2c521bfaaf7cc19c49c2
SHA256

d07c39ee5865972a319a4a174be6134c59911f34fa9ebbafb815674af7d3e116
SHA512

7d3b3629e3da3c7a7e8ed975d06406b33c77d4f8ac67cab3892a69e403d3111f4e18a9922f741c7042f2909487c419948a07dc4e38e3ea7372189d2600ec219b
SSDEEP

49152:YZO5n7dunt+gkU8RaLmrcTvLs+FR9gVYAuysCCHAOZNhGebsVTNWdkFppGnf9/wh:YZO5n7dut+gCRaLLTvLs+FLgVYjyXCHy

Score

1^/10

Malware Config

Signatures

Files

iw3sp.exe
.exe windows x86

26252247f37c9024c85623c234e100b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

mss32

_AIL_set_speaker_configuration@16
_AIL_open_stream@12
_AIL_sample_3D_position@16
_AIL_set_digital_master_reverb_levels@12
_AIL_set_stream_ms_position@8
_AIL_sample_status@4
_AIL_stream_status@4
_AIL_sample_playback_rate@4
_AIL_sample_stage_property@24
_AIL_open_digital_driver@16
_AIL_set_sample_processor@12
_AIL_set_sample_volume_levels@12
_AIL_close_stream@4
_AIL_find_filter@8
_AIL_shutdown@0
_AIL_set_sample_3D_position@16
_AIL_sample_volume_pan@12
_AIL_sample_ms_position@12
_AIL_set_sample_reverb_levels@12
_AIL_set_DirectSound_HWND@8
_AIL_resume_sample@4
_AIL_set_sample_info@8
_AIL_set_redist_directory@4
_AIL_allocate_sample_handle@4
_AIL_sample_volume_levels@12
_AIL_set_room_type@8
_AIL_stream_info@20
_AIL_set_3D_rolloff_factor@8
_AIL_init_sample@12
_AIL_set_file_callbacks@16
_AIL_last_error@0
_AIL_stop_sample@4
_AIL_set_3D_distance_factor@8
_AIL_stream_ms_position@12
_AIL_pause_stream@8
_AIL_set_sample_loop_count@8
_AIL_sample_channel_levels@8
_AIL_set_sample_playback_rate@8
_AIL_set_stream_loop_count@8
_AIL_open_filter@8
_AIL_set_preference@8
_AIL_set_sample_ms_position@8
_AIL_end_sample@4
_AIL_set_sample_3D_distances@16
_AIL_speaker_configuration@20
_AIL_startup@0
_AIL_stream_sample_handle@4
_AIL_digital_CPU_percent@4
_AIL_WAV_info@8
_AIL_process_digital_audio@24
_AIL_size_processed_digital_audio@16
_AIL_set_sample_channel_levels@12

binkw32

_BinkRegisterFrameBuffers@8
_BinkSetIOSize@4
_BinkSetMemory@8
_BinkDoFrame@4
_BinkSetMixBinVolumes@20
_BinkOpenMiles@4
_BinkSetSoundTrack@8
_BinkOpen@8
_BinkControlBackgroundIO@8
_BinkWait@4
_BinkClose@4
_BinkPause@8
_BinkSetSoundSystem@8
_BinkGetError@0
_BinkGetFrameBuffersInfo@8
_BinkNextFrame@4
_BinkGetRealtime@12
_BinkGetRects@8

d3d9

Direct3DCreate9

d3dx9_34

D3DXGetShaderOutputSemantics
D3DXCreateBuffer
D3DXGetShaderInputSemantics
D3DXCompileShader
D3DXGetShaderConstantTable

kernel32

CompareStringW
CompareStringA
SetEndOfFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
SetFilePointer
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
LoadLibraryA
GetStdHandle
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
DeleteCriticalSection
HeapCreate
HeapDestroy
GetStartupInfoA
GetProcessHeap
GetCommandLineA
GetFullPathNameA
CreateDirectoryA
FileTimeToLocalFileTime
InterlockedCompareExchange
InterlockedExchangeAdd
InterlockedIncrement
CloseHandle
SleepEx
GetLastError
ReadFileEx
GetFileSize
InterlockedDecrement
CreateFileA
SetEnvironmentVariableA
RaiseException
ResetEvent
GetCurrentProcess
GetProcessAffinityMask
WaitForSingleObject
GetCurrentThreadId
SetEvent
SetThreadAffinityMask
GetCurrentThread
DuplicateHandle
SuspendThread
ResumeThread
CreateThread
Sleep
CreateEventA
SetThreadPriority
GetFileAttributesA
SetFileAttributesA
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetThreadPriority
SetProcessAffinityMask
GlobalMemoryStatus
DeleteFileA
CreateProcessA
SetErrorMode
ReadFile
GlobalSize
GlobalUnlock
Module32First
GlobalLock
FormatMessageA
WriteFile
GetDriveTypeA
OpenProcess
GetCurrentDirectoryA
CreateToolhelp32Snapshot
Module32Next
GetVersionExA
GetCurrentProcessId
MulDiv
SetThreadExecutionState
SetPriorityClass
CompareFileTime
RemoveDirectoryA
FindClose
GetSystemTime
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
ExitProcess
HeapReAlloc
RtlUnwind
MoveFileA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FileTimeToSystemTime
SystemTimeToFileTime
FindFirstFileA
FindNextFileA
InterlockedExchange
VirtualQuery

user32

ShowWindow
RegisterClassExA
PeekMessageA
CloseClipboard
GetClipboardData
GetMessageA
CreateWindowExA
SendMessageA
DestroyWindow
RegisterClassA
AdjustWindowRect
UpdateWindow
LoadImageA
GetSystemMetrics
SetWindowPos
LoadIconA
CallWindowProcA
CloseWindow
SetWindowTextA
PostQuitMessage
MonitorFromWindow
MapVirtualKeyA
GetMonitorInfoA
RegisterWindowMessageA
MoveWindow
TranslateMessage
LoadCursorA
ClientToScreen
ScreenToClient
GetWindowRect
DispatchMessageA
DefWindowProcA
SetFocus
ShowCursor
GetForegroundWindow
SetCursorPos
GetCursorPos
PostMessageA
GetActiveWindow
ChangeDisplaySettingsA
EnumThreadWindows
GetDC
GetWindowTextA
SetWindowLongA
GetWindowLongA
ReleaseDC
GetDesktopWindow
MessageBoxA
MonitorFromPoint
AdjustWindowRectEx
EnumDisplayMonitors
IsWindow
OpenClipboard

gdi32

CreateSolidBrush
GetDeviceCaps
CreateFontA
SetDeviceGammaRamp

shell32

ShellExecuteA

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 485KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 26.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26252247f37c9024c85623c234e100b0

Headers

File Characteristics

Imports

winmm

mss32

binkw32

d3d9

d3dx9_34

kernel32

user32

gdi32

shell32

ddraw

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 485KB - Virtual size: 488KB

.data Size: 39KB - Virtual size: 26.2MB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 485KB - Virtual size: 488KB

.data
Size: 39KB - Virtual size: 26.2MB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB