pes3[.]exe | Triage

Resubmissions

03/04/2023, 08:33

230403-kfzr8sdf68 1

Sharing

Copy URL Twitter E-mail

General

Target

pes3.exe
Size

6.8MB
MD5

b5a2fcb5968b95413f8538d747c15e8e
SHA1

62be5e89fbd449e326bb7adfe6fae7fd49881388
SHA256

18021d61c250108fc5a8118f0f7a074db419e1cd1f6b8eb2f2ac1afaec844ed2
SHA512

9aa07dd9863aab9fd25de53b5369b3f45e3897bf765f804ca430742b7b256da4cf442c3d0f354d25d69aecfc9a89af66b8060a0319486bfc14220072ecc57531
SSDEEP

98304:yFP1T1+Js9xI6pWuuIgeHvBQbKRakLVxbE:yTRMs9C6pqMvGbKRaaVxb

Score

1^/10

Malware Config

Signatures

Files

pes3.exe
.exe windows x86

022019f12e05ab76c4e9a1d7643d81b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeBeginPeriod
joyGetPosEx
timeSetEvent
timeEndPeriod
timeKillEvent
timeGetTime

imm32

ImmAssociateContext
ImmGetContext

kernel32

ResetEvent
SetEvent
FileTimeToLocalFileTime
FileTimeToSystemTime
DeleteFileA
RemoveDirectoryA
GetCurrentDirectoryA
GetLogicalDriveStringsA
FreeLibrary
WaitForMultipleObjects
IsProcessorFeaturePresent
CreateMutexA
GetLastError
CloseHandle
Sleep
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
InterlockedIncrement
InterlockedDecrement
MulDiv
GetLocalTime
WriteFile
GetProcessHeap
GetVersion
MultiByteToWideChar
OutputDebugStringA
SetPriorityClass
GetCurrentProcess
ReleaseMutex
WaitForSingleObject
SetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
GetFileAttributesA
GetDriveTypeA
GetModuleFileNameA
SetCurrentDirectoryA
GetFullPathNameA
ReleaseSemaphore
CreateSemaphoreA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReadFile
GetFileSize
CreateFileA
SetFilePointer
lstrlenA
SetThreadPriority
GetThreadPriority
GetCurrentThread
CreateEventA
CreateThread
GetOverlappedResult
FindClose
FindFirstFileA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
FindNextFileA
RaiseException
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
WideCharToMultiByte
SetUnhandledExceptionFilter
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
GetProcAddress
GetOEMCP
GetCPInfo
ExitProcess
TerminateProcess
CreateDirectoryA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
FlushFileBuffers
GetTimeZoneInformation
SetEndOfFile
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetQueueStatus
MsgWaitForMultipleObjects
GetKeyState
ScreenToClient
GetActiveWindow
GetCursorPos
SystemParametersInfoA
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GetClassLongA
GetWindowRect
RedrawWindow
SetCursor
SetWindowLongA
SetWindowPos
IsIconic
EnumDisplaySettingsA
UnregisterDeviceNotification
CallWindowProcA
RegisterDeviceNotificationA
GetWindowLongA
LoadIconA
PostThreadMessageA
SetRect
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
WindowFromPoint
RegisterClassExA
RegisterWindowMessageA
BeginPaint
EndPaint
SetFocus
SetForegroundWindow
PostQuitMessage
ShowCursor
InvalidateRect
DefWindowProcA
LoadCursorA
ShowWindow
UpdateWindow
AdjustWindowRectEx
CreateWindowExA
PostMessageA
MessageBoxA
GetSystemMetrics
SetCursorPos

advapi32

RegOpenKeyExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
CoCreateInstance

d3d8

Direct3DCreate8

gdi32

DeleteDC
CreateDIBSection
CreateCompatibleDC
StretchDIBits
SelectObject
DeleteObject

dinput8

DirectInput8Create

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 484KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

022019f12e05ab76c4e9a1d7643d81b1

Headers

File Characteristics

Imports

winmm

imm32

kernel32

user32

advapi32

ole32

d3d8

gdi32

dinput8

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 484KB - Virtual size: 482KB

.data Size: 1.9MB - Virtual size: 5.8MB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 484KB - Virtual size: 482KB

.data
Size: 1.9MB - Virtual size: 5.8MB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB