stbc[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

stbc.exe
Size

5.9MB
MD5

65e61a5cd7a78e8c4ad0ca5e6903d0ca
SHA1

46b75f50eba7538fb9dfadbc549102b14278f8e0
SHA256

4289484b80d7281c8917bff1ea0837724a3729ddcd283fba955905931ff01b18
SHA512

e1c849faa6c662f91e2bc930c964ca815338076e6de135e51abfc4b33259b1845f279573b9e00a3df15e5b198900d847e641fe735eeef38ec878f6eca815ed84
SSDEEP

98304:2LT2RV5fsWQtPk2JIfGEPq+xaQzlygt9lBNBBI0/S7xrn:62RV5DQtPAfxPxaQzlygt9lBbQn

Score

1^/10

Malware Config

Signatures

Files

stbc.exe
.exe windows x86

9d589dc5c99701271ecb722c0a71e04f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dinput

DirectInputCreateEx

advapi32

RegSetValueExA
RegQueryValueA
RegCloseKey
RegQueryValueExA
RegSetValueA
RegCreateKeyExA
RegOpenKeyExA
RegFlushKey
RegOpenKeyA
RegEnumKeyA
RegQueryInfoKeyA

kernel32

GetCurrentDirectoryA
GetDriveTypeA
SetErrorMode
FindFirstFileA
DeleteFileA
GetLogicalDriveStringsA
CreateDirectoryA
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetModuleFileNameA
GlobalFree
GetProcAddress
LoadLibraryA
GetTickCount
Sleep
QueryPerformanceCounter
GetPrivateProfileStringA
GetLastError
FreeConsole
AllocConsole
WriteConsoleA
GetStdHandle
ExitProcess
GlobalAlloc
ReadConsoleA
SetUnhandledExceptionFilter
FormatMessageA
VirtualQuery
GetCurrentProcess
GetModuleHandleA
IsBadWritePtr
GetCurrentThread
WriteFile
QueryPerformanceFrequency
RemoveDirectoryA
SetFileAttributesA
CopyFileA
MultiByteToWideChar
lstrlenA
GlobalUnlock
GlobalLock
SetLastError
GetProcessTimes
CreatePipe
LoadLibraryExA
GetCurrentThreadId
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
GetVersionExA
OutputDebugStringA
SetFilePointer
LocalFree
FindNextFileA
FindClose
FreeLibrary
SetEnvironmentVariableW
GetFileInformationByHandle
GetCurrentProcessId
FlushFileBuffers
EnterCriticalSection
LCMapStringW
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
GetFullPathNameA
TerminateProcess
RtlUnwind
GetCommandLineA
GetVersion
GetStartupInfoA
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
GetSystemTime
GetLocalTime
GetTimeZoneInformation
RaiseException
SetEnvironmentVariableA
HeapReAlloc
GetFileAttributesA
MoveFileA
SetCurrentDirectoryA
PeekNamedPipe
DuplicateHandle
SetStdHandle
GetFileType
SetConsoleCtrlHandler
SetEndOfFile
ResumeThread
CreateThread
TlsSetValue
ExitThread
FatalAppExitA
TlsAlloc
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocaleInfoW
IsBadCodePtr
IsBadReadPtr
CreateProcessA
GetExitCodeProcess
CompareStringW
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetStringTypeW
GetStringTypeA
GetEnvironmentStrings
WideCharToMultiByte
LCMapStringA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
GetOEMCP
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
GetCPInfo
HeapSize
TlsFree

user32

ClientToScreen
AdjustWindowRect
ShowWindow
UpdateWindow
CreateWindowExA
IsWindow
DestroyWindow
GetKeyboardState
GetCursorPos
ScreenToClient
DefWindowProcA
BeginPaint
PostQuitMessage
SetCapture
SendDlgItemMessageA
EndPaint
PostMessageA
DispatchMessageA
TranslateAcceleratorA
TranslateMessage
DialogBoxIndirectParamA
GetKeyState
GetActiveWindow
OpenClipboard
MessageBeep
SetWindowTextA
CloseClipboard
EmptyClipboard
SetClipboardData
GetForegroundWindow
GetClientRect
wvsprintfA
SetCursorPos
IsChild
GetWindowRect
DialogBoxParamA
GetDlgItem
EndDialog
ReleaseCapture
MoveWindow
LoadIconA
LoadCursorA
RegisterClassA
MessageBoxA
GetSystemMetrics
SendMessageA
AdjustWindowRectEx
GetWindowLongA
PeekMessageA
ShowCursor
FindWindowA

winmm

mciSendCommandA
joyGetPosEx
joyGetDevCapsA
auxSetVolume
auxGetDevCapsA
auxGetNumDevs
joyGetNumDevs
timeGetTime
auxGetVolume

wsock32

ioctlsocket
socket
closesocket
inet_addr
gethostbyname
htons
connect
recv
setsockopt
send
ntohs
recvfrom
sendto
__WSAFDIsSet
getsockname
select
htonl
WSAStartup
bind
shutdown
WSAGetLastError
gethostname
inet_ntoa
WSACleanup

mss32

_AIL_set_sample_volume@8
_AIL_3D_sample_distances@12
_AIL_set_3D_sample_distances@12
_AIL_3D_sample_cone@16
_AIL_set_stream_volume@8
_AIL_set_3D_sample_cone@16
_AIL_set_3D_sample_offset@8
_AIL_set_sample_position@8
_AIL_stop_sample@4
_AIL_resume_3D_sample@4
_AIL_enumerate_3D_providers@12
_AIL_stop_3D_sample@4
_AIL_3D_room_type@4
_AIL_set_3D_provider_preference@12
_AIL_last_error@0
_AIL_set_3D_speaker_type@8
_AIL_3D_speaker_type@4
_AIL_quick_shutdown@0
_AIL_set_redist_directory@4
_AIL_quick_startup@20
_AIL_quick_handles@12
_AIL_set_3D_sample_volume@8
_AIL_open_3D_provider@4
_AIL_3D_velocity@16
_AIL_3D_position@16
_AIL_set_3D_position@16
_AIL_set_3D_orientation@28
_AIL_set_3D_velocity_vector@16
_AIL_open_3D_listener@4
_AIL_close_3D_listener@4
_AIL_release_3D_sample_handle@4
_AIL_release_sample_handle@4
_AIL_allocate_3D_sample_handle@4
_AIL_allocate_sample_handle@4
_AIL_3D_provider_attribute@12
_AIL_digital_configuration@16
_AIL_mem_free_lock@4
_AIL_file_size@4
_AIL_file_read@8
_AIL_set_sample_playback_rate@8
_AIL_set_stream_playback_rate@8
_AIL_set_3D_sample_playback_rate@8
_AIL_sample_playback_rate@4
_AIL_stream_playback_rate@4
_AIL_3D_sample_playback_rate@4
_AIL_set_3D_sample_obstruction@8
_AIL_active_3D_sample_count@4
_AIL_3D_sample_obstruction@4
_AIL_3D_sample_effects_level@4
_AIL_3D_sample_occlusion@4
_AIL_set_3D_sample_occlusion@8
_AIL_set_stream_position@8
_AIL_set_3D_sample_effects_level@8
_AIL_stream_position@4
_AIL_stream_ms_position@12
_AIL_WAV_info@8
_AIL_3D_sample_offset@4
_AIL_stream_status@4
_AIL_sample_position@4
_AIL_3D_sample_status@4
_AIL_close_stream@4
_AIL_sample_status@4
_AIL_resume_sample@4
_AIL_set_sample_loop_count@8
_AIL_set_3D_sample_loop_count@8
_AIL_set_stream_loop_count@8
_AIL_open_stream@12
_AIL_pause_stream@8
_AIL_end_sample@4
_AIL_3D_sample_attribute@12
_AIL_set_3D_sample_preference@12
_AIL_3D_sample_volume@4
_AIL_stream_volume@4
_AIL_start_sample@4
_AIL_set_3D_room_type@8
_AIL_set_3D_sample_file@8
_AIL_sample_volume@4
_AIL_set_named_sample_file@20
_AIL_start_stream@4
_AIL_start_3D_sample@4
_AIL_3D_orientation@28
_AIL_close_3D_provider@4

binkw32

_BinkBufferSetOffset@12
_BinkNextFrame@4
_BinkCopyToBuffer@28
_BinkDoFrame@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferClose@4
_BinkGetRealtime@12
_BinkGoto@12
_BinkOpenMiles@4
_BinkSetSoundSystem@8
_BinkOpen@8
_BinkDDSurfaceType@4
_BinkWait@4
_BinkClose@4
_BinkSetVolume@12

ddraw

DirectDrawEnumerateA

comctl32

InitCommonControlsEx

gdi32

GetStockObject

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 780KB - Virtual size: 1001KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 388KB - Virtual size: 387KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d589dc5c99701271ecb722c0a71e04f

Headers

File Characteristics

Imports

dinput

advapi32

kernel32

user32

winmm

wsock32

mss32

binkw32

ddraw

comctl32

gdi32

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 780KB - Virtual size: 1001KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 388KB - Virtual size: 387KB

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 780KB - Virtual size: 1001KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 388KB - Virtual size: 387KB