SporeApp[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SporeApp.exe
Size

23.7MB
MD5

5acb26fc0d340e0cef44419636419d33
SHA1

be90189aaaddec429d62becc3a30b3e4398b8730
SHA256

922af7c7908af2614b9caca2ffb1ec2353442022fd124866105724acaa24c26e
SHA512

50b909c815e9a477d8960b674ad83705f71bebaaa24d3f76eb9b6f3eb59d3acaade89ae8fc70e582be6046240771667182c04224f459041a0537fd5ae99522bc
SSDEEP

393216:+C1cbrboXxl8PKYKx+qNCVEYUEJdO+IEjtDwFlNCTMFmmeiiiiiiiiiiiiiiiiiP:+Sl8HqUm7FlqiiiiiiiiiiiiiiiiiiiD

Score

1^/10

Malware Config

Signatures

Files

SporeApp.exe
.exe windows x86

112f956e17464540656faf37b6672eed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

wsock32

send
listen
connect
accept
getsockname
getsockopt
__WSAFDIsSet
select
recv
ioctlsocket
gethostbyname
closesocket
WSAStartup
WSACleanup
WSAGetLastError
sendto
recvfrom
inet_ntoa
socket
bind
shutdown
getpeername
setsockopt

psapi

GetModuleInformation

steam_api

SteamApps
SteamAPI_Shutdown
SteamAPI_Init

kernel32

GlobalMemoryStatusEx
QueryPerformanceFrequency
SetThreadPriority
SetPriorityClass
GetPriorityClass
GetThreadPriority
GetCurrentThread
SetThreadAffinityMask
GetProcessAffinityMask
GetProcAddress
GetModuleHandleA
CloseHandle
DeviceIoControl
CreateFileA
LocalFree
LocalAlloc
GetModuleFileNameA
GetSystemInfo
GetVersionExA
FreeLibrary
LoadLibraryA
GetComputerNameExA
CompareStringW
LCMapStringW
InterlockedIncrement
InterlockedDecrement
GetSystemDirectoryW
GetVersionExW
IsDebuggerPresent
SetProcessAffinityMask
OpenProcess
GetCurrentProcessId
SetThreadExecutionState
GetLocaleInfoW
SetLastError
EnumResourceNamesA
GetSystemDefaultLCID
GetWindowsDirectoryW
GetTickCount
VirtualQuery
ResumeThread
GetCurrentThreadId
CreateEventA
FormatMessageA
FlushFileBuffers
TerminateProcess
SetUnhandledExceptionFilter
GetComputerNameA
SystemTimeToFileTime
GetSystemTime
GetModuleFileNameW
OutputDebugStringA
GetExitCodeThread
TlsAlloc
TlsSetValue
DuplicateHandle
SetThreadIdealProcessor
SleepEx
CreateMutexA
WaitForSingleObject
TryEnterCriticalSection
ReleaseMutex
InterlockedExchangeAdd
InterlockedCompareExchange
CreateSemaphoreA
ReleaseSemaphore
InterlockedExchange
TlsFree
RaiseException
QueueUserAPC
CreateThread
HeapAlloc
GetProcessHeap
HeapFree
InitializeCriticalSectionAndSpinCount
VirtualFree
VirtualAlloc
GetSystemTimeAsFileTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetVersion
GetModuleHandleW
FindFirstFileW
FindNextFileW
FindClose
SetEvent
CancelIo
GetLongPathNameW
WaitForMultipleObjectsEx
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects
FindFirstChangeNotificationW
CreateFileW
GetVolumeInformationW
MultiByteToWideChar
WideCharToMultiByte
GetLastError
GetFileSize
SetEndOfFile
SetFilePointer
ReadFile
WriteFile
GetFileAttributesW
DeleteFileW
MoveFileExW
CopyFileW
SetFileAttributesW
GetTempPathW
GetVolumePathNameW
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
SetEnvironmentVariableA
GetEnvironmentVariableA
LoadLibraryW
GetACP
GetFullPathNameA
GetProcessTimes
GetCommandLineA
Sleep
MoveFileA
CreateDirectoryA
RemoveDirectoryA
GetCurrentDirectoryA
UnhandledExceptionFilter
GetStartupInfoA
FlushConsoleInputBuffer
FindFirstFileA
FindNextFileA
GlobalMemoryStatus
GetStdHandle
GetFileType
QueryPerformanceCounter
TlsGetValue
GetDiskFreeSpaceExA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
GetCurrentProcess

user32

SetWindowLongW
CreateWindowExW
SetWindowPos
GetWindowLongA
GetSystemMetrics
GetClientRect
SetWindowTextW
DestroyWindow
GetDesktopWindow
IsDlgButtonChecked
CheckDlgButton
GetDoubleClickTime
wsprintfA
RegisterClassA
CreateWindowExA
SetClipboardViewer
IsClipboardFormatAvailable
GetClipboardData
TranslateMessage
EmptyClipboard
SetClipboardData
CloseClipboard
ChangeClipboardChain
wsprintfW
GetCursorPos
GetKeyboardState
DefWindowProcA
PeekMessageA
GetKeyboardLayout
RegisterClassExW
SetTimer
SetCursor
SetCursorPos
IntersectRect
ReleaseCapture
SetCapture
GetMenu
AdjustWindowRectEx
MoveWindow
BeginPaint
EndPaint
EnumDisplayMonitors
PeekMessageW
DispatchMessageW
ClientToScreen
KillTimer
UnregisterClassA
GetKeyState
PostMessageA
ShowCursor
GetWindowRect
MonitorFromWindow
IsZoomed
GetAncestor
IsIconic
IsWindowVisible
SetActiveWindow
GetActiveWindow
FillRect
UpdateWindow
ValidateRect
InvalidateRect
LoadIconA
DestroyCursor
GetIconInfo
LoadImageW
UnhookWindowsHookEx
SetWindowsHookExA
GetAsyncKeyState
CallNextHookEx
GetForegroundWindow
GetWindowThreadProcessId
GetMonitorInfoA
ScreenToClient
SendMessageA
LoadCursorA
SetWindowLongA
SetFocus
DefWindowProcW
GetDC
ReleaseDC
SystemParametersInfoA
GetProcessWindowStation
GetUserObjectInformationW
ShowWindow
MessageBoxW
MessageBoxA
OpenClipboard
PostQuitMessage

gdi32

CreateSolidBrush
DeleteObject
ExtEscape
DeleteDC
GetDeviceCaps
CreateDCA

advapi32

GetUserNameW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExW
RegQueryValueExW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegOpenKeyExW
RegCloseKey
GetUserNameA

shell32

SHGetFolderPathW
DragQueryFileW
ShellExecuteW

ole32

OleInitialize
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
OleUninitialize
ReleaseStgMedium

msvcr90

tolower
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_time32
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_getch
signal
isupper
strcmp
vfprintf
ldexp
vsprintf
_aligned_free
_aligned_malloc
wcsncat
_control87
wcscspn
strncat
_controlfp
_ultoa
_strlwr
fputs
_isnan
_finite
_searchenv
_wsearchenv
_spawnv
_wspawnv
_strtoui64
_wgetcwd
_wstat64i32
_getdrive
_wgetdcwd
_fcvt
_ecvt
_beginthreadex
_mktime64
strftime
_localtime64
strtol
strpbrk
isprint
atof
atoi
towupper
setlocale
_setmbcp
_wcslwr
_ltow
strrchr
_gmtime64
abort
_snprintf
ftell
fflush
_vsnprintf
_errno
ferror
longjmp
getenv
tmpfile
fseek
_setjmp3
_ltoa
fgets
_stat64i32
strspn
strcspn
wcsrchr
__iob_func
_aligned_realloc
exit
_purecall
_CIcos
_CIsin
_CIsqrt
memset
memcpy
memmove
_CIasin
_CIfmod
_CIacos
fclose
fprintf
fopen
fwrite
sprintf
_CIpow
wcstoul
_ultow
strtod
_CIlog
floor
ceil
modf
__CxxFrameHandler3
atol
isdigit
_strnicmp
_CxxThrowException
sscanf
_stricmp
swscanf
wcstol
wcsncmp
_wtol
wcsncpy
strncpy
strtoul
strncmp
toupper
strchr
isspace
_wcsicmp
isalnum
wcstod
isalpha
wcsstr
wcschr
_wcsnicmp
towlower
iswctype
isxdigit
memchr
strstr
printf
qsort
_except_handler3
fread
feof
free
realloc
malloc
_time64
rand
_crt_debugger_hook

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
GetFileVersionInfoW

d3dx9_27

D3DXVec3Transform
D3DXVec3TransformNormal
D3DXCheckVersion
D3DXGetPixelShaderProfile
D3DXGetVertexShaderProfile
D3DXMatrixMultiplyTranspose
D3DXMatrixTranspose
D3DXMatrixMultiply
D3DXCompileShader

dinput8

DirectInput8Create

imm32

ImmDisableTextFrameService
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmNotifyIME
ImmSetOpenStatus
ImmSimulateHotKey
ImmReleaseContext
ImmGetConversionStatus
ImmGetContext
ImmGetOpenStatus
ImmGetCandidateListW
ImmSetConversionStatus

usp10

ScriptItemize
ScriptBreak

dbghelp

UnDecorateSymbolName
SymLoadModule64
SymInitialize
SymSetOptions
SymCleanup
SymGetSymFromAddr64
SymGetLineFromAddr64

ws2_32

WSAIoctl
WSASetLastError
WSASocketA

dsound

ord1
ord9

d3d9

Direct3DCreate9

Sections

.text
Size: 15.8MB - Virtual size: 15.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 787KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 512B - Virtual size: 31B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 916KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

112f956e17464540656faf37b6672eed

Headers

DLL Characteristics

File Characteristics

Imports

winmm

wsock32

psapi

steam_api

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcr90

version

d3dx9_27

dinput8

imm32

usp10

dbghelp

ws2_32

dsound

d3d9

Sections

.text Size: 15.8MB - Virtual size: 15.8MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 787KB - Virtual size: 2.1MB

.tls Size: 512B - Virtual size: 13B

CONST Size: 512B - Virtual size: 31B

.rsrc Size: 5.0MB - Virtual size: 5.0MB

.reloc Size: 916KB - Virtual size: 916KB

.text
Size: 15.8MB - Virtual size: 15.8MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 787KB - Virtual size: 2.1MB

.tls
Size: 512B - Virtual size: 13B

CONST
Size: 512B - Virtual size: 31B

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

.reloc
Size: 916KB - Virtual size: 916KB