sandbox[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sandbox.exe
Size

21.5MB
MD5

1db451b37a552276cea1835304b557cb
SHA1

b71bf99e48b463e253e6207b52cbb6af46a00c2d
SHA256

c269603e8e9872747e34b3f4c25e6135d4982a0d7f6eb3bf06e0bb80827b8403
SHA512

caca63c79cc37d28a193ede130aecad80e008edccad86bf741786532181638f73262f6b320b0a3383dd892ca3f3510394c620c315aa6d18a7d073a0a81e09ce3
SSDEEP

393216:IlzlvbVSL5lMYjeo2OQTD8zL1DkdzZL9+eJT4MjMKRbp2:IlhvseYjeo2OeDhdzZL9RJT4M4KFp

Score

1^/10

Malware Config

Signatures

Files

sandbox.exe
.exe windows x86

ad535954d1b71d90f48bf38df92d3c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

steam_api

SteamAPI_WriteMiniDump
SteamAPI_RestartAppIfNecessary
SteamAPI_Init
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
SteamAPI_GetHSteamUser

kernel32

CreateMutexA
CreateSemaphoreA
OutputDebugStringA
FindResourceA
GetLocaleInfoA
FreeLibrary
GetProcAddress
VerSetConditionMask
GetLastError
FormatMessageW
LoadLibraryA
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetThreadExecutionState
GetModuleHandleW
SetUnhandledExceptionFilter
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
LoadLibraryExW
OutputDebugStringW
FlushFileBuffers
CloseHandle
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
WriteFile
GetModuleFileNameA
GetStartupInfoW
GetProcessHeap
AreFileApisANSI
ExitProcess
GetCurrentThreadId
SetLastError
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
HeapReAlloc
ReadFile
HeapAlloc
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
GetCommandLineA
LoadResource
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
CreateThread
LockResource
LCMapStringW
SetStdHandle
CreateFileW
SetEndOfFile
HeapSize

user32

GetRawInputData
RegisterRawInputDevices
GetRawInputDeviceInfoA
GetRawInputDeviceList
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
MonitorFromWindow
WindowFromPoint
ScreenToClient
ClientToScreen
ClipCursor
GetCursorPos
SetCursor
SetCursorPos
MessageBoxA
AdjustWindowRectEx
CreateIconIndirect
LoadImageW
DestroyIcon
LoadCursorW
SetRect
GetClassLongW
GetClientRect
RemovePropW
GetPropW
SetPropW
SetForegroundWindow
GetSystemMetrics
ReleaseCapture
SetCapture
GetKeyState
GetActiveWindow
SetFocus
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
RegisterClassExW
UnregisterClassW
DefWindowProcW
SendMessageW
GetMessageTime
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ReleaseDC
GetDC
SystemParametersInfoW
MapVirtualKeyW
ToUnicode
ShowWindow
DestroyWindow
CreateWindowExW
UnregisterDeviceNotification
RegisterDeviceNotificationW
PeekMessageW
DispatchMessageW
TranslateMessage
GetWindowRect

gdi32

CreateDCW
GetDeviceCaps
SetDeviceGammaRamp
CreateBitmap
CreateRectRgn
DeleteObject
CreateDIBSection
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers
DeleteDC

shell32

DragFinish
DragQueryPoint
DragQueryFileW
ShellExecuteA
DragAcceptFiles

Sections

.text
Size: 426KB - Virtual size: 426KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 11.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20.8MB - Virtual size: 20.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad535954d1b71d90f48bf38df92d3c4e

Headers

DLL Characteristics

File Characteristics

Imports

steam_api

kernel32

user32

gdi32

shell32

Sections

.text Size: 426KB - Virtual size: 426KB

.rdata Size: 227KB - Virtual size: 226KB

.data Size: 17KB - Virtual size: 11.1MB

.rsrc Size: 20.8MB - Virtual size: 20.8MB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 426KB - Virtual size: 426KB

.rdata
Size: 227KB - Virtual size: 226KB

.data
Size: 17KB - Virtual size: 11.1MB

.rsrc
Size: 20.8MB - Virtual size: 20.8MB

.reloc
Size: 28KB - Virtual size: 27KB