Castle of Temptation[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Castle of Temptation.exe
Size

16.1MB
MD5

828b512a1288b476788543fa46698bc8
SHA1

8ffa43030af5d6b37e944b83d859001280c1cb7c
SHA256

e33d4483bce054f22cdbe6cd791ff1fd689edfcb8422b04fbe31d7f95960447d
SHA512

f7562b8d37513c7dd873989abbb0ad87f43a4d553ef027ccf24dc6a60e614f013dbb4707b5ea4d01e85f16f7feffbfe4802572b50f2b2495927009df1b911a4f
SSDEEP

393216:g25I0DLEGzO0zUyyYnx3fSOP5lPTuIk+7Iz8OlGIdU0T1fTcxxUMUQ8KKbnooD:lfgfIxXNKb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Castle of Temptation.exe

Files

Castle of Temptation.exe
.exe windows x86

db5533103393574c1fe1d840e8e9ff90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

hid

HidP_GetCaps
HidD_GetHidGuid
HidD_GetProductString
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidP_GetData
HidD_FreePreparsedData
HidD_GetPreparsedData

gdi32

SwapBuffers
CreateDIBSection
GetObjectA
DeleteObject
GetDeviceCaps
SetPixelFormat
ChoosePixelFormat
CreateBitmap

user32

LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
GetDesktopWindow
AdjustWindowRectEx
GetWindowPlacement
ChangeDisplaySettingsA
EnumDisplaySettingsA
GetDlgItem
SetWindowLongA
CreateDialogParamA
SetWindowPos
GetWindowRect
GetParent
GetThreadDesktop
GetUserObjectInformationA
EnumWindows
RegisterWindowMessageA
SendMessageA
EndDialog
IsIconic
WindowFromPoint
SetForegroundWindow
GetRawInputDeviceList
GetRawInputDeviceInfoW
GetRawInputData
RegisterRawInputDevices
TranslateMessage
PtInRect
GetClientRect
GetWindowLongA
GetMessageExtraInfo
RegisterDeviceNotificationW
CreateIconIndirect
ReleaseDC
GetDC
GetSystemMetrics
SetCursor
LoadCursorA
DestroyCursor
DefWindowProcW
DestroyWindow
CreateWindowExW
SetClipboardData
CloseClipboard
DialogBoxParamW
RegisterClassExW
SendMessageTimeoutA
MessageBoxW
SystemParametersInfoW
ClientToScreen
wsprintfA
DispatchMessageA
UnregisterDeviceNotification
ReleaseCapture
SetCapture
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
ShowWindow
ClipCursor
GetAsyncKeyState
ScreenToClient
IsWindowVisible
GetCursorPos
GetKeyState
GetProcessWindowStation
GetUserObjectInformationW
wvsprintfA
MonitorFromWindow
GetCaretBlinkTime
UpdateWindow
ValidateRect
PeekMessageA
GetMessageA
EnumDisplayDevicesA
EnumDisplayMonitors
EmptyClipboard
GetMonitorInfoA
LoadImageW
SetFocus
GetFocus
ShowCursor
SetCursorPos
DialogBoxParamA
GetWindowLongW
SetWindowLongW
PostQuitMessage
RegisterClassW
SetWindowTextW
CopyImage
EnableWindow
MsgWaitForMultipleObjects
DispatchMessageW
IsDialogMessageW
PeekMessageW
CreateDialogParamW
CheckDlgButton
IsDlgButtonChecked

advapi32

CryptDestroyHash
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
GetUserNameA
RegCreateKeyW
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptGetHashParam

ws2_32

WSAEnumNetworkEvents
WSASetEvent
select
getpeername
getprotobyname
recv
connect
gethostbyname
ntohl
bind
send
WSACancelAsyncRequest
WSAAsyncGetHostByName
WSAWaitForMultipleEvents
WSACreateEvent
WSACloseEvent
WSAEventSelect
__WSAFDIsSet
ntohs
freeaddrinfo
WSASocketA
getsockopt
WSASetLastError
setsockopt
ioctlsocket
gethostname
socket
WSAGetLastError
htons
sendto
recvfrom
WSAIoctl
getaddrinfo
getnameinfo
listen
WSACleanup
closesocket
shutdown
WSAResetEvent
htonl
inet_ntoa
WSAStartup
inet_addr
getsockname
accept

kernel32

SetWaitableTimer
OpenEventA
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
InitializeSListHead
GetThreadPriority
SetThreadAffinityMask
SwitchToThread
VirtualFree
VirtualAlloc
VirtualProtect
InterlockedExchangeAdd
CreateWaitableTimerA
GetProcessAffinityMask
FlushConsoleInputBuffer
ExpandEnvironmentStringsA
VerifyVersionInfoA
GetVersion
GetProcessHeap
CreateFileA
WriteConsoleW
GetSystemDirectoryA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
InterlockedExchange
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
GetLocaleInfoW
InterlockedIncrement
HeapCreate
GetStdHandle
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitThread
DuplicateHandle
SetConsoleCtrlHandler
HeapSize
SetEnvironmentVariableA
SignalObjectAndWait
CreateMutexW
FlushInstructionCache
HeapQueryInformation
ExitProcess
EncodePointer
DecodePointer
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
SetErrorMode
GlobalMemoryStatus
VirtualQuery
CreateSemaphoreW
GetFileTime
lstrlenA
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileSize
TerminateThread
GetTimeZoneInformation
GetLocalTime
FormatMessageA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
GetWindowsDirectoryW
ResetEvent
InitializeCriticalSection
IsDebuggerPresent
GetSystemTimeAsFileTime
SetThreadPriority
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
GetFileInformationByHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
SleepEx
SetHandleInformation
SetEvent
SetDllDirectoryW
GetFullPathNameW
GetCurrentDirectoryA
PeekNamedPipe
GetVersionExA
GetDriveTypeA
GetModuleFileNameA
GetFileAttributesA
FindFirstFileExA
ReadConsoleInputA
GetEnvironmentVariableA
OutputDebugStringA
SetConsoleMode
GetFullPathNameA
GetTickCount
InterlockedCompareExchange
CreateSemaphoreA
CloseHandle
Sleep
WaitForSingleObjectEx
ReleaseSemaphore
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
CreateEventA
MultiByteToWideChar
GetProcAddress
FreeLibrary
GetModuleHandleW
LoadLibraryW
GetLastError
WideCharToMultiByte
ReadFile
SetFilePointerEx
WriteFile
SetFilePointer
SetEndOfFile
GetFileAttributesExW
CreateFileW
SetFileAttributesW
GetFileAttributesW
CopyFileW
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
FindFirstFileExW
CreateDirectoryW
RemoveDirectoryW
DeleteFileW
SetFileTime
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExA
GetModuleFileNameW
QueryPerformanceFrequency
QueryPerformanceCounter
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GetModuleHandleA
lstrcpynA
lstrcpyA
lstrcpynW
GetCommandLineW
CancelIo
GetOverlappedResult
CreateEventW
ExpandEnvironmentStringsW
CreateMutexA
GetCurrentThreadId
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcess
GetVersionExW
GetSystemInfo
GlobalMemoryStatusEx
GetUserDefaultLangID
InterlockedDecrement
GetComputerNameW
GetTempPathW
LoadLibraryA
GetCurrentProcessId
SetUnhandledExceptionFilter
WaitForSingleObject
CreateThread
GetCurrentDirectoryW
OpenEventW
DebugBreak
SetLastError
ResumeThread
GetThreadContext
SuspendThread
GetCurrentThread
GetDriveTypeW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoA

ole32

PropVariantClear
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoSetProxyBlanket

shlwapi

PathCanonicalizeW
PathFileExistsW
SHDeleteKeyW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW
SHFileOperationW

opengl32

glColor4f
glColorPointer
glEnableClientState
glVertexPointer
glNormalPointer
glTexCoordPointer
glDisableClientState
glIsTexture
glLoadIdentity
glGetTexParameteriv
glTexSubImage2D
glPixelStorei
glCopyTexSubImage2D
glReadBuffer
glGetBooleanv
glGetError
glTexParameterf
glDrawElements
glDrawArrays
glGetIntegerv
glGenTextures
glBindTexture
glTexImage2D
glTexParameteri
glReadPixels
glDeleteTextures
glFinish
glDrawBuffer
glScissor
glViewport
glGetFloatv
glMultMatrixf
glMatrixMode
glLoadMatrixf
glPolygonMode
glFrontFace
glClearColor
glClearDepth
glClearStencil
glClear
glStencilMask
glDepthFunc
glDepthMask
glCullFace
glPolygonOffset
glColorMask
glDisable
glBlendFunc
glEnable
glGetString
wglGetCurrentDC
wglGetCurrentContext
wglCreateContext
wglDeleteContext
wglShareLists
wglGetProcAddress
wglMakeCurrent

winmm

waveOutPrepareHeader
waveInReset
waveInClose
waveInStart
waveInGetDevCapsW
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutGetPosition
waveOutReset
timeGetTime
timeEndPeriod
timeBeginPeriod
waveInGetNumDevs
waveOutGetNumDevs
waveOutGetDevCapsA
waveOutGetDevCapsW
waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutWrite
waveInOpen

oleaut32

VariantChangeType
VariantClear
VariantInit
SysFreeString
SysAllocString

imm32

ImmSetCompositionStringW
ImmReleaseContext
ImmSetOpenStatus
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetConversionStatus
ImmGetContext

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

winhttp

WinHttpGetIEProxyConfigForCurrentUser

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 12.9MB - Virtual size: 12.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 554KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db5533103393574c1fe1d840e8e9ff90

Headers

DLL Characteristics

File Characteristics

Imports

hid

gdi32

user32

advapi32

ws2_32

kernel32

version

ole32

shlwapi

shell32

opengl32

winmm

oleaut32

imm32

dnsapi

iphlpapi

winhttp

Exports

Exports

Sections

.text Size: 12.9MB - Virtual size: 12.9MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 317KB - Virtual size: 1.1MB

.trace Size: 7KB - Virtual size: 7KB

.data1 Size: 512B - Virtual size: 64B

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 554KB - Virtual size: 553KB

.reloc Size: 539KB - Virtual size: 539KB

.text
Size: 12.9MB - Virtual size: 12.9MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 317KB - Virtual size: 1.1MB

.trace
Size: 7KB - Virtual size: 7KB

.data1
Size: 512B - Virtual size: 64B

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 554KB - Virtual size: 553KB

.reloc
Size: 539KB - Virtual size: 539KB