Static task
static1
General
-
Target
Super-Mario-Galaxy_990108.zip
-
Size
17.8MB
-
MD5
a887f18717e41da6977dc8901a2f7d24
-
SHA1
2bae2b2555dad8f59c126611eaf2520d39aabd54
-
SHA256
da176deab83322ac2319499ceae34749e83f4d6097d6afb973e07627ca34f23f
-
SHA512
214ea63da4fdc84510c42cffbf050dc6c0bc4c035d9c8ee4d897fa786c649f1f83a2faf4b7842dea4460f32ee61aee4329c686f695f2b38531090f4ba2dda2cc
-
SSDEEP
393216:7IYgGNaqF3JRQDKOL7bqY6sTkGpTJDjfdbopP9T61zx:EYgAsDKOL7l8Gphj5opPM
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Install_01025.exe
Files
-
Super-Mario-Galaxy_990108.zip.zip
-
Install_01025.exe.exe windows x86
c61f65a7af6939836e7bbe4a515158f8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathCombineW
PathFileExistsW
kernel32
AcquireSRWLockExclusive
SetFileAttributesW
GetVersionExA
LeaveCriticalSection
FindFirstFileExW
GetFileSizeEx
lstrlenW
FreeLibrary
ResetEvent
GetSystemDirectoryW
GetModuleHandleW
VirtualFree
GetModuleFileNameW
EnterCriticalSection
FormatMessageW
HeapReAlloc
GetProcessAffinityMask
GetCurrentProcessId
TlsSetValue
GetFileInformationByHandle
GetFileAttributesA
SetFileAttributesA
TlsGetValue
CompareStringW
WaitForSingleObject
VerSetConditionMask
RaiseException
lstrlenA
SetUnhandledExceptionFilter
CreateDirectoryW
VirtualAlloc
GetDateFormatW
SleepEx
WriteConsoleW
SetEvent
GetLastError
GetCommandLineA
VerifyVersionInfoW
EnumSystemLocalesW
TlsAlloc
FindNextFileW
ReleaseSRWLockExclusive
DeleteFileW
GetProcAddress
GetFileType
InitializeCriticalSectionEx
EncodePointer
GetTimeFormatW
IsProcessorFeaturePresent
DeleteFileA
SetEnvironmentVariableW
GetFullPathNameW
HeapAlloc
IsDebuggerPresent
FormatMessageA
GetFileSize
TerminateProcess
GetFileAttributesExW
LoadLibraryW
IsValidLocale
lstrcatA
LCMapStringEx
InitializeSListHead
MoveFileExW
CreateFileW
CreateDirectoryA
GetEnvironmentStringsW
GetDriveTypeW
GetStringTypeW
LoadLibraryA
InitializeCriticalSection
LoadLibraryExW
CreateSemaphoreA
GetTempPathW
GetModuleHandleExW
SetFilePointer
FindClose
ReleaseSemaphore
GetCurrentDirectoryA
LCMapStringW
GetSystemInfo
GetConsoleOutputCP
GetLocaleInfoW
PeekNamedPipe
GetStartupInfoW
GetTimeZoneInformation
UnhandledExceptionFilter
HeapFree
RtlUnwind
TlsFree
CloseHandle
RemoveDirectoryA
GetCommandLineW
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
RemoveDirectoryW
QueryPerformanceFrequency
GetEnvironmentVariableA
GetSystemTimeAsFileTime
AreFileApisANSI
GetStdHandle
InitializeCriticalSectionAndSpinCount
FreeLibraryAndExitThread
LocalFree
WaitForSingleObjectEx
HeapSize
ReadConsoleW
GetProcessHeap
GetCurrentThread
GetTickCount64
SetStdHandle
GetCurrentThreadId
SetFileTime
Sleep
FindFirstFileA
FileTimeToSystemTime
GetTempPathA
CreateEventA
GetUserDefaultLCID
ReadFile
GetModuleHandleA
GlobalMemoryStatus
QueryPerformanceCounter
ExitProcess
SetFilePointerEx
GetConsoleMode
GetCurrentDirectoryW
SetEndOfFile
SetLastError
GetACP
GetFileAttributesW
SystemTimeToTzSpecificLocalTime
lstrcatW
FreeEnvironmentStringsW
WriteFile
DeleteCriticalSection
GetModuleFileNameA
IsValidCodePage
CreateThread
GetOEMCP
CreateFileA
GetSystemWow64DirectoryW
GetCurrentProcess
DecodePointer
GetCPInfo
FindFirstFileW
ExitThread
GetTickCount
FindNextFileA
user32
MessageBoxW
GetWindowLongA
SetWindowTextW
SetWindowTextA
SetWindowLongA
MessageBoxA
LoadIconA
ShowWindow
LoadStringW
LoadStringA
DialogBoxParamA
PostMessageA
CharUpperW
SetTimer
DestroyWindow
SendMessageA
DialogBoxParamW
EndDialog
KillTimer
CharUpperA
GetDlgItem
wsprintfA
shell32
SHGetSpecialFolderPathW
oleaut32
VariantClear
SysAllocStringLen
SysStringLen
bcrypt
BCryptGenRandom
advapi32
CryptAcquireContextW
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptEncrypt
RegCreateKeyExW
CryptCreateHash
CryptImportKey
CryptGetHashParam
RegOpenKeyExW
RegCloseKey
RegSetValueExW
CryptReleaseContext
ole32
CoInitialize
CoUninitialize
CoCreateInstance
crypt32
CertCloseStore
CertOpenStore
CertFindCertificateInStore
PFXImportCertStore
CryptQueryObject
CertGetCertificateChain
CertFreeCertificateContext
CertGetNameStringW
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CertFreeCertificateChain
CertEnumCertificatesInStore
CertAddCertificateContextToStore
CryptDecodeObjectEx
CryptStringToBinaryW
CertFindExtension
wldap32
ord147
ord133
ord301
ord79
ord142
ord46
ord145
ord219
ord167
ord14
ord216
ord73
ord208
ord41
ord117
ord26
ord27
ord127
ws2_32
recvfrom
sendto
ioctlsocket
gethostname
WSACloseEvent
bind
send
freeaddrinfo
WSAEventSelect
WSAResetEvent
WSAEnumNetworkEvents
WSAIoctl
WSAWaitForMultipleEvents
closesocket
WSAGetLastError
recv
WSACreateEvent
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
getaddrinfo
WSAStartup
WSACleanup
__WSAFDIsSet
select
accept
htonl
listen
Sections
.text Size: 6.0MB - Virtual size: 6.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 212KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ