mssa3d[.]m3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mssa3d.m3d
Size

96KB
MD5

5dfda618d9dc11ac3a36264100b40e74
SHA1

f1161745b3460c7faa321c52805b0df541c8f553
SHA256

6b5d0e461f119a9e95e10de24aada3306407acf1c2e1841b26c4c1a5f950224c
SHA512

bc3657fcd76206defcda297a3fff5ec14dd1dd86f3181f83c20800ad4e431249aad3f74012918915007c36fcdd5da0dee3025776d26a344fa1ab344d8e1ca419
SSDEEP

1536:Y5nj8G4DXVZJOOsz9AJ1+2U5G92/vtmgMbFuYRZDHcvlJf:w8G4DF7OOQgSAg0FuWHcNJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mssa3d.m3d

Files

mssa3d.m3d
.dll windows x86

fb1ce2526a7d71d8943cff85a82b9a91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

CreateEventA
ResetEvent
WaitForMultipleObjects
CreateMutexA
ReleaseMutex
CloseHandle
CreateThread
FreeLibrary
GetProcAddress
DisableThreadLibraryCalls
LoadLibraryA
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
Sleep
GetTickCount
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
SetEvent
WaitForSingleObject
GetCurrentThreadId
RaiseException
GetCommandLineA
GetVersionExA
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

mss32

_AIL_digital_handle_release@4
_AIL_stop_timer@4
RIB_alloc_provider_handle
_AIL_release_timer_handle@4
_AIL_unlock@0
RIB_register_interface
_AIL_get_preference@4
_AIL_lock@0
_AIL_get_DirectSound_info@12
RIB_unregister_interface
_AIL_register_timer@4
_AIL_set_error@4
_AIL_digital_handle_reacquire@4
_AIL_start_timer@4
_AIL_set_preference@8
_AIL_set_timer_period@8
_AIL_unlock_mutex@0
_AIL_set_timer_frequency@8
_AIL_HWND@0
_AIL_lock_mutex@0

winmm

timeGetTime

ole32

CoUninitialize
CoCreateInstance
CoInitialize

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Exports

Exports

_RIB_Main@8

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb1ce2526a7d71d8943cff85a82b9a91

Headers

File Characteristics

Imports

user32

kernel32

mss32

winmm

ole32

advapi32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 3KB - Virtual size: 33KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 3KB - Virtual size: 33KB

.reloc
Size: 5KB - Virtual size: 5KB