Static task
static1
General
-
Target
東方紅魔郷.exe
-
Size
500KB
-
MD5
aed7015a769aa72a967877858c72280d
-
SHA1
78bf06e30db5c00ec35dbe3ce3030180cf4cd8fc
-
SHA256
7152c0ce2667ff10bd5bbe9c3a2052302dec7d326798eb2e70f106e933831a9d
-
SHA512
661e8a1a03c8e9d6bfefd16554452bf4f208d99f2b0a5d6586b6c275c735d04ff756cfdc6d1d6cc0ccfbd62c09eb94030115acf9dad0423cfe55806ec9838be2
-
SSDEEP
12288:srP1VGBeZJe5EhjAu27/wk/fhqKb/bU020NvZQTQ1hrMbjl1hgLxUQ3cJjZ:srNXZJe5EhjAu27/wk/gKjbU024vZfhQ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 東方紅魔郷.exe
Files
-
東方紅魔郷.exe.exe windows x86
5ae42e48ce07c99b972488001e8e43a2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
dinput8
DirectInput8Create
dsound
ord11
d3d8
Direct3DCreate8
winmm
mmioSeek
mmioGetInfo
mmioSetInfo
mmioDescend
mmioRead
mmioAscend
mmioOpenA
mmioClose
midiOutUnprepareHeader
timeKillEvent
timeSetEvent
timeGetDevCaps
midiOutShortMsg
midiOutPrepareHeader
midiOutLongMsg
midiOutReset
midiOutClose
midiOutOpen
timeBeginPeriod
timeGetTime
timeEndPeriod
joyGetPosEx
joyGetDevCapsA
midiOutGetNumDevs
mmioAdvance
kernel32
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetLocaleInfoA
GetCPInfo
GetStringTypeW
OutputDebugStringA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
CreateMutexA
CloseHandle
WaitForSingleObject
CreateEventA
CreateThread
FindClose
FindNextFileA
FindFirstFileA
Sleep
GetFileSize
GetFileTime
SetFilePointer
LCMapStringA
DeleteFileA
ReadFile
WriteFile
LocalFree
LocalAlloc
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
HeapFree
GetModuleHandleA
GetStringTypeA
InitializeCriticalSection
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
SetLastError
TlsFree
IsBadWritePtr
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
GetSystemInfo
VirtualQuery
SetEndOfFile
CreateFileA
HeapAlloc
RtlUnwind
RaiseException
GetLocalTime
CreateDirectoryA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
user32
DrawTextW
MsgWaitForMultipleObjects
KillTimer
PostThreadMessageA
SetTimer
SetCursor
DefWindowProcA
LoadCursorA
RegisterClassA
CreateWindowExA
GetSystemMetrics
SystemParametersInfoA
ShowCursor
PeekMessageA
TranslateMessage
DispatchMessageA
ShowWindow
MoveWindow
DestroyWindow
DrawTextA
MessageBoxA
SetKeyboardState
GetKeyboardState
GetWindowLongA
gdi32
SetBkColor
CreateFontIndirectA
GetObjectA
GetStockObject
TextOutA
SetBkMode
SetTextColor
CreateDIBSection
DeleteDC
CreateCompatibleDC
CreateFontA
SelectObject
DeleteObject
Sections
.text Size: 420KB - Virtual size: 417KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 48KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ