Static task
static1
General
-
Target
th135.exe
-
Size
5.2MB
-
MD5
a2c8ba17e3b74f6b032f1bda4ea6d0ec
-
SHA1
fefe521bb3c1b2695618ae8b4e0acc817c948891
-
SHA256
111948df4129e27b18b96cedeafbec7e536eef1aa2fe23547b86793f93456ac0
-
SHA512
0d76b0fe0bfc2c9022a54a59025718fe86afd9fc809c8a2f06edf8c9c1de5b8cab203a061f2d7c659ef7cbea8dee6a9c5de8cfad0dc29a742e303faa837d3c67
-
SSDEEP
49152:8BUr8r1z0dD/68RlmkfWh8BDD6h4TpUTg72UeiY2aK2qnptNrI6gwyPFq7OFTNao:J8ie8rauhDdTpN2UeiYJd19bGZV4z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource th135.exe
Files
-
th135.exe.exe windows x86
523ad16c008551cb302cd8a31dd1b084
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
timeBeginPeriod
timeGetTime
d3dx9_43
D3DXQuaternionSlerp
D3DXVec3Normalize
D3DXSaveTextureToFileA
D3DXCreateTexture
D3DXCreateEffectPool
D3DXCreateEffect
D3DXGetShaderConstantTable
D3DXVec3Transform
D3DXGetImageInfoFromFileA
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileExA
D3DXCreateEffectFromFileA
D3DXMatrixTransformation
D3DXQuaternionMultiply
D3DXMatrixPerspectiveFovLH
D3DXMatrixLookAtLH
D3DXMatrixMultiply
D3DXMatrixScaling
D3DXMatrixInverse
D3DXMatrixTranslation
D3DXMatrixRotationYawPitchRoll
D3DXVec3TransformCoord
D3DXAssembleShader
imm32
ImmGetContext
ImmSetOpenStatus
ImmGetCompositionStringA
ImmSetCandidateWindow
ImmGetDefaultIMEWnd
ImmReleaseContext
kernel32
GetCurrentProcess
HeapFree
CreateSemaphoreA
WaitForSingleObject
Sleep
GetSystemTimeAsFileTime
GetDriveTypeA
SetCurrentDirectoryA
GetLastError
GetModuleFileNameA
CreateMutexA
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
InterlockedExchange
EnterCriticalSection
InterlockedExchangeAdd
PostQueuedCompletionStatus
TlsAlloc
TlsFree
SetWaitableTimer
GetQueuedCompletionStatus
TerminateThread
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
QueueUserAPC
WaitForMultipleObjects
CreateIoCompletionPort
DeleteCriticalSection
GlobalLock
GetPrivateProfileIntA
GlobalUnlock
GetPrivateProfileStringA
GetCurrentDirectoryA
ReadDirectoryChangesW
CreateFileW
FreeLibrary
SetThreadPriority
GetProcAddress
OutputDebugStringA
GetVersionExA
CreateFileA
GetFileSize
SetFilePointer
ReadFile
TlsGetValue
InterlockedCompareExchange
TlsSetValue
SetLastError
SleepEx
QueryPerformanceCounter
QueryPerformanceFrequency
GetFullPathNameA
GetFileType
WriteFile
GetFileSizeEx
FindClose
GetFileAttributesA
CreateDirectoryA
FindFirstFileA
FindNextFileA
GetCurrentProcessId
DeleteFileA
HeapAlloc
GetStdHandle
GetConsoleScreenBufferInfo
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualAlloc
VirtualProtect
DuplicateHandle
InitializeSListHead
FlushFileBuffers
GetTimeZoneInformation
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
SetHandleCount
GetLocaleInfoW
HeapSize
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentThread
GetThreadTimes
LoadLibraryW
SwitchToThread
LCMapStringW
GetCPInfo
CompareStringW
ExitProcess
GetModuleHandleW
RaiseException
CreateThread
ExitThread
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapReAlloc
GetModuleFileNameW
ReleaseSemaphore
GetProcessHeap
GetTickCount
CloseHandle
SetEvent
SetConsoleTextAttribute
CreateEventA
SetStdHandle
CreateProcessA
SetEnvironmentVariableA
lstrlenA
MoveFileA
WriteConsoleW
AreFileApisANSI
CreateDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
FindNextFileW
FindFirstFileW
DeviceIoControl
SetEndOfFile
FormatMessageA
LocalFree
CreateWaitableTimerA
SystemTimeToFileTime
ResumeThread
ResetEvent
OpenEventA
GetTimeFormatA
GetDateFormatA
GetCurrentThreadId
MultiByteToWideChar
DecodePointer
EncodePointer
WideCharToMultiByte
GetExitCodeProcess
user32
MonitorFromWindow
ReleaseDC
PeekMessageA
GetDC
GetMonitorInfoA
SendMessageA
EnumDisplaySettingsA
LoadCursorA
UpdateWindow
GetSystemMetrics
DispatchMessageA
GetActiveWindow
ShowWindow
GetCursorPos
DefWindowProcA
CreateWindowExA
GetWindowLongA
MessageBoxA
SetWindowLongA
ShowCursor
PostMessageA
WaitMessage
LoadIconA
KillTimer
PostQuitMessage
RegisterClassExA
ScreenToClient
GetMessageA
SetCursor
OpenClipboard
GetClipboardData
CloseClipboard
ClipCursor
GetForegroundWindow
GetClientRect
ClientToScreen
SetWindowTextA
CharNextA
CallNextHookEx
CallWindowProcA
SetWindowPos
GetWindowInfo
GetWindowThreadProcessId
UnhookWindowsHookEx
TranslateMessage
GetWindowRect
GetTopWindow
GetAsyncKeyState
IsWindow
IsWindowVisible
CloseWindow
GetWindow
CharPrevA
SetWindowsHookExA
gdi32
AddFontMemResourceEx
CreatePen
CreateFontA
CreateDIBSection
SetBkMode
GetTextMetricsA
GetTextExtentPoint32A
SetBkColor
SetTextColor
TextOutA
SelectObject
DeleteObject
DeleteDC
GetStockObject
GetDeviceCaps
CreateCompatibleDC
advapi32
GetUserNameA
shell32
SHFileOperationA
ole32
CoSetProxyBlanket
CoCreateInstance
CoInitialize
CoUninitialize
oleaut32
SysAllocString
SysFreeString
ws2_32
htons
freeaddrinfo
ioctlsocket
WSAStringToAddressA
WSACleanup
WSAStartup
WSASendTo
WSASocketA
closesocket
WSASetLastError
bind
setsockopt
ntohs
WSARecvFrom
ntohl
WSAGetLastError
select
WSASend
htonl
getaddrinfo
dinput8
DirectInput8Create
xinput1_3
ord2
ord4
d3d9
Direct3DCreate9
dsound
ord11
Sections
.text Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 828KB - Virtual size: 828KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 413KB - Virtual size: 475KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 244KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ