HotlineMiami2[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

HotlineMiami2.exe
Size

24.8MB
MD5

cc163360555d93f8118d38696ee8d88b
SHA1

6b1817e637e5cd7df4b6c3e3bd79230a8d0eff0b
SHA256

83521ab0bfb5d8c9d6d4a059781da6256d215ba04edebdcafe4bca5983904200
SHA512

154dda045ed44d1c5db313fcb2db18edd93bdd5a29fe2f96845981fc092f7806ebe4d3a62b3181fc4504a06daab3e5539413bbdf26b509b3778765c2f6fc8a0f
SSDEEP

393216:NNVy4QIScxobKn0SPfEYPPtM0P49/40kLljAgEdAdI6Z+lTu/3xUz/A:NeALEgHr+loUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HotlineMiami2.exe

Files

HotlineMiami2.exe
.exe windows x86

fe24888fcffd4248f32137e77d5b6e6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glDepthFunc
glDepthMask
glDisable
glEnable
glFrontFace
glStencilFunc
glStencilOp
glGetIntegerv
glViewport
glScissor
glDrawElements
glDrawArrays
glClearStencil
glClearDepth
glClearColor
glClear
glStencilMask
glTexSubImage2D
glTexParameteri
glTexImage2D
glReadPixels
glReadBuffer
glPixelStorei
glGetTexImage
glGenTextures
glDeleteTextures
glBindTexture

glew32

__glewFramebufferTexture2DEXT
__glewFramebufferRenderbufferEXT
__glewDeleteFramebuffersEXT
__glewBindRenderbufferEXT
__glewBindFramebufferEXT
__glewRenderbufferStorageMultisampleEXT
__glewTexImage2DMultisample
__glewGenerateMipmap
__glewCheckFramebufferStatus
__glewBlitFramebuffer
__glewActiveTexture
__glewGenFramebuffersEXT
__glewRenderbufferStorageEXT
__glewBufferData
__glewDeleteBuffers
__glewGenBuffers
__glewBufferSubData
__glewAttachShader
__glewBindAttribLocation
__glewCreateProgram
__glewDeleteProgram
__glewGetActiveUniform
__glewGetProgramInfoLog
__glewGetProgramiv
__glewGetUniformLocation
__glewLinkProgram
__glewUniform1fv
__glewUniform1i
__glewUniform2fv
__glewUniform3fv
__glewUniform4fv
__glewUniformMatrix2fv
__glewUniformMatrix3fv
__glewUniformMatrix4fv
__glewCompileShader
__glewCreateShader
__glewDeleteShader
__glewGetShaderInfoLog
__glewGetShaderiv
__glewShaderSource
__glewUseProgram
__glewValidateProgram
_glewInit@0
__glewBlendFuncSeparate
__glewBlendEquation
__glewVertexAttribPointer
__glewEnableVertexAttribArray
__glewDisableVertexAttribArray
__glewGenRenderbuffersEXT
__glewBindBuffer

sdl2

SDL_GL_DeleteContext
SDL_WaitEvent
SDL_Init
SDL_GetWindowWMInfo
SDL_CreateWindow
SDL_GetError
SDL_GetNumDisplayModes
SDL_GetDisplayMode
SDL_GL_SwapWindow
SDL_SetRelativeMouseMode
SDL_ShowCursor
SDL_GL_SetSwapInterval
SDL_GL_MakeCurrent
SDL_SetWindowPosition
SDL_JoystickGetGUID
SDL_JoystickGetGUIDString
SDL_GameControllerGetAxis
SDL_GameControllerGetButton
SDL_HapticOpenFromJoystick
SDL_HapticClose
SDL_HapticRumbleInit
SDL_malloc
SDL_free
SDL_RWFromMem
SDL_NumJoysticks
SDL_JoystickGetAttached
SDL_GameControllerAddMappingsFromRW
SDL_GameControllerOpen
SDL_GameControllerGetJoystick
SDL_GameControllerUpdate
SDL_HapticRumblePlay
SDL_InitSubSystem
SDL_WasInit
SDL_HapticRumbleStop
SDL_SetWindowSize
SDL_GetWindowSize
SDL_SetWindowFullscreen
SDL_GL_CreateContext
SDL_GL_SetAttribute
SDL_DestroyWindow
SDL_GameControllerClose

shlwapi

PathAppendW

fmod

?getMusicNumChannels@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?setLoopPoints@Sound@FMOD@@QAG?AW4FMOD_RESULT@@IIII@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?setLoopCount@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?getFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z
?setFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setPan@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?isPlaying@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?setMode@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?setVolume@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setPaused@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?stop@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getOpenState@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OPENSTATE@@PAIPA_N2@Z
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PAVSound@2@PAVChannelGroup@2@_NPAPAVChannel@2@@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
FMOD_System_Create
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setOutput@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_OUTPUTTYPE@@@Z
?getNumDrivers@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getDriverInfo@System@FMOD@@QAG?AW4FMOD_RESULT@@HPADHPAUFMOD_GUID@@PAHPAW4FMOD_SPEAKERMODE@@2@Z
?setDriver@System@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@HW4FMOD_SPEAKERMODE@@H@Z
?setDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@IH@Z
?setFileSystem@System@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PBDPAIPAPAXPAX@ZP6G?AW43@33@ZP6G?AW43@33I13@ZP6G?AW43@3I3@ZP6G?AW43@PAUFMOD_ASYNCREADINFO@@3@Z9H@Z
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?setCallback@System@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_SYSTEM@@IPAX11@ZI@Z

d3dx9_43

D3DXCompileShader

freeimage

_FreeImage_GetBits@4
_FreeImage_GetFileTypeFromMemory@8
_FreeImage_LoadFromMemory@12
_FreeImage_GetBPP@4
_FreeImage_OpenMemory@8
_FreeImage_Unload@4
_FreeImage_PreMultiplyWithAlpha@4
_FreeImage_GetWidth@4
_FreeImage_CloseMemory@4
_FreeImage_ConvertTo32Bits@4
_FreeImage_GetHeight@4

kernel32

GetVersionExW
CreateEventW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
SwitchToThread
SetThreadAffinityMask
GetProcessAffinityMask
DeleteTimerQueueTimer
OutputDebugStringW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetProcessHeap
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThread
HeapSize
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
VirtualAlloc
TlsFree
TlsSetValue
TlsAlloc
TerminateProcess
SetLastError
UnhandledExceptionFilter
GetCPInfo
CreateTimerQueue
CreateTimerQueueTimer
TlsGetValue
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetModuleFileNameW
GetFileType
GetStdHandle
AreFileApisANSI
GetModuleHandleExW
ReadFile
LoadLibraryExW
ExitThread
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
InterlockedPushEntrySList
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
VirtualFree
VirtualProtect
InitializeSListHead
GetStartupInfoW
InterlockedPopEntrySList
ExitProcess
WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState
DuplicateHandle
WriteFile
WaitForMultipleObjects
ResetEvent
SetEvent
GetLastError
GetCurrentProcessId
CreateFileW
CreateSemaphoreW
TerminateThread
GetProcessId
CreateThread
SetUnhandledExceptionFilter
GetCurrentProcess
VirtualQueryEx
FreeLibrary
InterlockedDecrement
InterlockedIncrement
RtlCaptureContext
FindNextFileW
FindFirstFileW
FindClose
MultiByteToWideChar
MoveFileExW
RemoveDirectoryW
GetFileAttributesW
DeleteFileW
CreateDirectoryW
CreateDirectoryA
GetCurrentDirectoryA
LoadLibraryW
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetLocalTime
VerifyVersionInfoW
VerSetConditionMask
SetThreadPriority
Sleep
WaitForSingleObject
RaiseException
CloseHandle
WaitForSingleObjectEx
ReleaseSemaphore
CreateSemaphoreA
GetUserDefaultLCID
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ChangeTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
SetStdHandle
GetThreadPriority
UnregisterWait
SetEndOfFile
SignalObjectAndWait
GetStringTypeW
GetCurrentThreadId

user32

DispatchMessageW
SendMessageW
PostMessageW
DefWindowProcW
PostQuitMessage
RegisterClassW
UnregisterClassW
CreateWindowExW
TranslateMessage
SetWindowPos
IsIconic
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
UpdateWindow
GetDC
ReleaseDC
DestroyWindow
GetWindowRect
AdjustWindowRectEx
GetCursorPos
ScreenToClient
SetWindowLongW
GetDesktopWindow
LoadCursorW
LoadIconW
SetCapture
ReleaseCapture
ShowCursor
SetCursorPos
SetCursor
ClipCursor
ClientToScreen
GetKeyNameTextW
MapVirtualKeyW
GetRawInputData
RegisterRawInputDevices
GetMessageW
GetClientRect

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
SelectObject
CreateCompatibleBitmap

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CoCreateGuid

winmm

timeEndPeriod
timeBeginPeriod

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 19.0MB - Virtual size: 19.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe24888fcffd4248f32137e77d5b6e6a

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

glew32

sdl2

shlwapi

fmod

d3dx9_43

freeimage

kernel32

user32

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 19.0MB - Virtual size: 19.0MB

.rdata Size: 2.4MB - Virtual size: 2.4MB

.data Size: 83KB - Virtual size: 233KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 3.3MB - Virtual size: 3.3MB

.text
Size: 19.0MB - Virtual size: 19.0MB

.rdata
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 83KB - Virtual size: 233KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 3.3MB - Virtual size: 3.3MB