Silent Aim[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

Silent Aim.rar
Size

178KB
MD5

741b292723766a33723d4ab1cf85ad67
SHA1

52513294cabc55967852e74e2bfdfe55663d5d38
SHA256

03db63804f51bdc7c31f8c675b3c915170f0ebbac80ea337d52225cc55c76bf9
SHA512

5be051502a1b667a682409bc5f196e500b51bde1671e4468335b8a74f650d6e5729a57196f6252cc3c7f953fb60650ad1bfedb2b210490ff57083b6cd8e01322
SSDEEP

3072:yem6idbHb0jZMstwLENaOHKvPy0oRM/I+eBJKLtvZCj3tk4fKFWVIRe5:yzxb70jZtwQNjHKv8KhvedxKFkIRe5

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Silent Aim/dlls/dbg.dll
unpack001/Silent Aim/dlls/odbg.dll
unpack001/Silent Aim/dlls/vstdlib_s.dll

Files

Silent Aim.rar
.rar
Silent Aim/Registry Fix Tools/Net Settings.reg
Silent Aim/Registry Fix Tools/No-Recoil FIX.reg
Silent Aim/Registry Fix Tools/No-Recoil MAX.reg
Silent Aim/Registry Fix Tools/Ping Fix.reg
Silent Aim/config.cfg
Silent Aim/dlls/FireHelper.dll
Silent Aim/dlls/dbg.dll
.dll windows x86

69dec0a005b888f952049f682ee5da7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetLastError
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileA
CreateDirectoryA
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
HeapFree
CloseHandle
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
SetFilePointer
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

ClearErrorLogs
Error
_LogFunctionTrace
_LogFunctionTraceMaxTime
_StartFunctionTimer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Silent Aim/dlls/odbg.dll
.dll windows x86

69dec0a005b888f952049f682ee5da7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetLastError
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
DeleteFileA
CreateDirectoryA
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
EnterCriticalSection
LeaveCriticalSection
HeapFree
CloseHandle
InitializeCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
SetFilePointer
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

OClearErrorLog
OErrr
OLogFunctionTrace
OLogFunctionTraceMaxTime
OStartFunctionTimer

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Silent Aim/dlls/vstdlib_s.dll
.dll windows x86

25b1b5783161b423f0b9e229a87ccbe1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
VirtualQuery
HeapAlloc
GetProcessHeap
GetModuleFileNameA
CreateThread
Sleep
InterlockedExchange
GetLocaleInfoA
SetFilePointer
GetSystemInfo
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
ReadFile
CreateFileA
WriteFile
DisableThreadLibraryCalls
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
CloseHandle
SetEndOfFile
GetLastError
GetCurrentProcess
TerminateProcess
ExitProcess
GetDriveTypeA
GetCurrentDirectoryA
GetFullPathNameA
GetCommandLineA
GetVersionExA

user32

CreateWindowExA
TranslateMessage
DispatchMessageA
GetWindowInfo
SendMessageA
GetMessageA

tier0_s

Warning
?Unlock@CThreadMutex@@QAEXXZ
?Lock@CThreadMutex@@QAEXXZ
?Set@CThreadLocalBase@@QAEXPAX@Z
?Get@CThreadLocalBase@@QBEPAXXZ
??0CThreadLocalBase@@QAE@XZ
??1CThreadMutex@@QAE@XZ
??0CThreadMutex@@QAE@XZ
??1CThreadLocalBase@@QAE@XZ
Error
?Pop@CValidator@@QAEXXZ
?ClaimMemory@CValidator@@QAEXPAX@Z
MemAllocScratch
_DMsg
Plat_GetCommandLine
WriteMiniDump
Plat_IsInDebugSession
_ExitOnFatalAssert
DoNewAssertDialog
ShouldUseNewAssertDialog
CallFlushLogFunc
_SpewMessage
_SpewInfo
SetInAssert
IsInAssert
Msg
MemFreeScratch
AssertValidStringPtr
_AssertValidWritePtr
_AssertValidReadPtr
?Push@CValidator@@QAEXPBDPAX0@Z
g_pMemAlloc

Exports

Exports

??0CCommandLineParam@@QAE@PBD0@Z
??0CGaussianRandomStream@@QAE@PAVIUniformRandomStream@@@Z
??0CMemTree@@QAE@PAVCValObject@@H@Z
??0CUniformRandomStream@@QAE@ABV0@@Z
??0CUniformRandomStream@@QAE@XZ
??1CMemTree@@QAE@XZ
??4CCommandLineParam@@QAEAAV0@ABV0@@Z
??4CGaussianRandomStream@@QAEAAV0@ABV0@@Z
??4CMemTree@@QAEAAV0@ABV0@@Z
??4CUniformRandomStream@@QAEAAV0@ABV0@@Z
??_7CUniformRandomStream@@6B@
??_FCGaussianRandomStream@@QAEXXZ
?AttachToStream@CGaussianRandomStream@@QAEXPAVIUniformRandomStream@@@Z
?GenerateRandomNumber@CUniformRandomStream@@AAEHXZ
?GetHParam@CCommandLineParam@@QAEHXZ
?Q_stristr@@YAPBDPBD0@Z
?RandomFloat@CGaussianRandomStream@@QAEMMM@Z
?RandomFloat@CUniformRandomStream@@UAEMMM@Z
?RandomInt@CUniformRandomStream@@UAEHHH@Z
?SetSeed@CUniformRandomStream@@UAEXH@Z
CommandLine
Coroutine_Cancel
Coroutine_Continue
Coroutine_Create
Coroutine_DebugBreak
Coroutine_GetCurrentlyActive
Coroutine_IsActive
Coroutine_ReleaseThreadMemory
Coroutine_Test
Coroutine_ValidateGlobals
Coroutine_YieldToMain
CreateInterface
InstallUniformRandomStream
KeyValuesSystem
Q_AppendSlash
Q_ComposeFileName
Q_DefaultExtension
Q_ExtractFileExtension
Q_ExtractFilePath
Q_FileBase
Q_FixSlashes
Q_GetFileExtension
Q_IsAbsolutePath
Q_MakeAbsolutePath
Q_RemoveDotSlashes
Q_SetExtension
Q_SplitString
Q_SplitString2
Q_StrLeft
Q_StrRight
Q_StrSlice
Q_StrSubst
Q_StripExtension
Q_StripFilename
Q_StripLastDir
Q_StripTrailingSlash
Q_UTF8ToUnicode
Q_UnicodeToUTF8
Q_UnqualifiedFileName
Q_atof
Q_atoi
Q_binarytohex
Q_hextobinary
Q_pretifymem
Q_pretifynum
Q_snprintf
Q_strcasecmp
Q_strcat
Q_stristr
Q_strncasecmp
Q_strncat
Q_strncmp
Q_strncpy
Q_strnicmp
Q_strnlwr
Q_vsnprintf
Q_wcsncpy
RandomFloat
RandomGaussianFloat
RandomInt
RandomSeed
VStdLib_GetICVarFactory
_Q_memcmp
_Q_memcpy
_Q_memmove
_Q_memset
_Q_strcmp
_Q_stricmp
_Q_strlen
_Q_strlower
_Q_strrchr
_Q_strstr
_Q_strupr
_Q_wcscmp
_Q_wcslen

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Silent Aim/klaxer.cfg
Silent Aim/userconfig.cfg

Sharing

General

Malware Config

Signatures

Files

69dec0a005b888f952049f682ee5da7a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 33KB

.reloc Size: 4KB - Virtual size: 3KB

69dec0a005b888f952049f682ee5da7a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 33KB

.reloc Size: 4KB - Virtual size: 3KB

25b1b5783161b423f0b9e229a87ccbe1

Headers

File Characteristics

Imports

comctl32

kernel32

user32

tier0_s

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 16KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 33KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 33KB

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 16KB

.reloc
Size: 16KB - Virtual size: 13KB