Static task
static1
Behavioral task
behavioral1
Sample
WorldsPlayerWin7.exe
Resource
win7-20230220-en
General
-
Target
WorldsPlayerWin7.exe
-
Size
92.5MB
-
MD5
83e524d5ab4d33188d06ee5a9806c60e
-
SHA1
b596cb825414ad11a18fb80c1c34c2da74abc8e3
-
SHA256
a1a35f27b3c6c7df3a935502594125ca031d077d25356146b904b5681f168c13
-
SHA512
ca3b468075f93539cbd53e4f31aa4870b60a428107dda205a9eae612bf527b6af4a13e33a56b13dc7212603afd8c9cb3fc75e42669271021d4b25cef0ed105b0
-
SSDEEP
1572864:54ELQZXzkaAMvcVnFsiTqyWdns67XaAYIip137ryol/EcBAyHEvBXvvGSXtxc8kF:iE64znFs6qnd9Ta/jryk1BAycf+moAC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource WorldsPlayerWin7.exe
Files
-
WorldsPlayerWin7.exe.exe windows x86
cc2b6cd09a8067a34e0696367cbb9491
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
kernel32
GetModuleFileNameA
lstrlenA
lstrcpynA
lstrcmpA
GlobalLock
GlobalUnlock
GlobalFree
GlobalAlloc
GetStringTypeExA
GetSystemTime
FindFirstFileA
FormatMessageA
CreateProcessA
GetExitCodeProcess
ReadFile
GetVersion
FindClose
GetDiskFreeSpaceA
GetModuleHandleA
CreateDirectoryA
GetEnvironmentVariableA
RemoveDirectoryA
LoadLibraryExA
EnumResourceLanguagesA
GetSystemDefaultLangID
GetUserDefaultLangID
GetTempPathA
GetTempFileNameA
FindNextFileA
GetLogicalDriveStringsA
GetDriveTypeA
GetSystemDirectoryA
GetWindowsDirectoryA
GetLocalTime
OpenProcess
TerminateProcess
CreateNamedPipeA
ConnectNamedPipe
SearchPathA
InterlockedIncrement
InterlockedDecrement
IsDBCSLeadByte
lstrlenW
GetShortPathNameA
CreateMutexA
GetCommandLineA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
CopyFileA
HeapDestroy
LocalAlloc
OutputDebugStringA
GetCurrentProcessId
MulDiv
FreeLibrary
HeapSize
DebugBreak
ExitProcess
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
lstrcatA
lstrcpyA
VirtualProtect
lstrcmpiA
HeapReAlloc
GetProcAddress
LoadLibraryA
ResetEvent
FlushFileBuffers
Sleep
WriteFile
MoveFileA
DeleteFileA
GetFileSize
SetFilePointer
CreateFileA
SetEvent
CreateEventA
CreateThread
SetLastError
TerminateThread
GetExitCodeThread
WaitForSingleObject
GetLastError
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
HeapAlloc
GetProcessHeap
FlushInstructionCache
GetCurrentProcess
HeapFree
InitializeCriticalSection
DeleteCriticalSection
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
RaiseException
WideCharToMultiByte
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
MultiByteToWideChar
GetVersionExA
VirtualAlloc
GetSystemInfo
VirtualQuery
GlobalMemoryStatus
RtlUnwind
user32
TranslateMessage
DispatchMessageA
LoadImageA
MsgWaitForMultipleObjects
ScreenToClient
GetSubMenu
LoadMenuA
TrackPopupMenu
ExitWindowsEx
GetDC
GetSystemMetrics
LoadIconA
GetScrollPos
GetScrollRange
ModifyMenuA
DefWindowProcA
CallWindowProcA
RemovePropA
SetPropA
GetDlgCtrlID
MessageBoxA
KillTimer
SetTimer
DestroyMenu
EnableMenuItem
GetSystemMenu
EnableWindow
SetForegroundWindow
CreateDialogParamA
PostMessageA
PeekMessageA
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
InvalidateRect
MessageBeep
ShowWindow
SetDlgItemTextA
CreateWindowExA
DestroyWindow
IsWindowVisible
GetDesktopWindow
wvsprintfA
CharNextA
LoadStringA
SetWindowLongA
EndDialog
DialogBoxParamA
SendMessageA
GetActiveWindow
GetPropA
PostQuitMessage
FindWindowA
GetWindowTextLengthA
GetWindowTextA
SetFocus
RedrawWindow
GetDlgItem
GetWindow
SystemParametersInfoA
GetWindowRect
GetClientRect
MapWindowPoints
CopyRect
ReleaseDC
GetWindowDC
GetForegroundWindow
SetWindowPos
IsWindow
UnregisterClassA
GetParent
SetWindowTextA
GetWindowLongA
gdi32
GetObjectA
CreateFontIndirectA
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetWindowExtEx
GetViewportExtEx
SetMapMode
GetMapMode
GetDeviceCaps
DeleteObject
GetStockObject
DeleteDC
SetBkMode
advapi32
RegCreateKeyA
CloseServiceHandle
UnlockServiceDatabase
StartServiceA
QueryServiceStatus
OpenServiceA
GetUserNameA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
LockServiceDatabase
RegEnumKeyExA
OpenSCManagerA
RegSetValueExA
shell32
SHGetSpecialFolderLocation
SHBrowseForFolderA
ShellExecuteA
ShellExecuteExA
SHGetMalloc
SHGetPathFromIDListA
ole32
CreateILockBytesOnHGlobal
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
oleaut32
VarUI4FromStr
OleLoadPicture
shlwapi
PathFileExistsA
comctl32
PropertySheetA
CreatePropertySheetPageA
DestroyPropertySheetPage
Sections
.text Size: 178KB - Virtual size: 177KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 53KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ