Game[.]exe | Triage

Resubmissions

01/07/2023, 17:04

230701-vlbmpshb49 6

01/07/2023, 17:03

230701-vkryasac6y 3

Sharing

Copy URL Twitter E-mail

General

Target

Game.exe
Size

3.5MB
MD5

14e087b81ab2befd8db2e0a98e2731aa
SHA1

c22c909adcab11fd1dbceb791a6b41d9d1ee65ad
SHA256

b692e1657bc5c767abe045b2cf7545d2f639f00284c449ca5c85ce651ca040b3
SHA512

0b6ce54053095ead28c35c150fd9c9ab229ac1431a4f8d81da81c1c5272f4939f14522fe9b3a28454d8744e3d2a675785ffe308c20718122ee8bce2ecfdfeb04
SSDEEP

98304:H7VVjPRUrF1BQJoZ7UgSw8dnDLuwFuzhnqfLB:H7VVjPRUrF1BQJk7CwGDLujzhnqDB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Game.exe

Files

Game.exe
.exe windows x86

02f1a7da494098948ce8ee494a74fbb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryA

kernel32

GlobalUnlock
GlobalLock
DeleteFileA
CopyFileA
RemoveDirectoryA
CreateDirectoryA
CloseHandle
Sleep
GetExitCodeThread
GetDiskFreeSpaceExA
lstrlenA
CreateFileA
GlobalAlloc
WriteFile
FlushFileBuffers
InitializeCriticalSection
DeleteCriticalSection
RaiseException
GetFileAttributesA
lstrcpyA
GetModuleFileNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetTickCount
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetModuleFileNameW
LoadLibraryW
ReleaseSemaphore
CreateSemaphoreA
lstrcpynW
MulDiv
lstrcmpW
GetThreadPriority
WaitForMultipleObjects
GetProcAddress
FreeLibrary
GetLastError
SetStdHandle
lstrlenW
GetFileSize
GetTempFileNameA
DeleteFileW
SuspendThread
GetProcessHeap
lstrcpyW
RtlUnwind
ExitProcess
HeapFree
GetSystemTimeAsFileTime
HeapAlloc
GetModuleHandleA
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
ExitThread
GetCurrentThreadId
CreateThread
GetStartupInfoA
GetCommandLineA
TlsAlloc
SetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetOEMCP
GetCPInfo
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetTimeZoneInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualQuery
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
LoadLibraryA
CreateFileW
VirtualProtect
GetSystemInfo
SetEndOfFile
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
ResetEvent
WaitForSingleObject
CreateEventA
SetEvent
lstrcatA
GetTempPathA
GlobalSize
GlobalFree
lstrcmpA
FileTimeToSystemTime
FileTimeToLocalFileTime
QueryPerformanceFrequency
GlobalMemoryStatus
OutputDebugStringA
GetLocalTime
ResumeThread
SetThreadPriority

user32

SendDlgItemMessageA
UnregisterClassA
GetDC
ReleaseDC
CharNextA
GetSystemMetrics
IsClipboardFormatAvailable
SetMenu
SetWindowTextA
SetClassLongA
LoadIconA
SetWindowsHookExA
SystemParametersInfoA
UpdateWindow
ClipCursor
SetWindowRgn
SendMessageA
GetMenuItemInfoA
GetMenuItemCount
PostMessageA
ShowCursor
GetCursorPos
SetCursorPos
GetClientRect
UnhookWindowsHookEx
ChangeDisplaySettingsA
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
SetActiveWindow
AdjustWindowRectEx
SetWindowLongA
ClientToScreen
DrawMenuBar
MoveWindow
DefWindowProcA
SetCursor
PostQuitMessage
EndPaint
FillRect
BeginPaint
CreateWindowExA
DestroyMenu
BringWindowToTop
RegisterClassExA
LoadCursorA
GetWindowLongA
FindWindowA
GetKeyboardState
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
IsDialogMessageA
PeekMessageA
GetDesktopWindow
EnumDisplaySettingsA
SetTimer
KillTimer
PostThreadMessageA
GetQueueStatus
RegisterWindowMessageA
MsgWaitForMultipleObjects
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBoxA
DestroyWindow
GetDlgItem
GetScrollPos
CreateDialogParamA
GetWindowRect
SetWindowPos
SetFocus
ShowWindow

gdi32

StretchDIBits
AddFontResourceExA
RemoveFontResourceExA
DeleteObject
GetObjectA
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
GetStockObject
CreateSolidBrush
GetGlyphOutlineA
GetTextMetricsA
EnumFontFamiliesExA
CreateFontA
SetDIBitsToDevice
GetDeviceCaps

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteA

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

02f1a7da494098948ce8ee494a74fbb7

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

shell32

wininet

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 340KB - Virtual size: 336KB

.data Size: 288KB - Virtual size: 8.9MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 340KB - Virtual size: 336KB

.data
Size: 288KB - Virtual size: 8.9MB

.rsrc
Size: 8KB - Virtual size: 5KB