Static task
static1
General
-
Target
Diablo2.exe
-
Size
131.9MB
-
MD5
9ae5033551a078937cd5d1f388cd8438
-
SHA1
f7aa7f76b9f4c7584d4980cb32a7de97394a3f05
-
SHA256
89352716523e474514553e2092a1ae9349c5c7ff9e79c7861dd65fe19be88b61
-
SHA512
f7f8d0d93c645ca1a15ba23cf871d2441f1af5ab36fef5e881658088aa1b63cae5d214472294014a8ee8c2374436160a917f493084d693f5c2e709d08281e0b8
-
SSDEEP
3145728:xEEozwHNAbKZmyXojgvRuCFiBKtJUAg9050tsRhaZvWXQObXbf1k1VcO:x6zwHNAbKZ3XAgvs8iBKtJUH940tsRh0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Diablo2.exe
Files
-
Diablo2.exe.exe windows x86
d2a02ec4b49ba804949c1c0ab3f76bb2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
winmm
PlaySoundA
kernel32
GetTempFileNameA
GetUserDefaultLCID
GetTickCount
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
MoveFileA
SetFilePointer
lstrcpynA
WritePrivateProfileStringA
GetShortPathNameA
MoveFileExA
GetDiskFreeSpaceA
GetSystemInfo
GetDriveTypeA
WideCharToMultiByte
CreateEventA
GetCommandLineA
OpenEventA
SetErrorMode
GetModuleFileNameA
GetWindowsDirectoryA
TlsSetValue
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
InterlockedDecrement
TlsGetValue
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
IsBadReadPtr
GetCurrentThread
ReadProcessMemory
IsBadWritePtr
SetEndOfFile
GetFullPathNameA
VirtualFree
VirtualUnlock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
VirtualLock
VirtualAlloc
ExpandEnvironmentStringsA
GetCurrentProcess
GetVersionExA
GetModuleHandleA
GetLocalTime
MultiByteToWideChar
WaitForSingleObject
CreateProcessA
GetFileSize
ReadFile
WriteFile
FlushFileBuffers
GetFileAttributesA
CreateFileA
CloseHandle
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrcpyA
RaiseException
GetOEMCP
GetACP
IsBadCodePtr
GetStringTypeW
GetStringTypeA
GetCPInfo
SetStdHandle
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
FindFirstFileA
GetLastError
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
ExitThread
ResumeThread
GetStartupInfoA
GetVolumeInformationA
CreateThread
RtlUnwind
SetEvent
SetThreadPriority
HeapAlloc
OutputDebugStringA
GetExitCodeProcess
TerminateProcess
GetVersion
FindNextFileA
FindClose
RemoveDirectoryA
CreateDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
lstrcmpA
DeleteFileA
GetEnvironmentVariableA
SetLastError
lstrlenA
GetEnvironmentStringsW
GetCurrentThreadId
GetProcessHeap
FormatMessageA
HeapFree
user32
MessageBoxA
wsprintfA
GetSystemMetrics
DialogBoxParamA
SetDlgItemTextA
wvsprintfA
WaitForInputIdle
EndDialog
SetTimer
ShowWindow
KillTimer
LoadStringA
SetWindowLongA
GetDlgItem
SetWindowTextA
GetWindowRect
RegisterWindowMessageA
SetWindowPos
MoveWindow
SetClassLongA
SetForegroundWindow
WaitMessage
FindWindowA
GetActiveWindow
BringWindowToTop
DefWindowProcA
RegisterClassExA
PostQuitMessage
LoadIconA
ReleaseDC
AdjustWindowRect
CreateWindowExA
EnableWindow
GetWindowTextA
SetActiveWindow
SetCapture
GetDC
SetCursor
ReleaseCapture
GetParent
GetAsyncKeyState
SendMessageA
GetDlgItemTextA
SetFocus
MessageBeep
CallWindowProcA
InvalidateRect
PeekMessageA
TranslateMessage
DispatchMessageA
ShowCursor
DestroyWindow
PostMessageA
ExitWindowsEx
EndPaint
LoadImageA
IsWindowVisible
IsWindow
RegisterClassA
CreateCursor
GetForegroundWindow
DestroyCursor
GetDesktopWindow
GetWindowLongA
IsIconic
LoadCursorA
BeginPaint
gdi32
GetStockObject
GetDeviceCaps
BitBlt
GetSystemPaletteEntries
SetDIBColorTable
SetPaletteEntries
DeleteObject
CreatePalette
RealizePalette
SelectPalette
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteDC
advapi32
AdjustTokenPrivileges
RegQueryInfoKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegEnumKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
shell32
ShellExecuteA
SHGetDesktopFolder
SHGetFileInfoA
FindExecutableA
SHGetSpecialFolderLocation
SHGetMalloc
ole32
CoInitialize
CoCreateInstance
comdlg32
GetSaveFileNameA
Sections
.text Size: 240KB - Virtual size: 239KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 24KB - Virtual size: 16.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ