daphne[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

daphne.exe
Size

624KB
MD5

6ce0f5cbc6d356ad6ce8f9c780e41698
SHA1

174ea49cc54fc2bb8bf5ca94e22ab6bf3fa0564e
SHA256

5ebddfb3647bf0a120b78f0d74fa6c589db74e00dcd13804133c9c92d06b04b5
SHA512

bcad80a058dab953a5be56ae98a82086ba1d9a9071b2e84e65842edbee419b1cc31b97bd8398421284442deb2a9f555bec82e8be3b5ce54876b36a309e38ffaf
SSDEEP

12288:XQvpZtU190Ajtl8i17YPUhd9zTiEF/dj+cCfMLlAK:XitU16Gv8i17YPUH9zGKfCfMLG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daphne.exe

Files

daphne.exe
.exe windows x86

d674b9c58cfa3460e509517272925b4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

closesocket
WSAStartup
gethostbyname
socket
inet_addr
htons
connect
send

sdl

SDL_Quit
SDL_DisplayFormat
SDL_Delay
SDL_GetVideoInfo
SDL_ShowCursor
SDL_GL_SetAttribute
SDL_WM_SetCaption
SDL_SaveBMP_RW
SDL_UpdateRects
SDL_Flip
SDL_LoadBMP_RW
SDL_SetModuleHandle
SDL_SetColorKey
SDL_UpperBlit
SDL_SetColors
SDL_BuildAudioCVT
SDL_ConvertAudio
SDL_OpenAudio
SDL_GetError
SDL_RWFromFile
SDL_LoadWAV_RW
SDL_CloseAudio
SDL_LockAudio
SDL_UnlockAudio
SDL_FreeWAV
SDL_MapRGB
SDL_DisplayYUVOverlay
SDL_GL_SwapBuffers
SDL_DestroyMutex
SDL_mutexP
SDL_mutexV
SDL_CreateMutex
SDL_InitSubSystem
SDL_NumJoysticks
SDL_JoystickOpen
SDL_QuitSubSystem
SDL_EventState
SDL_EnableUNICODE
SDL_PollEvent
SDL_PauseAudio
SDL_LockYUVOverlay
SDL_UnlockYUVOverlay
SDL_SetVideoMode
SDL_CreateYUVOverlay
SDL_FreeYUVOverlay
SDL_FreeSurface
SDL_CreateRGBSurface
SDL_FillRect
SDL_GetTicks
SDL_Init

vorbisfile

ov_open_callbacks
ov_info
ov_read
ov_seekable
ov_pcm_seek
ov_clear

zlib

ord3
ord12
ord18
ord35
ord16
ord19
ord20
ord21
ord17

opengl32

glGenTextures
glScalef
glPushMatrix
glEnable
glFrontFace
glCullFace
glDisable
glBlendFunc
glClearColor
glViewport
glMatrixMode
glLoadIdentity
glOrtho
glPixelStorei
glRotatef
glPopMatrix
glTexParameteri
glTexEnvi
glTexImage1D
glClear
glTexCoord2f
glVertex3i
glBindTexture
glBegin
glEnd
glTexImage2D
glTranslatef
glTexCoord2i
glReadPixels

glew32

__glewCreateProgram
__glewAttachShader
__glewLinkProgram
__glewGetProgramiv
__glewGetShaderiv
__glewGetShaderInfoLog
__glewUseProgram
__glewActiveTexture
__glewUniform1i
__glewGetUniformLocation
__glewCompileShader
__glewShaderSource
__glewCreateShader
glewIsSupported
glewInit
__glewGetProgramInfoLog

kernel32

GetLastError
GetStartupInfoA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateDirectoryA
ReadFile
WriteFile
SetFilePointer
CloseHandle
GetFileTime
GetFileSize
CreateFileA
SystemTimeToFileTime
GetSystemTime
Sleep
GlobalMemoryStatus
GetVersionExA
SetCommState
SetCommTimeouts
GetOverlappedResult
WaitForSingleObject
CreateEventA
GetEnvironmentVariableA
SetEnvironmentVariableA
DefineDosDeviceA
DeviceIoControl
GetModuleHandleA

user32

GetKeyState
MessageBoxA

msvcp71

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?_Nomemory@std@@YAXXZ
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIPBD@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IIABV12@@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

msvcr71

__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_except_handler3
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
_callnewh
getenv
sscanf
calloc
vsprintf
abort
_stricmp
_unlink
_putenv
strrchr
_chdir
__CxxFrameHandler
memcpy
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_snprintf
exit
??3@YAXPAX@Z
fprintf
_iob
sprintf
??1exception@@UAE@XZ
??0exception@@QAE@XZ
memmove
printf
_CIpow
??_V@YAXPAX@Z
__RTDynamicCast
strncmp
strncpy
strtol
atoi
fgetc
_purecall
free
malloc
fwrite
rand
srand
fread
fclose
fopen
toupper
remove
setbuf
setvbuf
freopen
_getcwd
_pctype
__mb_cur_max
_isctype
_amsg_exit

Sections

.text
Size: 480KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d674b9c58cfa3460e509517272925b4e

Headers

File Characteristics

Imports

ws2_32

sdl

vorbisfile

zlib

opengl32

glew32

kernel32

user32

msvcp71

msvcr71

Sections

.text Size: 480KB - Virtual size: 478KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 52KB - Virtual size: 197KB

.rsrc Size: 4KB - Virtual size: 848B

.text
Size: 480KB - Virtual size: 478KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 52KB - Virtual size: 197KB

.rsrc
Size: 4KB - Virtual size: 848B