Static task
static1
General
-
Target
Bully.exe
-
Size
7.8MB
-
MD5
ceef8f13211fa8676994856540dfbccb
-
SHA1
3b0491fa5f117402747031683c1323c95956b2f7
-
SHA256
bd6e757dba71f04539f0c3a66dd216f40450456f0012becd2e14848dd3ec174e
-
SHA512
ecf56aca2ea735d7b8ae6523ef635f1a29403bbef5075b9f2d2e393389ba3a7d84010e9d231dacefeaec9447155a1cd985a883ebdeba0ae497958175ed5b9a62
-
SSDEEP
196608:7gS4ys4CJASPUSR+8yA7mzud8+mSUTDuX:7GASPUSR+8n7mzuAS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Bully.exe
Files
-
Bully.exe.exe windows x86
8ed1f4cde4daa35c8467aca0d08bbb25
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ddraw
DirectDrawCreateEx
xinput1_3
ord4
ord3
ord2
kernel32
GlobalMemoryStatus
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
ReleaseMutex
CloseHandle
SuspendThread
ResumeThread
DebugBreak
GetLastError
CreateFileA
SetFilePointer
ReadFile
WriteFile
MultiByteToWideChar
GetTickCount
GetModuleFileNameA
GetLocalTime
InitializeCriticalSection
DeleteCriticalSection
CreateEventA
GetOverlappedResult
DeleteFileA
GetFileSize
LocalFree
ReleaseSemaphore
WaitForMultipleObjects
SetLastError
SetThreadPriority
CreateThread
CreateMutexA
LocalAlloc
CreateSemaphoreA
FreeLibrary
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
GetFileAttributesA
FindFirstFileA
CreateDirectoryA
GetCommandLineA
GetSystemInfo
GetVersionExA
lstrlenA
WideCharToMultiByte
OutputDebugStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetCurrentDirectoryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
VirtualQuery
HeapCreate
HeapDestroy
VirtualAlloc
VirtualFree
GetModuleHandleA
Sleep
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedExchange
HeapSize
GetFileType
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapReAlloc
GetFullPathNameA
GetDriveTypeA
GetStartupInfoA
GetProcessHeap
HeapFree
HeapAlloc
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
user32
ChangeDisplaySettingsA
TranslateMessage
DispatchMessageA
PeekMessageA
GetMonitorInfoA
MoveWindow
ShowWindow
SetWindowPos
GetClientRect
SystemParametersInfoA
MessageBoxW
mouse_event
LoadIconA
MessageBoxA
ShowCursor
PostQuitMessage
DefWindowProcA
PostMessageA
GetCursorPos
LoadCursorA
RegisterClassA
TranslateAcceleratorA
GetWindowRect
IsWindow
SendMessageA
SetWindowTextA
CreateWindowExA
AdjustWindowRect
wsprintfW
DestroyWindow
SendDlgItemMessageA
CheckDlgButton
ScreenToClient
GetWindowLongA
DialogBoxIndirectParamA
EndDialog
UpdateWindow
gdi32
GetStockObject
advapi32
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegCreateKeyExA
RegCloseKey
shell32
SHGetFolderPathA
ole32
CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoInitialize
CoUninitialize
oleaut32
SysAllocString
SysFreeString
d3dx9_38
D3DXAssembleShader
D3DXAssembleShaderFromFileA
D3DXCompileShaderFromFileA
D3DXGetShaderConstantTable
D3DXGetImageInfoFromFileInMemory
D3DXCreateTextureFromFileInMemory
D3DXCreateEffectCompiler
D3DXVec3Normalize
D3DXVec4Transform
D3DXMatrixReflect
D3DXCreateTexture
D3DXLoadSurfaceFromSurface
D3DXMatrixMultiply
D3DXCreateEffect
D3DXMatrixTranspose
D3DXCompileShader
D3DXGetShaderInputSemantics
D3DXCreateTextureFromFileExA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateCubeTextureFromFileExA
D3DXMatrixInverse
D3DXGetShaderVersion
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemory
D3DXGetVertexShaderProfile
D3DXGetPixelShaderProfile
D3DXCreateBuffer
D3DXSaveSurfaceToFileA
vcomp
_vcomp_for_static_simple_init
_vcomp_fork
_vcomp_for_static_end
comctl32
InitCommonControlsEx
dinput8
DirectInput8Create
Sections
.text Size: 5.0MB - Virtual size: 5.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 800KB - Virtual size: 798KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2.0MB - Virtual size: 23.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ