Static task
static1
General
-
Target
NohBoard-v0.17b.zip
-
Size
80KB
-
MD5
4032055e7c6a9b1763ba1c0f6e9e9e52
-
SHA1
a319f898a60fff6a78fb9c4b834e1d2b72492133
-
SHA256
9b2dd33291329ad1e148e328e10d23f4ea8b7f342feb37317206fc737af0750f
-
SHA512
31de080f1eeecb0ab912c1e9c9108dcee38300d11200df0e1b4c1e877bbe807fdd0ca373ab24b747f4f31782016b298be332fd91412e50295b7b787b608962c1
-
SSDEEP
1536:kMbd0QI6mJkOFy383PJ6BPik427nSXBSV4TV41b2gZnpt5PjB8OorNxpUfHwe:kMbdky2PJ6BvCN+b2gzl8NUfQe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/NohBoard/NohBoard.exe
Files
-
NohBoard-v0.17b.zip.zip
-
NohBoard/NohBoard.exe.exe windows x86
de4417fd5bf5f0e06f8066461e28dcb1
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LeaveCriticalSection
Wow64RevertWow64FsRedirection
EnterCriticalSection
FindClose
FindNextFileW
DeleteCriticalSection
WinExec
CreateThread
GetModuleFileNameW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
Wow64DisableWow64FsRedirection
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
IsProcessorFeaturePresent
Sleep
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
GetTickCount
FindFirstFileW
user32
TranslateMessage
wsprintfW
CallNextHookEx
LoadCursorW
GetParent
DialogBoxParamW
SetForegroundWindow
GetKeyState
IsIconic
TrackPopupMenu
PostQuitMessage
GetMessageW
GetWindowRect
GetWindowTextW
GetWindowTextLengthW
LoadIconW
GetWindowLongW
AppendMenuW
RedrawWindow
GetSysColor
SetWindowPos
GetCursorPos
ShowWindow
CreatePopupMenu
GetSysColorBrush
CreateWindowExW
SetWindowsHookExW
UnhookWindowsHookEx
MessageBoxW
SendMessageW
DestroyMenu
SetWindowTextW
DefWindowProcW
DispatchMessageW
PeekMessageW
GetDlgItem
EndDialog
RegisterClassExW
gdi32
SetBkColor
SetTextColor
comdlg32
ChooseColorW
msvcp100
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?_Xinvalid_argument@std@@YAXPBD@Z
_Stolx
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??Bid@locale@std@@QAEIXZ
?_Incref@facet@locale@std@@QAEXXZ
?_BADOFF@std@@3_JB
?id@?$codecvt@_WDH@std@@2V0locale@2@A
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPBD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?good@ios_base@std@@QBE_NXZ
??Bios_base@std@@QBEPAXXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@_WDH@std@@QBEHAAHPAD1AAPAD@Z
?out@?$codecvt@_WDH@std@@QBEHAAHPB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
msvcr100
?terminate@@YAXXZ
_CIatan
_CIsqrt
_CIcos
memset
memcpy
_CxxThrowException
_controlfp_s
_invoke_watson
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
fputwc
_unlock_file
ungetwc
ungetc
fgetpos
_fseeki64
fflush
fgetc
fsetpos
_vswprintf_c_l
setvbuf
_lock_file
??3@YAXPAX@Z
fgetwc
memcpy_s
fwrite
fclose
??2@YAPAXI@Z
wcstol
clock
isdigit
wctob
__CxxFrameHandler3
_ismbblead
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_CIsin
d3d9
Direct3DCreate9Ex
d3dx9_43
D3DXCreateFontW
Sections
.text Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NohBoard/arrows.kb
-
NohBoard/arrows_numpad.kb
-
NohBoard/azerty.kb
-
NohBoard/azerty_basic.kb
-
NohBoard/azerty_nonum.kb
-
NohBoard/azerty_sc2.kb
-
NohBoard/de.kb
-
NohBoard/de_basic.kb
-
NohBoard/de_en_nonum.kb
-
NohBoard/de_nonum.kb
-
NohBoard/game_dota.kb
-
NohBoard/game_fps1.kb
-
NohBoard/game_fps1_mm.kb
-
NohBoard/game_fps2.kb
-
NohBoard/game_isaac.kb
-
NohBoard/game_keys1.kb
-
NohBoard/game_worms.kb
-
NohBoard/mouseAll.kb
-
NohBoard/mouseMovement.kb
-
NohBoard/numpad.kb
-
NohBoard/scandi.kb
-
NohBoard/scandi_basic.kb
-
NohBoard/scandi_nonum .kb
-
NohBoard/us_intl.kb
-
NohBoard/us_intl_basic.kb
-
NohBoard/us_intl_basicmouse.kb
-
NohBoard/us_intl_basicmousemove.kb
-
NohBoard/us_intl_fpsgame.kb
-
NohBoard/us_intl_fpsgame2.kb
-
NohBoard/us_intl_jc2.kb
-
NohBoard/us_intl_nonum.kb
-
NohBoard/us_intl_sc2.kb
-
NohBoard/us_intl_surfandbhop.kb
-
NohBoard/wsadmouse.kb