Static task
static1
General
-
Target
Game.exe
-
Size
2.2MB
-
MD5
ae4f6ff0de55aea4eae27839167b7102
-
SHA1
7666ea65c081d17c43f89bb2bbfed2e65701b614
-
SHA256
ba3068c3236d9b4f85b80edc6da4db6a1dd382061231c26ccc63d7c38ce4c7b0
-
SHA512
e3e0230ca897326bd49a2e75d9867664222b360e561d88c39c28a0fda5f110c492c3588eb03ab2b274e1a898ae2382059cf00c2f28240ae7848599ad98738754
-
SSDEEP
49152:JIMQggYs1Yz595WhshKQ0HTXQH8UpTFd3u5hiX+S5YVvZkF9:JxQraTMuBu5hiOS5YVBkX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Game.exe
Files
-
Game.exe.exe windows x86
05870c58e8397925fd45d3e0a49121f0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetCurrentThreadId
InitializeSListHead
QueryPerformanceFrequency
GetLocalTime
GetTickCount
GetCurrentDirectoryA
CreateDirectoryA
GetModuleHandleA
CreateMutexA
GetLastError
CloseHandle
GetCommandLineW
Sleep
UnhandledExceptionFilter
OutputDebugStringA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
FlushFileBuffers
GetFileAttributesA
GetFileAttributesW
GetFileSize
ReadFile
SetEndOfFile
SetFilePointer
WriteFile
MoveFileA
MoveFileW
MultiByteToWideChar
GetCurrentThread
GetProcAddress
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
WideCharToMultiByte
RaiseException
ExitProcess
SetThreadAffinityMask
GetProcessAffinityMask
GetExitCodeThread
GetThreadPriority
SetThreadPriority
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetSystemInfo
LoadLibraryExA
FreeLibrary
GetSystemTimeAsFileTime
user32
GetWindowRect
LoadCursorA
MessageBoxW
GetSystemMetrics
SendInput
GetWindowInfo
GetCursorPos
wsprintfA
GetClientRect
DestroyWindow
SetWindowPos
MonitorFromRect
GetActiveWindow
ShowWindow
SetWindowLongA
MessageBoxA
GetMonitorInfoA
MoveWindow
AdjustWindowRect
DefWindowProcA
CreateWindowExA
SetCursor
LoadIconA
RegisterClassExA
ShowCursor
GetMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
shell32
SHGetPathFromIDListA
SHGetSpecialFolderLocation
CommandLineToArgvW
msvcp140
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
vcruntime140
__std_exception_copy
longjmp
strchr
_except_handler3
__CxxFrameHandler3
memcmp
memcpy
_setjmp3
memmove
_CxxThrowException
__std_terminate
memset
__vcrt_LoadLibraryExW
_purecall
wcsstr
__vcrt_GetModuleFileNameW
strstr
__std_exception_destroy
_except_handler4_common
api-ms-win-crt-stdio-l1-1-0
fclose
fread
__stdio_common_vsscanf
__stdio_common_vswprintf_s
fwrite
__stdio_common_vswscanf
_set_fmode
__stdio_common_vfprintf
__stdio_common_vsprintf_s
fopen
__acrt_iob_func
__p__commode
__stdio_common_vsprintf
api-ms-win-crt-runtime-l1-1-0
_beginthread
_controlfp_s
_wassert
_register_thread_local_exe_atexit_callback
exit
_invalid_parameter_noinfo_noreturn
terminate
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_get_narrow_winmain_command_line
_c_exit
_beginthreadex
_exit
_seh_filter_exe
_set_app_type
_initterm_e
_initterm
api-ms-win-crt-utility-l1-1-0
srand
qsort
rand
api-ms-win-crt-string-l1-1-0
strcat_s
strlen
strncmp
strncpy
strcmp
wcslen
_stricmp
memcpy_s
strcpy_s
strncat_s
api-ms-win-crt-convert-l1-1-0
wcstombs
_ltoa_s
atoi
api-ms-win-crt-heap-l1-1-0
_aligned_malloc
free
_aligned_free
malloc
_callnewh
calloc
_set_new_mode
api-ms-win-crt-math-l1-1-0
floor
__setusermatherr
_hypotf
tan
cos
sin
log10
modf
fmod
log
fabs
sqrt
_CIatan2
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
pow
exp
atan2
asin
acos
_except1
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
advapi32
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ole32
StringFromIID
CoInitializeEx
CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
oleaut32
SysFreeString
SysAllocString
mfplat
MFCreateSample
MFCreateAlignedMemoryBuffer
MFCreateMediaType
d3d9
Direct3DCreate9Ex
d3dx9_43
D3DXCompileShader
dinput8
DirectInput8Create
winmm
timeBeginPeriod
steam_api
SteamAPI_RegisterCallback
SteamUtils
SteamUserStats
SteamAPI_Shutdown
SteamAPI_Init
SteamAPI_RunCallbacks
SteamAPI_UnregisterCallback
SteamUser
api-ms-win-crt-environment-l1-1-0
getenv
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 266KB - Virtual size: 266KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 41KB - Virtual size: 28.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 76B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 357KB - Virtual size: 356KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 66KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.bind Size: 138KB - Virtual size: 138KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ