b02a013e49a377e4b1645b4870db9fde2803f32554e1a52ed42171194ef303f0

Sharing

Copy URL Twitter E-mail

General

Target

b02a013e49a377e4b1645b4870db9fde2803f32554e1a52ed42171194ef303f0
Size

1.2MB
MD5

4996fcc3eb511314f6b08cf3feaf01c7
SHA1

4541d3a533e8075b103f4c36f6bd0619e7d2ad76
SHA256

b02a013e49a377e4b1645b4870db9fde2803f32554e1a52ed42171194ef303f0
SHA512

45ff77088c2819f017a3011b2a3689e679873d2ac15a17b1b94140ae6e07cd1c1da73277ccbdfdaa78c85aed31b5bfe09dae965dc453046581a74e83661e75e2
SSDEEP

12288:HZGcloHdSb2UB1EKa89scD3NKPIX4EMcZFcyz9:5GcUvKaOD3sEMrG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b02a013e49a377e4b1645b4870db9fde2803f32554e1a52ed42171194ef303f0

Files

b02a013e49a377e4b1645b4870db9fde2803f32554e1a52ed42171194ef303f0
.exe windows x86

efaec46aca13cc9bc9f60d55c8a707dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetLastError
Sleep
FreeLibrary
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
CloseHandle
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
AttachConsole
FreeConsole
OutputDebugStringA
SetThreadExecutionState
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
FormatMessageW
LoadLibraryA
GetProcAddress
GetModuleHandleW
VerSetConditionMask

user32

GetKeyState
GetWindowRect
GetCursorPos
GetDesktopWindow
MessageBoxA
SendMessageW
SetWindowPos
GetWindowLongW
SetWindowLongW
LoadIconW
MapVirtualKeyW
GetRawInputDeviceList
GetRawInputDeviceInfoA
RegisterRawInputDevices
GetRawInputData
MonitorFromWindow
LoadImageW
DestroyIcon
LoadCursorW
ToUnicode
ShowWindow
DestroyWindow
CreateWindowExW
UnregisterDeviceNotification
RegisterDeviceNotificationW
PeekMessageW
DispatchMessageW
TranslateMessage
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplayDevicesW
GetMonitorInfoW
EnumDisplayMonitors
TrackMouseEvent
GetMessageTime
DefWindowProcW
UnregisterClassW
RegisterClassExW
SetLayeredWindowAttributes
PtInRect
SetCapture
ReleaseCapture
RedrawWindow
GetPropW
RemovePropW
SetRect
ClipCursor
WindowFromPoint
ScreenToClient
GetClientRect
ClientToScreen
AdjustWindowRectEx
SetCursorPos
SetCursor
SystemParametersInfoW

gdi32

DeleteObject
CreateRectRgn
DeleteDC
GetDeviceCaps
CreateDCW
SetDeviceGammaRamp

dwmapi

DwmEnableBlurBehindWindow

sfml-graphics-2

??1CircleShape@sf@@UAE@XZ
??0ConvexShape@sf@@QAE@I@Z
?setPoint@ConvexShape@sf@@QAEXIABV?$Vector2@M@2@@Z
??1ConvexShape@sf@@UAE@XZ
?draw@RenderTarget@sf@@QAEXABVDrawable@2@ABVRenderStates@2@@Z
?Default@RenderStates@sf@@2V12@B
?setSmooth@Texture@sf@@QAEX_N@Z
??0Font@sf@@QAE@XZ
??1Font@sf@@QAE@XZ
?loadFromFile@Font@sf@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?clear@RenderTarget@sf@@QAEXABVColor@2@@Z
?getSize@RenderWindow@sf@@UBE?AV?$Vector2@I@2@XZ
??0Text@sf@@QAE@ABVString@1@ABVFont@1@I@Z
?setCharacterSize@Text@sf@@QAEXI@Z
?setFillColor@Text@sf@@QAEXABVColor@2@@Z
??1Text@sf@@UAE@XZ
??0Texture@sf@@QAE@XZ
??1Texture@sf@@QAE@XZ
?loadFromFile@Texture@sf@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$Rect@H@2@@Z
??0RenderWindow@sf@@QAE@XZ
??0CircleShape@sf@@QAE@MI@Z
??1RenderWindow@sf@@UAE@XZ
??0Sprite@sf@@QAE@XZ
?setTexture@Sprite@sf@@QAEXABVTexture@2@_N@Z
?setFillColor@Shape@sf@@QAEXABVColor@2@@Z
?setTexture@Shape@sf@@QAEXPBVTexture@2@_N@Z
??1VertexArray@sf@@UAE@XZ
??AVertexArray@sf@@QAEAAVVertex@1@I@Z
??0VertexArray@sf@@QAE@W4PrimitiveType@1@I@Z
??0Color@sf@@QAE@EEEE@Z
?setScale@Transformable@sf@@QAEXMM@Z
?setPosition@Transformable@sf@@QAEXMM@Z
?setRadius@CircleShape@sf@@QAEXM@Z
??1Sprite@sf@@UAE@XZ

sfml-window-2

?setFramerateLimit@Window@sf@@QAEXI@Z
?isButtonPressed@Mouse@sf@@SA_NW4Button@12@@Z
?isKeyPressed@Keyboard@sf@@SA_NW4Key@12@@Z
?pollEvent@Window@sf@@QAE_NAAVEvent@2@@Z
?close@Window@sf@@QAEXXZ
?getPosition@Mouse@sf@@SA?AV?$Vector2@H@2@XZ
?setSize@Window@sf@@QAEXABV?$Vector2@I@2@@Z
?display@Window@sf@@QAEXXZ
?setPosition@Window@sf@@QAEXABV?$Vector2@H@2@@Z
?getPosition@Window@sf@@QBE?AV?$Vector2@H@2@XZ
?create@Window@sf@@QAEXVVideoMode@2@ABVString@2@IABUContextSettings@2@@Z
?getSystemHandle@Window@sf@@QBEPAUHWND__@@XZ
?isOpen@Window@sf@@QBE_NXZ
??0VideoMode@sf@@QAE@III@Z

sfml-system-2

??0String@sf@@QAE@PB_W@Z
?seconds@sf@@YA?AVTime@1@M@Z
??1String@sf@@QAE@XZ
??0String@sf@@QAE@PBDABVlocale@std@@@Z
?getElapsedTime@Clock@sf@@QBE?AVTime@2@XZ
??0Clock@sf@@QAE@XZ
??Msf@@YA_NVTime@0@0@Z
??0Time@sf@@QAE@XZ
?restart@Clock@sf@@QAE?AVTime@2@XZ

sfml-audio-2

??1Sound@sf@@UAE@XZ
??0SoundBuffer@sf@@QAE@XZ
??0Sound@sf@@QAE@XZ
??1SoundBuffer@sf@@QAE@XZ
?setBuffer@Sound@sf@@QAEXABVSoundBuffer@2@@Z
?play@Sound@sf@@UAEXXZ
?loadFromFile@SoundBuffer@sf@@QAE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

opengl32

glDrawElements
glIsEnabled
glTexParameterf
glGetBooleanv
wglGetProcAddress
glColorMask
glFrontFace
glGetIntegerv
glTexImage2D
glDisable
glBindTexture
glViewport
glTexParameteri
glEnable
glClearColor
glClear
glBlendFunc
glGenTextures
wglGetCurrentDC
glGetString

msvcp140

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Xout_of_range@std@@YAXPBD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

vcruntime140

_except_handler4_common
_purecall
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memcpy
memmove
__std_terminate
__RTDynamicCast
memset
__current_exception_context
memchr
__current_exception
strstr

api-ms-win-crt-runtime-l1-1-0

exit
_configure_narrow_argv
_initialize_narrow_environment
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_register_onexit_function
_controlfp_s
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
_c_exit
terminate
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
free
malloc
_set_new_mode
realloc

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-stdio-l1-1-0

fclose
_set_fmode
fflush
fgetc
fgetpos
fputc
fread
fsetpos
_fseeki64
fwrite
ungetc
__p__commode
__stdio_common_vsnprintf_s
__acrt_iob_func
setvbuf
__stdio_common_vsscanf
__stdio_common_vfprintf
_get_stream_buffer_pointers
__stdio_common_vsprintf
freopen

api-ms-win-crt-filesystem-l1-1-0

_stat64i32
_lock_file
_unlock_file

api-ms-win-crt-math-l1-1-0

__setusermatherr
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
floor
_isnan
_finite
modf
_libm_sse2_sin_precise
_CIatan2
_libm_sse2_pow_precise
hypot

api-ms-win-crt-locale-l1-1-0

localeconv
_configthreadlocale

api-ms-win-crt-convert-l1-1-0

strtoul
strtof

api-ms-win-crt-string-l1-1-0

strncpy
strspn
strncmp
strcspn

shell32

DragQueryPoint
DragFinish
DragQueryFileW

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 529KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efaec46aca13cc9bc9f60d55c8a707dd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

dwmapi

sfml-graphics-2

sfml-window-2

sfml-system-2

sfml-audio-2

opengl32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

shell32

Sections

.text Size: 349KB - Virtual size: 349KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 16KB - Virtual size: 188KB

.rsrc Size: 529KB - Virtual size: 528KB

.reloc Size: 36KB - Virtual size: 36KB

.text
Size: 349KB - Virtual size: 349KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 16KB - Virtual size: 188KB

.rsrc
Size: 529KB - Virtual size: 528KB

.reloc
Size: 36KB - Virtual size: 36KB