Static task
static1
General
-
Target
g2.exe
-
Size
4.0MB
-
MD5
ce943ccc1d8886044bc84dc6d43b1984
-
SHA1
5693179cada1cf8ca5b7a97b482f2468c43468f6
-
SHA256
b76b8e6a9dcd459c70ccf1ed6bfca9fc765ad62f5d3f953534dffccff42029c5
-
SHA512
7b7d70ab1b4b7dfa3addb8895dabc11879af9609adce93edcb6464d7cd8b3e17652c97aa9e13773fe72d0dbfb8ddc3ea39ae72a3cdc4bc9c8680ce75ad92e732
-
SSDEEP
49152:1vGpTEf8K7oAwfB1FG7YCVThiEdsbB5F+DMYkBLFfb3EZBUqdpm6XTSE:1+pAf8icfHFGxVbdOsDDYZb3Er2E
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource g2.exe
Files
-
g2.exe.exe windows x86
ad1f6f2ab58fe82163dcf0ea949d85a7
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
gdi32
GetObjectA
SelectObject
CreateCompatibleDC
StretchDIBits
TextOutA
SetBkMode
SetTextColor
GetTextExtentPoint32A
SetTextAlign
CreateSolidBrush
GetTextMetricsA
CreateFontIndirectA
GetDeviceCaps
ExtTextOutA
CreateFontA
CreateCompatibleBitmap
DPtoLP
DescribePixelFormat
ChoosePixelFormat
SwapBuffers
SetDeviceGammaRamp
GetDeviceGammaRamp
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
CreateRectRgn
GdiFlush
CreateDIBSection
GetMapMode
SetMapMode
SetPixelFormat
CreateBitmap
BitBlt
SetBkColor
DeleteDC
CreatePalette
RealizePalette
GetSystemPaletteEntries
GetStockObject
SelectPalette
CreateBrushIndirect
DeleteObject
user32
GetDlgItemTextA
DestroyMenu
TrackPopupMenu
AppendMenuA
CreatePopupMenu
SystemParametersInfoA
SetActiveWindow
DrawAnimatedRects
GetAsyncKeyState
AdjustWindowRectEx
ChangeDisplaySettingsA
DrawIconEx
InvertRect
DrawTextExA
SetParent
GetDlgCtrlID
SendDlgItemMessageA
SetDlgItemTextA
wsprintfA
LoadCursorA
LoadIconA
GetWindowTextLengthA
GetMessageA
PostQuitMessage
FillRect
LoadImageA
DrawIcon
SetRect
MapDialogRect
InvalidateRect
GetDlgItem
EnableWindow
SetWindowTextA
SetTimer
MessageBeep
ClientToScreen
GetClientRect
GetWindowTextA
EndDialog
KillTimer
CreateWindowExA
SetWindowLongA
MessageBoxA
GetWindowLongA
GetParent
ScreenToClient
SetWindowPos
GetWindowRect
GetKeyState
GetKeyboardState
MapVirtualKeyA
ToAscii
IsDialogMessageA
TranslateMessage
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetCursorPos
ClipCursor
SetClassLongA
SetCursor
SetCursorPos
GetUpdateRect
BeginPaint
EndPaint
RegisterClassA
DefWindowProcA
PeekMessageA
DispatchMessageA
UnregisterClassA
MsgWaitForMultipleObjects
EnumDisplaySettingsA
GetFocus
GetActiveWindow
CallWindowProcA
GetDC
ReleaseDC
GetSystemMetrics
SetForegroundWindow
DestroyWindow
DialogBoxParamA
CreateDialogParamA
MoveWindow
ShowWindow
IsDlgButtonChecked
GetScrollInfo
SetScrollInfo
ScrollWindow
UpdateWindow
GetDesktopWindow
SetFocus
SendMessageA
CheckDlgButton
comctl32
ord6
ord17
shell32
SHBrowseForFolderA
Shell_NotifyIconA
SHGetPathFromIDListA
ShellExecuteA
advapi32
GetUserNameA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
comdlg32
GetSaveFileNameA
ole32
CoUninitialize
CoInitialize
wsock32
gethostbyname
recvfrom
bind
socket
WSAGetLastError
closesocket
sendto
htons
ioctlsocket
inet_ntoa
WSAStartup
ntohs
getsockname
gethostname
setsockopt
recv
connect
send
winmm
midiOutSetVolume
midiStreamRestart
midiStreamProperty
midiStreamClose
midiOutGetDevCapsA
midiOutGetNumDevs
timeKillEvent
timeEndPeriod
timeSetEvent
timeGetTime
timeGetDevCaps
timeBeginPeriod
mciSendCommandA
midiStreamOpen
midiOutGetVolume
midiOutUnprepareHeader
midiOutPrepareHeader
midiStreamOut
midiOutShortMsg
midiStreamStop
midiOutReset
fmodex
?getPriority@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getSpectrum@System@FMOD@@QAG?AW4FMOD_RESULT@@PAMHHW4FMOD_DSP_FFT_WINDOW@@@Z
?getSpectrum@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAMHHW4FMOD_DSP_FFT_WINDOW@@@Z
?set3DAttributes@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@0@Z
?get3DPanLevel@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z
?set3DPanLevel@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getMode@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?setMode@Channel@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?setFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getWaveData@System@FMOD@@QAG?AW4FMOD_RESULT@@PAMHH@Z
?getWaveData@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAMHH@Z
?set3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_VECTOR@@000@Z
?setReverbProperties@System@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_REVERB_PROPERTIES@@@Z
?setPitch@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?set3DSpread@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setCallback@Channel@FMOD@@QAG?AW4FMOD_RESULT@@P6G?AW43@PAUFMOD_CHANNEL@@W4FMOD_CHANNEL_CALLBACKTYPE@@PAX2@Z@Z
?getHardwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH00@Z
?getDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@PAIPAH@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?setOutput@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_OUTPUTTYPE@@@Z
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?setOutputByPlugin@System@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?setDriver@System@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?getDriver@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getDriverCaps@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAIPAH1PAW4FMOD_SPEAKERMODE@@@Z
?createCodec@System@FMOD@@QAG?AW4FMOD_RESULT@@PAUFMOD_CODEC_DESCRIPTION@@I@Z
?getSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAW4FMOD_SOUND_FORMAT@@00PAW4FMOD_DSP_RESAMPLER@@0@Z
?setSoftwareFormat@System@FMOD@@QAG?AW4FMOD_RESULT@@HW4FMOD_SOUND_FORMAT@@HHW4FMOD_DSP_RESAMPLER@@@Z
?setSoftwareChannels@System@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@IH@Z
?getSpeakerMode@System@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_SPEAKERMODE@@@Z
?getOutput@System@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OUTPUTTYPE@@@Z
?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z
?addGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@@Z
?createDSPByType@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PAPAVDSP@2@@Z
?getDSPHead@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVDSP@2@@Z
?setBypass@DSP@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?setParameter@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HM@Z
?setMix@DSPConnection@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getMasterChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z
?getOutput@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@PAPAVDSPConnection@2@@Z
?set3DSettings@System@FMOD@@QAG?AW4FMOD_RESULT@@MMM@Z
?set3DRolloffCallback@System@FMOD@@QAG?AW4FMOD_RESULT@@P6GMPAUFMOD_CHANNEL@@M@Z@Z
?setStreamBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?setChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAVChannelGroup@2@@Z
?setSpeakerMix@Channel@FMOD@@QAG?AW4FMOD_RESULT@@MMMMMMMM@Z
?setDefaults@Sound@FMOD@@QAG?AW4FMOD_RESULT@@MMMH@Z
?setUserData@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAX@Z
?getReverbProperties@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAUFMOD_REVERB_CHANNELPROPERTIES@@@Z
?setReverbProperties@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_REVERB_CHANNELPROPERTIES@@@Z
?getOpenState@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_OPENSTATE@@PAIPA_N@Z
?getVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z
?getPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?getFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z
?setVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getFormat@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_SOUND_TYPE@@PAW4FMOD_SOUND_FORMAT@@PAH2@Z
?readData@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAXIPAI@Z
?getUserData@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAPAX@Z
?getLength@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?lockDSP@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getDSPClock@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI0@Z
?unlockDSP@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getNumInputs@DSP@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getInput@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAV12@PAPAVDSPConnection@2@@Z
?getType@DSP@FMOD@@QAG?AW4FMOD_RESULT@@PAW4FMOD_DSP_TYPE@@@Z
?disconnectFrom@DSP@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@@Z
?addInput@DSP@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@PAPAVDSPConnection@2@@Z
?setActive@DSP@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?setPaused@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getDelay@Channel@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DELAYTYPE@@PAI1@Z
?setPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?setVolume@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getChannelsPlaying@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getCPUUsage@System@FMOD@@QAG?AW4FMOD_RESULT@@PAM000@Z
?getNumDrivers@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getDriverInfo@System@FMOD@@QAG?AW4FMOD_RESULT@@HPADHPAUFMOD_GUID@@@Z
?release@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?unloadPlugin@System@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getUserData@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAPAX@Z
?getDefaults@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAM00PAH@Z
FMOD_System_Create
?setSpeakerMode@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKERMODE@@@Z
opengl32
glColor4f
glGetBooleanv
glTexEnvi
glGetString
wglMakeCurrent
glEnd
glDrawArrays
glTexCoord2f
glTexCoord2fv
glVertex2f
glVertex2i
glVertex3f
glVertex3fv
glVertex3d
glColor4fv
glColor3f
glColor3ub
glAlphaFunc
glBlendFunc
glDepthFunc
glDepthMask
glDepthRange
glStencilFunc
glStencilMask
glStencilOp
glMatrixMode
glPushMatrix
glPopMatrix
glBegin
glLoadIdentity
glMultMatrixd
glTranslatef
glOrtho
glScalef
glRotatef
glViewport
glScissor
glClear
glClearColor
glClearDepth
glShadeModel
glHint
glDisableClientState
glEnableClientState
glFogf
glFogi
glFogfv
glEnable
glIsEnabled
glDisable
glTexGeni
glDeleteTextures
glGenTextures
glBindTexture
glTexImage2D
glTexParameterf
glTexParameteri
glCopyTexSubImage2D
glReadPixels
glPolygonOffset
glClipPlane
glFinish
glFlush
wglGetProcAddress
glGetIntegerv
glPixelStorei
glTexCoordPointer
glVertexPointer
glTexEnvfv
glColorMask
wglDeleteContext
wglCreateContext
glFrontFace
glu32
gluScaleImage
gluPerspective
kernel32
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetStdHandle
VirtualAlloc
VirtualFree
HeapDestroy
FlushFileBuffers
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetTimeZoneInformation
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetStartupInfoA
GetFileAttributesA
GetConsoleMode
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
DeleteFileA
HeapSize
CreateDirectoryA
GetDateFormatA
GetTimeFormatA
GetEnvironmentStringsW
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
RtlUnwind
WideCharToMultiByte
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
GetTickCount
CreateProcessA
CreatePipe
PeekNamedPipe
SearchPathA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
TerminateProcess
lstrcpyA
SuspendThread
SetConsoleTextAttribute
FindClose
FindNextFileA
FindFirstFileA
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocaleInfoA
GetCurrentThread
DuplicateHandle
QueueUserAPC
SetUnhandledExceptionFilter
ExitProcess
GetCommandLineA
GetStdHandle
GetFileInformationByHandle
AllocConsole
FlushConsoleInputBuffer
SetConsoleMode
ReadConsoleA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
MulDiv
SetPriorityClass
SleepEx
GlobalAlloc
GlobalLock
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetCurrentDirectoryA
GlobalUnlock
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
GetVersionExA
GetModuleFileNameA
LoadLibraryA
GetExitCodeThread
GetProcessHeap
GetFileSize
SetFilePointer
ReadFile
GetTempPathA
GetTempFileNameA
CreateFileA
GetModuleHandleA
GetProcAddress
WriteFile
VirtualQuery
SetThreadPriority
CreateEventA
InitializeCriticalSection
CreateThread
WaitForMultipleObjects
ExitThread
ResetEvent
SetEvent
WaitForSingleObject
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
HeapFree
HeapReAlloc
HeapCreate
HeapAlloc
GetLastError
FormatMessageA
LocalFree
SetCurrentDirectoryA
GetDriveTypeA
RaiseException
GetFullPathNameA
hqnx
?InitLUTs@@YIXXZ
??1CImage@@QAE@XZ
?Convert32To17@CImage@@QAEHXZ
?SetImage@CImage@@QAEHPAEHHH@Z
??0CImage@@QAE@XZ
?hq4x_32@@YIXPAHPAEHHH@Z
?hq3x_32@@YIXPAHPAEHHH@Z
?hq2x_32@@YIXPAHPAEHHH@Z
snes_spc
?get_signature@SNES_SPC@@SIQBDXZ
?load_spc@SNES_SPC@@QAEPBDPBXJ@Z
?play@SNES_SPC@@QAEPBDHPAF@Z
?skip@SNES_SPC@@QAEPBDH@Z
?clear_echo@SNES_SPC@@QAEXXZ
?run@SPC_Filter@@QAEXPAFH@Z
?init@SNES_SPC@@QAEPBDXZ
??0SPC_Filter@@QAE@XZ
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rtext Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 396KB - Virtual size: 395KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 120KB - Virtual size: 10.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 764KB - Virtual size: 760KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ