982e51d00494963b28dc561a539fb58cf318b78823e4a6ad2fe09df69d41554f

Sharing

Copy URL Twitter E-mail

General

Target

982e51d00494963b28dc561a539fb58cf318b78823e4a6ad2fe09df69d41554f
Size

2.9MB
MD5

0ec4196cf2893e255e28130ea0e2baed
SHA1

ca58e961ca8e0c53b410bc7c40b43a92e6cc6ad7
SHA256

982e51d00494963b28dc561a539fb58cf318b78823e4a6ad2fe09df69d41554f
SHA512

af864d079bdc70016dec93d5510f84853733afdcfec24ba1f06d42481d46c8aa3861a9a3eca52dfcc0bc74cf37e208f1053fc5bc10f03bd990c0d2219028cec9
SSDEEP

49152:c16e2tgGKJL06dfwlYiXJo9FMusuhiFIrmUzxKcIxZqyz7kAYT/sTuT7PH0Ewkge:6EUqo9DotUmkb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
982e51d00494963b28dc561a539fb58cf318b78823e4a6ad2fe09df69d41554f

Files

982e51d00494963b28dc561a539fb58cf318b78823e4a6ad2fe09df69d41554f
.exe windows x86

2e70332c5138e6c348494cdc5a9de4f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_CrossProduct@12
_VECTOR3Length@4
_COLORtoDWORD@16
_WriteTGA@24
_VECTOR3_MULEQU_FLOAT@8
_VECTOR3_ADD_VECTOR3@12
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_TransformVector3_VPTR2@16
_CalcDistance@8
_RotatePositionWithPivot@24
_MatrixMultiply2@12
_TransformV3TOV4@16
_SetInverseMatrix@8
_Normalize@8

wsock32

inet_addr
gethostbyname
WSAStartup
WSACleanup
closesocket
send
recv
htons
ioctlsocket
socket
connect

dinput8

DirectInput8Create

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
InternetConnectA
HttpOpenRequestA

kernel32

EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryW
GetFileSize
CloseHandle
OpenFile
GetLocalTime
IsDBCSLeadByte
GetModuleFileNameA
DeleteFileA
GetTickCount
Sleep
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentDirectoryA
ReadFile
WaitForSingleObject
CreateProcessA
GetStartupInfoA
CreatePipe
WideCharToMultiByte
lstrlenA
SetCurrentDirectoryA
Process32Next
Module32Next
Module32First
Process32First
CreateToolhelp32Snapshot
lstrcpyA
lstrcmpA
OutputDebugStringA
GetProcAddress
LoadLibraryA
FreeLibrary
CreateFileA
CreateThread
CreateEventA
GetLastError
GetThreadContext
ResumeThread
SetEvent
GetPriorityClass
OpenProcess
lstrcatA
QueryDosDeviceA
lstrcmpiA
GetLogicalDriveStringsA
WaitForMultipleObjects
TerminateProcess
IsDebuggerPresent
InterlockedCompareExchange
GetModuleHandleA
MulDiv
VerifyVersionInfoA
VerSetConditionMask
CompareStringA
DuplicateHandle
GetCurrentProcessId
GetProcessId
ExitProcess
WriteFile
CreateDirectoryA
CompareStringW
GetCurrentThreadId
IsValidLocale
FindClose
FindNextFileA
RemoveDirectoryA
FindFirstFileA
FileTimeToSystemTime
SetEnvironmentVariableA
MultiByteToWideChar
LCMapStringA
InterlockedExchange
GetSystemInfo
InitializeCriticalSection
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileStringA
GetTempPathA
CopyFileA
SetFileAttributesA
GetVersionExA
GetSystemTime
InterlockedDecrement
DebugBreak
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
VirtualAlloc
VirtualFree
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
HeapSize
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetCommandLineA
GetFileAttributesA
GetModuleHandleW
HeapReAlloc
ExitThread
HeapAlloc
HeapFree
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
SetEndOfFile
CreateFileW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
GetProcessHeap
ReadProcessMemory
VirtualQuery
RtlUnwind
RaiseException
InterlockedIncrement
GetCurrentProcess
UnhandledExceptionFilter

user32

GetWindowTextA
wsprintfA
SetRect
MessageBoxA
CharNextA
CharPrevA
PostMessageA
CloseClipboard
GetClientRect
SetCursor
LoadCursorFromFileA
RegisterHotKey
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
DefWindowProcA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
ShowCursor
FindWindowExA
FindWindowA
GetDC
ReleaseDC
SetCapture
ReleaseCapture
GetCursorPos
IsClipboardFormatAvailable
GetClipboardData
OffsetRect
EnumWindows
ScreenToClient
GetWindowThreadProcessId
CopyRect
OpenClipboard
EmptyClipboard
SetClipboardData

gdi32

GetStockObject
GetDeviceCaps
SelectObject
GetTextExtentPoint32A
CreateFontIndirectA
DeleteObject

advapi32

GetUserNameA
GetTokenInformation
LookupAccountSidA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries

oleaut32

VariantClear

freeimage

_FreeImage_GetInfo@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_SaveJPEG@12
_FreeImage_GetBits@4
_FreeImage_Unload@4
_FreeImage_Load@12

psapi

GetProcessImageFileNameA

iphlpapi

GetAdaptersInfo

powrprof

CallNtPowerInformation

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 755KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e70332c5138e6c348494cdc5a9de4f6

Headers

DLL Characteristics

File Characteristics

Imports

soundlib

winmm

ss3dgfunc

wsock32

dinput8

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

freeimage

psapi

iphlpapi

powrprof

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 224KB - Virtual size: 223KB

.data Size: 755KB - Virtual size: 1.0MB

.rsrc Size: 102KB - Virtual size: 101KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 224KB - Virtual size: 223KB

.data
Size: 755KB - Virtual size: 1.0MB

.rsrc
Size: 102KB - Virtual size: 101KB