14f92136234a6f52b469a3a17f4a1333e1dde10d490fe366ead6da843fa03172

Sharing

Copy URL Twitter E-mail

General

Target

14f92136234a6f52b469a3a17f4a1333e1dde10d490fe366ead6da843fa03172
Size

2.4MB
MD5

159e5e28b7af666612f8fb567840787b
SHA1

01dd31e550e86eaecb4d3363f161183eed060ac2
SHA256

14f92136234a6f52b469a3a17f4a1333e1dde10d490fe366ead6da843fa03172
SHA512

e1782b7a618055d8acb5fabe5b1b1d74c7ad6b0e2bfded5335a0fafd0f52140bd69104bbfca718bf97c44f55f5ce198d19c97b6df1469d776b8e2e2e026b3470
SSDEEP

49152:wRgDbkIP7x9bELb54Tbq9V41U64cRigQ9APmrGDBvXuk2Go13QFOZIVZD/m72umy:agogY41U64cIKbB2k03eO9OA4rNI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14f92136234a6f52b469a3a17f4a1333e1dde10d490fe366ead6da843fa03172

Files

14f92136234a6f52b469a3a17f4a1333e1dde10d490fe366ead6da843fa03172
.exe windows x86

b1dc2286d2a22a9ffdbd34ba9e90ab63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_CalcDistance@8
_VECTOR3_MULEQU_FLOAT@8
_VECTOR3_ADD_VECTOR3@12
_CrossProduct@12
_COLORtoDWORD@16
_TransformV3TOV4@16
_SetInverseMatrix@8
_MatrixMultiply2@12
_Normalize@8
_VECTOR3Length@4
_WriteTGA@24
_RotatePositionWithPivot@24
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_TransformVector3_VPTR2@16

wsock32

gethostname
WSAGetLastError
gethostbyname
inet_addr

dinput8

DirectInput8Create

wininet

InternetConnectA
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestA
InternetOpenA
InternetCloseHandle
HttpOpenRequestA

kernel32

QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
HeapSize
GetProcAddress
GetModuleHandleA
VerifyVersionInfoA
VerSetConditionMask
ExitProcess
Sleep
CreateThread
DeleteFileA
CreateEventA
CloseHandle
SetEvent
OpenEventA
GetCurrentDirectoryA
GetCurrentProcess
DuplicateHandle
GetCurrentProcessId
GetProcessId
OpenProcess
CreateDirectoryA
SetUnhandledExceptionFilter
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
lstrcatA
lstrcpyA
LoadLibraryA
GetTickCount
WaitForSingleObject
ResumeThread
GetLocalTime
lstrcmpiA
GetLastError
GetStringTypeW
lstrlenA
MulDiv
OutputDebugStringA
QueryDosDeviceA
GetLogicalDriveStringsA
Process32Next
Process32First
CreateToolhelp32Snapshot
ReadFile
WriteFile
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemTime
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
OpenFile
lstrcmpA
SetCurrentDirectoryA
GetVersionExA
LoadLibraryW
HeapCreate
InitializeCriticalSectionAndSpinCount
SetHandleCount
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
IsProcessorFeaturePresent
GetCPInfo
LCMapStringW
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
GetModuleHandleW
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
VirtualQuery
CreateFileW
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
CompareStringW
IsDBCSLeadByte
SetEnvironmentVariableA

user32

ShowCursor
ShowWindow
IsWindowVisible
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
IsClipboardFormatAvailable
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharPrevA
CharNextA
GetDC
ReleaseDC
OffsetRect
SetCursor
LoadCursorFromFileA
CopyRect
GetClientRect
SetRect
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
DefWindowProcA
GetSystemMetrics
CreateWindowExA
UpdateWindow
RegisterClassExA
wsprintfA
FindWindowExA
FindWindowA
MessageBoxA

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps

advapi32

LookupAccountSidA
GetTokenInformation
OpenProcessToken
GetUserNameA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries

freeimage

_FreeImage_Unload@4
_FreeImage_SaveJPEG@12
_FreeImage_Load@12
_FreeImage_GetBits@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_GetInfo@4

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameA

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 694KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1dc2286d2a22a9ffdbd34ba9e90ab63

Headers

DLL Characteristics

File Characteristics

Imports

soundlib

winmm

ss3dgfunc

wsock32

dinput8

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

freeimage

iphlpapi

psapi

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 191KB - Virtual size: 190KB

.data Size: 694KB - Virtual size: 887KB

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 191KB - Virtual size: 190KB

.data
Size: 694KB - Virtual size: 887KB

.rsrc
Size: 89KB - Virtual size: 89KB