b65a770c3ce14fb27ce5dc1b4dd0db8b04fa10e5f707c6e0896414f97fd77af0

Sharing

Copy URL

Twitter E-mail

General

Target

b65a770c3ce14fb27ce5dc1b4dd0db8b04fa10e5f707c6e0896414f97fd77af0
Size

3.0MB
MD5

0b22b8397429a9b52d068b1b4b68c099
SHA1

3def86ad93bdc09344881d0379fd78e76b318256
SHA256

b65a770c3ce14fb27ce5dc1b4dd0db8b04fa10e5f707c6e0896414f97fd77af0
SHA512

97265a555cf44864ccec255d2358a76de46e21def6f14fbfa88a54b2c3853c5e528419364acb73f4ce48a31ab12fdcf94c0b7f3acbe4eecf58be34ba1f04fab1
SSDEEP

49152:PMiNmocgHh1ahYwIg4h5jKNRumOTGc/reuLRpj5OTLYJAXhrCLD0muo7yc1S4754:Xc6amsgJMTY98o3aiLQ4SD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b65a770c3ce14fb27ce5dc1b4dd0db8b04fa10e5f707c6e0896414f97fd77af0

Files

b65a770c3ce14fb27ce5dc1b4dd0db8b04fa10e5f707c6e0896414f97fd77af0
.exe windows x86

9b936ada5c31a5e791f426081bd022d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_CalcDistance@8
_VECTOR3_MULEQU_FLOAT@8
_VECTOR3_ADD_VECTOR3@12
_CrossProduct@12
_COLORtoDWORD@16
_TransformV3TOV4@16
_SetInverseMatrix@8
_MatrixMultiply2@12
_Normalize@8
_VECTOR3Length@4
_WriteTGA@24
_RotatePositionWithPivot@24
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_TransformVector3_VPTR2@16

wsock32

WSAStartup
WSACleanup
gethostname
WSAGetLastError
gethostbyname
inet_addr
send
recv
htons
ioctlsocket
socket
connect
closesocket

dinput8

DirectInput8Create

wininet

InternetConnectA
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestA
InternetOpenA
InternetCloseHandle
HttpOpenRequestA

kernel32

GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
LoadLibraryW
IsDBCSLeadByte
GetProcAddress
GetModuleHandleA
VerifyVersionInfoA
VerSetConditionMask
ExitProcess
Sleep
CreateThread
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
CreateEventA
CloseHandle
SetEvent
OpenEventA
FileTimeToSystemTime
GetCurrentDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
DuplicateHandle
GetCurrentProcessId
GetProcessId
OpenProcess
CreateDirectoryA
SetUnhandledExceptionFilter
lstrcpynA
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
lstrcatA
lstrcpyA
LoadLibraryA
FormatMessageA
IsBadReadPtr
GetTickCount
WaitForSingleObject
ResumeThread
GetLocalTime
lstrcmpiA
GetStringTypeW
lstrlenA
MulDiv
OutputDebugStringA
QueryDosDeviceA
GetLogicalDriveStringsA
Process32Next
Process32First
CreateToolhelp32Snapshot
ReadFile
WriteFile
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemTime
GetFileSize
GetSystemDefaultLangID
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
GetTempPathA
CopyFileA
SetFileAttributesA
FreeLibrary
OpenFile
lstrcmpA
SetCurrentDirectoryA
GetVersionExA
SetConsoleCtrlHandler
FatalAppExitA
HeapDestroy
HeapCreate
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapSize
IsProcessorFeaturePresent
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
SetStdHandle
UnhandledExceptionFilter
GetCPInfo
LCMapStringW
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitThread
FindFirstFileExA
FileTimeToLocalFileTime
GetFileAttributesA
GetSystemTimeAsFileTime
GetModuleHandleW
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
GetProcessHeap
VirtualQuery
CreateFileW
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
CompareStringW
GetLastError
SetEnvironmentVariableA

user32

wsprintfA
CharNextA
CharPrevA
CallNextHookEx
ShowWindow
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
IsClipboardFormatAvailable
GetClipboardData
GetActiveWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDC
ReleaseDC
OffsetRect
SetCursor
LoadCursorFromFileA
CopyRect
GetClientRect
SendMessageA
SetRect
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
RegisterClassExA
DefWindowProcA
CreateWindowExA
UpdateWindow
ShowCursor
EndDialog
GetSystemMetrics
FindWindowExA
FindWindowA
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA
GetAsyncKeyState
IsWindowVisible

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps

advapi32

LookupAccountSidA
GetTokenInformation
OpenProcessToken
GetUserNameA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries

freeimage

_FreeImage_Unload@4
_FreeImage_SaveJPEG@12
_FreeImage_Load@12
_FreeImage_GetBits@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_GetInfo@4

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 697KB - Virtual size: 891KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b936ada5c31a5e791f426081bd022d6

Headers

DLL Characteristics

File Characteristics

Imports

soundlib

winmm

ss3dgfunc

wsock32

dinput8

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

freeimage

iphlpapi

psapi

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 256KB - Virtual size: 256KB

.data Size: 697KB - Virtual size: 891KB

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 256KB - Virtual size: 256KB

.data
Size: 697KB - Virtual size: 891KB

.rsrc
Size: 89KB - Virtual size: 89KB