cc7477206ea808151f92fd6a76d9ddbaf690a77a91fd6570cb09bd340791776b

Sharing

Copy URL Twitter E-mail

General

Target

cc7477206ea808151f92fd6a76d9ddbaf690a77a91fd6570cb09bd340791776b
Size

2.9MB
MD5

4bcf9465ad7b9134f35651684480e3a4
SHA1

9f8dfec8ed4583063c09680cdebd1bec0b33fcdd
SHA256

cc7477206ea808151f92fd6a76d9ddbaf690a77a91fd6570cb09bd340791776b
SHA512

1177210a97dc64aafc30fa5fa2f54a3234bc6bed1fcaff391c45dbeb9c5002d7092bbbba2c0f1d0462d82ff088fd0201da289d837c4bfbcb426a469972b730c6
SSDEEP

49152:4Sk8sna9WJkXP3+mO240fg/P4WDYpD4hgNOnCUi0epBLYqoNlmyA0lKF+6VOXAGA:2HWaVC9wmCdehhBE/GL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cc7477206ea808151f92fd6a76d9ddbaf690a77a91fd6570cb09bd340791776b

Files

cc7477206ea808151f92fd6a76d9ddbaf690a77a91fd6570cb09bd340791776b
.exe windows x86

2b55da8a801e1b5b7b4ce31b7c217b93

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_CalcDistance@8
_VECTOR3_MULEQU_FLOAT@8
_VECTOR3_ADD_VECTOR3@12
_CrossProduct@12
_COLORtoDWORD@16
_TransformV3TOV4@16
_SetInverseMatrix@8
_MatrixMultiply2@12
_Normalize@8
_VECTOR3Length@4
_WriteTGA@24
_RotatePositionWithPivot@24
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_TransformVector3_VPTR2@16

wsock32

WSAStartup
WSACleanup
gethostname
WSAGetLastError
gethostbyname
inet_addr
send
recv
htons
ioctlsocket
socket
connect
closesocket

dinput8

DirectInput8Create

wininet

InternetConnectA
InternetReadFile
InternetQueryDataAvailable
HttpSendRequestA
InternetOpenA
InternetCloseHandle
HttpOpenRequestA

kernel32

GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
GetConsoleMode
GetConsoleCP
HeapSize
GetLocaleInfoW
GetProcAddress
GetModuleHandleA
VerifyVersionInfoA
VerSetConditionMask
ExitProcess
Sleep
CreateThread
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
CreateEventA
CloseHandle
SetEvent
OpenEventA
FileTimeToSystemTime
GetCurrentDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
DuplicateHandle
GetCurrentProcessId
GetProcessId
OpenProcess
CreateDirectoryA
SetUnhandledExceptionFilter
lstrcpynA
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
lstrcatA
lstrcpyA
LoadLibraryA
FormatMessageA
IsBadReadPtr
GetTickCount
WaitForSingleObject
ResumeThread
GetLocalTime
lstrcmpiA
GetLastError
GetStringTypeW
lstrlenA
MulDiv
OutputDebugStringA
QueryDosDeviceA
GetLogicalDriveStringsA
Process32Next
Process32First
CreateToolhelp32Snapshot
ReadFile
WriteFile
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemTime
GetFileSize
GetSystemDefaultLangID
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
GetTempPathA
CopyFileA
SetFileAttributesA
FreeLibrary
OpenFile
lstrcmpA
SetCurrentDirectoryA
GetVersionExA
LoadLibraryW
SetConsoleCtrlHandler
FatalAppExitA
HeapDestroy
HeapCreate
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
SetStdHandle
IsProcessorFeaturePresent
GetCPInfo
LCMapStringW
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitThread
FindFirstFileExA
FileTimeToLocalFileTime
GetFileAttributesA
GetSystemTimeAsFileTime
GetModuleHandleW
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
GetProcessHeap
VirtualQuery
CreateFileW
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
CompareStringW
IsDBCSLeadByte
SetEnvironmentVariableA

user32

ShowCursor
CallNextHookEx
ShowWindow
IsWindowVisible
GetAsyncKeyState
SetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
IsClipboardFormatAvailable
GetClipboardData
GetActiveWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharPrevA
CharNextA
GetDC
ReleaseDC
OffsetRect
SetCursor
LoadCursorFromFileA
CopyRect
GetClientRect
SendMessageA
SetRect
PostMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
DefWindowProcA
GetSystemMetrics
CreateWindowExA
UpdateWindow
RegisterClassExA
EndDialog
wsprintfA
FindWindowExA
FindWindowA
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
DeleteObject
GetStockObject
SelectObject
GetDeviceCaps

advapi32

LookupAccountSidA
GetTokenInformation
OpenProcessToken
GetUserNameA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoFreeUnusedLibraries

freeimage

_FreeImage_Unload@4
_FreeImage_SaveJPEG@12
_FreeImage_Load@12
_FreeImage_GetBits@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_GetInfo@4

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameA

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 697KB - Virtual size: 890KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b55da8a801e1b5b7b4ce31b7c217b93

Headers

DLL Characteristics

File Characteristics

Imports

soundlib

winmm

ss3dgfunc

wsock32

dinput8

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

freeimage

iphlpapi

psapi

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 253KB - Virtual size: 252KB

.data Size: 697KB - Virtual size: 890KB

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 253KB - Virtual size: 252KB

.data
Size: 697KB - Virtual size: 890KB

.rsrc
Size: 89KB - Virtual size: 89KB