BattleBlockTheater[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

BattleBlockTheater.exe
Size

3.8MB
MD5

17c2c5fa2fca3d03fe70f6a7956997d9
SHA1

ef166b8b4ada0f745d056a7e733e2819932b6a68
SHA256

4f6f29449eb8137b44c821b8783ff01c07c1efcd851e26310ed09a41ffc394fa
SHA512

10f234bc96d90ac1d3f9adda3e4b5befa7654694709ff0e547fc7062585aa5083a38d4bff921182cb5aa61f88e930907c84f56d54e372a729990723b8dd89f95
SSDEEP

24576:usono/6HyEs13DSt6w8kNsBXyHXoPANbPvFxoJkRwhlPAJ7aTBrT0pPzPWyhGJ0J:dgyetrNsBXy3ooRZRUPZTBT0VzPWo35

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BattleBlockTheater.exe

Files

BattleBlockTheater.exe
.exe windows x86

68ea49615ba3e8e88b55d795c93df985

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

d3d9

Direct3DCreate9

steam_api

SteamClient
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_SetMiniDumpComment
SteamAPI_WriteMiniDump
SteamAPI_Shutdown
SteamNetworking
SteamMatchmaking
SteamController
SteamAPI_Init
SteamAPI_RegisterCallback
SteamApps
SteamUserStats
SteamFriends
SteamUser
SteamRemoteStorage
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamHTTP
SteamUtils
SteamAPI_UnregisterCallback

d3dx10_43

D3DXMatrixTranslation
D3DXMatrixScaling
D3DXMatrixRotationAxis
D3DXVec4Transform
D3DXVec4Normalize
D3DXMatrixOrthoOffCenterLH
D3DXMatrixMultiply

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx
D3DXLoadSurfaceFromSurface
D3DXCreateTextureFromFileW
D3DXCompileShader

xinput1_3

ord2

bink2w32

_BinkOpenXAudio2@4
_BinkSetSoundSystem@8
_BinkShouldSkip@4
_BinkClose@4
_BinkWait@4
_BinkNextFrame@4
_BinkDoFrame@4
_BinkRegisterFrameBuffers@8
_BinkGetFrameBuffersInfo@8
_BinkOpen@8
_BinkGetRects@8

kernel32

FlushFileBuffers
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
SetEndOfFile
SetStdHandle
LoadLibraryW
LoadLibraryExW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DeleteCriticalSection
SetFilePointer
ReadConsoleW
HeapSize
InterlockedIncrement
GetConsoleMode
GetConsoleCP
MultiByteToWideChar
AreFileApisANSI
ExitProcess
InterlockedDecrement
GetProcessHeap
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCommandLineW
GetProcAddress
SetFilePointerEx
WideCharToMultiByte
WriteConsoleW
GetModuleHandleExW
CreateThread
GetCurrentThreadId
SetThreadPriority
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
GetSystemTimeAsFileTime
CloseHandle
GetFileSize
WriteFile
ReadFile
CreateFileW
GetModuleHandleW
OutputDebugStringW
GetSystemTime
QueryPerformanceCounter
QueryPerformanceFrequency
SetEvent
CreateEventW
GetCurrentThread
Sleep
FindClose
FindFirstFileW
FindNextFileW
GetModuleFileNameW
GetFileType
GetStdHandle
RaiseException
GetStringTypeW
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
GetLastError
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer

user32

EndDialog
SetFocus
LoadAcceleratorsW
UpdateWindow
GetCursorPos
LoadCursorW
LoadIconW
LoadStringW
GetWindowRect
MessageBoxW
ShowCursor
DialogBoxParamW
ShowWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
GetClientRect
SetWindowPos

ole32

CoCreateInstance
CoInitialize

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 161KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68ea49615ba3e8e88b55d795c93df985

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

d3d9

steam_api

d3dx10_43

d3dx9_43

xinput1_3

bink2w32

kernel32

user32

ole32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 161KB - Virtual size: 257KB

.rsrc Size: 692KB - Virtual size: 691KB

.reloc Size: 177KB - Virtual size: 176KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 161KB - Virtual size: 257KB

.rsrc
Size: 692KB - Virtual size: 691KB

.reloc
Size: 177KB - Virtual size: 176KB