95883a5b4cc33698898da9ff51cbbdfb6c04542c6ef38eeecb825e7fc49aae10

Sharing

Copy URL Twitter E-mail

General

Target

95883a5b4cc33698898da9ff51cbbdfb6c04542c6ef38eeecb825e7fc49aae10
Size

3.0MB
MD5

1fcfc7567261c567574ae41463b6bdf8
SHA1

38543ccf777b9d09e560ded9509fb842bfa7911e
SHA256

95883a5b4cc33698898da9ff51cbbdfb6c04542c6ef38eeecb825e7fc49aae10
SHA512

a1de4d815adc646d20a140ceaefc1129627a7ca14c948603976c1c7f6deac40d711ff52577bdc9be1243dad26a1e86f921dc4c5cf3c105bc48aa7e0ac25766eb
SSDEEP

49152:9NipPWdZ83vJTXe2uG+WApEPUw/KHQBEjvU0IeuD3ucgEbae0snTo+Ob1i+v6X2G:C3v2p+eMlDdSssC7GKeRZq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95883a5b4cc33698898da9ff51cbbdfb6c04542c6ef38eeecb825e7fc49aae10

Files

95883a5b4cc33698898da9ff51cbbdfb6c04542c6ef38eeecb825e7fc49aae10
.exe windows x86

28835081b36d4506b48233d18c5fa17e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

soundlib

CreateSoundLib

winmm

timeGetTime

ss3dgfunc

_CalcDistance@8
_MatrixMultiply2@12
_TransformV3TOV4@16
_SetInverseMatrix@8
_Normalize@8
_CrossProduct@12
_WriteTGA@24
_RotatePositionWithPivot@24
_COLORtoDWORD@16
_VECTOR3_ADD_VECTOR3@12
_VECTOR3_MULEQU_FLOAT@8
_SetRotationXMatrix@8
_SetRotationYMatrix@8
_TransformVector3_VPTR2@16
_VECTOR3Length@4

wsock32

WSAGetLastError
gethostname
WSAStartup
WSACleanup
gethostbyname
connect
socket
ioctlsocket
htons
recv
closesocket
inet_addr
send

dinput8

DirectInput8Create

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle

kernel32

SetHandleCount
GetCurrentThread
SetLastError
TlsFree
TlsSetValue
HeapDestroy
FatalAppExitA
TlsGetValue
TlsAlloc
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCPInfo
LCMapStringW
GetProcAddress
GetModuleHandleA
VerifyVersionInfoA
VerSetConditionMask
ExitProcess
Sleep
CreateThread
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
CreateEventA
CloseHandle
SetEvent
OpenEventA
FileTimeToSystemTime
GetCurrentDirectoryA
GetWindowsDirectoryA
GetCurrentProcess
DuplicateHandle
GetCurrentProcessId
GetProcessId
OpenProcess
CreateDirectoryA
SetUnhandledExceptionFilter
lstrcpynA
GetModuleFileNameA
GetCurrentThreadId
CreateFileA
lstrcatA
lstrcpyA
LoadLibraryA
FormatMessageA
IsBadReadPtr
GetTickCount
WaitForSingleObject
ResumeThread
GetLocalTime
lstrcmpiA
GetLastError
SetConsoleCtrlHandler
lstrlenA
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
QueryDosDeviceA
GetLogicalDriveStringsA
Process32Next
Process32First
CreateToolhelp32Snapshot
ReadFile
WriteFile
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetSystemTime
GetFileSize
GetSystemDefaultLangID
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
GetTempPathA
CopyFileA
SetFileAttributesA
FreeLibrary
OpenFile
lstrcmpA
SetFilePointer
SetCurrentDirectoryA
GetVersionExA
GetModuleFileNameW
GetStdHandle
GetFileType
WriteConsoleW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitThread
FindFirstFileExA
FileTimeToLocalFileTime
GetFileAttributesA
GetSystemTimeAsFileTime
GetModuleHandleW
HeapAlloc
HeapReAlloc
HeapFree
RaiseException
RtlUnwind
DecodePointer
EncodePointer
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
InterlockedDecrement
SetEnvironmentVariableA
InterlockedIncrement
MulDiv
HeapCreate
LoadLibraryW
GetLocaleInfoW
HeapSize
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
SetStdHandle
GetProcessHeap
VirtualQuery
CreateFileW
SetEndOfFile
CompareStringW
IsDBCSLeadByte

user32

DestroyWindow
SetCapture
ReleaseCapture
GetCursorPos
IsDialogMessageA
IsClipboardFormatAvailable
GetClipboardData
GetActiveWindow
SetWindowPos
GetWindowRect
ScreenToClient
IsWindow
AnimateWindow
SetFocus
CheckDlgButton
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
CharPrevA
CharNextA
SetDlgItemInt
ReleaseDC
OffsetRect
SetDlgItemTextA
GetDlgItemInt
SetCursor
CopyRect
GetClientRect
SendMessageA
SetRect
PostMessageA
PeekMessageA
DispatchMessageA
TranslateMessage
LoadIconA
RegisterClassExA
DefWindowProcA
GetSystemMetrics
CreateWindowExA
UpdateWindow
ShowCursor
EndDialog
wsprintfA
FindWindowExA
FindWindowA
MessageBoxA
UnhookWindowsHookEx
SetWindowsHookExA
GetAsyncKeyState
IsWindowVisible
ShowWindow
CallNextHookEx
CreateDialogParamA
SetWindowLongA
ClientToScreen
SendDlgItemMessageA
SetWindowTextA
GetWindowTextA
CallWindowProcA
EnableWindow
CheckRadioButton
GetDlgItem
GetDC
GetDlgItemTextA
LoadCursorFromFileA

gdi32

DeleteObject
CreateFontIndirectA
GetTextExtentPoint32A
GetStockObject
SelectObject
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
GetTokenInformation
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueExA
OpenProcessToken
LookupAccountSidA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoFreeUnusedLibraries
CoUninitialize

freeimage

_FreeImage_GetBits@4
_FreeImage_GetInfo@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_Unload@4
_FreeImage_SaveJPEG@12
_FreeImage_Load@12

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 713KB - Virtual size: 907KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28835081b36d4506b48233d18c5fa17e

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

soundlib

winmm

ss3dgfunc

wsock32

dinput8

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

freeimage

iphlpapi

psapi

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 258KB - Virtual size: 257KB

.data Size: 713KB - Virtual size: 907KB

.rsrc Size: 101KB - Virtual size: 100KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 258KB - Virtual size: 257KB

.data
Size: 713KB - Virtual size: 907KB

.rsrc
Size: 101KB - Virtual size: 100KB