24407413f79c066722577f0190f42848e1a34ddf1a4981f58e5307d735f9f15c

Sharing

Copy URL

Twitter E-mail

General

Target

24407413f79c066722577f0190f42848e1a34ddf1a4981f58e5307d735f9f15c
Size

543KB
MD5

d28ddbb87deacf0ac33b0c632a126900
SHA1

b2de98634c4d65821f2edc4ce783d687f347de12
SHA256

24407413f79c066722577f0190f42848e1a34ddf1a4981f58e5307d735f9f15c
SHA512

e28ccba3eeace9bdbee20db9442e3d0ee05191879ef04396c642dc653e871731495a07e7483eb5ec69e8ca8df6253852bca25c307a1d2c8b7a2bfddcadb1805a
SSDEEP

12288:9503gilZNddAikil7yjKQNCyYPDkd/6PgynS:95QguZNd2il7yrtYnnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24407413f79c066722577f0190f42848e1a34ddf1a4981f58e5307d735f9f15c

Files

24407413f79c066722577f0190f42848e1a34ddf1a4981f58e5307d735f9f15c
.exe windows x86

3ade00acf456915d974cce2f8fcb346f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

ddraw

DirectDrawCreateEx

dinput

DirectInputCreateEx

dsound

DirectSoundCreate

gdi32

SetTextColor
TextOutA
DeleteObject
CreateFontA
SetBkMode
SelectObject
GetStockObject
SetPixel
DeleteDC
StretchBlt
GetObjectA
CreateCompatibleDC

imm32

ImmSetOpenStatus
ImmGetCandidateListA
ImmSetCandidateWindow
ImmGetConversionStatus
ImmGetCompositionStringA
ImmSetConversionStatus
ImmGetContext
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionWindow

kernel32

CreateFileA
SearchPathA
IsDBCSLeadByte
TerminateProcess
OpenProcess
Process32Next
Module32Next
Module32First
Process32First
CreateToolhelp32Snapshot
lstrcmpA
GetModuleFileNameA
lstrlenA
EnterCriticalSection
lstrcpynA
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
GetFileSize
GlobalAlloc
GlobalFree
InitializeCriticalSection
MapViewOfFile
FindClose
FindNextFileA
CreateMutexA
ReleaseMutex
AllocConsole
SetThreadLocale
DeleteFileA
MoveFileA
GetLastError
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
VirtualProtect
OpenFileMappingA
CreateFileMappingA
MapViewOfFileEx
VirtualAlloc
UnmapViewOfFile
VirtualFree
GetModuleHandleA
LoadLibraryA
FindFirstFileA
GetProcAddress
Sleep
SetFileAttributesA
CreateProcessA
CloseHandle
CopyFileA
OutputDebugStringA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
RaiseException
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapCreate
HeapDestroy
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetFileAttributesA
HeapFree
HeapAlloc
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
GetCurrentProcess
HeapSize
ReadFile
WriteFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
GetEnvironmentVariableA

shell32

ShellExecuteA

user32

SetCursorPos
DefWindowProcA
GetKeyboardLayoutNameA
SetCursor
MessageBoxA
DestroyWindow
ShowWindow
LoadImageA
SetRect
GetWindowLongA
GetMenu
LoadStringA
MoveWindow
InvalidateRect
GetClientRect
ClientToScreen
LoadIconA
LoadCursorA
RegisterClassA
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
AdjustWindowRectEx
UpdateWindow
RegisterClassExA
CreateWindowExA
GetCursorPos
DispatchMessageA
TranslateMessage

winmm

timeGetTime
mixerClose
mixerGetLineInfoA
mixerOpen
mmioSeek
waveInClose
mixerGetID
waveInOpen
mixerGetLineControlsA
mixerGetNumDevs
mixerGetControlDetailsA
mixerSetControlDetails
mmioOpenA
mmioDescend
mmioRead
mmioAscend
mmioClose
mmioSetInfo
mmioAdvance
mmioGetInfo
mmioWrite
mmioCreateChunk

wsock32

select
send
__WSAFDIsSet
recv
WSACleanup
WSAStartup
socket
WSAAsyncSelect
htons
connect
closesocket
inet_addr
ioctlsocket

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 333KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 9.4MB

.as_0001
Size: 114KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 8KB

.as_0002
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ade00acf456915d974cce2f8fcb346f

Headers

File Characteristics

Imports

advapi32

ddraw

dinput

dsound

gdi32

imm32

kernel32

shell32

user32

winmm

wsock32

ole32

Sections

.text Size: 333KB - Virtual size: 336KB

.data Size: 24KB - Virtual size: 24KB

Size: 32KB - Virtual size: 948KB

.rsrc Size: 1KB - Virtual size: 4KB

.idata Size: 5KB - Virtual size: 8KB

.zero Size: - Virtual size: 9.4MB

.as_0001 Size: 114KB - Virtual size: 120KB

.zero Size: - Virtual size: 8KB

.as_0002 Size: 32KB - Virtual size: 32KB

.text
Size: 333KB - Virtual size: 336KB

.data
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 4KB

.idata
Size: 5KB - Virtual size: 8KB

.zero
Size: - Virtual size: 9.4MB

.as_0001
Size: 114KB - Virtual size: 120KB

.zero
Size: - Virtual size: 8KB

.as_0002
Size: 32KB - Virtual size: 32KB