Static task
static1
General
-
Target
dmc3se.exe
-
Size
4.2MB
-
MD5
c491f3842018c43a9e4bd563ef37b9b5
-
SHA1
f8d453c7e64d40ca1c254db7b77a64cbc218dd27
-
SHA256
49f80df5cce75d2a2b942f25c8ebe6ac6aceac87e7869c8e35073a96397cf8f4
-
SHA512
7933a2ebf4ecd5e8a19f532dd67000f456e0a07d4cf44b35588d288a949e96c8390b25a1158461dd8054b930b72c32160994a8302c6976fd4ae47411accc64ea
-
SSDEEP
49152:uZIwa+P8RvCf70BDMuHOyvgnHnI2ZhPjI7LMGaLIuPAb0:Xwa+PUizH1dIsGsIuPAb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dmc3se.exe
Files
-
dmc3se.exe.exe windows x86
7ea6244373412ce35b602b8c29e99665
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
WriteFile
InterlockedExchange
HeapFree
HeapAlloc
GetProcessHeap
OutputDebugStringA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
CreateFileA
lstrcmpiA
GetFullPathNameA
InterlockedCompareExchange
GetLastError
SetCurrentDirectoryA
CreateFileMappingA
MapViewOfFile
IsProcessorFeaturePresent
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
GetFileSize
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
MultiByteToWideChar
SystemTimeToTzSpecificLocalTime
CreateMutexA
GetSystemTime
GetTickCount
Sleep
GetModuleHandleA
GetModuleFileNameA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
HeapSize
GetCurrentProcess
CreateFileW
GetSystemInfo
TerminateProcess
HeapReAlloc
LCMapStringW
LCMapStringA
UnmapViewOfFile
GetPrivateProfileIntA
ExitProcess
GetVersion
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
IsBadReadPtr
GetStartupInfoA
GetCommandLineA
user32
CreateWindowExA
SetFocus
UpdateWindow
ShowWindow
RegisterClassExA
DefWindowProcA
SetWindowTextA
GetKeyboardState
KillTimer
SendMessageA
GetActiveWindow
InvalidateRect
IsWindow
GetWindowLongA
DrawTextA
PeekMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
GetSystemMetrics
GetMenu
BeginPaint
EndPaint
PostQuitMessage
DialogBoxParamA
SetWindowLongA
SetActiveWindow
SetMenu
EndDialog
SetDlgItemTextA
AdjustWindowRect
SetWindowPos
gdi32
GetObjectA
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
DeleteObject
GetStockObject
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
ole32
CoCreateInstance
CoInitialize
CoUninitialize
shlwapi
PathRenameExtensionA
PathAppendA
PathRemoveFileSpecA
winmm
timeGetTime
timeBeginPeriod
timeEndPeriod
dsound
ord11
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
dinput8
DirectInput8Create
d3d9
Direct3DCreate9
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 288KB - Virtual size: 284KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 696KB - Virtual size: 29.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sxdata Size: 4KB - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ