stormworks[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

stormworks.exe
Size

11.1MB
MD5

8a4c24f37650a9897aec1801050a24d5
SHA1

b01e989cbaab3a4ce0e8512bd2d006052cba7522
SHA256

9619a74b568bafb1499fb4b125f3829a79ddc5750f7c8b9c754e0c845fcdd119
SHA512

e92b45d0c70a3fb19f85ab6d6a54be78d18e6782c711e8f2745ffed799e24249db3fcae46cb293a3bd68619786f60b3c185a392052ff5978e6a796cede68d85e
SSDEEP

196608:lsq037u/KINBiXSnQF0UYowG7xJaRheTawwoGfSADr+jlIMTu:lsq+7S7B6FF0UeIHaJLDrIlD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
stormworks.exe

Files

stormworks.exe
.exe windows:6 windows x86

70f306af04731da0d357e81574b644bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

QueryPerformanceCounter
GlobalAlloc
GlobalLock
SetThreadExecutionState
GlobalUnlock
GetModuleFileNameA
LoadLibraryExA
FormatMessageA
OutputDebugStringA
GetTickCount64
CreateDirectoryW
FindFirstFileW
GetPhysicallyInstalledSystemMemory
FindNextFileW
GetCurrentProcess
RemoveDirectoryW
SetThreadPriority
GetTempPathW
FindClose
GetVolumeInformationA
GetCurrentThreadId
SetCurrentDirectoryA
Sleep
K32GetModuleFileNameExA
CreateFileA
GetCurrentThread
GetVersionExA
DeleteFileW
CloseHandle
GetNativeSystemInfo
FreeConsole
SetCurrentDirectoryW
LocalFree
GetCurrentProcessId
WinExec
K32EnumProcessModules
CreateDirectoryA
AllocConsole
IsWow64Process
GetComputerNameA
SetUnhandledExceptionFilter
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
TlsFree
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEndOfFile
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
HeapQueryInformation
HeapSize
GetTimeZoneInformation
CreatePipe
GetExitCodeProcess
WaitForSingleObject
SetFilePointerEx
GetFileSizeEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
HeapFree
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameW
GetFileType
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
ReadFile
CreateProcessW
DuplicateHandle
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
RtlUnwind
TlsGetValue
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
WideCharToMultiByte
GetModuleHandleW
VerSetConditionMask
FormatMessageW
MultiByteToWideChar
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
QueryPerformanceFrequency
ChangeTimerQueueTimer
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
DecodePointer
EncodePointer
GetTickCount
GetExitCodeThread
SwitchToThread
MoveFileExW
SetLastError
AreFileApisANSI
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
CreateFileW
GetCurrentDirectoryW
TryEnterCriticalSection
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter

user32

CreateWindowExW
ShowWindow
RegisterDeviceNotificationW
DispatchMessageW
PeekMessageW
TranslateMessage
ToUnicode
SystemParametersInfoW
UnregisterDeviceNotification
GetDC
SetWindowLongW
GetClientRect
SetRect
PtInRect
ReleaseCapture
SetForegroundWindow
LoadImageW
SetCursorPos
GetCursorPos
ChangeDisplaySettingsExW
EnumDisplayMonitors
GetMonitorInfoW
SetCursor
SetClipboardData
SetCapture
ClipCursor
LoadCursorW
GetClipboardData
RegisterRawInputDevices
SetPropW
BringWindowToTop
SetFocus
GetMessageTime
TrackMouseEvent
GetRawInputData
SetWindowPlacement
EmptyClipboard
CloseClipboard
ClientToScreen
DestroyIcon
OpenClipboard
GetActiveWindow
GetWindowPlacement
WindowFromPoint
RegisterClassExW
UnregisterClassW
RemovePropW
DestroyWindow
EnumDisplaySettingsExW
EnumDisplayDevicesW
EnumDisplaySettingsW
ReleaseDC
GetRawInputDeviceInfoA
GetRawInputDeviceList
MapVirtualKeyW
MessageBoxW
MessageBoxA
GetWindowLongW
DefWindowProcW
AdjustWindowRectEx
GetKeyState
SetWindowPos
GetPropW
MonitorFromWindow
ScreenToClient

gdi32

SwapBuffers
CreateRectRgn
DeleteObject
SetDeviceGammaRamp
CreateDCW
GetDeviceCaps
DeleteDC
DescribePixelFormat
ChoosePixelFormat
SetPixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegGetValueA

shell32

SHFileOperationW
ShellExecuteA
SHGetFolderPathW
DragFinish
DragAcceptFiles
DragQueryPoint
DragQueryFileW

ws2_32

setsockopt
getnameinfo
ioctlsocket
freeaddrinfo
htons
getsockopt
connect
ntohs
socket
send
WSAGetLastError
getpeername
WSAStartup
getaddrinfo
WSASocketW
shutdown
select
gethostbyname
closesocket
__WSAFDIsSet
WSACleanup
inet_addr
recv

openal32

alDeleteSources
alGenEffects
alFilteri
alBufferData
alListenerfv
alDeleteBuffers
alSource3f
alGetError
alGenSources
alSource3i
alEffecti
alSourcef
alSourcei
alListener3f
alcCloseDevice
alSourceQueueBuffers
alGenBuffers
alEffectf
alcGetIntegerv
alcCreateContext
alGenFilters
alSourceStop
alAuxiliaryEffectSloti
alGetSourcei
alFilterf
alSourcePlay
alcOpenDevice
alDistanceModel
alGenAuxiliaryEffectSlots
alSourceUnqueueBuffers
alcDestroyContext
alcMakeContextCurrent

steam_api

SteamInternal_FindOrCreateUserInterface
SteamAPI_UnregisterCallResult
SteamAPI_Init
SteamAPI_RegisterCallback
SteamAPI_RunCallbacks
SteamAPI_RegisterCallResult
SteamAPI_GetHSteamUser
SteamAPI_Shutdown
SteamInternal_ContextInit
SteamAPI_UnregisterCallback
SteamInternal_CreateInterface

opengl32

glMatrixMode
glScissor
glEnd
glLoadMatrixf
glDepthMask
glCullFace
glEnable
glClearStencil
glGetIntegerv
glGetError
glDrawBuffer
glGetString
glTexSubImage2D
glDepthFunc
glPixelStorei
glGetFloatv
glDisable
glColor4f
glDrawElements
glGetTexImage
glVertex3d
wglGetProcAddress
wglGetCurrentDC
glDrawArrays
glTexImage2D
glTexParameterf
glGenTextures
glClearColor
glBegin
glReadBuffer
glDeleteTextures
glTexParameteri
glColorMask
glBlendFunc
glStencilFunc
glViewport
glClear
glPolygonOffset
glStencilMask
glPolygonMode
glBindTexture
glLineWidth

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 429KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70f306af04731da0d357e81574b644bd

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ws2_32

openal32

steam_api

opengl32

Exports

Exports

Sections

.text Size: 8.9MB - Virtual size: 8.9MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 138KB - Virtual size: 263KB

_RDATA Size: 68KB - Virtual size: 67KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 429KB - Virtual size: 428KB

.text
Size: 8.9MB - Virtual size: 8.9MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 138KB - Virtual size: 263KB

_RDATA
Size: 68KB - Virtual size: 67KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 429KB - Virtual size: 428KB