stormworks64 - Kopya[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

stormworks64 - Kopya.exe
Size

12.7MB
MD5

a76487a0953d87864b41b02a86aede7c
SHA1

398c4ca52ed4644b98f4a7d8691df79f1f148309
SHA256

cb6ffefe9da18ba2660eab8f570f732bab518803acb90b34bbd80a16be7753d6
SHA512

c4e43b958690301df26110f8f0f147addbc4821e29cef2b29e22ca6da9caddc14fc1f76c2344570dac9fcccea8ba89e83732bc398e2a9e8d2f356202ce880360
SSDEEP

98304:2vThvg+zzyFoos5dNWjxi420sCrU4g1jekCgkrqbiN9GTN6Ec30o8QE4MgU5Sa8E:OY+CFoRhWjxi42lxZ1jDDkrqwyj/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
stormworks64 - Kopya.exe

Files

stormworks64 - Kopya.exe
.exe windows:6 windows x64

a1518d9fb2c47506f876afd704e49d34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

iphlpapi

GetAdaptersInfo

kernel32

QueryPerformanceCounter
GlobalAlloc
GlobalLock
SetThreadExecutionState
GlobalUnlock
GetModuleFileNameA
LoadLibraryExA
FormatMessageA
OutputDebugStringA
GetTickCount64
CreateDirectoryW
FindFirstFileW
GetPhysicallyInstalledSystemMemory
FindNextFileW
GetCurrentProcess
RemoveDirectoryW
SetThreadPriority
GetTempPathW
FindClose
GetVolumeInformationA
GetCurrentThreadId
SetCurrentDirectoryA
Sleep
K32GetModuleFileNameExA
CreateFileA
GetCurrentThread
GetVersionExA
DeleteFileW
CloseHandle
GetNativeSystemInfo
FreeConsole
SetCurrentDirectoryW
LocalFree
GetCurrentProcessId
WinExec
K32EnumProcessModules
CreateDirectoryA
AllocConsole
GetComputerNameA
SetUnhandledExceptionFilter
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
TlsFree
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
SetEndOfFile
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
SetStdHandle
HeapQueryInformation
HeapSize
GetTimeZoneInformation
CreatePipe
GetExitCodeProcess
WaitForSingleObject
SetFilePointerEx
GetFileSizeEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapReAlloc
HeapFree
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameW
GetFileType
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
ReadFile
CreateProcessW
DuplicateHandle
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RaiseException
TlsGetValue
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
WideCharToMultiByte
GetModuleHandleW
VerSetConditionMask
FormatMessageW
MultiByteToWideChar
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
QueryPerformanceFrequency
ChangeTimerQueueTimer
RtlPcToFileHeader
RtlUnwindEx
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
DecodePointer
EncodePointer
GetTickCount
GetExitCodeThread
SwitchToThread
MoveFileExW
SetLastError
AreFileApisANSI
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindFirstFileExW
CreateFileW
GetCurrentDirectoryW
TryEnterCriticalSection
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlUnwind
RtlLookupFunctionEntry
RtlCaptureContext

user32

RegisterDeviceNotificationW
ShowWindow
MapVirtualKeyW
GetRawInputDeviceList
GetRawInputDeviceInfoA
ReleaseDC
EnumDisplaySettingsW
EnumDisplayDevicesW
EnumDisplaySettingsExW
GetMonitorInfoW
EnumDisplayMonitors
PeekMessageW
GetCursorPos
SetCursorPos
LoadImageW
SetForegroundWindow
CreateWindowExW
ReleaseCapture
PtInRect
SetRect
GetClientRect
SetWindowLongW
SetCursor
DispatchMessageW
TranslateMessage
ToUnicode
SystemParametersInfoW
UnregisterDeviceNotification
GetDC
ChangeDisplaySettingsExW
WindowFromPoint
SetClipboardData
MessageBoxW
MessageBoxA
GetWindowLongW
DefWindowProcW
AdjustWindowRectEx
GetKeyState
SetWindowPos
GetPropW
MonitorFromWindow
ScreenToClient
RemovePropW
UnregisterClassW
RegisterClassExW
SetCapture
GetWindowPlacement
GetActiveWindow
OpenClipboard
DestroyIcon
ClientToScreen
CloseClipboard
EmptyClipboard
SetWindowPlacement
GetRawInputData
TrackMouseEvent
GetMessageTime
SetFocus
BringWindowToTop
SetPropW
RegisterRawInputDevices
GetClipboardData
LoadCursorW
ClipCursor
DestroyWindow

gdi32

SwapBuffers
CreateRectRgn
DeleteObject
SetDeviceGammaRamp
CreateDCW
GetDeviceCaps
DeleteDC
DescribePixelFormat
ChoosePixelFormat
SetPixelFormat

comdlg32

GetOpenFileNameA

advapi32

RegGetValueA

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
SHGetFolderPathW
ShellExecuteA
SHFileOperationW
DragQueryPoint

ws2_32

WSAGetLastError
setsockopt
getnameinfo
ioctlsocket
freeaddrinfo
htons
getsockopt
connect
ntohs
socket
send
inet_addr
getpeername
WSAStartup
getaddrinfo
WSASocketW
shutdown
select
gethostbyname
closesocket
__WSAFDIsSet
WSACleanup
recv

openal64

alcMakeContextCurrent
alGenSources
alGetError
alSource3f
alDeleteBuffers
alListenerfv
alBufferData
alFilteri
alGenEffects
alDeleteSources
alGenAuxiliaryEffectSlots
alSource3i
alEffecti
alSourcef
alSourcei
alListener3f
alcCloseDevice
alSourceQueueBuffers
alGenBuffers
alEffectf
alcGetIntegerv
alcCreateContext
alGenFilters
alSourceStop
alAuxiliaryEffectSloti
alGetSourcei
alFilterf
alSourcePlay
alcOpenDevice
alDistanceModel
alSourceUnqueueBuffers
alcDestroyContext

steam_api64

SteamAPI_Shutdown
SteamAPI_GetHSteamUser
SteamAPI_RegisterCallResult
SteamInternal_CreateInterface
SteamAPI_RegisterCallback
SteamAPI_Init
SteamAPI_UnregisterCallResult
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
SteamAPI_UnregisterCallback
SteamAPI_RunCallbacks

opengl32

glClearStencil
glGetIntegerv
glGetError
glDrawBuffer
glGetString
glTexSubImage2D
glDepthFunc
glPixelStorei
glGetFloatv
glDisable
glColor4f
glDrawElements
glGetTexImage
glVertex3d
glTexImage2D
glTexParameterf
glBindTexture
wglGetProcAddress
wglGetCurrentDC
glDrawArrays
glClearColor
glBegin
glReadBuffer
glDeleteTextures
glTexParameteri
glColorMask
glBlendFunc
glStencilFunc
glLineWidth
glMatrixMode
glViewport
glClear
glPolygonOffset
glStencilMask
glPolygonMode
glEnd
glGenTextures
glEnable
glCullFace
glDepthMask
glLoadMatrixf
glScissor

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 9.3MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 174KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1518d9fb2c47506f876afd704e49d34

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ws2_32

openal64

steam_api64

opengl32

Exports

Exports

Sections

.text Size: 9.3MB - Virtual size: 9.3MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 174KB - Virtual size: 343KB

.pdata Size: 284KB - Virtual size: 283KB

_RDATA Size: 68KB - Virtual size: 68KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 86KB - Virtual size: 85KB

.text
Size: 9.3MB - Virtual size: 9.3MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 174KB - Virtual size: 343KB

.pdata
Size: 284KB - Virtual size: 283KB

_RDATA
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 86KB - Virtual size: 85KB