Switchball[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Switchball.exe
Size

6.9MB
MD5

0865701ed1547fdba0be70482a4570d8
SHA1

8cc6fd1edb03a0a796ff0a2f553ab7d40c6eb400
SHA256

dace99a61e36b8148cec678619400e5b0f00575f73096957d676acdd34c8fea3
SHA512

44fe94d110c822f83bdfdbb7ba9b0393f97d9e2d3bfef8c2fd11076d8891a2e910e93496407cbc3b4a38d3f31a0ce29aa01fcafe1454482f6db0e63c8cf73f84
SSDEEP

49152:ifWNCrBdTV3dwgKX/G2RmEsLU21+shPQiCh2botKIkxErCJS:+BV1dnwG2RML7kO1C0botKIkxErgS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Switchball.exe

Files

Switchball.exe
.exe windows:4 windows x86

7571731faba300b59122de2e709a03af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

dsound

ord11

msvcp71

?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z

msvcr71

_except_handler3

psapi

EnumProcessModules

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 502KB - Virtual size: 502KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 759KB - Virtual size: 759KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 447B - Virtual size: 447B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7571731faba300b59122de2e709a03af

Headers

File Characteristics

Imports

d3d9

dinput8

dsound

msvcp71

msvcr71

psapi

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 502KB - Virtual size: 502KB

.data Size: 344KB - Virtual size: 344KB

.rsrc Size: 369KB - Virtual size: 369KB

.text Size: 759KB - Virtual size: 759KB

.data Size: 238KB - Virtual size: 238KB

.bss Size: 62KB - Virtual size: 62KB

.idata Size: 18KB - Virtual size: 18KB

.rsrc Size: 373KB - Virtual size: 373KB

.text Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 371KB - Virtual size: 371KB

.text Size: 84KB - Virtual size: 84KB

.bss Size: 24KB - Virtual size: 24KB

.data Size: 36KB - Virtual size: 36KB

.idata Size: 447B - Virtual size: 447B

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 502KB - Virtual size: 502KB

.data
Size: 344KB - Virtual size: 344KB

.rsrc
Size: 369KB - Virtual size: 369KB

.text
Size: 759KB - Virtual size: 759KB

.data
Size: 238KB - Virtual size: 238KB

.bss
Size: 62KB - Virtual size: 62KB

.idata
Size: 18KB - Virtual size: 18KB

.rsrc
Size: 373KB - Virtual size: 373KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 371KB - Virtual size: 371KB

.text
Size: 84KB - Virtual size: 84KB

.bss
Size: 24KB - Virtual size: 24KB

.data
Size: 36KB - Virtual size: 36KB

.idata
Size: 447B - Virtual size: 447B