ParsecSoda[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ParsecSoda.exe
Size

1.4MB
MD5

a7a696525663466dfcacf0e45f6ab5dc
SHA1

b7c41530afb3603eb68fb3672e918957dd9de70d
SHA256

d9bdbe9a1715a1cccdd5048222506d46b29925a4e7fb0af1f38744e544202680
SHA512

122aad9bfaa10c4ac023e9cb0bb4d3f5598024fca65b81cbf8ad97bab6a0c0df2895471af64a3e2616a7cd68a749caa238ed58347294ef505227797cf9ebe1e1
SSDEEP

24576:43MbxoRA/mF83cJURjpG98XrW+yyTmzRdM8O0saVdVlnj2HL1Zay35ndg3:430oi/mF83ceRjpQ8X69ySM8eaVLljiL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ParsecSoda.exe

Files

ParsecSoda.exe
.exe windows:6 windows x64

10304c4888e3326cbf29634789526c62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

winhttp

WinHttpSetTimeouts
WinHttpSendRequest
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpOpen
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpReceiveResponse

kernel32

DeviceIoControl
CancelIoEx
GetOverlappedResult
TryAcquireSRWLockExclusive
DecodePointer
InitializeCriticalSectionEx
Sleep
RaiseException
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
SetLastError
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
CloseHandle
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCurrentThreadId
HeapFree
HeapAlloc
GetStdHandle
GetStartupInfoW
ExitProcess
GetModuleHandleW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleMode
ReadConsoleW
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetFileSizeEx
GetCurrentDirectoryW
GetFullPathNameW
SetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetProcessHeap
GetModuleFileNameW
SetEndOfFile
WriteConsoleW
OutputDebugStringW
HeapSize
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FindClose
FindNextFileW
WaitForSingleObject
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
SetWaitableTimer
CreateWaitableTimerW
RtlUnwindEx
RtlUnwind
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlPcToFileHeader
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetCurrentProcessId
InitializeSListHead
LCMapStringEx
GetCommandLineW
GetCommandLineA
FindFirstFileExW

winmm

PlaySoundW

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

shell32

SHGetFolderPathW
ord165
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
PropVariantClear
CoInitializeEx
CoTaskMemFree

user32

GetWindowRect
SetCapture
SetCursor
GetClientRect
ReleaseCapture
ScreenToClient
DestroyWindow
GetCursorPos
GetClipboardData
OpenClipboard
CloseClipboard
EmptyClipboard
SetClipboardData
CreateWindowExW
UnregisterClassW
SetWindowTextW
RegisterClassExW
ShowWindow
GetCapture
DispatchMessageW
ClientToScreen
IsChild
DefWindowProcW
PeekMessageW
TranslateMessage
LoadIconW
FlashWindowEx
PostQuitMessage
UpdateWindow
GetKeyState
GetForegroundWindow
SetCursorPos
LoadCursorW

dxgi

CreateDXGIFactory1

bcrypt

BCryptDestroyKey
BCryptOpenAlgorithmProvider
BCryptSetProperty
BCryptEncrypt
BCryptDecrypt
BCryptGenerateSymmetricKey
BCryptCloseAlgorithmProvider

xinput9_1_0

XInputGetState

shlwapi

PathFileExistsW

d3d11

D3D11CreateDevice
D3D11CreateDeviceAndSwapChain

sdl2

SDL_Init
SDL_JoystickGetAttached
SDL_JoystickOpen
SDL_JoystickUpdate
SDL_JoystickClose
SDL_JoystickGetHat
SDL_JoystickGetButton
SDL_JoystickGetAxis
SDL_NumJoysticks

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

d3dcompiler_47

D3DCompile

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10304c4888e3326cbf29634789526c62

Headers

DLL Characteristics

File Characteristics

Imports

winhttp

kernel32

winmm

imm32

shell32

ole32

user32

dxgi

bcrypt

xinput9_1_0

shlwapi

d3d11

sdl2

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

d3dcompiler_47

setupapi

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 242KB - Virtual size: 242KB

.data Size: 36KB - Virtual size: 83KB

.pdata Size: 39KB - Virtual size: 39KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 242KB - Virtual size: 242KB

.data
Size: 36KB - Virtual size: 83KB

.pdata
Size: 39KB - Virtual size: 39KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 5KB - Virtual size: 5KB