CoD2MP_s[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

CoD2MP_s.exe
Size

1.9MB
MD5

b4fff25464e97e192e515c2f639413a9
SHA1

a384ea049449bcf5c66060bbed435e41a45813b0
SHA256

4fa3b7f2b24261e84d35ed0c79506cfae03b0303fcc7900032a8fb6f156b1a3c
SHA512

cc86bd634389819ab1bdf70f1ca237e01d3c842b8e9fca0146ac85866a34ed6e4b808a2567e7acfbe8053a834b890fbb756ed407c9a94f9ea74fe5b3510a9311
SSDEEP

49152:b0WumfwiTjH0Ax8JEWTiRA0LqTahL2y/3kEBlDQC38zivs/:wWumTTfxbWTiy0Lf5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CoD2MP_s.exe

Files

CoD2MP_s.exe
.exe windows:4 windows x86 arch:x86

d2433e7c282cafb4c143513d200d3596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mixerSetControlDetails
mixerGetControlDetailsA
mixerGetNumDevs
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
waveInGetNumDevs
mixerOpen
timeGetTime
timeBeginPeriod
timeEndPeriod

wsock32

WSAGetLastError
htons
setsockopt
sendto
WSACleanup
recv
bind
socket
closesocket
gethostbyname
ioctlsocket
ntohl
recvfrom
WSAStartup
connect
gethostname
inet_ntoa
accept
getpeername
gethostbyaddr
getsockopt
send
WSAAsyncSelect
getsockname
listen

mss32

_AIL_set_sample_adpcm_block_size@8
_AIL_enumerate_3D_providers@12
_AIL_end_sample@4
_AIL_set_3D_position@16
_AIL_allocate_3D_sample_handle@4
_AIL_set_3D_sample_offset@8
_AIL_open_stream@12
_AIL_set_3D_sample_playback_rate@8
_AIL_end_3D_sample@4
_AIL_set_3D_sample_volume@8
_AIL_stop_3D_sample@4
_AIL_set_stream_ms_position@8
_AIL_open_3D_provider@4
_AIL_resume_3D_sample@4
_AIL_3D_position@16
_AIL_stream_status@4
_AIL_sample_playback_rate@4
_AIL_load_sample_buffer@16
_AIL_set_sample_volume_levels@12
_AIL_sample_volume_pan@12
_AIL_minimum_sample_buffer_size@12
_AIL_sample_ms_position@12
_AIL_release_sample_handle@4
_AIL_set_DirectSound_HWND@8
_AIL_3D_sample_length@4
_AIL_set_redist_directory@4
_AIL_sample_buffer_ready@4
_AIL_3D_sample_playback_rate@4
_AIL_close_3D_provider@4
_AIL_stream_playback_rate@4
_AIL_set_stream_volume_levels@12
_AIL_set_3D_rolloff_factor@8
_AIL_set_file_callbacks@16
_AIL_stream_volume_pan@12
_AIL_set_sample_type@12
_AIL_last_error@0
_AIL_set_3D_distance_factor@8
_AIL_3D_sample_volume@4
_AIL_pause_stream@8
_AIL_set_sample_address@12
_AIL_set_3D_sample_info@8
_AIL_process_digital_audio@24
_AIL_WAV_info@8
_AIL_stream_volume_levels@12
_AIL_set_preference@8
_AIL_set_stream_loop_count@8
_AIL_set_sample_playback_rate@8
_AIL_set_sample_loop_count@8
_AIL_set_3D_room_type@8
_AIL_stream_ms_position@12
_AIL_stop_sample@4
_AIL_init_sample@4
_AIL_stream_info@20
_AIL_sample_volume_levels@12
_AIL_allocate_sample_handle@4
_AIL_3D_sample_status@4
_AIL_resume_sample@4
_AIL_set_sample_reverb_levels@12
_AIL_3D_sample_offset@4
_AIL_shutdown@0
_AIL_close_stream@4
_AIL_set_3D_sample_loop_count@8
_AIL_set_stream_playback_rate@8
_AIL_3D_provider_attribute@12
_AIL_sample_status@4
_AIL_set_digital_master_reverb_levels@12
_AIL_size_processed_digital_audio@16
_AIL_set_stream_reverb_levels@12
_AIL_set_3D_sample_distances@12
_AIL_open_digital_driver@16
_AIL_startup@0
_AIL_digital_CPU_percent@4
_AIL_set_3D_sample_effects_level@8
_AIL_set_digital_master_room_type@8
_AIL_sample_position@4
_AIL_set_sample_ms_position@8

d3d9

Direct3DCreate9

dsound

ord11
ord6

kernel32

IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
RtlUnwind
GetTimeZoneInformation
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
IsBadWritePtr
HeapCreate
HeapDestroy
SetFilePointer
FatalAppExitA
DeleteCriticalSection
SetConsoleCtrlHandler
LCMapStringW
MultiByteToWideChar
IsValidCodePage
LCMapStringA
TlsFree
SetLastError
GetDateFormatA
GetTimeFormatA
GetCommandLineA
GetStartupInfoA
HeapReAlloc
TerminateProcess
CompareStringW
GetFullPathNameA
RemoveDirectoryA
CreateDirectoryA
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
MoveFileA
GetTickCount
DebugBreak
SetEnvironmentVariableA
SetStdHandle
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableW
SetCurrentDirectoryA
SetUnhandledExceptionFilter
GetACP
GetOEMCP
RaiseException
WideCharToMultiByte
CompareStringA
SetPriorityClass
MulDiv
DeleteFileA
GetCurrentProcessId
CloseHandle
GetVersionExA
Module32Next
CreateToolhelp32Snapshot
GetCurrentDirectoryA
GetModuleFileNameA
IsBadCodePtr
GetLastError
Module32First
GlobalUnlock
ReadFile
CreateProcessA
GlobalAlloc
OpenProcess
GetDriveTypeA
WriteFile
FormatMessageA
SetThreadExecutionState
GlobalLock
GlobalSize
FreeLibrary
SetErrorMode
IsBadReadPtr
ExitProcess
LoadLibraryA
GetCurrentThreadId
Sleep
GetFileAttributesA
SetFileAttributesA
VirtualFree
VirtualAlloc
GetCurrentProcess
GetProcessAffinityMask
TlsGetValue
WaitForSingleObject
SetEvent
GetCurrentThread
TlsSetValue
CreateEventA
InterlockedExchange
ResetEvent
WaitForMultipleObjects
DuplicateHandle
TlsAlloc
SuspendThread
ResumeThread
CreateThread
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GlobalMemoryStatus
QueryPerformanceCounter
GetProcAddress
GetModuleHandleA
QueryPerformanceFrequency
CreateFileA

user32

SendMessageA
CreateWindowExA
DefWindowProcA
SetWindowPos
KillTimer
SetTimer
UnregisterClassA
GetSystemMetrics
LoadImageA
UpdateWindow
AdjustWindowRect
RegisterClassA
GetMessageA
CloseClipboard
OpenClipboard
RegisterWindowMessageA
GetMonitorInfoA
MapVirtualKeyA
MonitorFromWindow
MoveWindow
PostQuitMessage
SetWindowTextA
CloseWindow
CallWindowProcA
EnumThreadWindows
ChangeDisplaySettingsA
GetDesktopWindow
ReleaseDC
GetWindowLongA
SetWindowLongA
GetWindowTextA
GetDC
MessageBoxA
ReleaseCapture
PostMessageA
GetCursorPos
SetCursorPos
GetForegroundWindow
ShowCursor
SetFocus
SetForegroundWindow
SetCapture
GetWindowRect
LoadCursorA
SetClipboardData
RegisterClassExA
DispatchMessageA
ShowWindow
EmptyClipboard
PeekMessageA
GetClipboardData
TranslateMessage
LoadIconA
DestroyWindow

gdi32

SetDeviceGammaRamp
GetDeviceCaps
CreateFontA
CreateSolidBrush

advapi32

RegCreateKeyA
GetUserNameA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 19.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2433e7c282cafb4c143513d200d3596

Headers

File Characteristics

Imports

winmm

wsock32

mss32

d3d9

dsound

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 224KB - Virtual size: 222KB

.data Size: 76KB - Virtual size: 19.9MB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 224KB - Virtual size: 222KB

.data
Size: 76KB - Virtual size: 19.9MB

.rsrc
Size: 16KB - Virtual size: 14KB