7df5673d8eddcb3cf728873cd6b28d10

Sharing

Copy URL Twitter E-mail

General

Target

7df5673d8eddcb3cf728873cd6b28d10
Size

659KB
MD5

7df5673d8eddcb3cf728873cd6b28d10
SHA1

7ee394459c45803ab48cc13837bfab57fedf69a3
SHA256

37cade15f8e3a9617134ddd2284a7096cb45122a77e2ea9f83adfc5163d89bd0
SHA512

a6c81442a32196f0c5da9350380ce1a57dfd629992692c0bdbbe07c1df528c5718d3af57cb6414f112ede6c99d6083252b4f9fac060b6225a2be640ad46b9ce2
SSDEEP

12288:vbyA8Qy/CPeo6veNM4bBu8fQe/dDc2xcublo6b:vWA8Qy/WC4MT8Hpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7df5673d8eddcb3cf728873cd6b28d10

Files

7df5673d8eddcb3cf728873cd6b28d10
.exe windows:4 windows x86 arch:x86

964f3fccabf47a8f79aa1ff8abc988dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ddraw

DirectDrawEnumerateA
DirectDrawCreate

dsound

DirectSoundCreate

gdi32

DeleteObject
GetObjectA
CreateCompatibleDC
GetDIBColorTable
DeleteDC
CreateFontA
BitBlt
GetStockObject
SetBkMode
SelectObject
SetTextColor
TextOutA

kernel32

GetCPInfo
HeapSize
GetStartupInfoA
WriteFile
RaiseException
GetModuleHandleA
HeapFree
DeleteFileA
HeapAlloc
RtlUnwind
FlushFileBuffers
GetDriveTypeA
Sleep
TerminateThread
GetTickCount
SetThreadPriority
CreateThread
SetEndOfFile
LoadLibraryA
GetOEMCP
MultiByteToWideChar
CreateFileA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
GetFileType
GetStdHandle
SetHandleCount
LCMapStringW
LCMapStringA
WideCharToMultiByte
SetUnhandledExceptionFilter
GetCommandLineA
GetLastError
ReadFile
IsBadWritePtr
HeapReAlloc
GetACP
GetVersion
VirtualAlloc
GetVolumeInformationA
VirtualFree
HeapCreate
GetStringTypeW
ExitProcess
HeapDestroy
SetFilePointer
GetCurrentProcess
TerminateProcess
CloseHandle
GetStringTypeA
GetStringTypeA

user32

PostQuitMessage
ShowCursor
DefWindowProcA
ShowWindow
DestroyWindow
BeginPaint
DispatchMessageA
GetMessageA
MessageBoxA
EndPaint
PeekMessageA
UpdateWindow
RegisterClassA
CreateWindowExA
GetSystemMetrics
SetCursorPos
GetCursorPos
LoadIconA
LoadImageA
PostMessageA
LoadCursorA

winmm

mixerGetDevCapsA
mixerOpen
joyGetDevCapsA
joyReleaseCapture
joyGetPosEx
joySetCapture
waveOutGetDevCapsA
waveOutGetNumDevs
timeGetTime
auxGetNumDevs
mixerGetNumDevs
mixerGetLineControlsA
mciSendCommandA
auxGetDevCapsA
mixerGetLineInfoA
mixerSetControlDetails
mixerClose

wsock32

getsockname
WSAStartup
ntohs
socket
htons
ioctlsocket
sendto
closesocket
WSAGetLastError
gethostbyname
inet_addr
recvfrom
gethostname
bind
WSACleanup

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

tomcraft
Size: 648KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tomcraft
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tomcraft
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

964f3fccabf47a8f79aa1ff8abc988dd

Headers

File Characteristics

Imports

ddraw

dsound

gdi32

kernel32

user32

winmm

wsock32

ole32

Sections

tomcraft Size: 648KB - Virtual size: 1.4MB

tomcraft Size: 4KB - Virtual size: 4KB

tomcraft Size: 3KB - Virtual size: 8KB

tomcraft
Size: 648KB - Virtual size: 1.4MB

tomcraft
Size: 4KB - Virtual size: 4KB

tomcraft
Size: 3KB - Virtual size: 8KB