1b62e41af9a49d1609c292550a82d0e9

Sharing

Copy URL

Twitter E-mail

General

Target

1b62e41af9a49d1609c292550a82d0e9
Size

178KB
MD5

1b62e41af9a49d1609c292550a82d0e9
SHA1

f0270ff6b2b3494db756a539fff235f10a335a62
SHA256

e897cf21bc9f69f92963c3d26b8c04e85d3b25a8c8df1829fe6635a4684bff57
SHA512

a33d162361c692541a5585427a196b36b7f7b82c770cba53101e1d5faa6e5df5ac44a26b3e6db04c6be5eeef7952029346a6418af328b353b17b3c10bed532f2
SSDEEP

3072:8OMktVqWXa6NsYp7SwVj6SltWd7kKHkR7loBgKqMz0hdXOIdKE88SsWvHi3bTtsZ:BMktVqWXNtp7Zj6SlFHR7loBg4OOWk8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b62e41af9a49d1609c292550a82d0e9

Files

1b62e41af9a49d1609c292550a82d0e9
.exe windows:4 windows x86 arch:x86

cfe58cf0a3daff6fa916f269af2c7ba9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

engine

?wtiGetWrappedText@SeriousEngine@@YA?AVCString@1@ABV21@ABVCFontInstance@1@VVector2f@1@@Z
??0CCurrentDrawPort@SeriousEngine@@QAE@PAVCDrawPort@1@H@Z
?gfuSetCurrentFont@SeriousEngine@@YAXPAVCFontInstance@1@@Z
?gfuBlendType@SeriousEngine@@YAXW4GfuBlendType@1@@Z
??0CTextAlignment@SeriousEngine@@QAE@W4ETextAlignHorizontal@1@W4ETextAlignVertical@1@@Z
?gfuPutColorTextAligned@SeriousEngine@@YAXPBDABVVector2f@1@1KABVCTextAlignment@1@@Z
??1CTextAlignment@SeriousEngine@@QAE@XZ
?gfxPopCurrentDrawPort@SeriousEngine@@YAXXZ
??1CCurrentDrawPort@SeriousEngine@@QAE@XZ
?_gfxClear@SeriousEngine@@3P6AXW4GfxTarget@1@KME@ZA
?gfxResizeWindowCanvas@SeriousEngine@@YAHPAVCWindowCanvas@1@@Z
?_gfx_mCurrentView@SeriousEngine@@3VMatrix34f@1@A
?_gfx_vCurrentViewPos@SeriousEngine@@3VVector3f@1@A
?_gfx_mCurrentModel@SeriousEngine@@3VMatrix34f@1@A
?_gfx_vCurrentModelPos@SeriousEngine@@3VVector3f@1@A
?_gfxProjectionMatrix@SeriousEngine@@3P6AXABVMatrix44f@1@@ZA
?_gfx_ulCachedMatrices@SeriousEngine@@3KA
?_gfxDisableDepthBuffer@SeriousEngine@@3P6AXXZA
?_gfxEnableAlphaTest@SeriousEngine@@3P6AXXZA
?engRunWinMain@SeriousEngine@@YAJP6AXXZPBDJ1@Z
?vmProcessConfigFile@SeriousEngine@@YAXPBD@Z
?vmLoadCvars@SeriousEngine@@YAXPBD@Z
?vmProcessCmdArgs@SeriousEngine@@YAXXZ
?tga_bReportLoadingToTexture@SeriousEngine@@3HA
?sfxStartup_t@SeriousEngine@@YAXW4SfxAPI@1@J@Z
?comInitWinsock@SeriousEngine@@YAXXZ
?onlInitialize@SeriousEngine@@YAXXZ
??0CFontInstance@SeriousEngine@@QAE@XZ
?SetFont@CFontInstance@SeriousEngine@@QAEXV?$Ptr@VCFont@SeriousEngine@@@2@@Z
?SetSize@CFontInstance@SeriousEngine@@QAEXW4FntScaleType@2@M@Z
?sfxShutdown@SeriousEngine@@YAXXZ
?comEndWinsock@SeriousEngine@@YAXXZ
?vmSaveCvars@SeriousEngine@@YAXXZ
?wldGetProject@SeriousEngine@@YAPAVCProject@1@XZ
?priSetCurrent@SeriousEngine@@YAXPAVCProjectInstance@1@@Z
?bmkChangeTimer@SeriousEngine@@YAXW4BmkTimer@1@@Z
?gfxGetCanvasDrawPort@SeriousEngine@@YA?AVCDrawPort@1@PAVCCanvas@1@@Z
??1CDrawPort@SeriousEngine@@QAE@XZ
?bmkShowProgress@SeriousEngine@@YAXPAVCDrawPort@1@@Z
?gfxSwapBuffers@SeriousEngine@@YAXPAVCWindowCanvas@1@H@Z
?gfuPerformScreenShotTaking@SeriousEngine@@YAXPAVCDrawPort@1@@Z
?bmkTick@SeriousEngine@@YAXXZ
?vmExecuteBatchedCommands@SeriousEngine@@YAXXZ
?md_pdtDataType@CFont@SeriousEngine@@2PAVCDataType@2@A
??5CProjectInstance@SeriousEngine@@QAEXAAVCSafeDataType@1@@Z
??1CFontInstance@SeriousEngine@@QAE@XZ
?md_pdtDataType@CFontInstance@SeriousEngine@@2PAVCDataType@2@A
?mdGetDataType@CFontInstance@SeriousEngine@@QAEPAVCDataType@2@XZ
?gfxDeleteCanvas@SeriousEngine@@YAXPAVCCanvas@1@@Z
?gfxStopDisplayMode@SeriousEngine@@YAXXZ
?gfx_pixWinPosX@SeriousEngine@@3JA
?gfx_pixWinHeight@SeriousEngine@@3JA
?gfx_pixWinPosY@SeriousEngine@@3JA
?gfx_bMaximized@SeriousEngine@@3HA
?gfx_pixWinWidth@SeriousEngine@@3JA
?gfx_pixResWidth@SeriousEngine@@3JA
?gfx_pixResHeight@SeriousEngine@@3JA
?gfx_iAPI@SeriousEngine@@3JA
?sfx_iAPI@SeriousEngine@@3JA
?gfx_iRefreshRate@SeriousEngine@@3JA
?gfxStartDisplayMode_t@SeriousEngine@@YAXW4GfxAPI@1@JJJJJ@Z
?gfxCreateWindowCanvas@SeriousEngine@@YAPAVCWindowCanvas@1@PBVCWindow@1@W4GfxColorFormat@1@@Z
?inpGetBlockTable@SeriousEngine@@YAPAVCControlBlockTable@1@XZ
?inpGetDeviceByName@SeriousEngine@@YAJPBD@Z
?inpGetControlByName@SeriousEngine@@YAKJPBD@Z
?BlockControl@CControlBlockTable@SeriousEngine@@QAEXK@Z
?gfx_bFullScreen@SeriousEngine@@3HA

core

?AddRef@CSmartObject@SeriousEngine@@QAEXPBX@Z
??1CSyncMutex@SeriousEngine@@QAE@XZ
??0CSyncMutex@SeriousEngine@@QAE@XZ
?SetErrorReadingCallback@SeriousEngine@@YAXP6AXABVCString@1@@Z@Z
?thrIsThisMainThread@SeriousEngine@@YAHXZ
?pfuRegisterPerFrameCallback@SeriousEngine@@YAXP6AXPAX@Z0@Z
??0CSyncLock@SeriousEngine@@QAE@PAVCSyncMutex@1@H@Z
?mthOrtho@SeriousEngine@@YA?AVMatrix44f@1@MMMMMM@Z
?timSleep@SeriousEngine@@YAXM@Z
??1CSyncLock@SeriousEngine@@QAE@XZ
?strPrintF@SeriousEngine@@YA?AVCString@1@PBDZZ
??1CModuleLoader@SeriousEngine@@QAE@XZ
??0CModuleLoader@SeriousEngine@@QAE@XZ
??9SeriousEngine@@YAHABVCString@0@PBD@Z
?str_strLocaleDir@SeriousEngine@@3VCString@1@A
??4CString@SeriousEngine@@QAEAAV01@PBD@Z
?strGetCurrentLocaleDir@SeriousEngine@@YA?AVCString@1@XZ
?strObtainTranslationTables_t@SeriousEngine@@YAXPBD@Z
?strTrimSpaces@SeriousEngine@@YAXAAVCString@1@@Z
?strIsEmpty@SeriousEngine@@YAHPBD@Z
?conErrorF@SeriousEngine@@YAXPBDZZ
?strHasTail@SeriousEngine@@YAHPBD0@Z
??YSeriousEngine@@YAAAVCString@0@AAV10@PBD@Z
?dbg_bStealthMode@SeriousEngine@@3HA
?conOpenLog_t@SeriousEngine@@YAXW4ConsoleOutputType@1@ABVCString@1@PBD@Z
?conSetOutputFilter@SeriousEngine@@YAXW4ConsoleOutputType@1@K@Z
?conDumpBuffer@SeriousEngine@@YAXW4ConsoleOutputType@1@@Z
?mdUpdateTypeTables@SeriousEngine@@YAXXZ
?wndInitialize@SeriousEngine@@YAXXZ
?conWarningF@SeriousEngine@@YAXPBDZZ
?LoadModule@CModuleLoader@SeriousEngine@@QAEXPBDH@Z
?svcChangeRunLevel@SeriousEngine@@YAXVIDENT@1@J@Z
?ReleaseAllModules@CModuleLoader@SeriousEngine@@QAEXXZ
?resFreeUnusedStock@SeriousEngine@@YAXXZ
?prf_bShowProfiler@SeriousEngine@@3HA
?_prfStartProfile@SeriousEngine@@YAXPBDJ@Z
?sysUpdate@SeriousEngine@@YAHXZ
?_prfStopProfile@SeriousEngine@@YAXXZ
?pfuCallPerFrameCallbacks@SeriousEngine@@YAXXZ
??1CProfileSample@SeriousEngine@@QAE@XZ
?mdModuleDeclareBeg@SeriousEngine@@YAXPBD@Z
?mdModuleDeclareEnd@SeriousEngine@@YAXXZ
??1CDataType_Function@SeriousEngine@@UAE@XZ
?strAddLiteralToStringTable@SeriousEngine@@YAPBDPBD@Z
??0CTypeID@SeriousEngine@@QAE@PBD@Z
??0CDataInstance@SeriousEngine@@QAE@PBDPAXJVCTypeID@1@PAVCModule@1@K0@Z
?mdRegisterData@SeriousEngine@@YAXPAVCDataInstance@1@@Z
??0CTypeID@SeriousEngine@@QAE@XZ
??0CDataType_Function@SeriousEngine@@QAE@VCTypeID@1@PBD0JPAVCDataType_FunctionArgument@1@K@Z
??0CTypeID@SeriousEngine@@QAE@PAVCDataType@1@@Z
?mdGetDataType@CDataType_Function@SeriousEngine@@UAEPAVCDataType@2@XZ
?resObtainResource@SeriousEngine@@YA?AV?$Ptr@VCResource@SeriousEngine@@@1@PAVCDataType@1@W4ResObtainMethod@1@HHPBD2@Z
?memPreDeleteRC_internal@SeriousEngine@@YAXPBXPAVCDataType@1@@Z
?memPostDeleteRC_internal@SeriousEngine@@YAXPAVCDataType@1@@Z
??5CDataType_Function@SeriousEngine@@QAEXAAVCSafeDataType@1@@Z
?RemRef@CSmartObject@SeriousEngine@@QAEJPBX@Z
?wndDeleteWindow@SeriousEngine@@YAXPAVCWindow@1@@Z
?svcStopService@SeriousEngine@@YAXVIDENT@1@@Z
?svcStartService@SeriousEngine@@YAXVIDENT@1@@Z
?wndHideCursor@SeriousEngine@@YAXXZ
?wndCreateWorkbench@SeriousEngine@@YAPAVCWindow@1@PBDABVCTRect@1@KW4WndPlacmentMethod@1@@Z
??0CString@SeriousEngine@@QAE@PBD@Z
?conFatalErrorF@SeriousEngine@@YAXPBDZZ
??1CString@SeriousEngine@@QAE@XZ
?strTranslate@SeriousEngine@@YAPBDPBD@Z
?wndSetWindowZOrder@SeriousEngine@@YAXABVCWindow@1@PBV21@@Z
?wndSetKeyboardFocus@SeriousEngine@@YAXABVCWindow@1@@Z
?strConvertStringToID@SeriousEngine@@YA?AVIDENT@1@PBD@Z
?memNewRC_internal@SeriousEngine@@YAPAXJPAVCDataType@1@@Z
?memDelete_internal@SeriousEngine@@YAXPAX@Z
?sysGetCommonKeyStates@SeriousEngine@@YAKXZ
?wndSetWindowEventCallback@SeriousEngine@@YAXAAVCWindow@1@P6AH0ABUWindowEvent@1@PAX@Z2@Z

msvcr71

_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__dllonexit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
?terminate@@YAXXZ
_controlfp
??1type_info@@UAE@XZ
__getmainargs
__CxxFrameHandler

kernel32

GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MD_STUBS
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

MD_CODE
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MD_CONST
Size: 512B - Virtual size: 113B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.brick
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.mjg
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cfe58cf0a3daff6fa916f269af2c7ba9

Headers

File Characteristics

Imports

engine

core

msvcr71

kernel32

Sections

.text Size: 5KB - Virtual size: 5KB

MD_STUBS Size: 512B - Virtual size: 10B

MD_CODE Size: 1024B - Virtual size: 852B

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

MD_CONST Size: 512B - Virtual size: 113B

.rsrc Size: 6KB - Virtual size: 5KB

.brick Size: 150KB - Virtual size: 149KB

.reloc Size: 1024B - Virtual size: 536B

.mjg Size: - Virtual size: 1B

.text
Size: 5KB - Virtual size: 5KB

MD_STUBS
Size: 512B - Virtual size: 10B

MD_CODE
Size: 1024B - Virtual size: 852B

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

MD_CONST
Size: 512B - Virtual size: 113B

.rsrc
Size: 6KB - Virtual size: 5KB

.brick
Size: 150KB - Virtual size: 149KB

.reloc
Size: 1024B - Virtual size: 536B

.mjg
Size: - Virtual size: 1B