LEGOStarWarsSaga[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

LEGOStarWarsSaga.exe
Size

5.1MB
MD5

5746cf2873f139724bc6002f9c164c5e
SHA1

622630ec4ac19cfcd56ca3f2b2246c6f640b39c4
SHA256

ef74988824385609cfeb7df9cb175d8f07d803650b971840ccc6838a04639e7d
SHA512

bd7b44b60e5cbd31cec11ced1a89f611afd77936d803cd84af14ee59d1e4b1917f5df99ceb4988bbfa6fc957c676124b278952b635cacb377c1bd0ba4dbdfae9
SSDEEP

98304:9kaprieCirRvkjP8ehAR0zuTs4Ztg0AtaZqj:+apN5koehlSTVg0AIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LEGOStarWarsSaga.exe

Files

LEGOStarWarsSaga.exe
.exe windows:4 windows x86 arch:x86

51538e402bd9b828c82d39c5e8a232e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
DispatchMessageA
TranslateMessage
PeekMessageA
SetCursorPos
DestroyWindow
DefWindowProcA
PostQuitMessage
ShowWindow
GetWindowLongA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
MoveWindow
MessageBoxW
GetForegroundWindow
UpdateWindow
MessageBoxA
LoadKeyboardLayoutA
SystemParametersInfoA
MapVirtualKeyExA
SetCursor
AdjustWindowRect
SendMessageA

d3dx9_35

D3DXCreateEffect
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateEffectFromFileA
D3DXCreateFontA
D3DXCreateRenderToSurface
D3DXCreateTextureFromFileInMemory
D3DXSaveSurfaceToFileInMemory
D3DXCreateEffectCompiler
D3DXCreateBuffer
D3DXCompileShader
D3DXMatrixMultiply
D3DXMatrixLookAtLH
D3DXMatrixOrthoLH

d3d9

Direct3DCreate9
D3DPERF_EndEvent
D3DPERF_BeginEvent

winmm

timeKillEvent
timeSetEvent
timeGetTime

dsound

ord11

dinput8

DirectInput8Create

binkw32

_BinkSetSoundTrack@8
_BinkOpen@8
_BinkNextFrame@4
_BinkSetVolume@12
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkDoFrame@4
_BinkCopyToBufferRect@44
_BinkGetRealtime@12
_BinkWait@4
_BinkGoto@12
_BinkClose@4

xinput1_3

ord4
ord2
ord3

kernel32

EnumSystemLocalesA
IsValidLocale
SetEndOfFile
GetTimeZoneInformation
CompareStringA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
OutputDebugStringW
IsDebuggerPresent
GetLocaleInfoA
LoadLibraryA
InterlockedExchange
FreeLibrary
SetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
VirtualAlloc
FatalAppExitA
Sleep
SetEvent
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
ResumeThread
SetThreadPriority
CreateThread
CreateEventA
InitializeCriticalSection
ResetEvent
GetCurrentThreadId
CreateFileA
CloseHandle
ReadFile
WriteFile
SetFilePointerEx
MoveFileA
DeleteFileA
FindFirstFileA
FindClose
FindNextFileA
FileTimeToSystemTime
CreateDirectoryA
GetFileAttributesExA
QueryPerformanceCounter
QueryPerformanceFrequency
SetProcessAffinityMask
GetProcessAffinityMask
GetCurrentProcess
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
GetTickCount
DebugBreak
GetLogicalDriveStringsA
DeleteCriticalSection
WaitForMultipleObjects
GetFileSize
GetUserGeoID
GetUserDefaultLangID
GetModuleFileNameA
GetModuleHandleA
VerifyVersionInfoA
VerSetConditionMask
GetFileAttributesA
ExpandEnvironmentStringsA
SetThreadExecutionState
SetThreadAffinityMask
GetCurrentThread
OutputDebugStringA
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLastError
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
GetProcAddress
ExitProcess
SetConsoleCtrlHandler
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetCurrentProcessId

gdi32

DeleteObject

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetFolderPathA
ShellExecuteA
SHCreateDirectoryExA

ole32

CoInitializeEx
CoInitialize
CoCreateInstance
CoUninitialize
CoSetProxyBlanket

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 408KB - Virtual size: 33.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 556KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.secu
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51538e402bd9b828c82d39c5e8a232e6

Headers

File Characteristics

Imports

user32

d3dx9_35

d3d9

winmm

dsound

dinput8

binkw32

xinput1_3

kernel32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 632KB - Virtual size: 631KB

.data Size: 408KB - Virtual size: 33.7MB

.rsrc Size: 556KB - Virtual size: 554KB

.secu Size: 256KB - Virtual size: 253KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 632KB - Virtual size: 631KB

.data
Size: 408KB - Virtual size: 33.7MB

.rsrc
Size: 556KB - Virtual size: 554KB

.secu
Size: 256KB - Virtual size: 253KB