536997a69eac9053bcbad368d0e64672

Sharing

Copy URL Twitter E-mail

General

Target

536997a69eac9053bcbad368d0e64672
Size

1.7MB
MD5

536997a69eac9053bcbad368d0e64672
SHA1

de41197d2416ecab3056a7f4d404868ac9cc8933
SHA256

b0fbcde0869c2aa6b28f97d15496724e9d197adf12a8b826ca186446e6a3d387
SHA512

bd2b9f9af7118de82abe4cb03fb3e9bdd77dafcff7f4d5dc723346f5e053c9b5ec0af377b2a9867dfda3d20b1dd43bd5e8303d049addd65d516135c5ddfb5f79
SSDEEP

24576:oCmvSIDMDrlmvcaycV3+ExjCNPcbCHw3GmldTCzMr3QA3DCJMMI5Pg9GsFFzK:oCmvmmhycV39j3+H4r3yJRFz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
536997a69eac9053bcbad368d0e64672

Files

536997a69eac9053bcbad368d0e64672
.exe windows:4 windows x86 arch:x86

36c0d6e76757656fe68d487dcb04f8d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
SetEvent
GetTickCount
GetModuleHandleA
ReadFile
GetFileSize
DeleteCriticalSection
CreateEventA
SetThreadPriority
LeaveCriticalSection
InitializeCriticalSection
lstrcpyW
WriteFile
Sleep
CreateThread
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
CreateFileA
CloseHandle
MulDiv
CreateMutexA
GetLogicalDrives
GetDriveTypeA
ReleaseMutex
GetLastError
lstrcmpA
GlobalMemoryStatus
GetPrivateProfileIntA
WaitForSingleObject
WideCharToMultiByte
GetModuleFileNameA
OutputDebugStringA
MultiByteToWideChar
SetFilePointer
lstrcatA
GetProcAddress
LoadLibraryA
CreateFileW
FreeEnvironmentStringsW
GetVersionExA
CompareStringW
CompareStringA
FreeEnvironmentStringsA
GetStdHandle
SetHandleCount
GetFileType
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
IsBadWritePtr
UnhandledExceptionFilter
VirtualFree
HeapCreate
VirtualAlloc
GetEnvironmentVariableA
HeapDestroy
SetLastError
TlsGetValue
GetOEMCP
GetACP
TlsAlloc
HeapSize
HeapReAlloc
GetCPInfo
TerminateProcess
ExitProcess
lstrcpyA
InterlockedExchange
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
MapViewOfFile
CreateFileMappingA
RtlUnwind
GetCurrentProcess
UnmapViewOfFile
GetCurrentThreadId
TlsSetValue
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapAlloc
RaiseException
ExitThread
GetStartupInfoA
GetVersion
GetLocalTime

user32

ShowCursor
SetFocus
SetWindowPos
UpdateWindow
SetWindowLongA
CreateWindowExA
GetClientRect
GetWindowLongA
AdjustWindowRect
GetWindowRect
GetDesktopWindow
LoadIconA
SetRect
RegisterClassA
DestroyMenu
PostQuitMessage
DestroyWindow
DefWindowProcA
GetMenu
ClipCursor
GetMessageA
SetForegroundWindow
SendMessageA
DispatchMessageA
TranslateMessage
MessageBoxA
PostThreadMessageA
FindWindowA
wsprintfA
SetMenu
PeekMessageA
SetCursor

gdi32

GetStockObject
ExtTextOutA
GetTextExtentPoint32A
DeleteObject
SetBkColor
SetTextColor
SetTextAlign
CreateFontA
GetDeviceCaps
SelectObject
CreateDIBSection
CreateCompatibleDC
SetMapMode
DeleteDC

ole32

CoCreateInstance
CoInitialize
CoUninitialize

d3d8

Direct3DCreate8

dinput8

DirectInput8Create

winmm

timeGetTime

binkw32

_BinkCopyToBuffer@28
_BinkOpen@8
_BinkClose@4
_BinkDoFrame@4
_BinkNextFrame@4
_BinkWait@4
_BinkOpenDirectSound@4
_BinkSetSoundSystem@8
_BinkGoto@12

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36c0d6e76757656fe68d487dcb04f8d1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

d3d8

dinput8

winmm

binkw32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 100KB - Virtual size: 1.3MB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 100KB - Virtual size: 1.3MB

.rsrc
Size: 36KB - Virtual size: 36KB