WEFWFWEF[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

WEFWFWEF.zip
Size

19.8MB
MD5

f71061b9160ca7851f0580efd8552f9f
SHA1

1a14404d7f612fe0888b830fc67f3108351aa6c7
SHA256

8fe2e981acc3bfa68fb12951e570ebda29393ef170d9e70f440309b8c1091d14
SHA512

52f5b5f337268e7c4a9b5b585304e7683fe33324a08b60360bdfa0d9f217ca6079549d488fc0093f3e42c6206cbda5f587d168d5f864b2d8ac75d8ed9dcf20b8
SSDEEP

393216:rSUhdCk7dbUNhxG9oKRGcNFPddM4mFHeaqoBb5hfbpKEJ2+igtJ:rSKLdbUNhx8GcF7mF1xdKEJ1igX

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KINKY_PUBGM_FULL_2.9.3/KINKY.dll
unpack001/KINKY_PUBGM_FULL_2.9.3/Kinky Daddy.exe

Files

WEFWFWEF.zip
.zip
KINKY_PUBGM_FULL_2.9.3/KINKY.dll
.dll windows:6 windows x86 arch:x86

abb6395c71e314d746f6c37b43a00c78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle

advapi32

RegCloseKey

kernel32

GetCurrentProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetAsyncKeyState

gdi32

GetDeviceCaps

ole32

CoInitialize

msvcp140

?always_noconv@codecvt_base@std@@QBE_NXZ

dwmapi

DwmGetColorizationColor

d3dcompiler_47

D3DCompile

d3d11

D3D11CreateDeviceAndSwapChain

urlmon

URLOpenBlockingStreamA

d3dx11_43

D3DX11CreateShaderResourceViewFromMemory

imm32

ImmSetCompositionWindow

vcruntime140

memchr

api-ms-win-crt-heap-l1-1-0

_recalloc

api-ms-win-crt-utility-l1-1-0

srand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn

api-ms-win-crt-stdio-l1-1-0

fclose

api-ms-win-crt-math-l1-1-0

_dclass

api-ms-win-crt-string-l1-1-0

_wcsicmp

api-ms-win-crt-convert-l1-1-0

atof

api-ms-win-crt-filesystem-l1-1-0

_lock_file

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-multibyte-l1-1-0

_mbsicmp

Sections

.text
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 522KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Id?
Size: - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.q!r
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.r<~
Size: 11.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
KINKY_PUBGM_FULL_2.9.3/Kinky Daddy.exe
.exe windows:6 windows x86 arch:x86

51a895980627753b38c4a19fd53219a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetWindowRect

advapi32

CreateServiceA

msvcp140

??1_Lockit@std@@QAE@XZ

vcruntime140

__current_exception

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-heap-l1-1-0

_callnewh

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.\kX
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.%}r
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.P.z
Size: 9.3MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abb6395c71e314d746f6c37b43a00c78

Headers

DLL Characteristics

File Characteristics

Imports

wininet

advapi32

kernel32

user32

gdi32

ole32

msvcp140

dwmapi

d3dcompiler_47

d3d11

urlmon

d3dx11_43

imm32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

Sections

.text Size: - Virtual size: 1.4MB

.rdata Size: - Virtual size: 522KB

.data Size: - Virtual size: 275KB

.Id? Size: - Virtual size: 6.0MB

.q!r Size: 2KB - Virtual size: 2KB

.r<~ Size: 11.1MB - Virtual size: 11.1MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

51a895980627753b38c4a19fd53219a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: - Virtual size: 111KB

.rdata Size: - Virtual size: 38KB

.data Size: - Virtual size: 2KB

.\kX Size: - Virtual size: 5.0MB

.%}r Size: 2KB - Virtual size: 1KB

.P.z Size: 9.3MB - Virtual size: 9.3MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 103KB - Virtual size: 103KB

.text
Size: - Virtual size: 1.4MB

.rdata
Size: - Virtual size: 522KB

.data
Size: - Virtual size: 275KB

.Id?
Size: - Virtual size: 6.0MB

.q!r
Size: 2KB - Virtual size: 2KB

.r<~
Size: 11.1MB - Virtual size: 11.1MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 111KB

.rdata
Size: - Virtual size: 38KB

.data
Size: - Virtual size: 2KB

.\kX
Size: - Virtual size: 5.0MB

.%}r
Size: 2KB - Virtual size: 1KB

.P.z
Size: 9.3MB - Virtual size: 9.3MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 103KB - Virtual size: 103KB