Static task
static1
General
-
Target
SuperMeatBoyForever.exe
-
Size
6.6MB
-
MD5
8caf7640140c0283d22a485dd900c2d8
-
SHA1
2bce2f6d838a1dfd783a356e0a7896f9ebc78817
-
SHA256
d77447cd2e05436e5d43d042d6fed22d82ef6fc6e40a1ba8576afe2c7adebdae
-
SHA512
24d6259ee9184d8a163e07f90252681de98439805414ef0346dfc466c4194d81b9947a884b21e888db50b8f22eaa30a3962856fa07b5acfdd3ee3d61993b2fe5
-
SSDEEP
49152:MUS5p5JZp5JZp5JZp+LyMa0wqnqrsHHfe1jRwr4Ah9QDzr8jwlQqM+RCxb7Gm2YE:N69wr79AzXbARBOR9CeC6ZHCc1ZTZz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SuperMeatBoyForever.exe
Files
-
SuperMeatBoyForever.exe.exe windows:6 windows x64 arch:x64
4cb44c9d36cfb206809008522ea5892c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
steam_api64
SteamAPI_GetHSteamUser
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_RegisterCallback
SteamAPI_IsSteamRunning
SteamAPI_Init
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
SteamAPI_RunCallbacks
user32
GetForegroundWindow
CreateWindowExW
DefWindowProcA
GetCursorPos
SetThreadDesktop
OpenInputDesktop
PeekMessageW
DispatchMessageW
TranslateMessage
EnumDisplaySettingsW
DefWindowProcW
SetCursorPos
ClientToScreen
FindWindowA
GetThreadDesktop
MessageBoxA
CreateWindowStationW
ShowCursor
UpdateWindow
PostQuitMessage
SetRect
SetWindowLongW
LoadCursorW
BringWindowToTop
CreateWindowExA
RegisterTouchWindow
GetCursorInfo
ChangeDisplaySettingsW
ShowWindow
RegisterClassExW
UnregisterClassW
GetSystemMetrics
SetWindowPos
CloseWindowStation
DestroyWindow
GetWindowRect
GetTouchInputInfo
CloseTouchInputHandle
AdjustWindowRectEx
ole32
CoSetProxyBlanket
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemFree
oleaut32
SysAllocString
SysFreeString
dinput8
DirectInput8Create
xinput9_1_0
XInputGetState
d3d11
D3D11CreateDeviceAndSwapChain
D3D11CreateDevice
dxgi
CreateDXGIFactory
fmod
?update@System@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?stop@SoundGroup@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?set3DMinMaxDistance@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@MM@Z
?set3DAttributes@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEBUFMOD_VECTOR@@0@Z
?setCallback@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW43@PEAUFMOD_CHANNELCONTROL@@W4FMOD_CHANNELCONTROL_TYPE@@W4FMOD_CHANNELCONTROL_CALLBACK_TYPE@@PEAX3@Z@Z
?getMasterSoundGroup@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAPEAVSoundGroup@2@@Z
?createStream@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAUFMOD_CREATESOUNDEXINFO@@PEAPEAVSound@2@@Z
?playSound@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEAVSound@2@PEAVChannelGroup@2@_NPEAPEAVChannel@2@@Z
?release@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?setMode@Sound@FMOD@@QEAA?AW4FMOD_RESULT@@I@Z
?stop@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?setVolume@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?getVolume@ChannelControl@FMOD@@QEAA?AW4FMOD_RESULT@@PEAM@Z
?setLoopCount@Channel@FMOD@@QEAA?AW4FMOD_RESULT@@H@Z
?createSound@System@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAUFMOD_CREATESOUNDEXINFO@@PEAPEAVSound@2@@Z
fmodstudio
?setPaused@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@_N@Z
?stopAllEvents@Bus@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@W4FMOD_STUDIO_STOP_MODE@@@Z
?getVolume@VCA@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAM0@Z
?setVolume@VCA@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?setCallback@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@P6A?AW44@IPEAUFMOD_STUDIO_EVENTINSTANCE@@PEAX@ZI@Z
?release@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?setListenerAttributes@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@HPEBUFMOD_3D_ATTRIBUTES@@@Z
?loadBankFile@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDIPEAPEAVBank@23@@Z
?getEvent@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBDPEAPEAVEventDescription@23@@Z
?createInstance@EventDescription@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAVEventInstance@23@@Z
?getVolume@EventInstance@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAM0@Z
?setVolume@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@M@Z
?start@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?stop@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@W4FMOD_STUDIO_STOP_MODE@@@Z
?setParameterByName@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@PEBDM_N@Z
?create@System@Studio@FMOD@@SA?AW4FMOD_RESULT@@PEAPEAV123@I@Z
?initialize@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@HIIPEAX@Z
?release@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?update@System@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@XZ
?getCoreSystem@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEAPEAV13@@Z
?getBus@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBDPEAPEAVBus@23@@Z
?getVCA@System@Studio@FMOD@@QEBA?AW4FMOD_RESULT@@PEBDPEAPEAVVCA@23@@Z
?set3DAttributes@EventInstance@Studio@FMOD@@QEAA?AW4FMOD_RESULT@@PEBUFMOD_3D_ATTRIBUTES@@@Z
shell32
ShellExecuteW
ShellExecuteA
SHGetKnownFolderPath
binkw64
BinkSetSoundSystem2
BinkOpenXAudio2
BinkGetFrameBuffersInfo
BinkShouldSkip
BinkUtilMalloc
BinkUtilFree
BinkAllocateFrameBuffers
BinkSetVolume
BinkClose
BinkWait
BinkNextFrame
BinkDoFrame
BinkRegisterFrameBuffers
BinkOpen
comdlg32
GetOpenFileNameA
vcomp140
_vcomp_for_static_simple_init
_vcomp_for_static_end
_vcomp_fork
kernel32
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapQueryInformation
HeapSize
ReadConsoleW
GetConsoleMode
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
OutputDebugStringW
HeapReAlloc
HeapAlloc
FreeEnvironmentStringsW
ExitProcess
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
RaiseException
RtlPcToFileHeader
SetStdHandle
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetStartupInfoW
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapFree
SetEnvironmentVariableW
InitializeSListHead
GetProcAddress
GetFileSizeEx
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStringTypeW
GetLocaleInfoEx
LocalFree
LCMapStringEx
GetCPInfo
MultiByteToWideChar
CompareStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
WideCharToMultiByte
FormatMessageA
GetFileInformationByHandleEx
SetFilePointerEx
SetFileInformationByHandle
InitOnceExecuteOnce
GetCurrentThread
GetThreadTimes
GetModuleHandleA
GetCurrentThreadId
GetCurrentDirectoryA
SetCurrentDirectoryA
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileW
GetFileAttributesW
CreateDirectoryW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
GetModuleHandleW
ResetEvent
SetEvent
CreateEventW
CreateThread
ResumeThread
SuspendThread
WaitForSingleObject
SetThreadPriority
WaitForMultipleObjects
GetFileTime
MapViewOfFile
CreateFileMappingW
CreateDirectoryA
GetFileSize
CloseHandle
DeleteFileA
FileTimeToSystemTime
CreateFileA
GetLastError
CopyFileA
UnmapViewOfFile
WaitForSingleObjectEx
Sleep
CreateFileW
FindClose
SetFilePointer
FindNextFileA
SetCurrentDirectoryW
GetModuleFileNameW
SetEndOfFile
OutputDebugStringA
ReadFile
MoveFileA
FindFirstFileA
WriteFile
advapi32
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
Sections
.text Size: 4.2MB - Virtual size: 4.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 185KB - Virtual size: 21.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 206KB - Virtual size: 205KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 244B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 961KB - Virtual size: 960KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 38KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ