D:\pcagamecenter\src\gamecenter\Release\minigameclient.pdb
Static task
static1
Behavioral task
behavioral1
Sample
be699187d2f9ac1a49dcfe4a9f8076ce145b351038c4634a8ad2d67322319bab.exe
Resource
win7-20231215-en
General
-
Target
be699187d2f9ac1a49dcfe4a9f8076ce145b351038c4634a8ad2d67322319bab
-
Size
3.1MB
-
MD5
a864995b0c1c99de39e243ca038ef598
-
SHA1
1fdbeee9b70a441fda6c5f5d30342a8ff44047a9
-
SHA256
be699187d2f9ac1a49dcfe4a9f8076ce145b351038c4634a8ad2d67322319bab
-
SHA512
688ecfeb2ed9779255eceec03c614a67f1f5875b738775ec0f92b7d3349a2d3831c8ef745c1198e21e666dd828337e08b46d977f73bc51d7f2bc43b9b602d5e8
-
SSDEEP
49152:NRjGTVCtHLcQ0ywF3mje3ZgjwGZpCsy8wSQHo5MSlYo4axkjiHPLRcP1cA6URtRW:DcVCiQNwlmjyZgxkjiHjRQcAt9a
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource be699187d2f9ac1a49dcfe4a9f8076ce145b351038c4634a8ad2d67322319bab
Files
-
be699187d2f9ac1a49dcfe4a9f8076ce145b351038c4634a8ad2d67322319bab.exe windows:5 windows x86 arch:x86
370f92f843c0b2c837cd36540e0a1b85
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ws2_32
ntohs
WSAGetLastError
shutdown
WSAStartup
WSASetLastError
getnameinfo
getservbyname
inet_ntoa
gethostbyname
gethostname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSAIoctl
setsockopt
WSACleanup
htons
getsockopt
getsockname
getpeername
connect
bind
select
__WSAFDIsSet
socket
send
recv
closesocket
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
kernel32
GetVersionExW
CreateEventW
LockResource
FindResourceExW
WideCharToMultiByte
GetTickCount
GetDriveTypeW
lstrcpynW
lstrcpyW
GetFullPathNameW
FreeLibraryAndExitThread
ExitThread
SystemTimeToTzSpecificLocalTime
GetEnvironmentVariableW
FindNextFileW
FindFirstFileW
GetModuleFileNameA
QueryPerformanceCounter
GetCommandLineW
GlobalAddAtomW
LoadLibraryW
GetSystemTime
ConvertThreadToFiber
ConvertFiberToThread
CreateFiber
DeleteFiber
SwitchToFiber
SetConsoleMode
ReadConsoleA
VerifyVersionInfoA
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
VerSetConditionMask
FormatMessageA
ExpandEnvironmentStringsA
PeekNamedPipe
WaitForMultipleObjects
SleepEx
InitializeCriticalSection
SetEndOfFile
WriteConsoleW
DebugBreak
CreateThread
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindFirstFileExW
FindClose
SetConsoleCtrlHandler
FlushFileBuffers
ReadConsoleW
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleCP
GetTimeZoneInformation
GetFileType
GetACP
GetStdHandle
GetModuleHandleExW
ExitProcess
GetCommandLineA
RtlUnwind
GetCurrentProcessId
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
GetFileSize
CloseHandle
CreateFileW
ReadFile
LoadLibraryExW
lstrcmpiW
FreeLibrary
GetModuleHandleW
GetProcAddress
FindResourceW
LoadResource
SizeofResource
MulDiv
lstrcmpW
GlobalUnlock
InterlockedIncrement
GlobalLock
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
GetModuleFileNameW
InterlockedDecrement
EnterCriticalSection
SetLastError
CreateProcessA
CreateProcessW
GetCurrentThread
MultiByteToWideChar
GetProcessHeap
SetEvent
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
Sleep
GetLocaleInfoW
LCMapStringW
CompareStringW
GetCPInfo
EncodePointer
FormatMessageW
GetStringTypeW
GetCurrentDirectoryW
SystemTimeToFileTime
FileTimeToSystemTime
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetCurrentProcess
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
GetConsoleMode
WaitForSingleObject
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
WriteFile
LoadLibraryExA
VirtualQuery
VirtualProtect
GetFileAttributesExW
SetStdHandle
user32
GetDlgItem
GetClientRect
SetWindowLongW
SetCapture
GetClassNameW
LoadCursorW
CharNextW
SetFocus
CreateAcceleratorTableW
MoveWindow
GetSysColor
GetUserObjectInformationW
GetProcessWindowStation
IsChild
DestroyAcceleratorTable
ClientToScreen
RedrawWindow
InvalidateRgn
IsWindow
RegisterClassExW
SetWindowTextW
SendMessageW
ScreenToClient
CreateWindowExW
GetDesktopWindow
SetWindowPos
GetDC
DestroyWindow
GetFocus
GetWindow
CallWindowProcW
DefWindowProcW
SubtractRect
ReleaseDC
wsprintfW
CopyRect
GetClassInfoExW
GetParent
RegisterWindowMessageW
ReleaseCapture
FillRect
InvalidateRect
GetWindowTextLengthW
GetWindowLongW
SetForegroundWindow
FindWindowW
TranslateMessage
BringWindowToTop
PeekMessageW
DispatchMessageW
ShowWindow
SetActiveWindow
GetMessageW
PostMessageW
PostQuitMessage
MessageBoxW
MessageBoxA
SetMenu
RegisterHotKey
MapWindowPoints
BeginPaint
EndPaint
GetWindowTextW
UnregisterClassW
UnregisterHotKey
GetWindowRect
MonitorFromWindow
GetSystemMetrics
GetWindowPlacement
GetMonitorInfoW
gdi32
CreateSolidBrush
DeleteObject
DeleteDC
GetDeviceCaps
GetStockObject
CreateCompatibleDC
SelectObject
CreateCompatibleBitmap
BitBlt
SetViewportOrgEx
GetObjectW
advapi32
CryptEnumProvidersW
CryptSignHashW
RegisterEventSourceW
ReportEventW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
RegQueryValueExW
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
CryptGetUserKey
DeregisterEventSource
shell32
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetSpecialFolderPathW
ShellExecuteW
ole32
CoUninitialize
CoInitialize
CoTaskMemRealloc
OleLockRunning
CLSIDFromString
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoGetClassObject
CoInitializeEx
CoCreateInstance
PropVariantClear
oleaut32
SafeArrayUnaccessData
VariantChangeType
VarUI4FromStr
SafeArrayAccessData
SafeArrayCreate
LoadRegTypeLi
VariantInit
LoadTypeLi
SysFreeString
OleCreateFontIndirect
SysAllocString
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
dsound
ord11
shlwapi
PathRemoveFileSpecW
PathAppendW
PathRemoveFileSpecA
PathFileExistsW
winmm
waveOutWrite
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
netapi32
Netbios
wldap32
ord143
ord217
ord46
ord211
ord60
ord50
ord41
ord22
ord26
ord27
ord32
ord301
ord200
ord30
ord79
ord35
ord33
Sections
.text Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 638KB - Virtual size: 637KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 27KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.detourc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 756B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 121KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 156KB - Virtual size: 156KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE