DF CONNECTED v2[.]7[.]8b[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DF CONNECTED v2.7.8b.exe
Size

159.3MB
MD5

ef345b98394c7a9f7be6c9eb70b831bf
SHA1

63e07d6d89b417606df504e04ad1a678c953601b
SHA256

5c6fd6abe763f63fe127dcc79b737386af59e1653803c757272f0bf598cc1dd6
SHA512

a674f5cf6de4f4425c57ce711768a92611999add010cc7f2d92acdcce52f5234a1b64f6752a9135ae549d78e0833991dae0c8c132cf17e5b32b97eda8b06cc70
SSDEEP

3145728:jIHF86KT4FEwYNPINIYbWTOU3lJvKmEG1+vPr6KQbd6/g9cfMBOOOm2DNxrwNcLE:jrqE3NgNaxnSm71+vD6zd6/gOI+vNxr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DF CONNECTED v2.7.8b.exe

Files

DF CONNECTED v2.7.8b.exe
.exe windows:5 windows x86 arch:x86

3edc4485030b7bbdd74e32ebc647287c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\hudson\GMBase\GMGreen\GameMaker\Runner\VC_Runner\Release\Runner.pdb

Imports

wininet

InternetOpenA
HttpEndRequestW
InternetWriteFile
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetCrackUrlA
InternetCanonicalizeUrlA
HttpSendRequestA
InternetGetConnectedState
InternetConnectA
HttpOpenRequestA

d3dx9_43

D3DXGetVertexShaderProfile
D3DXCompileShader
D3DXGetPixelShaderProfile
D3DXCreateTextureFromFileW
D3DXGetImageInfoFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx

dbghelp

MiniDumpWriteDump
SymInitialize
SymFromAddr

winmm

mciGetErrorStringA
joyGetPos
joyGetPosEx
joyGetDevCapsA
mciSendStringA

ws2_32

bind
socket
ioctlsocket
setsockopt
inet_addr
WSACleanup
WSAStartup
shutdown
closesocket
gethostname
listen
getaddrinfo
WSAAddressToStringA
freeaddrinfo
getpeername
select
__WSAFDIsSet
htons
htonl
ntohs
ntohl
accept
recv
inet_ntoa
recvfrom
WSAGetLastError
send
connect
sendto
getsockopt

gdiplus

GdiplusShutdown
GdiplusStartup

comctl32

InitCommonControlsEx

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
LCMapStringA
CreateFileA
GetFullPathNameA
SetConsoleCtrlHandler
SetFilePointer
SetStdHandle
ReadFile
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
FatalAppExitA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
WriteFile
HeapSize
SetLastError
GetStdHandle
SetHandleCount
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
GetFileType
PeekNamedPipe
GetFileInformationByHandle
DeleteFileA
FindNextFileA
GetDateFormatA
GetTimeFormatA
GetFileAttributesA
DebugBreak
GetSystemTimeAsFileTime
SetFileAttributesW
HeapReAlloc
FindFirstFileA
MultiByteToWideChar
GetConsoleWindow
WideCharToMultiByte
OutputDebugStringW
FormatMessageW
GetLastError
GetProcAddress
LoadLibraryW
GetFullPathNameW
GetCurrentDirectoryW
LocalFree
GetModuleHandleW
FreeEnvironmentStringsA
InterlockedIncrement
CreateThread
GetExitCodeThread
CloseHandle
DeleteFileW
Sleep
FreeLibrary
SetCurrentDirectoryA
GetCurrentDirectoryA
GetExitCodeProcess
CreateProcessW
GetEnvironmentVariableW
FindClose
FindNextFileW
RemoveDirectoryW
FindFirstFileW
GetFileAttributesW
CreateDirectoryW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
SetWaitableTimer
CreateWaitableTimerW
SetThreadPriority
SetPriorityClass
GetCurrentProcess
GetCurrentThread
GlobalUnlock
GlobalLock
GlobalAlloc
GetVersionExW
GetUserDefaultLCID
GetLocaleInfoW
GetSystemInfo
GlobalMemoryStatusEx
ExitProcess
lstrlenA
ExpandEnvironmentStringsW
GetModuleFileNameW
GetCurrentThreadId
MoveFileA
SetUnhandledExceptionFilter
SetErrorMode
GetCommandLineW
GetCurrentProcessId
CreateFileW
RtlCaptureStackBackTrace
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
RtlUnwind
RaiseException
LoadLibraryA
InterlockedExchange
LocalAlloc
HeapWalk
HeapFree
HeapAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetEnvironmentStrings
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetProcessHeap
SetEnvironmentVariableW
InterlockedDecrement
VirtualQuery
HeapValidate

user32

GetDC
GetDlgItem
DialogBoxParamW
MoveWindow
ClientToScreen
GetMonitorInfoW
SetCursorPos
MapWindowPoints
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetCursorPos
GetForegroundWindow
wsprintfW
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
EnumDisplaySettingsW
ChangeDisplaySettingsW
SetWindowLongW
UpdateWindow
EnumDisplaySettingsExW
EnumDisplayDevicesA
keybd_event
DrawTextW
SetWindowTextA
SetWindowTextW
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetFocus
MessageBoxA
SetDlgItemTextA
IsDialogMessageW
PeekMessageW
DestroyWindow
ShowWindow
BringWindowToTop
SetForegroundWindow
SetWindowPos
GetSystemMetrics
AdjustWindowRectEx
LoadImageW
LoadCursorW
RegisterClassExW
CreateWindowExW
SendMessageW
ReleaseDC
GetAsyncKeyState
ScreenToClient
SetCursor
GetClientRect
GetWindowRect
PostMessageW
CreateDialogParamW
EndDialog
GetDlgItemTextW
IsClipboardFormatAvailable
SetFocus
DefWindowProcW
ReleaseCapture
SetCapture
GetKeyState
CallNextHookEx
MessageBoxW
SetDlgItemTextW

gdi32

GetDeviceCaps
CreateFontA
SelectObject
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteW
SHGetFolderPathW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 896KB - Virtual size: 895KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 310KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mydata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 154.9MB - Virtual size: 154.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l2
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3edc4485030b7bbdd74e32ebc647287c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

d3dx9_43

dbghelp

winmm

ws2_32

gdiplus

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 896KB - Virtual size: 895KB

.data Size: 310KB - Virtual size: 2.6MB

.mydata Size: 512B - Virtual size: 8B

.rsrc Size: 180KB - Virtual size: 180KB

.wdata Size: 154.9MB - Virtual size: 154.9MB

.l2 Size: 180KB - Virtual size: 180KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 896KB - Virtual size: 895KB

.data
Size: 310KB - Virtual size: 2.6MB

.mydata
Size: 512B - Virtual size: 8B

.rsrc
Size: 180KB - Virtual size: 180KB

.wdata
Size: 154.9MB - Virtual size: 154.9MB

.l2
Size: 180KB - Virtual size: 180KB