b848ef92c121f5832ed69b8a3231bf79

Sharing

Copy URL

Twitter E-mail

General

Target

b848ef92c121f5832ed69b8a3231bf79
Size

1.3MB
MD5

b848ef92c121f5832ed69b8a3231bf79
SHA1

593088e4485aacf0f8012678f0a4970feab3951b
SHA256

41e15398fd307889c9814284f9df4cfbb1fff1d8294981e1947badea5b3567fe
SHA512

b0070e41f112b6023e0dbde98aa219666502b07fc90af0bcdedc938fb11aba85333d6de67ab955d31e298331dac36db2934b055e01c2abf59414d40add457596
SSDEEP

24576:FqSjnXqp57nsP0anUhx/J8gX+Gg+oK+nBvCMc/NT9YfTg4VFydrw7oAgKmiF:cSjXqf7nafnU//mgOrKc5Cf/1OLdFy5U

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/CS_OGC FX v3.3/OGC FX v3.3/OGC FX.dll	aspack_v212_v242

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CS_OGC FX v3.3/OGC FX v3.3/OGC FX.dll
unpack001/CS_OGC FX v3.3/OGC FX v3.3/OGC FX.exe
unpack001/CS_OGC FX v3.3/OGC FX v3.3/older versions/OGC FX v3.1.dll
unpack001/CS_OGC FX v3.3/OGC FX v3.3/older versions/OGC FX v3.2.dll

Files

b848ef92c121f5832ed69b8a3231bf79
.rar
CS_OGC FX v3.3/Counter-Strike Cheats • Index page.url
.url
CS_OGC FX v3.3/OGC FX v3.3/Counter-Strike Cheats • Index page.url
.url
CS_OGC FX v3.3/OGC FX v3.3/OGC FX.dll
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CreateInterface

Sections

Size: 131KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 22KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 13KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 330KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CS_OGC FX v3.3/OGC FX v3.3/OGC FX.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 72KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CS_OGC FX v3.3/OGC FX v3.3/aimbot fix.txt
CS_OGC FX v3.3/OGC FX v3.3/aimbot.cfg
CS_OGC FX v3.3/OGC FX v3.3/bind.cfg
CS_OGC FX v3.3/OGC FX v3.3/bones.cfg
CS_OGC FX v3.3/OGC FX v3.3/commandmenu.txt
CS_OGC FX v3.3/OGC FX v3.3/customize.cfg
CS_OGC FX v3.3/OGC FX v3.3/cvar.bin
CS_OGC FX v3.3/OGC FX v3.3/cvarblock.cfg
CS_OGC FX v3.3/OGC FX v3.3/init.cfg
CS_OGC FX v3.3/OGC FX v3.3/main.cfg
CS_OGC FX v3.3/OGC FX v3.3/menu.cfg
CS_OGC FX v3.3/OGC FX v3.3/older versions/OGC FX v3.1.dll
.dll windows:5 windows x86 arch:x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Exports

Exports

CreateInterface

Sections

.text
Size: 157KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CS_OGC FX v3.3/OGC FX v3.3/older versions/OGC FX v3.2.dll
.dll windows:5 windows x86 arch:x86

f8ebb32eb1cced471a3a448a67343a39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime
sndPlaySoundA

kernel32

HeapFree
VirtualProtect
IsBadWritePtr
IsBadReadPtr
GetProcAddress
GetModuleHandleA
GetLocalTime
ExitProcess
GetCurrentThreadId
LoadLibraryA
FreeLibrary
GetCurrentProcessId
DisableThreadLibraryCalls
GetModuleFileNameA
CloseHandle
GetLastError
GetProcessHeap
SetEndOfFile
GetLocaleInfoW
CreateFileW
CreateFileA
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
GetCommandLineA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LoadLibraryW
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
ReadFile
SetFilePointer
FlushFileBuffers
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount

user32

GetWindowTextA
FindWindowA
PostMessageA
CallNextHookEx
GetActiveWindow
SetWindowsHookExA
MessageBoxA
GetAsyncKeyState

Exports

Exports

CreateInterface

Sections

.text
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CS_OGC FX v3.3/OGC FX v3.3/older versions/readme old versions.txt
CS_OGC FX v3.3/OGC FX v3.3/readme.txt
CS_OGC FX v3.3/OGC FX v3.3/sounds/activated.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/doublekill.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/headshot.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/impressive.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/monsterkill.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/multikill.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/triplekill.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/ultrakill.wav
CS_OGC FX v3.3/OGC FX v3.3/sounds/kill/unstoppable.wav
CS_OGC FX v3.3/OGC FX v3.3/startup.cfg
CS_OGC FX v3.3/OGC FX v3.3/vecs.cfg
CS_OGC FX v3.3/OGC FX v3.3/winamp.cfg

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 131KB - Virtual size: 336KB

Size: 22KB - Virtual size: 56KB

Size: 3KB - Virtual size: 44KB

.rsrc Size: 512B - Virtual size: 4KB

Size: 13KB - Virtual size: 24KB

Size: 4KB - Virtual size: 4KB

.data Size: 330KB - Virtual size: 332KB

.adata Size: - Virtual size: 4KB

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 72KB - Virtual size: 196KB

.rsrc Size: 27KB - Virtual size: 28KB

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 157KB - Virtual size: 335KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 4KB - Virtual size: 40KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 21KB - Virtual size: 24KB

.perplex Size: 94KB - Virtual size: 94KB

f8ebb32eb1cced471a3a448a67343a39

Headers

File Characteristics

Imports

winmm

kernel32

user32

Exports

Exports

Sections

.text Size: 335KB - Virtual size: 334KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 9KB - Virtual size: 40KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 21KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 4KB

.data
Size: 330KB - Virtual size: 332KB

.adata
Size: - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 196KB

.rsrc
Size: 27KB - Virtual size: 28KB

.text
Size: 157KB - Virtual size: 335KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 4KB - Virtual size: 40KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 21KB - Virtual size: 24KB

.perplex
Size: 94KB - Virtual size: 94KB

.text
Size: 335KB - Virtual size: 334KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 9KB - Virtual size: 40KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 21KB - Virtual size: 21KB