Static task
static1
General
-
Target
empires2.exe
-
Size
2.4MB
-
MD5
c5a1d96f94aad024fa0e3107a994128c
-
SHA1
9ad7fdd5c294cafff60862a3cbbe18999118c570
-
SHA256
bc3e4299c3eafcabc77b003ecdc24b8018cd30eeaed05b68a106a9f2be178f06
-
SHA512
c2486c92ccb18dfd12302a4d79a18f9023b8fe117b0f66b3feb3e6ff01f21b98ed77df600d0a07c82a02efd21a76512208e0131b308d68d6e8a4286e4f2ebcc4
-
SSDEEP
24576:IuOq6oZNWKI2zmJEzJSqdMclkoRWq3ztUNTsSlOb11kmThfEFfK0dM/bAkCzc7lf:7NWeQEzU7c2QDJUVbU1iK2s8KfgoBXZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource empires2.exe
Files
-
empires2.exe.exe windows:4 windows x86 arch:x86
646b36b477ecd687f453f7c5ed9ad176
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
msvfw32
ICInfo
MCIWndCreateA
winmm
mixerGetNumDevs
mixerGetLineControlsA
mixerGetLineInfoA
timeEndPeriod
timeGetTime
mciSendCommandA
mixerOpen
mixerSetControlDetails
timeBeginPeriod
mixerGetControlDetailsA
mciGetErrorStringA
mixerClose
kernel32
_llseek
GetModuleFileNameA
IsDBCSLeadByte
SetLastError
GetProcAddress
CompareStringA
_lread
ReleaseSemaphore
SetThreadPriority
SetPriorityClass
GetPriorityClass
GetThreadPriority
FindResourceA
GlobalHandle
GlobalAlloc
MapViewOfFile
LoadResource
LockResource
LoadLibraryA
GetTempFileNameA
GetTempPathA
VirtualFree
WinExec
FreeEnvironmentStringsW
GetEnvironmentStrings
OpenFile
GetCurrentProcess
GetModuleHandleA
GetCurrentThread
GlobalLock
GetEnvironmentStringsW
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
CompareStringW
GlobalUnlock
GlobalReAlloc
_lclose
GlobalFree
_hread
FindNextFileA
OutputDebugStringA
DeleteFileA
FindFirstFileA
GetDateFormatA
GetTimeFormatA
GetLastError
FindClose
CreateMutexA
GetVolumeInformationA
ReleaseMutex
GetDriveTypeA
FreeLibrary
MulDiv
CloseHandle
CreateFileMappingA
GlobalMemoryStatus
GetCurrentDirectoryA
GetStartupInfoA
SetStdHandle
SetEndOfFile
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
CreateFileA
UnmapViewOfFile
WaitForSingleObject
CreateSemaphoreA
GetCommandLineA
SetEnvironmentVariableA
GetStringTypeW
GetFullPathNameA
FileTimeToLocalFileTime
FileTimeToSystemTime
FlushFileBuffers
TerminateProcess
ExitProcess
WriteFile
SetFilePointer
GetFileType
ReadFile
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
IsBadCodePtr
HeapAlloc
VirtualAlloc
VirtualLock
VirtualQuery
GetVersion
RaiseException
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
user32
GetWindowThreadProcessId
InvalidateRect
GetParent
GetWindowTextA
SetCursor
SetClassLongA
GetCursorPos
ScreenToClient
FillRect
ValidateRect
GetUpdateRect
IsIconic
SetForegroundWindow
GetLastActivePopup
BringWindowToTop
GetDC
ReleaseDC
GetAsyncKeyState
DefWindowProcA
GetKeyState
GetClientRect
SetWindowPos
UpdateWindow
LoadIconA
RegisterClassA
CharUpperA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
DestroyWindow
FindWindowA
SendMessageA
SystemParametersInfoA
ShowWindow
SetFocus
SetTimer
LoadCursorA
IsWindow
PostQuitMessage
KillTimer
SetWindowTextA
SetCapture
ReleaseCapture
GetCapture
SetWindowLongA
PostMessageA
GetActiveWindow
WinHelpA
GetKeyboardState
GetKeyNameTextA
MapVirtualKeyA
wsprintfA
DrawTextA
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
CloseClipboard
GetCaretBlinkTime
DrawTextExA
CallWindowProcA
MoveWindow
MessageBeep
GetWindowLongA
SetSysColors
GetSysColor
MessageBoxA
LoadStringA
SetRect
ClientToScreen
GetWindowRect
GetSystemMetrics
GetForegroundWindow
CreateWindowExA
GetFocus
SetCursorPos
gdi32
GetDeviceCaps
SelectObject
CreateFontIndirectA
GetStockObject
RealizePalette
SelectPalette
DeleteDC
CreateICA
CreatePalette
GetObjectA
GetPaletteEntries
GetNearestPaletteIndex
SetPaletteEntries
GetSystemPaletteEntries
SelectClipRgn
ResizePalette
SetBkMode
TextOutA
SetTextColor
GetTextExtentPoint32A
SetBkColor
CreateRectRgn
MoveToEx
SetTextAlign
LineTo
DeleteObject
CreatePen
GetTextMetricsA
dplayx
ord4
ord2
ord1
dsound
ord1
ddraw
DirectDrawCreate
imm32
ImmAssociateContext
ImmGetContext
ImmGetOpenStatus
ImmSetOpenStatus
ImmNotifyIME
ImmGetDefaultIMEWnd
ImmReleaseContext
advapi32
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
ole32
CoUninitialize
CoCreateGuid
CoCreateInstance
CoInitialize
wsock32
gethostname
WSAStartup
gethostbyname
WSACleanup
Sections
.text Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
THIS_COD Size: 48KB - Virtual size: 46KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 196KB - Virtual size: 195KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
THIS_DAT Size: 4KB - Virtual size: 188B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Inf32Dat Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ