98300b753f0e3d3ec07337bee721881a026a868b4229d1ad9618c77e9b690381

Sharing

Copy URL Twitter E-mail

General

Target

98300b753f0e3d3ec07337bee721881a026a868b4229d1ad9618c77e9b690381
Size

3.2MB
MD5

d2c1e5ab52bf6dece0d456c4fe3aa740
SHA1

b59cf33d75da45c710d8bca5a0b3a392b2a65267
SHA256

98300b753f0e3d3ec07337bee721881a026a868b4229d1ad9618c77e9b690381
SHA512

635f622c30116e30103ffca77987a1d4a9bf3c5f887ab7c6d85ac7307df4f6b913d07699d1a68e432f10f54c8db0bdbe10cfdabd26851d1f90d7b5ae75fae026
SSDEEP

49152:KLbDxyLyf7kYs9YJArCEwkM9j8AqBM1rktggp8ooKn3q+iTH3/XnrHkVSq6+:GZa9fffwj8BBMdjgTq+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98300b753f0e3d3ec07337bee721881a026a868b4229d1ad9618c77e9b690381

Files

98300b753f0e3d3ec07337bee721881a026a868b4229d1ad9618c77e9b690381
.exe windows:5 windows x86 arch:x86

ee57c9237303f8c7b57506b7c6b752e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\down\ham\_ok1zia\ja\c\tucnak\Release\Tucnak.pdb

Imports

kernel32

GetOEMCP
GetModuleFileNameA
GetACP
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
DecodePointer
IsDebuggerPresent
UnhandledExceptionFilter
EncodePointer
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DuplicateHandle
CreatePipe
TerminateProcess
CreateProcessA
GetCurrentThread
BuildCommDCBA
FlushFileBuffers
ReadFile
SetCommTimeouts
SetCommState
WriteFile
EscapeCommFunction
DeviceIoControl
LocalAlloc
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
GetCurrentProcess
SetUnhandledExceptionFilter
CreateFileA
LocalFree
FormatMessageA
GetDiskFreeSpaceExA
LockFileEx
UnlockFile
OutputDebugStringA
RaiseException
Sleep
IsProcessorFeaturePresent

shell32

ShellExecuteExA
SHGetFolderPathA
ShellExecuteA

user32

GetWindowPlacement
SystemParametersInfoA
MessageBoxA
ShowWindow

ws2_32

listen
inet_ntoa
WSAGetLastError
recv
connect
recvfrom
select
htons
getaddrinfo
ioctlsocket
WSAStringToAddressA
shutdown
setsockopt
WSASetLastError
getsockopt
WSAAddressToStringA
bind
ntohs
ntohl
inet_addr
getsockname
sendto
WSAStartup
accept
send
closesocket
__WSAFDIsSet
socket

libglib-2.0-0

g_log_set_default_handler
g_ptr_array_remove_fast
g_log
glib_major_version
g_array_free
g_array_sized_new
g_realloc
g_string_printf
g_strchug
g_string_assign
g_hash_table_size
g_string_erase
glib_micro_version
g_spaced_primes_closest
glib_minor_version
g_realloc_n
g_direct_equal
g_hash_table_lookup_extended
g_direct_hash
g_ptr_array_remove
g_ptr_array_free
g_hash_table_destroy
g_hash_table_new_full
g_hash_table_insert
g_string_insert
g_string_append_len
g_thread_self
g_scanner_input_file
g_scanner_unexp_token
g_scanner_new
g_scanner_peek_next_token
g_scanner_destroy
g_scanner_get_next_token
g_scanner_scope_add_symbol
g_scanner_input_text
g_strconcat
g_hash_table_remove_all
g_ptr_array_remove_index_fast
g_strdup_vprintf
g_strlcpy
g_hash_table_remove
g_strchomp
g_string_append_vprintf
g_malloc
g_string_new
g_hash_table_foreach_remove
g_strfreev
g_str_hash
g_string_truncate
g_strdup_printf
g_str_equal
g_string_append_printf
g_hash_table_lookup
g_hash_table_new
g_strsplit
g_hash_table_foreach
g_string_insert_c
g_strdup
g_ptr_array_add
g_thread_create_full
g_threads_got_initialized
g_free
g_malloc0_n
g_string_sized_new
g_string_free
g_thread_functions_for_glib_use
g_ptr_array_new
g_thread_join
g_malloc_n
g_strsplit_set
g_ptr_array_remove_index
g_string_append
g_strndup
g_snprintf
g_vsnprintf
g_malloc0

libgthread-2.0-0

g_thread_init

sdl

SDL_GetRGB
SDL_MapRGBA
SDL_PushEvent
SDL_GetVideoInfo
SDL_VideoDriverName
SDL_PeepEvents
SDL_SetColors
SDL_UnlockSurface
SDL_LockSurface
SDL_SetClipRect
SDL_FillRect
SDL_GetClipRect
SDL_UpperBlit
SDL_FreeSurface
SDL_CreateRGBSurface
SDL_UpdateRect
SDL_Quit
SDL_GetModState
SDL_WM_SetIcon
SDL_Delay
SDL_GetWMInfo
SDL_EnableKeyRepeat
SDL_Init
SDL_SetVideoMode
SDL_WM_SetCaption
SDL_ListModes
SDL_EnableUNICODE
SDL_MapRGB
SDL_SetColorKey
SDL_PumpEvents
SDL_RWFromConstMem

libiconv2

ord7
ord5
ord6

libsndfile-1

ord3
ord68
ord50
ord4
ord17
ord2
ord37
ord33
ord21

portaudio_x86

ord4
ord12
ord14
ord15
ord13
ord1
ord21
ord29
ord19
ord8
ord3
ord5
ord17
ord30
ord22
ord7
ord2
ord26
ord16

libfftw3-3

fftw_execute
fftw_plan_dft_1d
fftw_destroy_plan
fftw_plan_dft_r2c_1d
fftw_malloc
fftw_free

libhamlib-2

ord148
ord147
ord188
ord128
ord136
ord92
ord115
ord193
ord122
ord205
ord93
ord200
ord207
ord227
ord224
ord154
ord242
ord241
ord247
ord236
ord253
ord244
ord243
ord146

zlib1

ord19
ord55
ord50
ord58
ord16
ord14
ord60
ord24
ord20

dbghelp

MiniDumpWriteDump
StackWalk64

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

msvcr100

tolower
_CIexp
_CIlog
floor
_setjmp3
_CIpow
_CIlog10
_CIsqrt
_CIatan2
_CIfmod
_CIsin
_CIcos
_CItan
_CIasin
_CIacos
_CIatan
_unlink
_fileno
_getcwd
_strdup
_controlfp_s
_invoke_watson
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
longjmp
_snprintf
memset
memcpy
isxdigit
islower
iscntrl
___mb_cur_max_func
ispunct
calloc
isgraph
abort
strtoul
isalnum
realloc
_findfirst64i32
_mkdir
_findclose
_findnext64i32
strcoll
malloc
strerror_s
isalpha
bsearch
_get_osfhandle
qsort
_ftime64_s
_localtime64_s
_mkgmtime64
_gmtime64_s
_putenv_s
_localtime64
strspn
rename
modf
isupper
printf
__iob_func
rand
isprint
exit
srand
_gmtime64
_errno
vfprintf
_getpid
_stat64i32
setvbuf
fflush
fseek
ftell
fwrite
isdigit
getenv
strftime
strstr
isspace
toupper
fgets
free
_strnicmp
strrchr
strtol
strchr
strncmp
memmove
strtod
fclose
fprintf
fread
fopen
strncpy
fgetc
_stricmp
_time64
atof
atol
atoi
strtok_s
sprintf

comdlg32

GetOpenFileNameA
CommDlgExtendedError

advapi32

RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
GetUserNameA
RegCloseKey
RegQueryInfoKeyA

libusb0

usb_release_interface
usb_control_msg
usb_open
usb_strerror
usb_get_string_simple
usb_bulk_write
usb_bulk_read
usb_claim_interface
usb_close
usb_get_busses
usb_find_devices
usb_find_busses
usb_init

Exports

Exports

opterr
optind
optopt

Sections

.text
Size: 726KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee57c9237303f8c7b57506b7c6b752e7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

shell32

user32

ws2_32

libglib-2.0-0

libgthread-2.0-0

sdl

libiconv2

libsndfile-1

portaudio_x86

libfftw3-3

libhamlib-2

zlib1

dbghelp

setupapi

msvcr100

comdlg32

advapi32

libusb0

Exports

Exports

Sections

.text Size: 726KB - Virtual size: 725KB

.rdata Size: 2.3MB - Virtual size: 2.3MB

.data Size: 92KB - Virtual size: 197KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 77KB - Virtual size: 76KB

.text
Size: 726KB - Virtual size: 725KB

.rdata
Size: 2.3MB - Virtual size: 2.3MB

.data
Size: 92KB - Virtual size: 197KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 77KB - Virtual size: 76KB