c9d1520f60c78c5675a18b543eec3b5b

Sharing

Copy URL Twitter E-mail

General

Target

c9d1520f60c78c5675a18b543eec3b5b
Size

7.1MB
MD5

c9d1520f60c78c5675a18b543eec3b5b
SHA1

c7a54067ce6bb454624e7fa7529f8018235fd25a
SHA256

443f82821fa397e795190899903fe08c4acf562cbbafb0c619857975a02759e8
SHA512

db8d19892e5e9011f6eba617347e66cc43e0e0a68f4ded70865ec163aaa481c1c40af93e5c7c569ed39137625b8fee2b0773646ea2dbac9ddbe1910bbb8269dc
SSDEEP

98304:3m7HCgr2pc1pa677buIU98nRQ8SRhKqQyyk/VY8EDqWs6NBWn3oY5Ogg8T:3mj9l14mbu8R2hK4yuRCNQTzT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9d1520f60c78c5675a18b543eec3b5b

Files

c9d1520f60c78c5675a18b543eec3b5b
.exe windows:4 windows x86 arch:x86

70307858180cb8b3b3cc0ca26a194566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\PROJ\NFSMW\P4\Speed\PC\CDMWCollectorsJapan\NfsMWCollectorsRelease.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
ExitProcess

advapi32

RegCreateKeyA

gdi32

CreateCompatibleDC

user32

MessageBoxA

version

GetFileVersionInfoA

d3d9

Direct3DCreate9

d3dx9_26

D3DXMatrixMultiply

dinput8

DirectInput8Create

shfolder

SHGetFolderPathA

shell32

ShellExecuteA

imm32

ImmGetContext

dsound

ord6

winmm

waveOutGetDevCapsA

tapi32

lineGetDevCaps

netapi32

Netbios

ws2_32

shutdown

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 885KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

stxt774
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stxt371
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70307858180cb8b3b3cc0ca26a194566

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

gdi32

user32

version

d3d9

d3dx9_26

dinput8

shfolder

shell32

imm32

dsound

winmm

tapi32

netapi32

ws2_32

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 144KB - Virtual size: 885KB

.rsrc Size: 452KB - Virtual size: 451KB

Size: 272KB - Virtual size: 270KB

stxt774 Size: 12KB - Virtual size: 8KB

stxt371 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 144KB - Virtual size: 885KB

.rsrc
Size: 452KB - Virtual size: 451KB

stxt774
Size: 12KB - Virtual size: 8KB

stxt371
Size: 1.2MB - Virtual size: 1.2MB