c8c8ea0bf1044af2519519b6e8b96e46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8c8ea0bf1044af2519519b6e8b96e46
Size

4.5MB
MD5

c8c8ea0bf1044af2519519b6e8b96e46
SHA1

12a3f765130703989ab4afda2cb25abcd1aa8243
SHA256

46df55fc31bfb1a17802fddaec9d432bf09353c7c61ff4ea691e4092c3f26338
SHA512

40feb7560b1038ba02e7286abcb2c0750a046f1b2477ceb9accbb7af8c37a6f46db30fa1c9777dd35e993a5c6e915760a3d3fdd4c431899c7edc606eecfc2779
SSDEEP

12288:vXWKx6Kx+44JeWc5ZCCsjOrWNrXnnOSkVjsU1Vr7b8O53sLOHMqeVPmBYXi9mbrJ:v/ya5wCsgme2U1VoocMM1XBh58g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Simcity Societies.exe

Files

c8c8ea0bf1044af2519519b6e8b96e46
.zip
Simcity Societies.exe
.exe windows:5 windows x86 arch:x86

5af3db5ec6f1dccb224c74c4095641ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Folder of Working Project\ProjectTest

Imports

user32

DrawTextExW
SetRect
ShowWindow
SetCursorPos
SetWindowTextA
LoadIconA
GetDC
IsWindowEnabled
RegisterWindowMessageA
GetScrollPos
GetKeyboardType
SendNotifyMessageW

shlwapi

PathAddExtensionA

kernel32

CreateWaitableTimerA
HeapUnlock
lstrcpynW
SetFilePointer
lstrcmpA
OpenSemaphoreW
CreateEventW

Exports

Exports

_ExitWindowsExExitWindowsEx@0

Sections

.text
Size: 155KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
c5107