STARCRAFT[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

STARCRAFT.iso
Size

14.5MB
MD5

241152718ba927b15e97789780240e93
SHA1

7f6c83002839460299841451b70abbe41f980d17
SHA256

c70fd1ab42f03dbeb9446d54afd0fb248a22a321eb0fbc2fe01cbdd7d1702f3e
SHA512

51ae4eeff814e4ede4d1d01e1fabe37633645c97e61209aebc72ea3d77c8b0da6707b747abbc524bcd495e06ad3d59b7047cc0f3a6d422fbed98d2f4798c4054
SSDEEP

393216:ZUCW2ZvXdhnyuhJoy26kYRXGj8sc/AfLi+VSVvoHV:vW2JnbGWNWAT/Af5gE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/INSTALL.EXE

Files

STARCRAFT.iso
.iso
out.iso
.iso
INSTALL.EXE
.exe windows:4 windows x86 arch:x86

6216eecb05811b6e0f8ad7b694886ebc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

PlaySoundA

kernel32

LoadLibraryA
SetFilePointer
FindFirstFileA
FreeLibrary
GetProcAddress
WriteFile
GetDiskFreeSpaceA
lstrcpynA
WideCharToMultiByte
CreateEventA
WritePrivateProfileStringA
GetShortPathNameA
SetEndOfFile
MoveFileExA
OpenEventA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
VirtualLock
VirtualAlloc
DeleteCriticalSection
HeapFree
GetProcessHeap
TerminateProcess
GetExitCodeProcess
SetErrorMode
VirtualFree
EnterCriticalSection
InterlockedDecrement
InitializeCriticalSection
RemoveDirectoryA
VirtualUnlock
CreateFileA
SetEvent
SetThreadPriority
CreateThread
GetTickCount
Sleep
GetFileAttributesA
GetVolumeInformationA
CloseHandle
GetDriveTypeA
SetVolumeLabelA
DeleteFileA
lstrlenA
lstrcpyA
lstrcatA
ExitProcess
GetLastError
FormatMessageA
GetLocaleInfoW
FindClose
GetWindowsDirectoryA
CreateDirectoryA
GetSystemDirectoryA
GetVersionExA
GetModuleFileNameA
GetCurrentProcess
lstrcmpiA
GetModuleHandleA
MultiByteToWideChar
SetCurrentDirectoryA
WaitForSingleObject
GetCurrentDirectoryA
InterlockedIncrement
lstrcmpA
CreateProcessA
SetLastError
LeaveCriticalSection
GetFileSize
ReadFile
RaiseException
HeapAlloc
GetSystemInfo
GetVersion
OutputDebugStringA
GetLocaleInfoA
IsBadCodePtr
IsBadWritePtr
SetUnhandledExceptionFilter
FlushFileBuffers
IsBadReadPtr
HeapCreate
HeapDestroy
SetStdHandle
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
LCMapStringW
FreeEnvironmentStringsA
TlsGetValue
LCMapStringA
TlsAlloc
GetCurrentThreadId
HeapReAlloc
HeapSize
GetCommandLineA
GetStartupInfoA
GetFullPathNameA
TlsSetValue
ResumeThread
ExitThread
RtlUnwind
GetStringTypeA
GetStringTypeW

user32

GetWindowRect
SetWindowPos
LoadStringA
ReleaseDC
GetDC
DispatchMessageA
ExitWindowsEx
EndDialog
SetDlgItemTextA
DialogBoxParamA
wvsprintfA
MessageBoxA
wsprintfA
ShowCursor
PostMessageA
DestroyWindow
TranslateMessage
SetTimer
SetWindowTextA
PeekMessageA
InvalidateRect
SetFocus
CallWindowProcA
MessageBeep
SendMessageA
GetDlgItem
GetDlgItemTextA
SetCursor
SetWindowLongA
ReleaseCapture
SetActiveWindow
LoadCursorA
SetCapture
ShowWindow
EndPaint
BeginPaint
CreateWindowExA
AdjustWindowRect
GetDesktopWindow
GetWindowLongA
CreateCursor
DestroyCursor
GetForegroundWindow
FindWindowA
RegisterClassA
WaitMessage
SetForegroundWindow
GetLastActivePopup
GetTopWindow
PostQuitMessage
DefWindowProcA
GetActiveWindow
RegisterClassExA
LoadIconA
LoadImageA
KillTimer
GetSystemMetrics
WaitForInputIdle
GetParent
GetWindowTextA

gdi32

BitBlt
SetDIBColorTable
SetPaletteEntries
CreatePalette
RealizePalette
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
GetStockObject
DeleteDC
GetDeviceCaps
GetSystemPaletteEntries
SelectPalette

comdlg32

GetSaveFileNameA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegEnumKeyA
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

SHGetSpecialFolderLocation
SHGetFileInfoA
SHGetDesktopFolder
ShellExecuteA
SHGetMalloc
FindExecutableA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6216eecb05811b6e0f8ad7b694886ebc

Headers

File Characteristics

Imports

version

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 22KB - Virtual size: 63KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 22KB - Virtual size: 63KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 17KB - Virtual size: 17KB