C:\MyProjects\Game\MarioV3\Output\Release\Mario.pdb
Static task
static1
Behavioral task
behavioral1
Sample
Mario.exe
Resource
win11-20240221-en
General
-
Target
Mario.exe
-
Size
4.8MB
-
MD5
8543f84d8b2a253be401c2557c1add2c
-
SHA1
a1712c4d397e44838052597eb740985bf386a221
-
SHA256
6d0ca345d7e3d6af63a1e57eb4a00d3a9d955f20fee0727e079a99d8fe1bc0e7
-
SHA512
19038812347e5afa53587c26377710f898e031994ca903a8afd4d517a98be2101a00b7d83a25b58124bff8b77cd26f6daefd8a4173aa193cc75a6d316c38831c
-
SSDEEP
98304:zEqvOJNLSwavH9z/R/G6RbGD+YC8XonLNEq6r6vb7J:YqvOJNLSwavHNR/G4bG/E5V
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Mario.exe
Files
-
Mario.exe.exe windows:6 windows x86 arch:x86
88717b49dabcf0f4274e0fc533440f9e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
dbghelp
MiniDumpWriteDump
ws2_32
htonl
shutdown
getservbyname
WSAStartup
gethostname
gethostbyname
inet_ntoa
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSACleanup
WSAIoctl
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
send
recv
shell32
SHFileOperationW
ShellExecuteW
fmodex
FMOD_System_Create
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?getMasterChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?setFrequency@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?addGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@@Z
?release@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?setChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAVChannelGroup@2@@Z
?setVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?setPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setLoopPoints@Sound@FMOD@@QAG?AW4FMOD_RESULT@@IIII@Z
dinput8
DirectInput8Create
d3d9
Direct3DCreate9
d3dx9_42
D3DXMatrixScaling
D3DXMatrixTranslation
D3DXMatrixMultiply
D3DXCreateSprite
D3DXMatrixRotationZ
D3DXCreateFontW
D3DXSaveSurfaceToFileInMemory
D3DXCreateTexture
D3DXCreateTextureFromFileExW
wldap32
ord60
ord50
ord46
ord211
ord41
ord22
ord26
ord27
ord32
ord33
ord301
ord200
ord30
ord79
ord35
ord143
kernel32
SetEnvironmentVariableA
WriteConsoleW
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetTimeZoneInformation
SetConsoleCtrlHandler
GetExitCodeThread
GetModuleHandleExW
ExitThread
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
SetStdHandle
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
SetFilePointerEx
SetEndOfFile
SetCurrentDirectoryW
CreateFileW
CloseHandle
SetUnhandledExceptionFilter
ReleaseMutex
CreateMutexW
OpenMutexW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTime
GetTickCount
GetModuleFileNameW
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentDirectoryW
CreateFileA
DeleteFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileSize
GetFullPathNameW
SetFileTime
TerminateProcess
OpenProcess
FreeLibrary
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
MoveFileW
GetComputerNameW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetThreadId
OutputDebugStringW
DecodePointer
RaiseException
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThread
DebugBreak
GetLocalTime
GetFileTime
CopyFileW
FileTimeToSystemTime
ExitProcess
SetLastError
FormatMessageA
GetTickCount64
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
SleepEx
WaitForSingleObjectEx
GetStdHandle
GetFileType
ReadFile
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
VerSetConditionMask
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
VerifyVersionInfoA
QueryPerformanceCounter
GlobalMemoryStatus
FlushConsoleInputBuffer
WriteFile
WaitNamedPipeW
lstrlenW
TryEnterCriticalSection
EncodePointer
Sleep
CreateDirectoryW
GetFileAttributesExW
GetACP
ReadConsoleW
GetConsoleCP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
IsValidCodePage
GetOEMCP
GetCommandLineA
FormatMessageW
DuplicateHandle
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentProcess
SwitchToThread
user32
CreateWindowExW
DestroyWindow
ShowWindow
LoadAcceleratorsW
TranslateAcceleratorW
UpdateWindow
GetClientRect
AdjustWindowRect
MessageBoxW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
LoadCursorW
LoadIconW
SetWindowPos
GetSystemMetrics
GetWindowRect
GetAsyncKeyState
MoveWindow
IsWindowVisible
PostQuitMessage
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
GetForegroundWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation
ToAscii
GetDC
GetWindowTextW
SetWindowTextW
GetWindow
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
LoadStringW
EnumWindows
RegisterClassExW
OpenClipboard
SendMessageW
GetParent
gdi32
SwapBuffers
SetPixelFormat
ChoosePixelFormat
advapi32
GetUserNameW
RegCreateKeyExW
RegQueryValueExW
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegSetValueExW
RegOpenKeyExW
RegCloseKey
ole32
CoInitialize
CoSetProxyBlanket
CoCreateInstance
oleaut32
SysFreeString
SysAllocString
opengl32
glTexSubImage2D
glTexParameterf
glTexImage2D
glTexEnvf
glTexCoord2f
glScalef
glRotatef
glReadPixels
glReadBuffer
glPushMatrix
glPopMatrix
glOrtho
glMatrixMode
glLoadIdentity
glGetError
glGenTextures
glVertex3f
glEnd
glEnable
glDeleteTextures
glColor4f
glColor3f
glClearColor
glClear
glBlendFunc
glBindTexture
glBegin
wglMakeCurrent
wglGetProcAddress
wglGetCurrentDC
wglGetCurrentContext
wglDeleteContext
wglCreateContext
wglCopyContext
glTranslatef
glViewport
glFlush
iphlpapi
GetAdaptersInfo
version
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
Sections
.text Size: 3.5MB - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 974KB - Virtual size: 973KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 91KB - Virtual size: 325KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 238KB - Virtual size: 237KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ