b8460fa1474cf818711eb3d06e60c2d261c50d78e2968ae99608b1d5f564e954

Sharing

Copy URL

Twitter E-mail

General

Target

b8460fa1474cf818711eb3d06e60c2d261c50d78e2968ae99608b1d5f564e954
Size

1022KB
MD5

c04b35164ff8de8f3a060f0fa342ad47
SHA1

921b2b146c39fbe848ff7d598b55b0a8d92c3eeb
SHA256

b8460fa1474cf818711eb3d06e60c2d261c50d78e2968ae99608b1d5f564e954
SHA512

e69bf87050ea2e54c8487395c5c31aaecb532a5423f7e9999b2d2a89c2b8b5b973d6dfe21112185757a1dd0e592fbcb5d55058fe5e83c3787529126525171d48
SSDEEP

24576:SKl21zvybcO6Kb0tMnveQfG9pmN+UOB484OY6Y8iwVL9P9:SKl2dybXO2B4L9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8460fa1474cf818711eb3d06e60c2d261c50d78e2968ae99608b1d5f564e954

Files

b8460fa1474cf818711eb3d06e60c2d261c50d78e2968ae99608b1d5f564e954
.exe windows:4 windows x86 arch:x86

c3977ec2ad22291145beae452f7cd264

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

sdl

SDL_CDClose
SDL_CDEject
SDL_CDNumDrives
SDL_CDOpen
SDL_CDPause
SDL_CDPlayTracks
SDL_CDResume
SDL_CDStatus
SDL_CDStop
SDL_CloseAudio
SDL_Delay
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_SetAttribute
SDL_GL_SwapBuffers
SDL_GetAppState
SDL_GetError
SDL_GetGammaRamp
SDL_GetRelativeMouseState
SDL_GetTicks
SDL_GetWMInfo
SDL_Init
SDL_InitSubSystem
SDL_Linked_Version
SDL_LockAudio
SDL_OpenAudio
SDL_PauseAudio
SDL_PollEvent
SDL_Quit
SDL_QuitSubSystem
SDL_SetEventFilter
SDL_SetGammaRamp
SDL_SetModuleHandle
SDL_SetVideoMode
SDL_ShowCursor
SDL_UnlockAudio
SDL_WM_GrabInput
SDL_WM_SetCaption

kernel32

ExitProcess
FreeLibrary
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GlobalLock
GlobalSize
GlobalUnlock
LoadLibraryA
SetUnhandledExceptionFilter

msvcrt

_close
_dup
_lseek
_open
_putch
_read
_stricmp
_strnicmp
_unlink
_write
__getmainargs
__mb_cur_max
__p__environ
__set_app_type
_cexit
_fileno
_findclose
_findfirst
_findnext
_fmode
_fpreset
_getch
_getcwd
_iob
_isctype
_kbhit
_mkdir
_pctype
_setjmp
_setmode
_vsnprintf
atan2
atexit
atof
atoi
ceil
exit
exp
fclose
fflush
fgetc
floor
fopen
fprintf
free
freopen
localtime
log
longjmp
malloc
memcpy
memmove
memset
pow
rand
remove
setbuf
setvbuf
signal
sprintf
srand
sscanf
strcat
strchr
strcmp
strcpy
strftime
strlen
strncmp
strncpy
strrchr
strstr
strtok
strtol
tan
time
tolower
toupper

user32

CloseClipboard
GetClipboardData
LoadIconA
MessageBoxA
OpenClipboard
SetClassLongA

wsock32

WSACleanup
WSAGetLastError
WSAStartup
bind
closesocket
gethostbyname
getsockname
htons
ioctlsocket
ntohs
recvfrom
sendto
setsockopt
socket

Sections

.text
Size: 949KB - Virtual size: 949KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 49.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3977ec2ad22291145beae452f7cd264

Headers

File Characteristics

Imports

sdl

kernel32

msvcrt

user32

wsock32

Sections

.text Size: 949KB - Virtual size: 949KB

.data Size: 67KB - Virtual size: 66KB

.rdata Size: 512B - Virtual size: 76B

.bss Size: - Virtual size: 49.1MB

.idata Size: 4KB - Virtual size: 4KB

.text
Size: 949KB - Virtual size: 949KB

.data
Size: 67KB - Virtual size: 66KB

.rdata
Size: 512B - Virtual size: 76B

.bss
Size: - Virtual size: 49.1MB

.idata
Size: 4KB - Virtual size: 4KB