ca10df09c5cbbd9f8fff561436c05ff59f08f615fc335e964dd4dca8d17a3e5d

Sharing

Copy URL

Twitter E-mail

General

Target

ca10df09c5cbbd9f8fff561436c05ff59f08f615fc335e964dd4dca8d17a3e5d
Size

1.6MB
MD5

6db5b8f82c33ea91a05a2ba9e9fcfba4
SHA1

f350043fb291a388f1ced607050d60b4f1ab1ac0
SHA256

ca10df09c5cbbd9f8fff561436c05ff59f08f615fc335e964dd4dca8d17a3e5d
SHA512

77feed7b69517de423e15e8f91b71fd419f84eb8c92f05589850a52b48d668af3a69bf34312f2dbe32e6477419feb902d564198b46d185e3467cf01c219cc5e2
SSDEEP

49152:ExIYyYutkI212y2eb4UrZ9EHXzjwlWeMlAhx96S7k7sW:HV21Jj83zjwlWeM+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca10df09c5cbbd9f8fff561436c05ff59f08f615fc335e964dd4dca8d17a3e5d

Files

ca10df09c5cbbd9f8fff561436c05ff59f08f615fc335e964dd4dca8d17a3e5d
.exe windows:4 windows x86 arch:x86

f4a64e52b87061cc3935a1e35e18baf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\My\Games\HiddenMagic\Source\vs2005\_output-release\HiddenMagic.pdb

Imports

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyA

shell32

ShellExecuteA

kernel32

SetEnvironmentVariableA
FlushFileBuffers
VirtualAlloc
GetOEMCP
GetACP
VirtualFree
HeapCreate
HeapDestroy
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
CompareStringA
CompareStringW
MultiByteToWideChar
GetCurrentProcessId
CreateFileMappingA
MapViewOfFile
SetEndOfFile
GetTimeZoneInformation
WaitForSingleObject
ReleaseMutex
ReleaseSemaphore
SetCurrentDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
CloseHandle
CreateSemaphoreA
CreateFileA
GetFileSize
FindFirstFileA
FindClose
FindNextFileA
FreeLibrary
GetTickCount
MulDiv
FileTimeToSystemTime
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetFileTime
VirtualQuery
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcess
GetCurrentThread
InitializeCriticalSection
Sleep
IsBadWritePtr
GetLastError
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GlobalLock
GetCommandLineA
GlobalAlloc
GetPrivateProfileIntA
SetThreadPriority
GlobalUnlock
GlobalFree
WritePrivateProfileStringA
GetModuleHandleA
DeleteFileA
QueryPerformanceCounter
GetThreadPriority
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
VirtualProtect
GetStdHandle
CreateDirectoryA
WideCharToMultiByte
InterlockedExchange
ExitThread
ResumeThread
CreateThread
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetLocalTime
ExitProcess
GetDriveTypeA
GetFullPathNameA
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
HeapSize
SetHandleCount
GetFileType
ReadFile
GetConsoleCP
GetConsoleMode
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RemoveDirectoryA

winmm

PlaySoundA
timeEndPeriod
timeGetTime
timeBeginPeriod
mixerOpen
mixerGetLineControlsA
mixerGetLineInfoA
mixerClose
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetDevCapsA

wsock32

send
gethostbyname
closesocket
__WSAFDIsSet
socket
recv
WSACleanup
htons
WSAGetLastError
select
ioctlsocket
WSAStartup
connect
inet_ntoa

gdi32

SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
GetTextMetricsA
IntersectClipRect
GetObjectA
GetStockObject
TextOutA
GetTextExtentPoint32A

user32

CloseClipboard
ScreenToClient
GetWindowRect
IsIconic
SetCapture
SetForegroundWindow
CreateCursor
EnumDisplaySettingsA
WindowFromPoint
RegisterWindowMessageA
GetWindowPlacement
SetWindowLongA
MessageBoxA
GetWindowLongA
PeekMessageA
EmptyClipboard
GetDlgItem
EndDialog
DestroyCursor
GetCursorPos
EnumWindows
GetSystemMetrics
ToUnicode
GetKeyboardState
MapVirtualKeyA
GetAsyncKeyState
DefWindowProcA
EndPaint
BeginPaint
CreateWindowExA
LoadCursorA
GetSysColorBrush
MoveWindow
AdjustWindowRectEx
ReleaseDC
OffsetRect
GetDC
DrawTextExA
GetClientRect
GetWindowInfo
FillRect
ClientToScreen
RegisterClassA
AdjustWindowRect
SetWindowTextA
MessageBoxW
DispatchMessageA
CreateWindowExW
ShowWindow
GetWindowTextA
TranslateMessage
SendMessageA
SetFocus
LoadIconA
SetTimer
GetMessageA
SetCursor
DestroyWindow
DefWindowProcW
ChangeDisplaySettingsA
DialogBoxIndirectParamA
SetClipboardData
IsWindowVisible
ReleaseCapture
SystemParametersInfoA
OpenClipboard
PostMessageA
GetActiveWindow

ole32

CoInitialize

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4a64e52b87061cc3935a1e35e18baf5

Headers

File Characteristics

PDB Paths

Imports

advapi32

shell32

kernel32

winmm

wsock32

gdi32

user32

ole32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 244KB - Virtual size: 242KB

.data Size: 28KB - Virtual size: 306KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 244KB - Virtual size: 242KB

.data
Size: 28KB - Virtual size: 306KB

.rsrc
Size: 24KB - Virtual size: 23KB