secondsight[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

secondsight.exe
Size

3.8MB
MD5

2a0e3cdb7589abf966da521a1310a65c
SHA1

7d416acfea847df684ac6dce41c50a7a89e0181d
SHA256

34c53e449a0d8e12c6303beb86bff857e456eefa81b213d764c4db20a424ecdb
SHA512

2c404a875651282410348b62984edead18a32cfcce52550ba3e4fc6b9fa7818fac46d4a119bbe71a46e92aa5c0e70fad88f2e74f170da0f3d2eab389cc3bec4f
SSDEEP

98304:BK0lFXui8oAUjnhtmms0Db7JSHbnzQc9RhpIv/k24wD/6yAOu1:BK0lU/0jnhtmms0Db7JSHbnzDrIv/k2Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
secondsight.exe

Files

secondsight.exe
.exe windows:4 windows x86 arch:x86

4853eaa40ef11c532a74abfbc69ef078

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA

comctl32

InitCommonControls

dinput8

DirectInput8Create

dsound

DirectSoundEnumerateA
DirectSoundCreate8

gdi32

GetObjectA
CreateCompatibleDC
SelectObject
GetDIBits
DeleteObject
DeleteDC
GetStockObject

kernel32

MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
GetSystemInfo
IsProcessorFeaturePresent
MapViewOfFile
CreateFileMappingA
CreateFileW
UnmapViewOfFile
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
VirtualFree
VirtualAlloc
CompareStringA
SetFilePointer
lstrcmpi
IsBadWritePtr
SetEndOfFile
HeapAlloc
GetProcessHeap
HeapFree
CompareStringW
GetLocaleInfoW
VirtualQuery
VirtualProtect
QueryPerformanceCounter
IsBadCodePtr
GetModuleFileNameA
GetOEMCP
GetACP
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
GetFileType
LockResource
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapCreate
HeapDestroy
SetEnvironmentVariableA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
SetLastError
TlsFree
GetStartupInfoA
HeapReAlloc
FindNextFileA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetSystemDirectoryA
lstrcat
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineA
lstrlen
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryA
GetFileInformationByHandle
CreateEventA
SuspendThread
GetOverlappedResult
ResumeThread
WriteFile
GetDiskFreeSpaceExA
CreateFileA
GetFileSize
ReadFile
GetLastError
CloseHandle
IsBadReadPtr
QueryPerformanceFrequency
GetTickCount
Sleep
GetUserDefaultLangID
GetSystemDefaultLangID
GetModuleHandleA
OutputDebugStringA
GetTimeZoneInformation
FindClose
GetLocalTime
RaiseException
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess

shell32

ExtractIconA

user32

GetIconInfo
GetDC
ReleaseDC
wsprintfW
LoadCursorA
RegisterClassA
CreateWindowExA
DefWindowProcA
GetWindowLongA
SetCursor
DestroyMenu
DestroyWindow
PostQuitMessage
GetCursorPos
AdjustWindowRect
SetRect
GetParent
ScreenToClient
SetWindowPos
GetMonitorInfoA
MonitorFromWindow
GetClientRect
GetClassLongA
GetWindowRect
ClipCursor
EnumDisplaySettingsA
ShowWindow
SetWindowLongA
SetMenu
IsIconic
GetMenu
SendMessageA
GetSystemMetrics
MessageBoxA
GetKeyboardLayoutNameA
GetKeyboardLayout
GetKeyboardState
MapVirtualKeyExA
ToAsciiEx
SetWindowsHookExA
TranslateMessage
PeekMessageA
DispatchMessageA
CallNextHookEx
UnhookWindowsHookEx
SystemParametersInfoA
UnregisterClassA

Exports

Exports

frontendE3LoadLevelGfx
frontendE3LogoGfx
frontendResetFromGame
frontendScreenResGfx
gameDeferedReset
obLoad
oggDecompress
playerMovemodeNormal
playerSetAnim
playerSetDefaultControls

Sections

.sforce3
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brick
Size: 4KB - Virtual size: 64.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.start
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brick
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4853eaa40ef11c532a74abfbc69ef078

Headers

File Characteristics

Imports

advapi32

comctl32

dinput8

dsound

gdi32

kernel32

shell32

user32

Exports

Exports

Sections

.sforce3 Size: 3.3MB - Virtual size: 3.3MB

.RDATA Size: 4KB - Virtual size: 4KB

.sforce3 Size: 484KB - Virtual size: 484KB

.idata Size: 4KB - Virtual size: 4KB

.brick Size: 4KB - Virtual size: 64.2MB

.rsrc Size: 8KB - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 4KB

.start Size: 24KB - Virtual size: 22KB

.brick Size: 4KB - Virtual size: 472B

.sforce3
Size: 3.3MB - Virtual size: 3.3MB

.RDATA
Size: 4KB - Virtual size: 4KB

.sforce3
Size: 484KB - Virtual size: 484KB

.idata
Size: 4KB - Virtual size: 4KB

.brick
Size: 4KB - Virtual size: 64.2MB

.rsrc
Size: 8KB - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 4KB

.start
Size: 24KB - Virtual size: 22KB

.brick
Size: 4KB - Virtual size: 472B