Russian_Roulette[.]zip

Resubmissions

22/04/2024, 15:21

240422-srhbbscf89 3

22/04/2024, 15:19

240422-sqd8aacf83 3

22/04/2024, 15:16

240422-snvr9acf68 3

Sharing

Copy URL Twitter E-mail

General

Target

Russian_Roulette.zip
Size

100KB
MD5

8df8fa613a1fa54aaec52b8c56289eee
SHA1

512a7ad21393601dd29129908ee0498ecee1ce6d
SHA256

05273fa492df342204a31116655fe439593f5747062965e45d11a94b6ca2ffa5
SHA512

a8e7b3795f62502f86694484156b14bcdd7416951512ce24db15814582d8ef2b560d156749a23529478887b05104743795a660e3b33e1c306241860b815fdbeb
SSDEEP

1536:LJImdPfF7aamCfrohvhEyH8s37hJiJImdPfF7aamCfrohvhEyH8sI0P:yq1eLNhEdEPq1eLNhEdVi

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Russian Roulette.exe
unpack003/Russian Roulette.exe

Files

Russian_Roulette.zip
.zip
README.txt
ROS_Roulette_D x86.zip
.zip
Assets/cock.mp3
Assets/dry.mp3
Assets/shoot.mp3
Russian Roulette.exe
.exe windows:6 windows x86 arch:x86

5f5735e9bdb5c42a9d74cdc67393164b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\CODE\C++\Russian Roulette\Release\Russian Roulette.pdb

Imports

kernel32

CloseHandle
GetProcAddress
GetModuleHandleW
GetConsoleWindow
LoadLibraryA
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
CreateFileW
IsDebuggerPresent
WriteFile
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

GetDC
ShowWindow
GetSystemMetrics
MessageBoxW

gdi32

PatBlt
CreateSolidBrush
SelectObject

winmm

mciSendStringW

vcruntime140

__current_exception_context
__current_exception
_except_handler4_common
memset

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_c_exit
_initialize_narrow_environment
_cexit
_exit
__p___argv
_crt_atexit
_controlfp_s
terminate
_set_app_type
_get_initial_narrow_environment
_initterm_e
_register_onexit_function
_seh_filter_exe
__p___argc
_initialize_onexit_table
_initterm
_register_thread_local_exe_atexit_callback
exit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RUS_Roulette_S x86.zip
.zip
Assets/cock.mp3
Assets/dry.mp3
Assets/shoot.mp3
Russian Roulette.exe
.exe windows:6 windows x86 arch:x86

655bf2f239a28426089e5af43d852383

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\CODE\C++\Russian Roulette\Release\Russian Roulette.pdb

Imports

kernel32

IsDebuggerPresent
GetCurrentThreadId
GetCurrentProcessId
GetConsoleWindow
GetSystemTimeAsFileTime
InitializeSListHead
Sleep
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW

user32

MessageBoxW
ShowWindow
GetSystemMetrics
GetDC

gdi32

PatBlt
CreateSolidBrush
SelectObject

winmm

mciSendStringW

vcruntime140

__current_exception_context
memset
_except_handler4_common
__current_exception

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-runtime-l1-1-0

_get_initial_narrow_environment
_initterm
_initialize_narrow_environment
_initialize_onexit_table
__p___argc
_c_exit
_crt_atexit
_controlfp_s
terminate
_configure_narrow_argv
_initterm_e
_exit
_register_thread_local_exe_atexit_callback
_cexit
_register_onexit_function
_set_app_type
_seh_filter_exe
exit
__p___argv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

5f5735e9bdb5c42a9d74cdc67393164b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 904B

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 512B - Virtual size: 424B

655bf2f239a28426089e5af43d852383

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winmm

vcruntime140

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 904B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 396B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 904B

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 512B - Virtual size: 424B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 904B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 396B