c:\2010r1\REALbasic\REALbasic Visual Studio\release\X86RunHoudini.pdb
Static task
static1
1 signatures
General
-
Target
0x000500000001959c-97.exe
-
Size
23.8MB
-
MD5
9d299e41bae269641af28a6c02b80ef6
-
SHA1
66114e20ddf19e657d29aa2d1ac56ea93c62d130
-
SHA256
fce1bc05fbe2de83ee535e5ce0ceee94f2b4f917cdcbe1f1f649f44be25d4ec8
-
SHA512
26e01252b6caea9122734485654848d31c7f3dd06cf7fcc2806ba2b0705cb914b6b7b4e38ff1f23a5c373277e23d64320844e9882bef4ed27eb68d7ecce5de28
-
SSDEEP
196608:L4aINrhbRi7rS0tXoXJSZpstp7HfLDrbHbfbfHXnb73zDH3L3LnLjzPjbd1Y:8dbRivS0eXJHd+
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0x000500000001959c-97.exe
Files
-
0x000500000001959c-97.exe.exe windows:4 windows x86 arch:x86
f07aa30f098a9f2012bd13cc4c5e49f6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
comctl32
ord17
ImageList_Destroy
ImageList_Add
InitCommonControlsEx
ImageList_Create
winmm
midiOutOpen
midiOutShortMsg
midiOutClose
mciSendStringA
mciSendStringW
iphlpapi
GetAdaptersInfo
kernel32
ExitProcess
OutputDebugStringA
GetUserDefaultLangID
CreateEventW
SwitchToFiber
CreateFiber
ConvertThreadToFiber
DeleteFiber
GetACP
IsValidCodePage
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
MulDiv
GetVersion
GetLogicalDrives
InterlockedIncrement
InterlockedDecrement
ClearCommError
ResetEvent
GetCommState
WaitForSingleObject
SetCommBreak
GetCommProperties
EscapeCommFunction
ClearCommBreak
SetCommState
SetCommTimeouts
CreateEventA
GetCurrentProcess
GetOverlappedResult
GetCommandLineA
VirtualFree
GetProcessHeap
IsBadReadPtr
HeapAlloc
VirtualProtect
HeapFree
GetSystemDirectoryA
GetModuleHandleA
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
GetFileType
SetStdHandle
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoA
SetLastError
GetCurrentThreadId
HeapSize
RaiseException
GetStdHandle
HeapDestroy
HeapCreate
GetConsoleCP
GetConsoleMode
SetHandleCount
RtlUnwind
SetEnvironmentVariableW
OutputDebugStringW
GetEnvironmentVariableW
GetCommandLineW
ExpandEnvironmentStringsW
WideCharToMultiByte
GetModuleFileNameA
LoadLibraryW
VirtualAlloc
_lopen
_llseek
_lread
_lclose
LoadResource
FindResourceA
LockResource
lstrcpyA
GetFileTime
CopyFileW
FindNextFileW
GetSystemDirectoryW
FindClose
GetCPInfo
GetOEMCP
LCMapStringA
LCMapStringW
SetFileAttributesW
SetFileTime
MoveFileW
DeleteFileW
GetCurrentThread
CreateDirectoryW
GetWindowsDirectoryW
GetLongPathNameW
GetFileAttributesW
GetLogicalDriveStringsW
RemoveDirectoryW
SetCurrentDirectoryW
GetShortPathNameW
FindFirstFileW
GetCurrentDirectoryW
GlobalSize
GlobalFree
GlobalAlloc
GlobalReAlloc
CreateFileA
GetCurrentProcessId
CompareFileTime
GetLocalTime
LocalFileTimeToFileTime
GetSystemTime
GetDateFormatA
FileTimeToLocalFileTime
GetTimeFormatA
SystemTimeToFileTime
GetTimeZoneInformation
UnhandledExceptionFilter
FileTimeToSystemTime
GetFileSize
GetTempFileNameW
CloseHandle
GetLastError
WriteFile
GetTempPathW
FlushFileBuffers
CreateFileW
ReadFile
SetEndOfFile
SetFilePointer
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
GlobalUnlock
GlobalLock
FreeLibrary
LoadLibraryA
GetVersionExA
Sleep
GetProcAddress
GetLocaleInfoW
MultiByteToWideChar
GetUserDefaultLCID
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
GetStringTypeExA
CompareStringW
CompareStringA
IsDBCSLeadByteEx
GetLocaleInfoA
GetModuleHandleW
GetModuleFileNameW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetCommModemStatus
user32
IsIconic
CreateMDIWindowW
RegisterClassW
PostMessageA
RegisterWindowMessageA
TrackMouseEvent
GetFocus
GetMenuState
EnumChildWindows
GetWindow
IsZoomed
GetTopWindow
BringWindowToTop
AdjustWindowRect
GetSystemMenu
GetClassInfoW
DestroyCursor
VkKeyScanA
DeleteMenu
DestroyMenu
GetMenuItemID
SetMenuItemInfoW
CheckMenuItem
GetWindowTextLengthW
EnableWindow
RemovePropA
SetWindowTextW
GetMessagePos
GetKeyState
GetSubMenu
GetMenuStringW
GetMenuItemInfoW
IsClipboardFormatAvailable
RegisterClipboardFormatA
OpenClipboard
wsprintfA
GetPropA
FrameRect
SetPropA
InvalidateRgn
SetParent
CreateWindowExW
BeginPaint
EndPaint
UpdateWindow
DragDetect
GetClassNameA
ValidateRect
ShowCursor
GetMonitorInfoA
EnumDisplayMonitors
RegisterClassA
SetTimer
KillTimer
MsgWaitForMultipleObjectsEx
WindowFromPoint
ReleaseCapture
GetMessageW
DispatchMessageW
TranslateMDISysAccel
PeekMessageW
SystemParametersInfoA
DrawFrameControl
DrawIconEx
FindWindowW
GetMenu
ShowWindow
GetMenuItemCount
CreateWindowExA
ChildWindowFromPointEx
CreateIconIndirect
RedrawWindow
DefWindowProcA
CreateCursor
LoadImageA
MessageBoxW
GetWindowTextW
GetWindowTextLengthA
ScreenToClient
MoveWindow
GetKeyNameTextW
MapVirtualKeyA
SetClipboardData
GetClipboardData
EmptyClipboard
CreateIconFromResource
CreateIconFromResourceEx
DrawTextW
LoadIconA
InvertRect
DrawIcon
GetSysColorBrush
DrawFocusRect
GetIconInfo
LoadCursorFromFileW
DestroyIcon
SendMessageW
GetParent
SetWindowPos
FillRect
SetForegroundWindow
DispatchMessageA
IsWindowVisible
MessageBoxA
EnumWindows
PeekMessageA
TranslateMessage
ClientToScreen
GetClientRect
GetWindowRect
GetForegroundWindow
TrackPopupMenu
GetCursorPos
CreatePopupMenu
CallWindowProcW
DefWindowProcW
GetWindowLongW
DefFrameProcW
ReleaseDC
SetWindowLongW
GetDC
SetScrollRange
GetScrollRange
SetScrollInfo
GetScrollPos
GetScrollInfo
SetScrollPos
SetWindowLongA
GetWindowLongA
DrawMenuBar
CopyRect
SetCapture
CreateMenu
DefMDIChildProcW
SendMessageA
MessageBeep
GetDoubleClickTime
OffsetRect
SetRect
ScrollWindow
CloseClipboard
SetFocus
GetSystemMetrics
InvalidateRect
WindowFromDC
CharLowerBuffA
CharUpperBuffA
GetAsyncKeyState
DrawEdge
InsertMenuW
DestroyWindow
EnableMenuItem
LoadCursorA
SetMenu
SetCursor
GetMessageTime
GetSysColor
GetActiveWindow
gdi32
GetSystemPaletteEntries
Polygon
SetBrushOrgEx
SetTextAlign
CreateMetaFileW
CloseMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
EnumFontsW
EnumFontFamiliesExW
CreateRectRgn
CombineRgn
CreatePen
LineTo
SelectClipRgn
CreatePatternBrush
SetBkMode
SetPixelV
GetTextExtentPoint32W
CreateBitmap
CreateSolidBrush
GetFontLanguageInfo
Ellipse
GetClipRgn
GetPixel
Rectangle
SetTextColor
RoundRect
GetTextMetricsA
GetTextMetricsW
DeleteEnhMetaFile
DeleteMetaFile
CreateDIBitmap
GetMetaFileA
GetEnhMetaFileW
EnumEnhMetaFile
CreateFontIndirectA
SetViewportOrgEx
SetBkColor
GetEnhMetaFileA
SetMapMode
CreateFontW
CreateBrushIndirect
SetPixel
StartDocA
SetAbortProc
EndDoc
CreateICA
SetViewportExtEx
StartPage
SetWindowExtEx
EndPage
GetStockObject
CreateDIBSection
DeleteDC
StretchBlt
CreateCompatibleBitmap
RealizePalette
BitBlt
CreateDCA
StretchDIBits
SetDIBitsToDevice
SelectPalette
DeleteObject
GetObjectA
GetDIBits
CreatePalette
GetEnhMetaFileHeader
SelectObject
SetStretchBltMode
CreateCompatibleDC
MoveToEx
TranslateCharsetInfo
GetDeviceCaps
comdlg32
GetOpenFileNameW
GetSaveFileNameW
ChooseColorA
PageSetupDlgA
PrintDlgA
advapi32
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegEnumValueW
RegQueryValueExW
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
ImpersonateSelf
AccessCheck
MapGenericMask
GetFileSecurityW
OpenThreadToken
RevertToSelf
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
shell32
DragAcceptFiles
DragQueryFileW
Shell_NotifyIconW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHFileOperationW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteW
DragFinish
ole32
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
IIDFromString
CoGetClassObject
OleInitialize
OleUninitialize
CoTaskMemAlloc
RegisterDragDrop
RevokeDragDrop
DoDragDrop
oleaut32
OleCreatePictureIndirect
SysAllocString
SysFreeString
OleLoadPicturePath
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 224KB - Virtual size: 222KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 268KB - Virtual size: 412KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 292KB - Virtual size: 290KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ