f30d204313a661fe5782fc39d84f035d84a121f5751667579aa9a32cb600a4b3

Sharing

Copy URL

Twitter E-mail

General

Target

f30d204313a661fe5782fc39d84f035d84a121f5751667579aa9a32cb600a4b3
Size

972KB
MD5

db47dd54011c0c34cf36a4cd5c14dae9
SHA1

a4c781f249b3d13745f2ada3d0b13181ebf22e1c
SHA256

f30d204313a661fe5782fc39d84f035d84a121f5751667579aa9a32cb600a4b3
SHA512

cc5a6a30d2bb8b17f9d4c7b51d52097ceb2db8fac6bbf6fa18d1c0dbc619985a99f3cc95b2b61117b69ba22368595983671755cb1d6348472a1cdb50ab6745d8
SSDEEP

24576:oDbmvxRdzJ2Moq8/F4mpI5hpAU2AeeLu0muJBzrBxgw5rizlB7bdjHCrcTqjCgfH:UZ/uW9SCif9mWo0uQMX4YHTM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f30d204313a661fe5782fc39d84f035d84a121f5751667579aa9a32cb600a4b3

Files

f30d204313a661fe5782fc39d84f035d84a121f5751667579aa9a32cb600a4b3
.exe windows:4 windows x86 arch:x86

6cc0fd4a5ad83a89ed29bfd5516bcbf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Dev\3d\SrcCode\Release\3D.pdb

Imports

winmm

timeGetTime

kernel32

VirtualProtect
CreateFileA
FlushFileBuffers
SetStdHandle
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
VirtualQuery
InterlockedExchange
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetSystemInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEndOfFile
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
LCMapStringW
LCMapStringA
SetFilePointer
GetCPInfo
GetOEMCP
GetACP
GetFullPathNameW
WriteFile
GetFullPathNameA
GetCurrentDirectoryW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetHandleCount
ReadFile
CloseHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
ReleaseMutex
CreateMutexA
GetLastError
HeapSize
GetCurrentProcess
TerminateProcess
GetCurrentDirectoryA
GetVersion
lstrcpynA
Sleep
lstrlenA
MulDiv
WideCharToMultiByte
QueryPerformanceFrequency
QueryPerformanceCounter
FindFirstFileW
RemoveDirectoryW
FindNextFileW
FindFirstFileA
RemoveDirectoryA
DebugBreak
FindNextFileA
FindClose
OutputDebugStringA
GetEnvironmentStrings
HeapReAlloc
GetModuleFileNameA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetProcAddress
HeapFree
RaiseException
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
CreateDirectoryA
GetDriveTypeW
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
MultiByteToWideChar
DeleteFileW
DeleteFileA
ExitProcess
RtlUnwind

user32

GetFocus
PtInRect
MessageBoxW
SetCursorPos
MessageBoxA
GetDC
EnumDisplaySettingsA
ChangeDisplaySettingsA
RedrawWindow
GetClientRect
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExW
ShowWindow
UpdateWindow
SetFocus
DefWindowProcA
SetCursor
PostQuitMessage
LoadAcceleratorsA
PeekMessageA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyWindow
SendMessageA
SetRect
AdjustWindowRect
SetWindowLongA
SetWindowPos
ShowCursor
GetForegroundWindow
ClipCursor
ToAscii
SetCapture
ReleaseCapture
GetWindowRect
ClientToScreen
GetAsyncKeyState
GetWindowInfo
GetCursorPos

gdi32

GetStockObject
SetTextColor
SetBkMode
ExtTextOutA
GetDeviceCaps

comdlg32

GetOpenFileNameA

advapi32

GetUserNameW
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

ShellExecuteA
SHGetFolderPathW

bass

BASS_ChannelSetAttributes
BASS_ChannelIsActive
BASS_ChannelGetPosition
BASS_ChannelGetLength
BASS_StreamCreateFile
BASS_SampleGetChannels
BASS_Init
BASS_StreamFree
BASS_SampleFree
BASS_Pause
BASS_Start
BASS_ChannelStop
BASS_SampleGetInfo
BASS_SampleGetChannel
BASS_SampleLoad
BASS_ChannelPlay

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

newton

NewtonCreateSphere
NewtonCreateBody
NewtonReleaseCollision
NewtonBodySetMassMatrix
NewtonBodySetForceAndTorqueCallback
NewtonBodySetUserData
NewtonBodySetLinearDamping
NewtonBodySetAngularDamping
NewtonBodySetAutoactiveCallback
NewtonBodyGetMatrix
NewtonBodySetMatrix
NewtonBodyGetVelocity
NewtonBodyGetOmega
NewtonBodyGetUserData
NewtonBodyGetMassMatrix
NewtonBodySetForce
NewtonWorldUnfreezeBody
NewtonDestroyAllBodies
NewtonDestroy
NewtonUpdate
NewtonCreate
NewtonWorldFreezeBody

Sections

.text
Size: 768KB - Virtual size: 767KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cc0fd4a5ad83a89ed29bfd5516bcbf9

Headers

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

bass

ddraw

newton

Sections

.text Size: 768KB - Virtual size: 767KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 8KB - Virtual size: 418KB

.rsrc Size: 116KB - Virtual size: 114KB

.text
Size: 768KB - Virtual size: 767KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 8KB - Virtual size: 418KB

.rsrc
Size: 116KB - Virtual size: 114KB