WEP
cdtAnimate
cdtDraw
cdtDrawExt
cdtInit
cdtTerm
Static task
static1
1 signatures
General
-
Target
ms_solitaire_windows_xp.zip
-
Size
416KB
-
MD5
03cf444ea6e6ac25212786d408998387
-
SHA1
ad8f8afc7d490696ebbb8dce2a79c16f1254d7eb
-
SHA256
951be78319cabdc673c1b86eb2e19da23d52a6a127d38d4814d6c61f906afee2
-
SHA512
2c967d1318ab12cf9609ead204fd2779017eb918f804d361f96dcd502f9157d6afd82cbd3646250c7fe83f109fb5fc5ddc3e1ae41d4578b734a6afffa858a45c
-
SSDEEP
6144:0q5S6PrN03xUYJ/CSAtUgPqT0+gt3WpoXuMjCuP5p2wGepuhOYSCV3fwgT656C0G:9RNixRhAbLsYuoCuBp/0HfVXTWqkzv
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource unpack001/MS_Solitaire_Windows_XP/cards.dll unpack001/MS_Solitaire_Windows_XP/sol.exe unpack001/MS_Solitaire_Windows_XP/spider.exe
Files
-
ms_solitaire_windows_xp.zip.zip
-
MS_Solitaire_Windows_XP/cards.dll.dll windows:5 windows x86 arch:x86
21ad5d0f3070f8021aa70abd96c5cd81
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
user32
LoadBitmapA
gdi32
BitBlt
PatBlt
GetPixel
SetPixel
DeleteObject
GetObjectA
DeleteDC
StretchBlt
SetBkColor
CreateCompatibleDC
SelectObject
SetBrushOrgEx
GetDCOrgEx
CreateSolidBrush
Exports
Exports
Sections
.text Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 256B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 346KB - Virtual size: 345KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MS_Solitaire_Windows_XP/sol.exe.exe windows:5 windows x86 arch:x86
cf5d8ccd40ccf8c8e461f297b97c5818
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
rand
time
srand
advapi32
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegCloseKey
kernel32
GetStartupInfoA
GetModuleHandleA
MulDiv
lstrlenW
LocalFree
LocalAlloc
GetCommandLineW
GetProcAddress
LoadLibraryA
gdi32
SetTextColor
SetPixel
LineDDA
BitBlt
CreateCompatibleDC
GetStockObject
GetTextExtentPoint32W
CreateFontW
DeleteDC
TextOutW
PtVisible
SetBrushOrgEx
SelectObject
PatBlt
SetROP2
MoveToEx
LineTo
GetTextMetricsW
DeleteObject
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
user32
SetFocus
RegisterClassW
CopyRect
MoveWindow
DestroyWindow
GetSysColor
EndPaint
BeginPaint
GetDC
ReleaseDC
InvalidateRect
EndDialog
GetDesktopWindow
LoadStringA
ReleaseCapture
GetCapture
SetCapture
PostMessageW
EnableMenuItem
GetMenu
DefWindowProcW
ShowCursor
PostQuitMessage
KillTimer
GetClientRect
IsIconic
LoadAcceleratorsW
UpdateWindow
ShowWindow
SetTimer
CreateWindowExW
AdjustWindowRect
RegisterClassExW
LoadImageW
LoadIconW
RegisterWindowMessageW
LoadCursorW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
InvertRect
IntersectRect
MessageBoxW
LoadStringW
SetCursorPos
ClientToScreen
GetKeyState
PtInRect
PeekMessageW
MsgWaitForMultipleObjects
DrawTextW
WinHelpW
CheckDlgButton
IsDlgButtonChecked
EnableWindow
GetDlgItem
CheckRadioButton
DialogBoxParamW
InflateRect
FrameRect
cards
cdtDrawExt
cdtInit
cdtTerm
cdtDraw
shell32
ShellAboutW
comctl32
InitCommonControlsEx
Sections
.text Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 908B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
MS_Solitaire_Windows_XP/spider.exe.exe windows:5 windows x86 arch:x86
62ff38f10b39db8a0856c327b9755044
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
spider.pdb
Imports
advapi32
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExA
RegOpenKeyExA
kernel32
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
GetStdHandle
GetModuleHandleA
GetProcAddress
ExitProcess
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
CreateFileW
QueryPerformanceCounter
MulDiv
lstrlenW
GetVersionExA
WriteFile
GetModuleHandleW
Sleep
GetFileSize
GlobalAlloc
ReadFile
lstrcpyW
CloseHandle
GlobalFree
lstrcatW
gdi32
SaveDC
GetDeviceCaps
CreateFontIndirectW
Ellipse
GetTextExtentPoint32W
GetPixel
GdiFlush
ExcludeClipRect
RestoreDC
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
GetBkMode
GetTextColor
SetBkMode
SetTextColor
SetPixel
MoveToEx
LineTo
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC
user32
GetWindowRect
InvalidateRect
EndDialog
PeekMessageW
EnableMenuItem
GetMenu
DialogBoxParamW
LoadStringW
MessageBoxW
ReleaseDC
GetDC
SetCapture
GetWindowPlacement
IsIconic
IsZoomed
DrawMenuBar
DrawTextW
SetRect
FrameRect
FillRect
OffsetRect
InvertRect
IntersectRect
ReleaseCapture
UpdateWindow
PostMessageW
PtInRect
GetSubMenu
GetDesktopWindow
MoveWindow
DefWindowProcW
GetForegroundWindow
ShowWindow
GetSystemMetrics
PostQuitMessage
EndPaint
BeginPaint
DestroyWindow
WaitMessage
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
CreateWindowExW
RegisterClassW
LoadCursorW
LoadIconW
MessageBoxA
LoadStringA
SetDlgItemTextW
GetDlgItem
WinHelpW
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
GetDlgItemTextW
UnionRect
SendMessageW
SetTimer
LoadBitmapW
wsprintfW
GetClientRect
GetParent
shell32
SHGetSpecialFolderPathW
winmm
timeGetTime
PlaySoundW
comctl32
InitCommonControlsEx
Sections
.text Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 459KB - Virtual size: 459KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ