3dmoo[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

3dmoo.exe
Size

152KB
MD5

a17846e7385653418696d37a82aef38e
SHA1

3fceca6497f980d16db6175db65184103d5e9e45
SHA256

66ef7505c574e412f28f0eddea14176f4b0a6fb6f7b7c141640f033c6bf39774
SHA512

fa2a07bd6991bb0fa9fef9df7f209079dfd44b5d10d5f952c61d659f75adb9cde6a1a5b96b060c7e9dfed11da304137945982836bd4c0bbdcd3275fd21980a75
SSDEEP

1536:Nf4mFpZ8t0sbbpQ/+DUkDDwXQRSuA7RfTxuNoXw8LkVH9mcboW4aDYL9ES/l770:p4mFpGZbtQmokDG4DsPk+YDQayv0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dmoo.exe

Files

3dmoo.exe
.exe windows:6 windows x86 arch:x86

625706cb7028d0a52d39e30133a4ebf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Project\Emulator\GIT\3dmoo\windows\Release\3dmoo.pdb

Imports

sdl2

SDL_GetScancodeFromKey
SDL_Quit
SDL_MapRGB
SDL_UnlockSurface
SDL_LockSurface
SDL_UpdateWindowSurface
SDL_PollEvent
SDL_CreateWindow
SDL_FillRect
SDL_GetWindowSurface
SDL_DestroyWindow
SDL_Init
SDL_SetMainReady
SDL_GetTicks
SDL_Delay

kernel32

IsProcessorFeaturePresent
GetConsoleScreenBufferInfo
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsDebuggerPresent
GetStdHandle
SetConsoleTextAttribute

msvcr120

?terminate@@YAXXZ
_invoke_watson
_controlfp_s
memcpy
_crt_debugger_hook
__crtSetUnhandledExceptionFilter
__iob_func
printf
fprintf
malloc
exit
abort
free
sscanf
fgets
fopen
fclose
wprintf
realloc
fread
fwrite
ftell
fseek
perror
signal
sprintf
calloc
fflush
strncpy
strnlen
memset
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_XcptFilter
_amsg_exit
__getmainargs
__set_app_type
_exit
_cexit
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
__initenv
_fmode
_commode
_except_handler4_common

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

625706cb7028d0a52d39e30133a4ebf7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sdl2

kernel32

msvcr120

Sections

.text Size: 122KB - Virtual size: 121KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1KB - Virtual size: 358KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 122KB - Virtual size: 121KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1KB - Virtual size: 358KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 10KB - Virtual size: 10KB