a08ee53b805d84d2ff3fa143f2a526f0741c3ff0ae484bdc73bd6c24a54b6e4a

Sharing

Copy URL Twitter E-mail

General

Target

a08ee53b805d84d2ff3fa143f2a526f0741c3ff0ae484bdc73bd6c24a54b6e4a
Size

1.3MB
MD5

6db67f84d1eed97c2f18e2edcf7af7a2
SHA1

9a6d5e96b762e7e0ca76c8426872109e56004230
SHA256

a08ee53b805d84d2ff3fa143f2a526f0741c3ff0ae484bdc73bd6c24a54b6e4a
SHA512

927edc9f91619e7853d0c9299e74f24d9d98594bf09e460b3c2ec0646e0b62eb62cebec9d857d0963d146ea73642c82dc6d54ac173d428fd26d3b9f0f8331227
SSDEEP

24576:Uj3OejGqUrOFOHfeT2q+58dnmlMxKLo2TsUt2rR8FfBhRJUEbDk1ulUA:UzkhCgmT2qQ8dMMxcQUt2r4PRSEk1ul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a08ee53b805d84d2ff3fa143f2a526f0741c3ff0ae484bdc73bd6c24a54b6e4a

Files

a08ee53b805d84d2ff3fa143f2a526f0741c3ff0ae484bdc73bd6c24a54b6e4a
.exe windows:6 windows x86 arch:x86

ab242178311572cb2c0daffd84306568

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\bamboo-agent-home\xml-data\build-dir\PGSC-MON63-JOB1\monolith\Build\ProtectorPackaging\Release\GameStub.pdb

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
DecodePointer
RaiseException
HeapAlloc
HeapReAlloc
HeapFree
GetCurrentProcess
GetProcessHeap
InitializeCriticalSectionEx
CreateFileW
FlushFileBuffers
ReadFile
SetFilePointerEx
WriteFile
FindClose
FindNextFileW
GetGeoInfoW
GetUserGeoID
ReadConsoleW
SetStdHandle
FreeEnvironmentStringsW
GetUserDefaultUILanguage
LoadResource
FindResourceExW
GetFileSizeEx
GetFileAttributesW
FormatMessageA
GetCurrentThreadId
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
CreateProcessW
HeapSize
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetStringTypeW
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
OutputDebugStringW
RtlUnwind
FreeLibrary
LoadLibraryExW
GetStdHandle
ExitProcess
GetModuleHandleExW
GetFileType
IsValidLocale
GetUserDefaultLCID
WriteConsoleW

user32

MessageBoxW

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 555KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 576KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab242178311572cb2c0daffd84306568

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 555KB - Virtual size: 554KB

.reloc Size: 576KB - Virtual size: 580KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 555KB - Virtual size: 554KB

.reloc
Size: 576KB - Virtual size: 580KB