e:\BuildAgent\work\71ca6fec1b41cc30\build\WindowsStandalonePlayer\player_win.pdb
Static task
static1
1 signatures
General
-
Target
HorseStar.exe
-
Size
6.4MB
-
MD5
e9168f4fb3420d39853f6859f948ee0c
-
SHA1
39464ba8a9e9d1944c96fd35c7e9879f14f1d1d2
-
SHA256
1ca88fd620fb58e913c0ced704ffb9b0dd9a59d043d3841b45edaf3b1002262a
-
SHA512
0b5fc4a1eeb21c23880c1f354fe070da34ddd97977ac9f87601389bceb446f011d044f13a84982d77696e81e03838d6674ba200e4aa8c6d539b451b17db84b9c
-
SSDEEP
196608:AHUhA3GlK/iHn07DoqokQs/TkBGuprqK7Db1f8/RrsWWLLYFND:AHUhA3GlK/iHn0DgkQs/ToHpJ9URrTWY
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource HorseStar.exe
Files
-
HorseStar.exe.exe windows:5 windows x86 arch:x86
c9558bf19568cc6da6d8834c20a7f0e4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
CancelIo
CreateEventW
ExpandEnvironmentStringsA
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GetSystemInfo
GlobalMemoryStatusEx
GetUserDefaultLangID
SetThreadAffinityMask
GetCurrentThread
GetProcessAffinityMask
MultiByteToWideChar
OutputDebugStringA
FormatMessageA
SetLastError
GetTickCount
CreateEventA
CopyFileW
MoveFileExW
HeapValidate
WaitForMultipleObjects
WriteFile
GetFileSize
ReadFile
CreateFileW
SetEndOfFile
SetFilePointer
LoadLibraryW
lstrlenW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetCurrentDirectoryA
GetProcessHeap
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
FlushFileBuffers
GetConsoleCP
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentProcessId
HeapCreate
TerminateProcess
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
SetConsoleCtrlHandler
GetDriveTypeA
PeekNamedPipe
GetFileInformationByHandle
FileTimeToSystemTime
GetTimeZoneInformation
ExitThread
WriteConsoleW
GetStartupInfoA
GetOverlappedResult
ExitProcess
GetModuleHandleW
UnhandledExceptionFilter
HeapReAlloc
RtlUnwind
HeapAlloc
HeapFree
WritePrivateProfileStringW
GetTempPathW
SetErrorMode
IsDebuggerPresent
CreateProcessW
GetModuleFileNameA
GetFileTime
RaiseException
lstrlenA
SetUnhandledExceptionFilter
FileTimeToLocalFileTime
FileTimeToDosDateTime
FlushConsoleInputBuffer
FindFirstFileA
GetStdHandle
GetFileType
GlobalMemoryStatus
GetVersion
GlobalAlloc
GlobalLock
GlobalUnlock
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateThread
GetCurrentThreadId
SleepEx
CreateThread
SetThreadPriority
CreateMutexA
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameW
ReleaseSemaphore
WaitForSingleObject
CloseHandle
CreateSemaphoreA
CreateDirectoryW
WideCharToMultiByte
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
GetSystemDirectoryA
CreateWaitableTimerA
SetWaitableTimer
ResetEvent
OpenEventA
VirtualQuery
InterlockedDecrement
VirtualAlloc
VirtualFree
UnmapViewOfFile
CreateFileA
CreateFileMappingA
MapViewOfFile
lstrcmpiA
GetFullPathNameA
InterlockedExchange
GetSystemTimeAsFileTime
SetEvent
InterlockedCompareExchange
GetCommandLineW
LocalFree
lstrcpynW
lstrcpyA
lstrcpynA
GetModuleFileNameW
DeleteFileA
FindFirstFileW
FindNextFileW
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
GetCommandLineA
FindClose
InterlockedIncrement
HeapWalk
user32
GetCursorPos
MessageBoxW
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
wvsprintfA
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
GetClipboardData
IsClipboardFormatAvailable
GetWindowThreadProcessId
GetAncestor
SetCapture
WindowFromPoint
GetSystemMetrics
DefWindowProcW
GetDC
CreateWindowExW
ScreenToClient
GetAsyncKeyState
GetKeyState
wsprintfA
SendMessageTimeoutA
EnumWindows
SendMessageA
SetForegroundWindow
ShowWindow
IsIconic
RegisterWindowMessageA
GetUserObjectInformationA
GetThreadDesktop
GetParent
EnumDisplayDevicesA
DestroyWindow
ReleaseDC
GetCaretBlinkTime
ReleaseCapture
PeekMessageA
GetMessageA
MsgWaitForMultipleObjectsEx
DispatchMessageA
ValidateRect
LoadImageA
DialogBoxParamA
IsDlgButtonChecked
CheckDlgButton
CreateDialogParamW
EnableWindow
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
SetWindowTextW
SetFocus
SetCursorPos
ClipCursor
ShowCursor
GetFocus
RegisterClassW
RegisterWindowMessageW
TrackPopupMenuEx
PostQuitMessage
LoadMenuW
GetSubMenu
SetMenuDefaultItem
DestroyMenu
LoadIconW
SetWindowLongW
GetWindowLongW
LoadCursorA
RegisterClassExW
DialogBoxParamW
EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
CopyRect
OffsetRect
UnregisterClassW
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA
CreateDialogParamA
GetClientRect
SetWindowPos
GetWindowLongA
GetWindowRect
gdi32
SetPixelFormat
SwapBuffers
ChoosePixelFormat
GetGlyphOutlineW
AddFontMemResourceEx
CreateCompatibleDC
CreateFontIndirectW
GetFontUnicodeRanges
SetBkMode
SetTextAlign
SetTextColor
SelectObject
EnumFontFamiliesExW
DeleteDC
DeleteObject
RemoveFontMemResourceEx
GetDeviceCaps
GetBitmapBits
BitBlt
CreateCompatibleBitmap
CreateDCA
GetObjectA
GetObjectW
advapi32
GetUserNameA
CryptAcquireContextA
CryptImportKey
CryptCreateHash
CryptHashData
CryptVerifySignatureA
CryptDestroyHash
CryptDestroyKey
CryptReleaseContext
RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
DeregisterEventSource
RegisterEventSourceA
ReportEventA
shell32
ShellExecuteW
Shell_NotifyIconW
CommandLineToArgvW
SHGetFolderPathW
ole32
CoUninitialize
CoInitialize
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
PropVariantClear
CoCreateGuid
version
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoSizeW
opengl32
glMaterialf
glMaterialfv
glColor4fv
glViewport
glScissor
glTexEnvfv
glBindTexture
glTexGenfv
glTexGeni
glLightfv
glLightf
glLightModelfv
glFogfv
glFogf
glFogi
glIsTexture
glDeleteTextures
glFinish
glVertex3f
glNormal3f
glColor4f
glTexCoord3f
glBegin
glEnd
glReadPixels
glLoadIdentity
glLightModelf
glHint
glTexParameteri
glLightModeli
wglDeleteContext
wglGetCurrentDC
glDrawArrays
wglGetCurrentContext
glReadBuffer
glDrawBuffer
glTexImage2D
glCopyTexSubImage2D
glPixelStorei
glTexSubImage2D
wglCreateContext
wglShareLists
wglGetProcAddress
glStencilFunc
glStencilOp
glColorMaterial
glGetFloatv
glMultMatrixf
glMatrixMode
glLoadMatrixf
glClear
glClearColor
glFrontFace
glGetError
glGetString
glGetIntegerv
glDrawElements
glTexCoordPointer
glNormalPointer
glVertexPointer
glColorPointer
glEnableClientState
glDisableClientState
glTexEnvf
glTexEnvi
glClearDepth
wglMakeCurrent
glClearStencil
glStencilMask
glDepthFunc
glDepthMask
glCullFace
glPolygonOffset
glColorMask
glDisable
glBlendFunc
glEnable
glAlphaFunc
winmm
waveOutGetDevCapsW
waveOutOpen
timeGetTime
waveOutGetDevCapsA
waveOutClose
waveInGetNumDevs
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetPosition
waveOutGetNumDevs
waveOutPrepareHeader
ws2_32
socket
WSAGetLastError
inet_addr
connect
getsockname
closesocket
gethostbyname
getaddrinfo
inet_ntoa
htonl
freeaddrinfo
htons
WSAStartup
gethostname
WSACleanup
shlwapi
PathIsDirectoryW
PathFileExistsW
SHDeleteKeyA
oleaut32
SysFreeString
SysAllocString
imm32
ImmGetContext
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmSetOpenStatus
hid
HidP_MaxDataListLength
HidD_GetPreparsedData
HidD_GetProductString
HidP_GetCaps
HidP_GetData
HidD_FreePreparsedData
HidP_GetValueCaps
HidP_GetButtonCaps
wsock32
bind
send
recv
setsockopt
ntohs
inet_ntoa
sendto
getsockopt
select
WSACancelAsyncRequest
listen
accept
getpeername
WSASetLastError
__WSAFDIsSet
shutdown
gethostbyaddr
WSAAsyncGetHostByName
recvfrom
msacm32
acmFormatSuggest
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmStreamUnprepareHeader
acmStreamConvert
Exports
Exports
AgPmDestroySourceConnection
AgPmEventEnabled
AgPmEventLoggingEnabled
AgPmSubmitEvent
NxCreateCoreSDK
Sections
.text Size: 5.1MB - Virtual size: 5.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 855KB - Virtual size: 855KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 148KB - Virtual size: 682KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 348KB - Virtual size: 347KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ