LUNA[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

LUNA.exe
Size

5.0MB
MD5

b86611ab56854eac997acf8c1d9e1abc
SHA1

d15936ff1c62c50d62c66c6edd4572bac6546ed6
SHA256

e9c0557fa8d06d83b78487c178715078d89d7113e398cad50b4ff5a6108b787e
SHA512

6a216cac2063117c772e434f77c5f11336118ec134ee4e7b1a0a150d5f0f69cbfbd1085f71a214c1652d72c0deeb2de42315596ac7bb53fdeaa8c9167f2563f4
SSDEEP

49152:e7w5bqg36BNva7twXNOfJcObJ6ewx7hLIl7eLJvZysmfKT2+drFGxwoNG777777r:NMNXh1TNdrFG+FNErS1GK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LUNA.exe

Files

LUNA.exe
.exe windows:6 windows x86 arch:x86

a126d7b15a2bb7fb7d6ab8b082b4bf00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Working Directory\PROJECT_X_CLASSIC\Obj\LUNA\Release\LUNA.pdb

Imports

soundlib

CreateSoundLib

ss3dgfunc

_MatrixMultiply2@12
_TransformV3TOV4@16
_SetInverseMatrix@8
_COLORtoDWORD@16
_WriteTGA@24
_CalcDistance@8
_VBHDeleteAll@4
_VBHRelease@4
_VBHInitialize@16
_VBHCreate@0
_VBHInsert@16
_VBHSelect@20
_RotatePositionWithPivot@24
_SetRotationYMatrix@8
_SetRotationXMatrix@8
_TransformVector3_VPTR2@16
_IsCollisionSphereAndBox@8
_Normalize@8
_CrossProduct@12
_VECTOR3Length@4

dinput8

DirectInput8Create

wtaerpc

Initialize_Wtae
Update_Wtae

kernel32

GetCurrentDirectoryA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
RemoveDirectoryA
CloseHandle
RaiseException
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
GetCurrentThreadId
FlushInstructionCache
GetWindowsDirectoryA
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryExA
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrcmpA
lstrcmpiA
FindResourceA
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
FormatMessageA
lstrcpynA
lstrcpyA
IsBadReadPtr
Sleep
GetTickCount
OutputDebugStringA
CreateFileA
GetFileSize
ReadFile
LoadLibraryA
InterlockedCompareExchange
CreateDirectoryA
WriteFile
GetSystemTime
lstrlenA
OpenFile
WriteConsoleA
InterlockedExchange
CreateThread
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEndOfFile
CreateFileW
EnumSystemLocalesEx
IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
GetLocaleInfoEx
GetStringTypeW
FlushFileBuffers
GetLocalTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
QueryPerformanceCounter
GetFileAttributesExW
GetTimeZoneInformation
SetFilePointerEx
LoadLibraryW
LoadLibraryExW
WaitForSingleObjectEx
OutputDebugStringW
SetConsoleCtrlHandler
GetConsoleCP
SetFilePointer
ReadConsoleW
GetConsoleMode
HeapQueryInformation
HeapSize
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
AreFileApisANSI
ExitProcess
InitOnceExecuteOnce
GetCurrentThread
GetModuleHandleW
GetStartupInfoW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
UnhandledExceptionFilter
FatalAppExitA
GetCommandLineA
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetSystemTimeAsFileTime
VirtualQuery
VirtualProtect
SetThreadStackGuarantee
GetProcessHeap
GetSystemInfo
HeapValidate
EncodePointer
RtlUnwind
IsDebuggerPresent
DecodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
IsDBCSLeadByte
HeapFree
HeapAlloc
lstrlenW
LocalFree
InitializeCriticalSectionEx
InterlockedPopEntrySList
GetStdHandle
SetStdHandle
InitializeSListHead

user32

GetWindowTextLengthA
CharNextA
CharPrevA
MessageBoxA
wsprintfA
RegisterWindowMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
SendMessageA
DefWindowProcA
PostQuitMessage
CallWindowProcA
UnregisterClassA
RegisterClassExA
GetClassInfoExA
CreateWindowExA
IsWindow
GetCursorPos
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
OffsetRect
LoadCursorFromFileA
SetCursor
CopyRect
PostMessageA
PtInRect
LoadIconA
LoadCursorA
GetWindow
GetClassNameA
GetParent
GetDesktopWindow
SetWindowLongA
GetWindowLongA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
ShowCursor
GetWindowRect
GetClientRect
SetRect
GetWindowTextA
SetWindowTextA
RedrawWindow
InvalidateRgn
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
GetSystemMetrics
DestroyAcceleratorTable
CreateAcceleratorTableA
ReleaseCapture
SetCapture
GetFocus
SetFocus
GetDlgItem
EndDialog
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsChild

gdi32

DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
SelectObject
DeleteObject
GetTextExtentPoint32A
CreateFontIndirectA
BitBlt
GetObjectA
GetStockObject

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA

ole32

CLSIDFromString
CoGetClassObject
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CLSIDFromProgID
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize
OleInitialize
OleUninitialize
OleLockRunning
CoUninitialize
CoFreeUnusedLibraries

oleaut32

GetErrorInfo
VariantChangeType
SetErrorInfo
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantInit
VariantClear
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
CreateErrorInfo
OleCreateFontIndirect

freeimage

_FreeImage_Load@12
_FreeImage_Unload@4
_FreeImage_SaveJPEG@12
_FreeImage_GetBits@4
_FreeImage_GetInfo@4
_FreeImage_ConvertTo16Bits565@4

winmm

timeGetTime

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a126d7b15a2bb7fb7d6ab8b082b4bf00

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

soundlib

ss3dgfunc

dinput8

wtaerpc

kernel32

user32

gdi32

advapi32

ole32

oleaut32

freeimage

winmm

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 444KB - Virtual size: 443KB

.data Size: 1.3MB - Virtual size: 1.6MB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 160KB - Virtual size: 159KB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 444KB - Virtual size: 443KB

.data
Size: 1.3MB - Virtual size: 1.6MB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 160KB - Virtual size: 159KB