1947fb79ec298902f0912985efffdad934939b30d7e2ba434aa0fdd68a96cd45

Sharing

Copy URL Twitter E-mail

General

Target

1947fb79ec298902f0912985efffdad934939b30d7e2ba434aa0fdd68a96cd45
Size

1.0MB
MD5

eb4172327cdfb855165c25f7b8008f92
SHA1

e37450f24b4cc8a1380c8d68814778c2aa8fa425
SHA256

1947fb79ec298902f0912985efffdad934939b30d7e2ba434aa0fdd68a96cd45
SHA512

1cc7c21a2bf10701894edc978ba439ffeb90e49eb68898499f31fb356afe0645ad5c28ce9c397f373c9f71bf5d245cb399410ea5b7df0fbe4f728a1113f5bfdc
SSDEEP

24576:DhZP4EUuvjDcOoZrP11W0jj2Dd0MZgw97bNkfzG8S:V9quvj6rrWnDFqfz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1947fb79ec298902f0912985efffdad934939b30d7e2ba434aa0fdd68a96cd45

Files

1947fb79ec298902f0912985efffdad934939b30d7e2ba434aa0fdd68a96cd45
.exe windows:5 windows x86 arch:x86

70202401f4ce2f83c69aa630075f7d5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

steam_api

SteamAPI_RegisterCallback
SteamAPI_UnregisterCallback
SteamAPI_RunCallbacks
SteamAPI_RestartAppIfNecessary
SteamAPI_Init
SteamAPI_GetHSteamUser
SteamInternal_FindOrCreateUserInterface
SteamInternal_ContextInit
SteamInternal_CreateInterface

kernel32

QueryPerformanceCounter
CloseHandle
CreateFileA
DeleteFileA
GetStringTypeW
WriteConsoleW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetConsoleMode
GetConsoleCP
ReadFile
GetTimeZoneInformation
SetFilePointer
SetHandleCount
HeapCreate
GetCurrentDirectoryW
GetFileType
PeekNamedPipe
GetFileInformationByHandle
HeapSize
GetModuleFileNameW
GetStdHandle
WriteFile
GetCurrentThreadId
SetLastError
GetProcAddress
GetDriveTypeA
GetUserDefaultLCID
CreateMutexA
GetLastError
ReleaseMutex
GetModuleHandleA
TlsFree
TlsSetValue
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
Sleep
TlsGetValue
TlsAlloc
LoadLibraryW
GetTickCount
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
GetCurrentProcess
SetEnvironmentVariableA
CompareStringW
CreateFileW
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LeaveCriticalSection
EnterCriticalSection
CreateThread
ResumeThread
ExitThread
HeapReAlloc
GetProcessHeap
SetEndOfFile
GetStartupInfoW
HeapSetInformation
GetFileAttributesA
FindClose
GetCurrentDirectoryA
CreateDirectoryA
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
GetDriveTypeW
GetFullPathNameA
GetSystemTimeAsFileTime
HeapFree
GetLocalTime
HeapAlloc
RaiseException
GetCommandLineA

user32

TranslateMessage
PeekMessageA
PostQuitMessage
DefWindowProcA
DestroyWindow
EndPaint
DrawTextA
GetClientRect
DispatchMessageA
LoadCursorA
MoveWindow
ClientToScreen
GetDesktopWindow
ReleaseDC
GetDC
ChangeDisplaySettingsA
GetInputState
GetAsyncKeyState
ShowCursor
GetSystemMetrics
MessageBoxA
BeginPaint
GetWindowLongA
SetWindowLongA
GetCursorPos
ScreenToClient
InvalidateRect
RegisterClassExA
CreateWindowExA
CreateWindowExW
SendMessageA
ShowWindow
UpdateWindow
GetMessageA
LoadIconA
wsprintfA
GetWindowRect

gdi32

DeleteObject
CreateDIBSection
DeleteDC
GetCurrentObject
SetTextColor
SetBkMode
Rectangle
CreateSolidBrush
CreatePen
CreateCompatibleDC
BitBlt
CreateFontA
SelectObject
GetStockObject

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

dsound

ord1

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

ws2_32

getaddrinfo
socket
connect
freeaddrinfo
ioctlsocket
recv
closesocket
send

winmm

mciSendStringA
timeGetTime
mmioClose
mmioAscend
mmioRead
mmioDescend
mmioOpenA
mmioSeek
mmioSetInfo
mmioAdvance
mmioGetInfo

ddraw

DirectDrawCreate

Sections

.text
Size: 832KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70202401f4ce2f83c69aa630075f7d5f

Headers

DLL Characteristics

File Characteristics

Imports

steam_api

kernel32

user32

gdi32

shell32

ole32

dsound

wininet

ws2_32

winmm

ddraw

Sections

.text Size: 832KB - Virtual size: 831KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 29KB - Virtual size: 1.7MB

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 64KB - Virtual size: 64KB

.text
Size: 832KB - Virtual size: 831KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 29KB - Virtual size: 1.7MB

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 64KB - Virtual size: 64KB