4b2f79aef5bfaf4d463de17c10ff6e05427bdb1c226c65cfaa60376df4fb29cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b2f79aef5bfaf4d463de17c10ff6e05427bdb1c226c65cfaa60376df4fb29cb
Size

9.3MB
MD5

fc24dfdfdb4a3aa61528ec8e9f8f33c8
SHA1

b3c022da23bfb55d55a397ad27b7d61b11144883
SHA256

4b2f79aef5bfaf4d463de17c10ff6e05427bdb1c226c65cfaa60376df4fb29cb
SHA512

2f9e4edbf6f21b644a1e4ab40ac08816a20a1e9c70b9275cee7915accb8f910f71d6b08a000de38f6b891d0fd8a312bb78dbdc224bb1875fa6aa2c7cbf1575f6
SSDEEP

196608:PcCOz8jh9idJSZdeQWSBKaFJuFeFeFeFeFeFeFeFeFeFeFeFeFeF:6z8IJgkbQb+0000000000000

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b2f79aef5bfaf4d463de17c10ff6e05427bdb1c226c65cfaa60376df4fb29cb

Files

4b2f79aef5bfaf4d463de17c10ff6e05427bdb1c226c65cfaa60376df4fb29cb
.exe windows:5 windows x86 arch:x86

bc278b945be01815d685d01c70360302

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\P4\AK_FINALPC\depot\Alaska\Runtime\REL\FINALPC\Code\GameProjects\Alaska\Alaska_PC_External_Unity\Alaska_PC_External_Unity.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

d3dx9_42

D3DXGetShaderConstantTableEx

dinput8

DirectInput8Create

xinput1_3

ord2

ws2_32

getsockopt

winmm

timeBeginPeriod

user32

GetQueueStatus

gdi32

GetStockObject

advapi32

RegOpenKeyExA

shell32

SHCreateDirectoryExA

ole32

CoInitializeEx

oleaut32

SafeArrayGetLBound

dbghelp

SymCleanup

d3d9

Direct3DCreate9

dsound

ord1

iphlpapi

GetAdaptersAddresses

Sections

.ALI213
Size: 4.3MB - Virtual size: 26.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ALI213
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE