a13fe7eda838c8b66937d5e0fdcf8fc1fd0e0bf978e7ceb2f304b5cd881b8935

Sharing

Copy URL Twitter E-mail

General

Target

a13fe7eda838c8b66937d5e0fdcf8fc1fd0e0bf978e7ceb2f304b5cd881b8935
Size

396KB
MD5

1874b0dcac9618330a5add24edfebb14
SHA1

a818482c11bd125f819ec95ac1a0367e1d1ae27a
SHA256

a13fe7eda838c8b66937d5e0fdcf8fc1fd0e0bf978e7ceb2f304b5cd881b8935
SHA512

108f09153bee695f0ae0d0363ce05b1195910e74db77ec66e27026813d61df6f7843d95c6bbbc6638d5d42fafcc1cd287f92703c50b05a5fd6e05838a1d6ed3c
SSDEEP

12288:mRzEdcpdIq0mBnvemUqcu06smUasTnfooKYeA0xFenR9bjy:mR1pdIq0mBnvemUqcu06smUasTnf8A0c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a13fe7eda838c8b66937d5e0fdcf8fc1fd0e0bf978e7ceb2f304b5cd881b8935

Files

a13fe7eda838c8b66937d5e0fdcf8fc1fd0e0bf978e7ceb2f304b5cd881b8935
.exe windows:4 windows x86 arch:x86

177a63473ec50b565e2fe6de73374712

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\高橋直樹\My Documents\Visual Studio Projects\nscr\Release\nscr.pdb

Imports

winmm

timeEndPeriod
mciSendCommandA
timeGetTime
mciGetErrorStringA
mixerGetControlDetailsA
waveOutOpen
waveOutClose
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
timeBeginPeriod
timeGetDevCaps
mciSendStringA
mixerSetControlDetails
mixerGetNumDevs
mixerOpen
mixerGetDevCapsA
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA

dsound

ord1

msacm32

acmStreamClose
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmFormatSuggest
acmStreamUnprepareHeader

kernel32

HeapSize
LCMapStringW
WideCharToMultiByte
LCMapStringA
SetEndOfFile
SetFilePointer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
ResetEvent
CreateDirectoryA
GetWindowsDirectoryA
ReleaseMutex
GetCurrentDirectoryA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetModuleFileNameA
CreateMutexA
CloseHandle
OpenMutexA
ReadFile
CreateFileA
WriteFile
LocalFree
LocalUnlock
LocalLock
FreeLibrary
GetTickCount
WaitForMultipleObjects
GetVersionExA
GetDriveTypeA
GetVolumeInformationA
InterlockedIncrement
InterlockedDecrement
HeapFree
HeapAlloc
GetProcessHeap
MulDiv
CreateEventA
GetPrivateProfileStringA
WinExec
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileSize
GetStringTypeA
SetStdHandle
GetStdHandle
SetHandleCount
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineA
GetStartupInfoA
CreateThread
ResumeThread
ExitThread
GetLocalTime
HeapCompact
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
HeapReAlloc
SetCurrentDirectoryA
SetEnvironmentVariableA
GetCPInfo
GetOEMCP
GetACP
RtlUnwind
VirtualProtect
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetFileType
DeleteFileA
GetFileAttributesA
GetLastError
ExitProcess
GetSystemInfo
VirtualQuery
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetStringTypeW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InterlockedExchange
FlushFileBuffers
GetLocaleInfoA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
RaiseException
CompareStringA
CompareStringW
RemoveDirectoryA

user32

SetCursorPos
ClientToScreen
SetWindowTextA
EnableWindow
GetDlgItem
EndDialog
SetFocus
GetWindowRect
GetSubMenu
ShowWindow
ScrollDC
SendMessageA
GetCursorPos
ScreenToClient
SetCursor
SetMenu
UpdateWindow
BeginPaint
EndPaint
KillTimer
SetTimer
DestroyMenu
ChangeDisplaySettingsA
PostQuitMessage
GetMenuItemID
MoveWindow
GetWindowTextA
DialogBoxParamA
SetMenuItemInfoA
SetWindowPos
GetWindowLongA
SetWindowLongA
DefWindowProcA
InsertMenuItemA
DestroyWindow
InvalidateRect
FillRect
MessageBoxA
GetDC
ReleaseDC
LoadIconA
LoadCursorA
RegisterClassA
GetSystemMetrics
AdjustWindowRect
LoadAcceleratorsA
LoadMenuA
CreateWindowExA
GetForegroundWindow
GetAsyncKeyState
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DrawMenuBar
DeleteMenu
CreateMenu
LoadImageA
CreateDialogParamA
CallWindowProcA
GetMessageA
PostMessageA

gdi32

BitBlt
GetStockObject
DeleteDC
DeleteObject
CreateFontA
StretchDIBits
SetBkMode
SetTextColor
EnumFontFamiliesExA
StretchBlt
SetStretchBltMode
GetDeviceCaps
CreateDIBSection
SelectObject
CreateCompatibleDC
SetBkColor
TextOutA
CreateSolidBrush

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

OleLoadPicture

Exports

Exports

AllocDIB
BltBGTo
BltSpriteTo
DrawBG
DrawBG2
DrawClear
DrawFill
DrawSP
DrawSP2
FreeDIB
GetSpriteData
NSAGetFile
NScrDoEvents
NScrGetDestDC
NScrGetFontType
NScrGetSrcDC
NScrGetWindow
NScrGetWindowSize
NScrRefreshWindow
RenderSprite

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

177a63473ec50b565e2fe6de73374712

Headers

File Characteristics

PDB Paths

Imports

winmm

dsound

msacm32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 320KB - Virtual size: 320KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 8KB - Virtual size: 3.5MB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 320KB - Virtual size: 320KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 8KB - Virtual size: 3.5MB

.rsrc
Size: 8KB - Virtual size: 8KB