d985eeb409de4603f3320ad80090e4f6b3553242dbd12e920b3764d6443fbb4c

Sharing

Copy URL Twitter E-mail

General

Target

d985eeb409de4603f3320ad80090e4f6b3553242dbd12e920b3764d6443fbb4c
Size

6.3MB
MD5

2ccf7dff931317639c318b59183bd092
SHA1

c2b2c71f26aa3115c5adf7aa6e8e5a3d0d87eec5
SHA256

d985eeb409de4603f3320ad80090e4f6b3553242dbd12e920b3764d6443fbb4c
SHA512

ff9fd5ce5fe3cdf72e070c6bc5ba4c1a86c66b3e38df87c7ab79b57e8ef0ea1c77f4b6a3ecabac82bd93705536364d1fe84b8c65bbb1002c0be8744106884222
SSDEEP

196608:1YvOkF6bXteIbRpDKEcPHTNKL1kdMjaKErzje5W/jqzxRQkOD5QBY:NBMPzcL1kSErzjgTPy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d985eeb409de4603f3320ad80090e4f6b3553242dbd12e920b3764d6443fbb4c

Files

d985eeb409de4603f3320ad80090e4f6b3553242dbd12e920b3764d6443fbb4c
.exe windows:6 windows x86 arch:x86

e336cb1e10e08b03a39e5dccbbecb141

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Legacy\Source\Build\Gunz.pdb

Imports

fmod

_FSOUND_SetHWND@4
_FSOUND_SetMaxHardwareChannels@4
_FSOUND_Stream_SetEndCallback@12
_FSOUND_Stream_GetMode@4
_FSOUND_Close@0
_FSOUND_SetMinHardwareChannels@4
_FSOUND_Init@12
_FSOUND_SetOutput@4
_FSOUND_Sample_SetMinMaxDistance@12
_FSOUND_Sample_Free@4
_FSOUND_Stream_SetMode@8
_FSOUND_Stream_GetLengthMs@4
_FSOUND_Stream_GetLength@4
_FSOUND_Stream_GetTime@4
_FSOUND_Stream_GetPosition@4
_FSOUND_Stream_SetPosition@8
_FSOUND_Stream_Stop@4
_FSOUND_Stream_PlayEx@16
_FSOUND_Stream_Close@4
_FSOUND_Stream_Open@16
_FSOUND_Stream_SetBufferSize@4
_FSOUND_Update@0
_FSOUND_GetError@0
_FSOUND_GetVersion@0
_FSOUND_GetNumDrivers@0
_FSOUND_GetDriverName@4
_FSOUND_GetDriverCaps@8
_FSOUND_GetMaxChannels@0
_FSOUND_Sample_Load@20
_FSOUND_Sample_GetMode@4
_FSOUND_PlaySoundEx@16
_FSOUND_StopSound@4
_FSOUND_SetVolume@8
_FSOUND_SetMute@8
_FSOUND_SetPriority@8
_FSOUND_SetPaused@8
_FSOUND_3D_SetAttributes@12
_FSOUND_3D_SetMinMaxDistance@12
_FSOUND_GetVolume@4
_FSOUND_3D_Listener_SetAttributes@32
_FSOUND_3D_SetDopplerFactor@4
_FSOUND_3D_SetDistanceFactor@4
_FSOUND_3D_SetRolloffFactor@4
_FSOUND_SetDriver@4

kernel32

TerminateProcess
GetCurrentThread
WideCharToMultiByte
ExitThread
ResetEvent
CreateThread
GlobalFlags
GetCurrentProcessId
SystemTimeToFileTime
CreateEventA
WaitForSingleObject
SetEvent
WriteFile
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetFileSize
ReadFile
GetFileInformationByHandle
GetFileAttributesA
CreateFileA
GetCurrentDirectoryA
FormatMessageA
LocalFree
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
DecodePointer
SetPriorityClass
GetCurrentProcess
lstrlenA
GetSystemInfo
SetFileTime
EncodePointer
GlobalMemoryStatusEx
DeleteCriticalSection
InitializeCriticalSection
Sleep
IsValidCodePage
lstrcmpiA
QueryPerformanceFrequency
QueryPerformanceCounter
CopyFileA
MulDiv
GetModuleFileNameA
GetWindowsDirectoryA
GetCurrentThreadId
CloseHandle
FindFirstFileA
FindClose
CreateDirectoryA
SetCurrentDirectoryA
GetTickCount
GetVersionExA
GetLastError
IsDebuggerPresent
OutputDebugStringA
GetModuleHandleA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetLocalTime
LeaveCriticalSection
EnterCriticalSection
GetSystemDirectoryW
LoadLibraryExW
FindResourceA
GlobalFindAtomA
GetOEMCP
GetCPInfo
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GetFileTime
SystemTimeToTzSpecificLocalTime
GetLocaleInfoW
GetUserDefaultUILanguage
VirtualProtect
GetACP
FindResourceExW
GetTempFileNameA
GetUserDefaultLCID
VerSetConditionMask
VerifyVersionInfoA
GetTempPathA
GetTickCount64
GetProfileIntA
SearchPathA
UnhandledExceptionFilter
FileTimeToSystemTime
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
SetFilePointerEx
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentDirectoryW
SetEnvironmentVariableW
GetStdHandle
SetStdHandle
GetCommandLineW
GetCommandLineA
HeapQueryInformation
FreeLibraryAndExitThread
VirtualQuery
VirtualAlloc
GetFullPathNameW
GetModuleHandleExW
ExitProcess
PeekNamedPipe
GetFileType
GetDriveTypeW
RtlUnwind
GetStringTypeW
LCMapStringEx
CompareStringEx
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
CreateFileW
GetLocaleInfoEx
RaiseException
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
DuplicateHandle
GetVolumeInformationA
UnlockFile
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsDBCSLeadByte
SetUnhandledExceptionFilter
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalDeleteAtom
GlobalAddAtomA
SetLastError
GlobalFree
GlobalReAlloc
lstrcmpA
lstrcmpW
lstrcpyA
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetModuleHandleW
LoadLibraryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringA
GlobalGetAtomNameA
SetThreadPriority
ResumeThread
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
IsProcessorFeaturePresent

user32

SetClipboardData
GetClipboardData
EmptyClipboard
ScreenToClient
GetKeyboardLayout
UnregisterHotKey
GetKeyNameTextA
MapVirtualKeyA
SetWindowPos
UpdateWindow
GetWindowLongA
SetWindowLongA
TranslateMessage
DispatchMessageA
PeekMessageA
PostQuitMessage
RegisterClassA
CreateWindowExA
GetActiveWindow
GetWindowRect
LoadIconA
GetDC
ReleaseDC
GetMenuStringA
GetMenuState
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuA
AppendMenuA
RemoveMenu
EnableWindow
GetDesktopWindow
UnhookWindowsHookEx
IsWindowEnabled
GetParent
GetWindowThreadProcessId
GetLastActivePopup
GetSystemMetrics
GetSysColor
GetSysColorBrush
LoadCursorA
GetWindowTextLengthA
DrawTextA
DrawTextExA
GrayStringA
TabbedTextOutA
GetWindowDC
BeginPaint
EndPaint
FillRect
GetMessageA
IsWindowVisible
ValidateRect
GetCursorPos
SetWindowsHookExA
CallNextHookEx
DestroyIcon
CharUpperA
GetDlgCtrlID
GetFocus
SetWindowTextA
PtInRect
RealChildWindowFromPoint
SetScrollPos
GetScrollPos
IsWindow
MoveWindow
GetDlgItem
CheckDlgButton
SendDlgItemMessageA
IsDialogMessageA
CopyRect
InflateRect
IntersectRect
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetMenuItemInfoA
LoadBitmapW
RegisterWindowMessageA
GetMessagePos
GetMessageTime
CallWindowProcA
GetClassInfoA
GetClassInfoExA
IsMenu
IsChild
DestroyWindow
GetWindowPlacement
SetWindowPlacement
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
IsIconic
GetCapture
GetMenu
SetMenu
TrackPopupMenu
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
CloseClipboard
ScrollWindow
SetScrollRange
GetScrollRange
ShowScrollBar
SetPropA
GetPropA
OpenClipboard
AdjustWindowRectEx
MapWindowPoints
EqualRect
GetClassLongA
LoadIconW
SetScrollInfo
GetScrollInfo
WinHelpA
MonitorFromWindow
GetMonitorInfoA
DestroyMenu
GetMenuItemInfoA
SystemParametersInfoA
CopyImage
SetRectEmpty
OffsetRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
MapDialogRect
InvalidateRect
SetCapture
ReleaseCapture
SetTimer
KillTimer
DrawIcon
SetWindowRgn
SetCursor
IsRectEmpty
LoadCursorW
ShowOwnedPopups
DeleteMenu
TrackMouseEvent
LoadImageW
BringWindowToTop
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
CreatePopupMenu
InsertMenuItemA
LoadImageA
UnpackDDElParam
ReuseDDElParam
GetNextDlgGroupItem
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
DrawStateA
SetClassLongA
SetParent
DrawEdge
DrawFrameControl
IsZoomed
LoadMenuW
GetSystemMenu
CopyIcon
FrameRect
UnionRect
LoadAcceleratorsW
UpdateLayeredWindow
MonitorFromPoint
GetComboBoxInfo
PostThreadMessageA
WaitMessage
IsCharLowerA
MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
CreateAcceleratorTableA
DestroyAcceleratorTable
CopyAcceleratorTableA
SetRect
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
RegisterClipboardFormatA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
DestroyCursor
RedrawWindow
GetCursorInfo
SetCursorPos
SendMessageA
GetWindow
GetTopWindow
GetClassNameA
FindWindowExA
GetDpiForWindow
ShowCursor
MessageBoxA
SetFocus
ShowWindow
DefWindowProcA
GetAsyncKeyState
wsprintfA
EnumWindows
GetClientRect
GetWindowTextA
PostMessageA
GetKeyState
ClientToScreen
RemovePropA

gdi32

CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
CreateBitmap
BitBlt
CreateDCA
CopyMetaFileA
GetObjectA
CreateDIBSection
GetTextMetricsA
SetMapMode
SelectObject
GetTextExtentPoint32A
GetTextFaceA
PtVisible
CreatePatternBrush
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkColor
SetBkMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextColor
SetTextAlign
MoveToEx
GetDeviceCaps
ExtTextOutA
CreateRectRgn
CreatePen
RectVisible
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
DPtoLP
CreateEllipticRgn
Ellipse
LPtoDP
EnumFontFamiliesExA
CreateCompatibleBitmap
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
Rectangle
GetRgnBox
OffsetRgn
CreateHatchBrush
DeleteObject
DeleteDC
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
AddFontResourceA
RemoveFontResourceA
CreateFontA
TextOutA
CreateCompatibleDC

advapi32

RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA

shell32

SHGetFileInfoA
SHChangeNotify
SHGetSpecialFolderPathA
SHAppBarMessage
SHBrowseForFolderA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
DragFinish
DragQueryFileA
ShellExecuteA

ole32

IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoDisconnectObject
OleLockRunning
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
OleGetClipboard
DoDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitialize
OleRun

oleaut32

GetErrorInfo
SysAllocStringLen
SysStringLen
LoadTypeLi
VarBstrFromDate
SystemTimeToVariantTime
VariantTimeToSystemTime
SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
VariantCopy
VariantChangeType

msimg32

TransparentBlt
AlphaBlend

shlwapi

PathRemoveFileSpecA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathSearchAndQualifyA
StrStrA
PathIsDirectoryA
StrStrIA
PathStripPathA

uxtheme

GetThemeSysColor
GetWindowTheme
IsAppThemed
GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
CloseThemeData
OpenThemeData
DrawThemeParentBackground
DrawThemeText

imm32

ImmNotifyIME
ImmGetOpenStatus
ImmGetConversionStatus
ImmGetCandidateListA
ImmAssociateContext
ImmGetDefaultIMEWnd
ImmSetConversionStatus
ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext

d3dx9_43

D3DXMatrixRotationZ
D3DXMatrixMultiply
D3DXMatrixRotationQuaternion
D3DXMatrixRotationY
D3DXMatrixLookAtLH
D3DXMatrixPerspectiveFovLH
D3DXMatrixTranslation
D3DXMatrixRotationX
D3DXVec3Normalize
D3DXQuaternionRotationAxis
D3DXVec3CatmullRom
D3DXQuaternionSlerp
D3DXQuaternionRotationMatrix
D3DXMatrixScaling
D3DXVec3TransformCoord
D3DXCreateTexture
D3DXMatrixRotationAxis
D3DXPlaneIntersectLine
D3DXPlaneFromPointNormal
D3DXVec3Transform
D3DXIntersectTri
D3DXBoxBoundProbe
D3DXCreateSphere
D3DXMatrixInverse
D3DXMatrixTranspose
D3DXPlaneFromPoints
D3DXPlaneTransform
D3DXCreateTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileInMemory
D3DXVec2Normalize
D3DXPlaneNormalize

winmm

PlaySoundA
timeBeginPeriod
timeGetDevCaps
timeGetTime
timeEndPeriod

ws2_32

WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
recvfrom
shutdown
WSACloseEvent
WSAGetLastError
WSACleanup
socket
setsockopt
send
recv
htons
htonl
ioctlsocket
connect
closesocket
bind
WSAStartup
WSAWaitForMultipleEvents
gethostname
gethostbyname
inet_addr
ntohs
sendto
inet_ntoa

sensapi

IsNetworkAlive

wininet

HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetConnectA
InternetReadFileExA
InternetSetStatusCallback
HttpOpenRequestA
HttpQueryInfoA
InternetCrackUrlA

dbghelp

MiniDumpWriteDump

d3d9

Direct3DCreate9
Direct3DCreate9Ex

gdiplus

GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateBitmapFromHBITMAP
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipStringFormatGetGenericTypographic
GdipDrawString
GdipGetFamily
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDeleteFontFamily
GdipFillPath
GdipGraphicsClear
GdipDrawPath
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeletePen
GdipCreatePen1
GdipDeleteBrush
GdipCloneBrush
GdipAddPathString
GdipDeletePath
GdipCreatePath
GdipCreateSolidFill

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 658KB - Virtual size: 657KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 26.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e336cb1e10e08b03a39e5dccbbecb141

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

fmod

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msimg32

shlwapi

uxtheme

imm32

d3dx9_43

winmm

ws2_32

sensapi

wininet

dbghelp

d3d9

gdiplus

oleacc

winspool.drv

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rdata Size: 658KB - Virtual size: 657KB

.data Size: 103KB - Virtual size: 26.1MB

.rsrc Size: 404KB - Virtual size: 404KB

.reloc Size: 256KB - Virtual size: 256KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.rdata
Size: 658KB - Virtual size: 657KB

.data
Size: 103KB - Virtual size: 26.1MB

.rsrc
Size: 404KB - Virtual size: 404KB

.reloc
Size: 256KB - Virtual size: 256KB