speed[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

speed.exe
Size

20.1MB
MD5

387f99f068120e244b686e025aca4fd1
SHA1

9004c873652c1eb318724b52b04280c0e85b1ae9
SHA256

cf4e7a3e99c1e61645f50abaf2cb7671e26d145e9e6e482684564d5b6d05156b
SHA512

cb8a97e17892010788001a2887e92f690de026abdbac9aa4e2ac0effa3aee25686ac2cfab46b5df2303e0f1eb9e42cd640e3e4f9da28bff800994c2028fc621c
SSDEEP

98304:3m7HCgr2pc1pa677buIU98nRQ8SRhKqQyyk/VY8EDqWsdNBWn3oY5Ogg8:3mj9l14mbu8R2hK4yuRVNQTz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
speed.exe

Files

speed.exe
.exe windows:4 windows x86 arch:x86

70307858180cb8b3b3cc0ca26a194566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\PROJ\NFSMW\P4\Speed\PC\CDMWCollectorsJapan\NfsMWCollectorsRelease.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
ExitProcess

advapi32

RegCreateKeyA

gdi32

CreateCompatibleDC

user32

MessageBoxA

version

GetFileVersionInfoA

d3d9

Direct3DCreate9

d3dx9_26

D3DXMatrixMultiply

dinput8

DirectInput8Create

shfolder

SHGetFolderPathA

shell32

ShellExecuteA

imm32

ImmGetContext

dsound

ord6

winmm

waveOutGetDevCapsA

tapi32

lineGetDevCaps

netapi32

Netbios

ws2_32

shutdown

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 885KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 272KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

VOLKSWA
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GEN2oo6
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

70307858180cb8b3b3cc0ca26a194566

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

gdi32

user32

version

d3d9

d3dx9_26

dinput8

shfolder

shell32

imm32

dsound

winmm

tapi32

netapi32

ws2_32

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.rdata Size: 452KB - Virtual size: 451KB

.data Size: 144KB - Virtual size: 885KB

.rsrc Size: 452KB - Virtual size: 451KB

Size: 272KB - Virtual size: 270KB

VOLKSWA Size: 12KB - Virtual size: 8KB

GEN2oo6 Size: 16KB - Virtual size: 13KB

.text
Size: 4.6MB - Virtual size: 4.6MB

.rdata
Size: 452KB - Virtual size: 451KB

.data
Size: 144KB - Virtual size: 885KB

.rsrc
Size: 452KB - Virtual size: 451KB

VOLKSWA
Size: 12KB - Virtual size: 8KB

GEN2oo6
Size: 16KB - Virtual size: 13KB