a163a128ad3a0be1da203351107fb62f7ef8a8677d7ca7c0235da730fd30c646

Sharing

Copy URL

Twitter E-mail

General

Target

a163a128ad3a0be1da203351107fb62f7ef8a8677d7ca7c0235da730fd30c646
Size

2.1MB
MD5

d5066a36a43732b9486d7b09ad2894ce
SHA1

23b3eac1ffaa05f4f828f911f1e6e40a399b2c31
SHA256

a163a128ad3a0be1da203351107fb62f7ef8a8677d7ca7c0235da730fd30c646
SHA512

c1f339c286c479109a90e111d31682df0a3ca0b7bff2881edc079b1b7dd2a50be4934a66ba825ff03a27ef6bab5208734d3326d2a29e76ddedbf359f851f7374
SSDEEP

49152:Jqs+VtC+hpag+gc06wxmhMl88GkVoQTB7S2RQsfeo1byawl2lXHYCfyz93T6A:ngc07SDsvyawsl3YCV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a163a128ad3a0be1da203351107fb62f7ef8a8677d7ca7c0235da730fd30c646

Files

a163a128ad3a0be1da203351107fb62f7ef8a8677d7ca7c0235da730fd30c646
.exe windows:4 windows x86 arch:x86

85d3e298943ef0982bb6cf64384df885

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Develop\Work\Fishdom-trunk\output\Release-Game\Fishdom.pdb

Imports

kernel32

GetTimeZoneInformation
SetEndOfFile
GetDateFormatA
GetTimeFormatA
GetLocaleInfoW
SetEnvironmentVariableA
GetOEMCP
GetACP
InterlockedExchange
LoadLibraryA
SetStdHandle
IsBadCodePtr
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
VirtualQuery
GetSystemInfo
VirtualProtect
DeleteCriticalSection
SetConsoleCtrlHandler
WinExec
CompareStringA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
ReadFile
HeapSize
SetFilePointer
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
SetCurrentDirectoryA
GetLocaleInfoA
CopyFileA
CreateDirectoryA
CreateFileA
LocalFree
CloseHandle
GetVersionExA
GetCurrentThreadId
FindFirstFileA
GetLastError
FindNextFileA
FindClose
FlushFileBuffers
WriteFile
EnterCriticalSection
SetUnhandledExceptionFilter
GetPrivateProfileStringA
GetShortPathNameA
GetCurrentDirectoryA
WritePrivateProfileStringA
DeleteFileA
MoveFileA
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
GetProcessAffinityMask
GetCurrentThread
SetThreadAffinityMask
GetLocalTime
LeaveCriticalSection
CompareStringW
IsBadWritePtr
VirtualAlloc
IsProcessorFeaturePresent
HeapFree
RtlUnwind
RaiseException
ExitProcess
IsBadReadPtr
GetProcAddress
GetModuleHandleA
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree

user32

PtInRect
FindWindowA
LoadIconA
RegisterClassExA
CreateWindowExA
DefWindowProcA
SetWindowLongA
SetFocus
UpdateWindow
AdjustWindowRectEx
DestroyWindow
UnregisterClassA
GetWindowLongA
GetParent
GetWindow
GetWindowRect
IsWindow
MapWindowPoints
SetWindowPos
GetForegroundWindow
SetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
ShowWindow
GetDesktopWindow
GetDC
ReleaseDC
SystemParametersInfoA
MessageBoxA
GetMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
SetCursor
LoadCursorA
ShowCursor
GetCursorPos
ScreenToClient
GetClientRect

gdi32

GetDeviceCaps
GetStockObject

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
FreeSid
SetSecurityInfo
SetEntriesInAclA
AllocateAndInitializeSid
GetSecurityInfo
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA
ShellExecuteExA

bass

BASS_ErrorGetCode
BASS_Init
BASS_StreamPlay
BASS_ChannelSetAttributes
BASS_GetDeviceDescription
BASS_Free
BASS_StreamCreateFile
BASS_SamplePlayEx
BASS_SampleGetInfo
BASS_SampleLoad
BASS_Pause
BASS_Start
BASS_SampleStop
BASS_ChannelStop

d3d8

Direct3DCreate8

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 375KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 16.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85d3e298943ef0982bb6cf64384df885

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

bass

d3d8

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 375KB - Virtual size: 374KB

.data Size: 37KB - Virtual size: 16.1MB

.data1 Size: 2KB - Virtual size: 2KB

.rsrc Size: 43KB - Virtual size: 42KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 375KB - Virtual size: 374KB

.data
Size: 37KB - Virtual size: 16.1MB

.data1
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 43KB - Virtual size: 42KB