Static task
static1
General
-
Target
File-ELDEN.RING.v1.12.Incl.ALL.DLC_427704.exe
-
Size
7.7MB
-
MD5
259a738a7373a8c6dffec116277cf7a6
-
SHA1
7e4e527096e58199aca2031d19fac4d7f3dcede1
-
SHA256
3cc2b2fe5fe42092a00300e1d43eb3d4c88a783242924874b847cd9436a3edd3
-
SHA512
467d5043da354dacbf2fed9d7ece4ee87482e8f20303e452d590244f20f471349ca2c04df14fa965f165e50428e7493d31d20e18dc82aaa250f80c73e17ebf60
-
SSDEEP
196608:u288p8RT3OgtMwVajd4nXhE7OUGCZvb+CV4i8JRzY6SK:u288+T3O6I2nXhE7OUGClb+CV4vD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource File-ELDEN.RING.v1.12.Incl.ALL.DLC_427704.exe
Files
-
File-ELDEN.RING.v1.12.Incl.ALL.DLC_427704.exe.exe windows:6 windows x86 arch:x86
3edeaff8abef40c004b6f29fa270bade
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetStartupInfoW
LCMapStringW
SetStdHandle
FindClose
VirtualAlloc
TlsFree
GetTickCount
SetEvent
MoveFileExW
EnterCriticalSection
CreateFileW
GetCurrentDirectoryA
GetProcessAffinityMask
FindFirstFileW
SetLastError
GetProcAddress
FindNextFileW
SetFileAttributesW
GetSystemDirectoryW
GetModuleHandleW
HeapReAlloc
FormatMessageW
SetCurrentDirectoryW
RemoveDirectoryA
FreeEnvironmentStringsW
GetFileSize
UnhandledExceptionFilter
LoadLibraryA
ReadFile
WideCharToMultiByte
WakeAllConditionVariable
FreeLibraryAndExitThread
GetTempPathW
WriteConsoleW
GetACP
ReleaseSemaphore
TryAcquireSRWLockExclusive
HeapAlloc
SetFilePointerEx
CreateThread
TlsSetValue
GetCurrentThreadId
LocalFree
WaitForSingleObject
GetSystemInfo
IsProcessorFeaturePresent
GetVersionExA
TlsGetValue
LeaveCriticalSection
FindNextFileA
GlobalMemoryStatus
CloseHandle
CreateDirectoryA
GetFileType
CreateFileA
VirtualFree
HeapSize
GetCurrentDirectoryW
GetCurrentProcess
RaiseException
FindFirstFileA
GetModuleFileNameW
IsDebuggerPresent
QueryPerformanceFrequency
GetEnvironmentStringsW
LoadLibraryExW
SetCurrentDirectoryA
DeleteCriticalSection
GetProcessHeap
GetModuleFileNameA
GetCPInfo
CreateSemaphoreA
GetCommandLineA
SetUnhandledExceptionFilter
FreeLibrary
GetConsoleMode
RemoveDirectoryW
RtlUnwind
GetFileAttributesA
AcquireSRWLockExclusive
GetFileInformationByHandle
DeleteFileW
FlushFileBuffers
GetTickCount64
FindFirstFileExA
SetFilePointer
GetLastError
QueryPerformanceCounter
GetModuleHandleA
EncodePointer
InitializeCriticalSection
GetCurrentProcessId
LoadLibraryW
SetFileAttributesA
AreFileApisANSI
DecodePointer
GetModuleHandleExW
SetFileTime
CreateEventA
CreateDirectoryW
CreateProcessA
SetEndOfFile
ExitProcess
ResetEvent
IsBadReadPtr
DeleteFileA
IsValidCodePage
GetTempPathA
ReleaseSRWLockExclusive
GetSystemTimeAsFileTime
TerminateProcess
InitializeCriticalSectionEx
GetFileAttributesW
HeapFree
GetTempFileNameW
FormatMessageA
Sleep
GetOEMCP
WriteFile
GetStdHandle
GetVersion
GetCommandLineW
TlsAlloc
GetConsoleCP
GetStringTypeW
MultiByteToWideChar
InitializeSListHead
ExitThread
InitializeCriticalSectionAndSpinCount
user32
DialogBoxParamA
CharUpperW
LoadStringA
LoadIconA
SetWindowTextA
CharUpperA
KillTimer
GetDlgItem
DialogBoxParamW
EndDialog
MessageBoxA
GetWindowLongA
SetTimer
ShowWindow
LoadStringW
SetWindowLongA
MessageBoxW
SendMessageA
PostMessageA
DestroyWindow
SetWindowTextW
shell32
ShellExecuteExA
oleaut32
VariantClear
SysAllocStringLen
SysStringLen
advapi32
CloseServiceHandle
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 68KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 570KB - Virtual size: 582KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 21KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ