260e618f11ad860361b3b1cd977f3054fcf1fb75986f5edd0cc1fac2c00a50c9

Sharing

Copy URL

Twitter E-mail

General

Target

260e618f11ad860361b3b1cd977f3054fcf1fb75986f5edd0cc1fac2c00a50c9
Size

641KB
MD5

03061a944012789935da9b81707bc418
SHA1

0cb930605a533258133e0bd8b6a591478563115c
SHA256

260e618f11ad860361b3b1cd977f3054fcf1fb75986f5edd0cc1fac2c00a50c9
SHA512

c7629e7f3a8f7845574d6aa97b8827468615ec1981e96a73526c4abaf4fbb4e1183ed18d6ea6d778c313ebbd3d33ee6a543bdb409e41a5c81176fdc76663d8ba
SSDEEP

12288:zONqrFnGY3f1MtRc6+eKzeP50swxfFn1a4Z9Z90Dy:zONqrFnGY3dMja1rZ97

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
260e618f11ad860361b3b1cd977f3054fcf1fb75986f5edd0cc1fac2c00a50c9

Files

260e618f11ad860361b3b1cd977f3054fcf1fb75986f5edd0cc1fac2c00a50c9
.exe windows:5 windows x86 arch:x86

d2747f37f23d15c856fdbd3dd1d8635d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\仕事2011\2011ラスト\プログラミング\NScripter最新2011\nscripter\Release\nscripter.pdb

Imports

kernel32

WaitForMultipleObjects
GetVersionExA
lstrlenA
HeapAlloc
InterlockedIncrement
InterlockedDecrement
HeapFree
GlobalLock
GetProcessHeap
GlobalAlloc
GlobalUnlock
lstrcpyA
MulDiv
CreateEventA
GetPrivateProfileStringA
WinExec
GetFileSize
GlobalFree
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetModuleHandleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetVolumeInformationA
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
SetHandleCount
SetStdHandle
VirtualAlloc
VirtualFree
HeapCreate
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
CreateThread
ResumeThread
ExitThread
GetLocalTime
HeapCompact
HeapReAlloc
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDriveTypeA
GetTickCount
FreeLibrary
SetFilePointer
LocalFree
OutputDebugStringA
LocalAlloc
LocalLock
ReadFile
WriteFile
CreateFileA
LocalUnlock
GetTempPathA
CloseHandle
ReleaseMutex
DeleteCriticalSection
GetCurrentDirectoryA
CreateMutexA
GetModuleFileNameA
OpenMutexA
LoadLibraryA
ResetEvent
SetCurrentDirectoryA
SetEnvironmentVariableA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleHandleW
EnterCriticalSection
GetLongPathNameA
GetProcAddress
CreateDirectoryA
MultiByteToWideChar
LeaveCriticalSection
Sleep
DeleteFileA
GetFileAttributesA
GetLastError
InitializeCriticalSection
WideCharToMultiByte

user32

TranslateMessage
GetDC
LoadIconA
LoadMenuA
UpdateWindow
PeekMessageA
ReleaseDC
TranslateAcceleratorA
LoadAcceleratorsA
DispatchMessageA
GetForegroundWindow
AdjustWindowRect
RegisterClassA
InvalidateRect
FillRect
MoveWindow
GetAsyncKeyState
MessageBoxA
ChangeDisplaySettingsA
DialogBoxParamA
LoadCursorA
SetMenuItemInfoA
DestroyMenu
GetSystemMetrics
CreateWindowExA
CallWindowProcA
CreateDialogParamA
GetSubMenu
DeleteMenu
CreateMenu
GetMenu
DrawMenuBar
LoadImageA
SetWindowTextA
CloseClipboard
GetWindowRect
SetFocus
EmptyClipboard
GetDlgItem
EndDialog
OpenClipboard
EnableWindow
SetClipboardData
EndPaint
ClientToScreen
DestroyWindow
SetCursor
GetMessageA
SetTimer
ScreenToClient
InsertMenuItemA
PostQuitMessage
KillTimer
EnumDisplaySettingsA
SendMessageA
BeginPaint
GetWindowTextA
ScrollDC
SetWindowLongA
SetCursorPos
GetWindowLongA
DefWindowProcA
GetDesktopWindow
SetWindowPos
GetCursorPos
ShowWindow
SetMenu
PostMessageA

gdi32

StretchBlt
SetTextColor
CreateFontA
SetBkColor
SetBkMode
EnumFontFamiliesExA
TextOutA
CreateDIBSection
SelectObject
CreateCompatibleDC
CreateSolidBrush
BitBlt
DeleteDC
GetDeviceCaps
DeleteObject
GetStockObject
SetStretchBltMode

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

OleLoadPicture

avifil32

AVIFileCreateStreamA
AVIFileOpenA
AVIStreamWrite
AVIFileRelease
AVIStreamSetFormat
AVIStreamRelease

winmm

waveOutUnprepareHeader
mixerGetLineInfoA
mixerClose
mixerGetNumDevs
mixerGetControlDetailsA
timeGetTime
mciGetErrorStringA
mciSendStringA
mciSendCommandA
mixerOpen
waveOutWrite
mixerGetLineControlsA
waveOutPrepareHeader
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
mixerGetDevCapsA
mixerSetControlDetails

dsound

ord1

msacm32

acmFormatSuggest
acmStreamOpen
acmStreamConvert
acmStreamPrepareHeader
acmStreamClose
acmStreamSize
acmStreamUnprepareHeader

Exports

Exports

AllocDIB
BltBGTo
BltSpriteTo
DrawBG
DrawBG2
DrawClear
DrawFill
DrawSP
DrawSP2
FreeDIB
GetSpriteCellNum
GetSpriteDIB
GetSpriteData
NS2GetFile
NSAGetFile
NScrDoEvents
NScrExecWord
NScrGetDestDC
NScrGetFontType
NScrGetKey
NScrGetMouse
NScrGetSrcDC
NScrGetWindow
NScrGetWindowSize
NScrRefreshWindow
NScrSystemCall
NScrUpdateSrcDC
RenderSprite

Sections

.text
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2747f37f23d15c856fdbd3dd1d8635d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

avifil32

winmm

dsound

msacm32

Exports

Exports

Sections

.text Size: 475KB - Virtual size: 475KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 18KB - Virtual size: 2.0MB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 475KB - Virtual size: 475KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 18KB - Virtual size: 2.0MB

.rsrc
Size: 6KB - Virtual size: 6KB