268660f929062ac3fa01cb63d0eed64c6d510090e76515be6717ddd68a39e3fb

Sharing

Copy URL Twitter E-mail

General

Target

268660f929062ac3fa01cb63d0eed64c6d510090e76515be6717ddd68a39e3fb
Size

1.4MB
MD5

167ca1cde5032334a481a20b00e0f083
SHA1

2a22192ee031339011c6eb0e213eb5462155c72b
SHA256

268660f929062ac3fa01cb63d0eed64c6d510090e76515be6717ddd68a39e3fb
SHA512

c57afc4f89880b0f0de27a76c6f1565a12f6e7b759be684fce6b9ab7e85eb0d79980a02990bc78cf9d4328195e07d25f8e5542be43b1ad04a3417c86f99abbfd
SSDEEP

24576:pEPzWX3BUlbKAO//SRpbO6Si/4hQ8hSaVZBgesSUaN+mrEH7G:paZlbKAO//AbO6Si/4DhSaVZzVHwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
268660f929062ac3fa01cb63d0eed64c6d510090e76515be6717ddd68a39e3fb

Files

268660f929062ac3fa01cb63d0eed64c6d510090e76515be6717ddd68a39e3fb
.exe windows:4 windows x86 arch:x86

414b80b8f08c32b34b0def4980f2242b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate
DirectDrawEnumerateA

kernel32

GetTickCount
GetVersion
SetCurrentDirectoryA
GetProcAddress
LCMapStringA
GetOEMCP
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
RaiseException
CreateFileA
FlushFileBuffers
SetStdHandle
LoadLibraryA
ReadFile
SetFilePointer
GetDriveTypeA
CloseHandle
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
GetCPInfo
GetEnvironmentStringsW
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
UnhandledExceptionFilter
GetCurrentDirectoryA
LCMapStringW
GetLastError
GetCurrentProcess
GetFullPathNameA
HeapFree
HeapAlloc
TerminateProcess
MultiByteToWideChar
GetEnvironmentStrings
GetCommandLineA
GetStartupInfoA
GetModuleFileNameA
GetLocalTime
SetHandleCount
GetModuleHandleA
GetSystemTime
GetTimeZoneInformation
GetACP
ExitProcess
QueryPerformanceCounter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetLocaleInfoA

user32

GetSystemMetrics
GetClientRect
GetWindowRect
SetWindowPos
ReleaseDC
SetWindowLongA
GetWindowLongA
AdjustWindowRectEx
GetMenu
GetDC
ShowWindow
SetRect
GetKeyboardState
TranslateMessage
RegisterClassExA
CreateWindowExA
SetFocus
GetMessageA
PeekMessageA
PostQuitMessage
SetCursor
DefWindowProcA
InvalidateRect
ClientToScreen
UpdateWindow
LoadIconA
DispatchMessageA
MessageBoxA

gdi32

GetStockObject
GetSystemPaletteEntries
GetDeviceCaps

wsock32

gethostname
gethostbyname

smackw32

_SmackOpen@12
_SmackSoundUseDirectSound@4
_SmackFrameRate@4
_SmackBlitSetFlags@8
_SmackDDSurfaceType@4
_SmackBlitOpen@4
_SmackToBuffer@28
_SmackUseMMX@4
_SmackClose@4
_SmackSoundCheck@0
_SmackNextFrame@4
_SmackBlit@44
_SmackToBufferRect@8
_SmackDoFrame@4
_SmackBlitSetPalette@12
_SmackWait@4
_SmackSoundOnOff@8
_SmackBlitClose@4

qmixer

QSWaveMixPlay
QSWaveMixSetOptions
QSWaveMixOpenChannel
QSWaveMixInitEx
QSWaveMixSetSourcePosition
QSWaveMixSetListenerOrientation
QSWaveMixEnableChannel
QSWaveMixSetSourceVelocity
QSWaveMixSetVolume
QSWaveMixCloseSession
QSWaveMixIsChannelDone
QSWaveMixCloseChannel
QSWaveMixFreeWave
QSWaveMixFlushChannel
QSWaveMixActivate
QSWaveMixGetErrorText
QSWaveMixOpenWave
QSWaveMixGetDirectSound
QSWaveMixSetFrequency

dsound

ord1

dinput

DirectInputCreateA

dplayx

ord4

winmm

joyGetDevCapsA
joyGetPosEx
joyGetNumDevs
mciSendStringA
mixerGetLineControlsA
mixerGetLineInfoA
mixerOpen
mixerGetNumDevs
mixerGetControlDetailsA
mixerClose
mixerSetControlDetails

ole32

CoCreateInstance

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

414b80b8f08c32b34b0def4980f2242b

Headers

File Characteristics

Imports

ddraw

kernel32

user32

gdi32

wsock32

smackw32

qmixer

dsound

dinput

dplayx

winmm

ole32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 54KB - Virtual size: 2.2MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 70KB - Virtual size: 70KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 54KB - Virtual size: 2.2MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 70KB - Virtual size: 70KB