e8c2c7b46949a2c101412c706cebf810e416be9ea7383193f056114f8ca51111

Sharing

Copy URL

Twitter E-mail

General

Target

e8c2c7b46949a2c101412c706cebf810e416be9ea7383193f056114f8ca51111
Size

1.7MB
MD5

f0ca5a5a9eac7452f34c9267ec9a894a
SHA1

6d77178178c4abb179727c189b5bbda8e285b283
SHA256

e8c2c7b46949a2c101412c706cebf810e416be9ea7383193f056114f8ca51111
SHA512

b1ddb98b955ef7886ee7eab4a975e08e4d86d381c7e1f8c0f3d5277e8f9c69ed2e5c212e708cae07083ab767d2fda52c8cd65d35b160b6b848cd98490b319335
SSDEEP

49152:6+B25Fd+ZLKitx+7mkVxZTIeH1N++LCUW1pM:92Fd+pKim7RVxZV1N++LCNDM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8c2c7b46949a2c101412c706cebf810e416be9ea7383193f056114f8ca51111

Files

e8c2c7b46949a2c101412c706cebf810e416be9ea7383193f056114f8ca51111
.exe windows:4 windows x86 arch:x86

30edc9a7d62430e6ce99dc00f24d0ac9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Zylom\development\games\hotelsolitaire\dlxproject\Release\Game.pdb

Imports

winmm

timeGetTime

kernel32

CreateThread
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
GetSystemTime
FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringA
GetFileTime
OpenFile
CreateDirectoryA
FindFirstFileA
FindClose
GetModuleFileNameA
FindNextFileA
GetCurrentDirectoryA
GlobalMemoryStatus
SetPriorityClass
GetCurrentProcess
GetPriorityClass
GetSystemInfo
GetVersionExA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcessId
ResumeThread
QueryPerformanceCounter
ReleaseMutex
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
TlsAlloc
GetStringTypeW
GetStringTypeA
GetCPInfo
LCMapStringW
LCMapStringA
HeapReAlloc
GetFileType
GetSystemTimeAsFileTime
HeapAlloc
TerminateProcess
GetCommandLineA
GetStartupInfoA
HeapFree
ExitProcess
RaiseException
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
MultiByteToWideChar
GetTickCount
SuspendThread
GetLocaleInfoW
SetEnvironmentVariableA
CreateMutexA
RemoveDirectoryA
SetLastError
GetLastError
WaitForSingleObject
CreateFileA
CloseHandle
DeleteFileA
Sleep
IsBadWritePtr
SetUnhandledExceptionFilter
WideCharToMultiByte
InterlockedDecrement
CompareStringW
CompareStringA
GetOEMCP
InterlockedIncrement
GetACP
VirtualQuery
VirtualProtect
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsBadCodePtr
IsBadReadPtr
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
FlushFileBuffers
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile

user32

ClientToScreen
DestroyWindow
SetCursor
RegisterClassExA
PostQuitMessage
SetCapture
SetForegroundWindow
LoadIconA
GetClientRect
GetDC
GetMenu
OffsetRect
SetRect
MessageBoxA
InvalidateRect
UnregisterClassA
GetWindowLongA
CreateWindowExA
ReleaseDC
DefWindowProcA
GetDesktopWindow
ShowWindow
PostMessageA
AdjustWindowRectEx
ReleaseCapture
FindWindowA
LoadCursorA
RegisterClassA
MoveWindow
ScreenToClient
GetCursorPos
GetSystemMetrics
PeekMessageA
TranslateMessage
DispatchMessageA

gdi32

GetDeviceCaps

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

ddraw

DirectDrawCreate

fmod

_FSOUND_Sample_Load@20
_FSOUND_SetPaused@8
_FSOUND_Sample_SetMode@8
_FSOUND_SetPan@8
_FSOUND_Sample_Free@4
_FSOUND_SetVolume@8
_FSOUND_GetMaxChannels@0
_FSOUND_StopSound@4
_FSOUND_Close@0
_FSOUND_GetVersion@0
_FSOUND_Stream_Close@4
_FSOUND_PlaySoundEx@16
_FSOUND_SetHWND@4
_FSOUND_Init@12
_FSOUND_Stream_GetPosition@4
_FSOUND_GetDriverName@4
_FSOUND_Stream_SetPosition@8
_FSOUND_SetVolumeAbsolute@8
_FSOUND_SetSFXMasterVolume@4
_FSOUND_Stream_Play@8
_FSOUND_Stream_Open@16
_FSOUND_GetError@0
_FSOUND_GetNumDrivers@0
_FSOUND_PlaySound@8
_FSOUND_SetOutput@4
_FSOUND_Stream_Stop@4

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30edc9a7d62430e6ce99dc00f24d0ac9

Headers

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

ddraw

fmod

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 248KB - Virtual size: 246KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 248KB - Virtual size: 246KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 16KB - Virtual size: 12KB