16a1ed5cc89147128fb17eab0a861f5693516d05f5f0f32a0818cddb6a06867e

Sharing

Copy URL Twitter E-mail

General

Target

16a1ed5cc89147128fb17eab0a861f5693516d05f5f0f32a0818cddb6a06867e
Size

5.4MB
MD5

6b1b79cbc7315d15ef289242060812af
SHA1

f9d69ec78199ef1a07e1343cf77b48ef48284f27
SHA256

16a1ed5cc89147128fb17eab0a861f5693516d05f5f0f32a0818cddb6a06867e
SHA512

987ae7c1c4134d3559f662f107c3b8277f092063fef663920c12af3ae0c854104670ab671ff623bf401512bc395f683f7857edb839ad0bffc4221d99ac9f260f
SSDEEP

98304:oul2mc6kKWowDjTAz1Iye/X1AonVHNraWzigwNVActJomVY/dyCBih4P+:ouQmc1/DPjlAonVHN+WzirHN0yCB09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16a1ed5cc89147128fb17eab0a861f5693516d05f5f0f32a0818cddb6a06867e

Files

16a1ed5cc89147128fb17eab0a861f5693516d05f5f0f32a0818cddb6a06867e
.exe windows:5 windows x86 arch:x86

4711c27ed5a557dc9892b53888cdf558

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetCommandLineW
WideCharToMultiByte
IsDebuggerPresent
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
EncodePointer

shell32

CommandLineToArgvW

love

love_codename
luaopen_love
love_version

lua51

lua_isnumber
lua_tonumber
lua_pushstring
lua_pushboolean
lua_pushcclosure
lua_getfield
lua_settop
lua_createtable
lua_setfield
lua_rawseti
lua_call
luaL_openlibs
luaL_newstate
lua_close

msvcr120

__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_except_handler4_common
_controlfp_s
_invoke_watson
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
??2@YAPAXI@Z
??3@YAXPAX@Z
printf
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
exit
_exit
_cexit
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode

sdl2

SDL_SetMainReady
SDL_iconv_string
SDL_wcslen
SDL_isspace
SDL_free
SDL_malloc
SDL_ShowSimpleMessageBox

Exports

Exports

NvOptimusEnablement

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4711c27ed5a557dc9892b53888cdf558

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

love

lua51

msvcr120

sdl2

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 940B

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 1024B - Virtual size: 516B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 940B

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 1024B - Virtual size: 516B