217c41cb82307f495c2f8c4c8b80148077212d2790a20c4fc848320434eaaaa0

Sharing

Copy URL

Twitter E-mail

General

Target

217c41cb82307f495c2f8c4c8b80148077212d2790a20c4fc848320434eaaaa0
Size

2.7MB
MD5

59abcab65bc12e65ec9be263bf111318
SHA1

991b74e8c1cf5465c4be264beb10ac3685fc8d9d
SHA256

217c41cb82307f495c2f8c4c8b80148077212d2790a20c4fc848320434eaaaa0
SHA512

1793154fee64fa5a2c23810d2bab5170a023b10ab4930e897b5f6a8fd3030b6b6041f45b71281f4330f3ff3e726616124482a1633d17b465cde679072e882ae6
SSDEEP

49152:VPTD26oxRjg7/KFJ2qNW/sahV9sesgMCTB0Awbyc:8PxAqNW/saT9sesgM40Awbyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
217c41cb82307f495c2f8c4c8b80148077212d2790a20c4fc848320434eaaaa0

Files

217c41cb82307f495c2f8c4c8b80148077212d2790a20c4fc848320434eaaaa0
.exe windows:5 windows x86 arch:x86

0724644f06a975ac717c7ca2d165fff6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\hudson\GameMaker81\GameMaker\Runner\VC_Runner\Release\Runner.pdb

Imports

wininet

InternetCloseHandle
InternetWriteFile
HttpEndRequestW
HttpOpenRequestA
InternetConnectA
InternetGetConnectedState
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW

dbghelp

MiniDumpWriteDump

winmm

mciSendStringA
joyGetPosEx
joyGetPos
joyGetDevCapsA
timeGetTime
mciGetErrorStringA

ws2_32

WSACleanup
WSAStartup
closesocket
accept
WSAGetLastError
getpeername
htonl
htons
__WSAFDIsSet
listen
gethostbyname
setsockopt
ioctlsocket
socket
bind
select
recv
inet_ntoa
recvfrom
send
getaddrinfo
inet_addr
connect
sendto
shutdown

gdiplus

GdiplusStartup
GdiplusShutdown

comctl32

InitCommonControlsEx

kernel32

GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetProcessHeap
SetEndOfFile
GetTimeZoneInformation
PeekNamedPipe
GetFileInformationByHandle
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
SetFilePointer
SetStdHandle
ReadFile
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
FatalAppExitA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WriteFile
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
SetLastError
GetStdHandle
SetHandleCount
IsDebuggerPresent
TerminateProcess
GetModuleHandleA
GetStartupInfoA
CreateFileA
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapReAlloc
GetLocaleInfoA
EnumSystemLocalesA
MultiByteToWideChar
GetConsoleWindow
GetModuleHandleW
GlobalUnlock
GlobalLock
GlobalAlloc
OutputDebugStringW
GetProcAddress
LoadLibraryW
GetFullPathNameA
GetCurrentDirectoryA
GetLastError
LocalFree
FormatMessageW
InterlockedDecrement
InterlockedIncrement
CreateThread
IsValidLocale
CloseHandle
Sleep
FreeLibrary
LoadLibraryA
GetExitCodeProcess
CreateProcessW
FindClose
DeleteFileW
FindNextFileW
RemoveDirectoryW
FindFirstFileW
GetFileAttributesA
CreateDirectoryA
GetEnvironmentVariableW
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
GetCommandLineW
SetCurrentDirectoryA
SetThreadPriority
SetPriorityClass
GetCurrentProcess
GetCurrentThread
GetVersionExW
GetUserDefaultLCID
ExpandEnvironmentStringsA
GetModuleFileNameW
MoveFileA
GetModuleFileNameA
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
ExitThread
WaitForSingleObject
DebugBreak
OutputDebugStringA
GetDateFormatA
GetTimeFormatA
DeleteFileA
WideCharToMultiByte
GetFileAttributesW
SetFileAttributesW
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
InterlockedExchange
LocalAlloc
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
GetExitCodeThread
SetEnvironmentVariableA
FindNextFileA

user32

SetWindowPos
SetWindowPlacement
UpdateWindow
ScrollWindow
SetScrollInfo
GetScrollInfo
GetWindowRect
GetScrollPos
SetFocus
SetDlgItemTextA
SetWindowTextA
GetDlgItemTextA
DialogBoxParamW
MoveWindow
GetClientRect
SetCursorPos
GetCursorPos
SetActiveWindow
GetActiveWindow
DispatchMessageW
TranslateMessage
OpenClipboard
EnumDisplaySettingsW
ChangeDisplaySettingsW
SetWindowLongW
EnumDisplaySettingsExW
keybd_event
IsClipboardFormatAvailable
GetClipboardData
ReleaseDC
GetDC
IsDialogMessageW
PeekMessageW
GetForegroundWindow
MessageBoxA
InvalidateRect
SetDlgItemTextW
GetFocus
GetParent
GetAsyncKeyState
GetWindowPlacement
SendDlgItemMessageW
SetWindowTextW
EmptyClipboard
SetClipboardData
CloseClipboard
CreateDialogParamW
GetMessageW
wsprintfW
GetDlgItem
ShowWindow
LoadImageW
GetSystemMetrics
AdjustWindowRectEx
LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
SendMessageW
DefWindowProcW
SetCursor
DestroyWindow
PostMessageW
GetKeyState
CallNextHookEx
MessageBoxW
EndDialog

gdi32

CreateFontA
GetDeviceCaps
DeleteObject

comdlg32

GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameA

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA
CommandLineToArgvW
ShellExecuteW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 663KB - Virtual size: 662KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mydata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0724644f06a975ac717c7ca2d165fff6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

d3dx9_43

dbghelp

winmm

ws2_32

gdiplus

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 663KB - Virtual size: 662KB

.data Size: 169KB - Virtual size: 608KB

.mydata Size: 512B - Virtual size: 8B

.rsrc Size: 205KB - Virtual size: 205KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 663KB - Virtual size: 662KB

.data
Size: 169KB - Virtual size: 608KB

.mydata
Size: 512B - Virtual size: 8B

.rsrc
Size: 205KB - Virtual size: 205KB