alysum[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

alysum.zip
Size

3.1MB
MD5

a575495ff20200fa3990bf1d2d8455cc
SHA1

ba4f94dee4fc5607e291671b557b392b078d386d
SHA256

7f045e493c75e68d8abad24ab41c7b73d1c199cddd7bcce733a73c3dbd20937d
SHA512

0b77eabdf067ae9f6281644ae8778ed65981340bf2ebbd5278d3136c949ea567079988102c668505c0e565cba4ca015f98533c94a497dc9c610c0346e274fdfe
SSDEEP

49152:5Z8cNdXEPq0SgREQH5s1DmMOQts1ujxlCQCNGnH+Bu9nROa5bnq65fWDZDg:tyREQHK1D3tWuLOGnxhSJg

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/alysum/SDL2.dll
unpack001/alysum/alysum.exe

Files

alysum.zip
.zip
alysum/Readme.txt
alysum/SDL2.dll
.dll windows:4 windows x64 arch:x64

3840e670881df218d0b2d477711bb369

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
ExtTextOutW
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetPixelFormat
GetTextExtentPoint32W
GetTextMetricsW
Rectangle
SelectObject
SetBkMode
SetDeviceGammaRamp
SetPixelFormat
SetTextColor
SwapBuffers

imm32

ImmAssociateContext
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetIMEFileNameA
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionStringW
ImmSetCompositionWindow

kernel32

AttachConsole
CloseHandle
CompareStringA
CreateDirectoryW
CreateFileW
CreateSemaphoreW
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSizeEx
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStdHandle
GetSystemInfo
GetSystemPowerStatus
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
MulDiv
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSemaphore
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetFilePointerEx
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcatW
lstrlenW

msvcrt

__dllonexit
__iob_func
__mb_cur_max
_amsg_exit
_errno
_initterm
_lock
_onexit
_unlock
abort
atoi
calloc
fputc
free
getenv
localeconv
malloc
memcpy
memmove
setlocale
signal
strchr
strerror
strlen
strncmp
wcslen

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

SysFreeString

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
SHGetFolderPathW

user32

AdjustWindowRectEx
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CreateIconFromResource
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EndDialog
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
GetAsyncKeyState
GetClassInfoExW
GetClientRect
GetClipboardData
GetClipboardSequenceNumber
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMessageW
GetMonitorInfoW
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetUpdateRect
GetWindowLongPtrW
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsRectEmpty
LoadCursorW
MapVirtualKeyW
MonitorFromPoint
OpenClipboard
PeekMessageW
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
RegisterRawInputDevices
ReleaseDC
RemovePropW
ScreenToClient
SendMessageW
SetClipboardData
SetCursor
SetCursorPos
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnregisterClassW
UnregisterDeviceNotification
ValidateRect
WindowFromPoint

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddEventWatch
SDL_AddHintCallback
SDL_AddTimer
SDL_AllocFormat
SDL_AllocPalette
SDL_AllocRW
SDL_AtomicAdd
SDL_AtomicCAS
SDL_AtomicCASPtr
SDL_AtomicGet
SDL_AtomicGetPtr
SDL_AtomicLock
SDL_AtomicSet
SDL_AtomicSetPtr
SDL_AtomicTryLock
SDL_AtomicUnlock
SDL_AudioInit
SDL_AudioQuit
SDL_BuildAudioCVT
SDL_CalculateGammaRamp
SDL_CaptureMouse
SDL_ClearError
SDL_ClearHints
SDL_ClearQueuedAudio
SDL_CloseAudio
SDL_CloseAudioDevice
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertPixels
SDL_ConvertSurface
SDL_ConvertSurfaceFormat
SDL_CreateColorCursor
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateRGBSurfaceWithFormat
SDL_CreateRGBSurfaceWithFormatFrom
SDL_CreateRenderer
SDL_CreateSemaphore
SDL_CreateShapedWindow
SDL_CreateSoftwareRenderer
SDL_CreateSystemCursor
SDL_CreateTexture
SDL_CreateTextureFromSurface
SDL_CreateThread
SDL_CreateWindow
SDL_CreateWindowAndRenderer
SDL_CreateWindowFrom
SDL_DXGIGetOutputInfo
SDL_DYNAPI_entry
SDL_DelEventWatch
SDL_DelHintCallback
SDL_Delay
SDL_DequeueAudio
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroyRenderer
SDL_DestroySemaphore
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DetachThread
SDL_Direct3D9GetAdapterIndex
SDL_DisableScreenSaver
SDL_EnableScreenSaver
SDL_EnclosePoints
SDL_Error
SDL_EventState
SDL_FillRect
SDL_FillRects
SDL_FilterEvents
SDL_FlushEvent
SDL_FlushEvents
SDL_FreeCursor
SDL_FreeFormat
SDL_FreePalette
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_GL_BindTexture
SDL_GL_CreateContext
SDL_GL_DeleteContext
SDL_GL_ExtensionSupported
SDL_GL_GetAttribute
SDL_GL_GetCurrentContext
SDL_GL_GetCurrentWindow
SDL_GL_GetDrawableSize
SDL_GL_GetProcAddress
SDL_GL_GetSwapInterval
SDL_GL_LoadLibrary
SDL_GL_MakeCurrent
SDL_GL_ResetAttributes
SDL_GL_SetAttribute
SDL_GL_SetSwapInterval
SDL_GL_SwapWindow
SDL_GL_UnbindTexture
SDL_GL_UnloadLibrary
SDL_GameControllerAddMapping
SDL_GameControllerAddMappingsFromRW
SDL_GameControllerClose
SDL_GameControllerEventState
SDL_GameControllerFromInstanceID
SDL_GameControllerGetAttached
SDL_GameControllerGetAxis
SDL_GameControllerGetAxisFromString
SDL_GameControllerGetBindForAxis
SDL_GameControllerGetBindForButton
SDL_GameControllerGetButton
SDL_GameControllerGetButtonFromString
SDL_GameControllerGetJoystick
SDL_GameControllerGetStringForAxis
SDL_GameControllerGetStringForButton
SDL_GameControllerMapping
SDL_GameControllerMappingForGUID
SDL_GameControllerName
SDL_GameControllerNameForIndex
SDL_GameControllerOpen
SDL_GameControllerUpdate
SDL_GetAssertionHandler
SDL_GetAssertionReport
SDL_GetAudioDeviceName
SDL_GetAudioDeviceStatus
SDL_GetAudioDriver
SDL_GetAudioStatus
SDL_GetBasePath
SDL_GetCPUCacheLineSize
SDL_GetCPUCount
SDL_GetClipRect
SDL_GetClipboardText
SDL_GetClosestDisplayMode
SDL_GetColorKey
SDL_GetCurrentAudioDriver
SDL_GetCurrentDisplayMode
SDL_GetCurrentVideoDriver
SDL_GetCursor
SDL_GetDefaultAssertionHandler
SDL_GetDefaultCursor
SDL_GetDesktopDisplayMode
SDL_GetDisplayBounds
SDL_GetDisplayDPI
SDL_GetDisplayMode
SDL_GetDisplayName
SDL_GetDisplayUsableBounds
SDL_GetError
SDL_GetEventFilter
SDL_GetGlobalMouseState
SDL_GetGrabbedWindow
SDL_GetHint
SDL_GetHintBoolean
SDL_GetKeyFromName
SDL_GetKeyFromScancode
SDL_GetKeyName
SDL_GetKeyboardFocus
SDL_GetKeyboardState
SDL_GetModState
SDL_GetMouseFocus
SDL_GetMouseState
SDL_GetNumAudioDevices
SDL_GetNumAudioDrivers
SDL_GetNumDisplayModes
SDL_GetNumRenderDrivers
SDL_GetNumTouchDevices
SDL_GetNumTouchFingers
SDL_GetNumVideoDisplays
SDL_GetNumVideoDrivers
SDL_GetPerformanceCounter
SDL_GetPerformanceFrequency
SDL_GetPixelFormatName
SDL_GetPlatform
SDL_GetPowerInfo
SDL_GetPrefPath
SDL_GetQueuedAudioSize
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseMode
SDL_GetRelativeMouseState
SDL_GetRenderDrawBlendMode
SDL_GetRenderDrawColor
SDL_GetRenderDriverInfo
SDL_GetRenderTarget
SDL_GetRenderer
SDL_GetRendererInfo
SDL_GetRendererOutputSize
SDL_GetRevision
SDL_GetRevisionNumber
SDL_GetScancodeFromKey
SDL_GetScancodeFromName
SDL_GetScancodeName
SDL_GetShapedWindowMode
SDL_GetSurfaceAlphaMod
SDL_GetSurfaceBlendMode
SDL_GetSurfaceColorMod
SDL_GetSystemRAM
SDL_GetTextureAlphaMod
SDL_GetTextureBlendMode
SDL_GetTextureColorMod
SDL_GetThreadID
SDL_GetThreadName
SDL_GetTicks
SDL_GetTouchDevice
SDL_GetTouchFinger
SDL_GetVersion
SDL_GetVideoDriver
SDL_GetWindowBordersSize
SDL_GetWindowBrightness
SDL_GetWindowData
SDL_GetWindowDisplayIndex
SDL_GetWindowDisplayMode
SDL_GetWindowFlags
SDL_GetWindowFromID
SDL_GetWindowGammaRamp
SDL_GetWindowGrab
SDL_GetWindowID
SDL_GetWindowMaximumSize
SDL_GetWindowMinimumSize
SDL_GetWindowOpacity
SDL_GetWindowPixelFormat
SDL_GetWindowPosition
SDL_GetWindowSize
SDL_GetWindowSurface
SDL_GetWindowTitle
SDL_GetWindowWMInfo
SDL_HapticClose
SDL_HapticDestroyEffect
SDL_HapticEffectSupported
SDL_HapticGetEffectStatus
SDL_HapticIndex
SDL_HapticName
SDL_HapticNewEffect
SDL_HapticNumAxes
SDL_HapticNumEffects
SDL_HapticNumEffectsPlaying
SDL_HapticOpen
SDL_HapticOpenFromJoystick
SDL_HapticOpenFromMouse
SDL_HapticOpened
SDL_HapticPause
SDL_HapticQuery
SDL_HapticRumbleInit
SDL_HapticRumblePlay
SDL_HapticRumbleStop
SDL_HapticRumbleSupported
SDL_HapticRunEffect
SDL_HapticSetAutocenter
SDL_HapticSetGain
SDL_HapticStopAll
SDL_HapticStopEffect
SDL_HapticUnpause
SDL_HapticUpdateEffect
SDL_Has3DNow
SDL_HasAVX
SDL_HasAVX2
SDL_HasAltiVec
SDL_HasClipboardText
SDL_HasEvent
SDL_HasEvents
SDL_HasIntersection
SDL_HasMMX
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_HasSSE3
SDL_HasSSE41
SDL_HasSSE42
SDL_HasScreenKeyboardSupport
SDL_HideWindow
SDL_Init
SDL_InitSubSystem
SDL_IntersectRect
SDL_IntersectRectAndLine
SDL_IsGameController
SDL_IsScreenKeyboardShown
SDL_IsScreenSaverEnabled
SDL_IsShapedWindow
SDL_IsTextInputActive
SDL_JoystickClose
SDL_JoystickCurrentPowerLevel
SDL_JoystickEventState
SDL_JoystickFromInstanceID
SDL_JoystickGetAttached
SDL_JoystickGetAxis
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetDeviceGUID
SDL_JoystickGetGUID
SDL_JoystickGetGUIDFromString
SDL_JoystickGetGUIDString
SDL_JoystickGetHat
SDL_JoystickInstanceID
SDL_JoystickIsHaptic
SDL_JoystickName
SDL_JoystickNameForIndex
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickUpdate
SDL_LoadBMP_RW
SDL_LoadDollarTemplates
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockAudioDevice
SDL_LockMutex
SDL_LockSurface
SDL_LockTexture
SDL_Log
SDL_LogCritical
SDL_LogDebug
SDL_LogError
SDL_LogGetOutputFunction
SDL_LogGetPriority
SDL_LogInfo
SDL_LogMessage
SDL_LogMessageV
SDL_LogResetPriorities
SDL_LogSetAllPriority
SDL_LogSetOutputFunction
SDL_LogSetPriority
SDL_LogVerbose
SDL_LogWarn
SDL_LowerBlit
SDL_LowerBlitScaled
SDL_MapRGB
SDL_MapRGBA
SDL_MasksToPixelFormatEnum
SDL_MaximizeWindow
SDL_MinimizeWindow
SDL_MixAudio
SDL_MixAudioFormat
SDL_MouseIsHaptic
SDL_NumHaptics
SDL_NumJoysticks
SDL_OpenAudio
SDL_OpenAudioDevice
SDL_PauseAudio
SDL_PauseAudioDevice
SDL_PeepEvents
SDL_PixelFormatEnumToMasks
SDL_PollEvent
SDL_PumpEvents
SDL_PushEvent
SDL_QueryTexture
SDL_QueueAudio
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_RaiseWindow
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_ReadU8
SDL_RecordGesture
SDL_RegisterApp
SDL_RegisterEvents
SDL_RemoveTimer
SDL_RenderClear
SDL_RenderCopy
SDL_RenderCopyEx
SDL_RenderDrawLine
SDL_RenderDrawLines
SDL_RenderDrawPoint
SDL_RenderDrawPoints
SDL_RenderDrawRect
SDL_RenderDrawRects
SDL_RenderFillRect
SDL_RenderFillRects
SDL_RenderGetClipRect
SDL_RenderGetD3D9Device
SDL_RenderGetIntegerScale
SDL_RenderGetLogicalSize
SDL_RenderGetScale
SDL_RenderGetViewport
SDL_RenderIsClipEnabled
SDL_RenderPresent
SDL_RenderReadPixels
SDL_RenderSetClipRect
SDL_RenderSetIntegerScale
SDL_RenderSetLogicalSize
SDL_RenderSetScale
SDL_RenderSetViewport
SDL_RenderTargetSupported
SDL_ReportAssertion
SDL_ResetAssertionReport
SDL_RestoreWindow
SDL_SaveAllDollarTemplates
SDL_SaveBMP_RW
SDL_SaveDollarTemplate
SDL_SemPost
SDL_SemTryWait
SDL_SemValue
SDL_SemWait
SDL_SemWaitTimeout
SDL_SetAssertionHandler
SDL_SetClipRect
SDL_SetClipboardText
SDL_SetColorKey
SDL_SetCursor
SDL_SetError
SDL_SetEventFilter
SDL_SetHint
SDL_SetHintWithPriority
SDL_SetMainReady
SDL_SetModState
SDL_SetPaletteColors
SDL_SetPixelFormatPalette
SDL_SetRelativeMouseMode
SDL_SetRenderDrawBlendMode
SDL_SetRenderDrawColor
SDL_SetRenderTarget
SDL_SetSurfaceAlphaMod
SDL_SetSurfaceBlendMode
SDL_SetSurfaceColorMod
SDL_SetSurfacePalette
SDL_SetSurfaceRLE
SDL_SetTextInputRect
SDL_SetTextureAlphaMod
SDL_SetTextureBlendMode
SDL_SetTextureColorMod
SDL_SetThreadPriority
SDL_SetWindowBordered
SDL_SetWindowBrightness
SDL_SetWindowData
SDL_SetWindowDisplayMode
SDL_SetWindowFullscreen
SDL_SetWindowGammaRamp
SDL_SetWindowGrab
SDL_SetWindowHitTest
SDL_SetWindowIcon
SDL_SetWindowInputFocus
SDL_SetWindowMaximumSize
SDL_SetWindowMinimumSize
SDL_SetWindowModalFor
SDL_SetWindowOpacity
SDL_SetWindowPosition
SDL_SetWindowResizable
SDL_SetWindowShape
SDL_SetWindowSize
SDL_SetWindowTitle
SDL_SetWindowsMessageHook
SDL_ShowCursor
SDL_ShowMessageBox
SDL_ShowSimpleMessageBox
SDL_ShowWindow
SDL_SoftStretch
SDL_StartTextInput
SDL_StopTextInput
SDL_TLSCreate
SDL_TLSGet
SDL_TLSSet
SDL_ThreadID
SDL_TryLockMutex
SDL_UnionRect
SDL_UnloadObject
SDL_UnlockAudio
SDL_UnlockAudioDevice
SDL_UnlockMutex
SDL_UnlockSurface
SDL_UnlockTexture
SDL_UnregisterApp
SDL_UpdateTexture
SDL_UpdateWindowSurface
SDL_UpdateWindowSurfaceRects
SDL_UpdateYUVTexture
SDL_UpperBlit
SDL_UpperBlitScaled
SDL_VideoInit
SDL_VideoQuit
SDL_WaitEvent
SDL_WaitEventTimeout
SDL_WaitThread
SDL_WarpMouseGlobal
SDL_WarpMouseInWindow
SDL_WasInit
SDL_WriteBE16
SDL_WriteBE32
SDL_WriteBE64
SDL_WriteLE16
SDL_WriteLE32
SDL_WriteLE64
SDL_WriteU8
SDL_abs
SDL_acos
SDL_asin
SDL_atan
SDL_atan2
SDL_atof
SDL_atoi

Sections

.text
Size: 1007KB - Virtual size: 1007KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alysum/alysum.exe
.exe windows:6 windows x64 arch:x64

81b488237bc1361b48c142323dd5595b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\sylyu\Desktop\nezuruiconverted\4kankan\silence\output\build\silence-workspace.pdb

Imports

kernel32

Process32First
CreateFileW
CreateToolhelp32Snapshot
CreateFileA
Process32Next
lstrcmpiA
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
GetLocaleInfoA
QueryPerformanceFrequency
VerSetConditionMask
QueryPerformanceCounter
GetCurrentProcess
LocalFree
GetLocaleInfoEx
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
GetFullPathNameW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
Sleep
CloseHandle
LoadLibraryA
GetCurrentProcessId
GetModuleHandleA
VirtualAlloc
DeviceIoControl
VirtualFree
GetConsoleWindow
SetConsoleTitleA
FormatMessageA
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryExA
GetModuleFileNameA

user32

OpenClipboard
SetCursorPos
ReleaseCapture
IsWindowUnicode
SetProcessDPIAware
GetClientRect
SetCursor
SetCapture
CloseClipboard
SetLayeredWindowAttributes
SetWindowLongA
FindWindowA
SendInput
GetCursorPos
GetKeyboardLayout
GetForegroundWindow
GetAsyncKeyState
TranslateMessage
UpdateWindow
DispatchMessageA
GetWindowRect
DestroyWindow
GetSystemMetrics
ShowWindow
ScreenToClient
MessageBoxA
TrackMouseEvent
SetClipboardData
RegisterClassExA
ClientToScreen
PostQuitMessage
GetKeyState
UnregisterClassA
GetMessageExtraInfo
PeekMessageA
LoadIconA
LoadCursorA
CreateWindowExA
DefWindowProcA
MoveWindow
GetMonitorInfoA
SetWindowDisplayAffinity
GetClipboardData
EmptyClipboard
GetCapture
MonitorFromWindow

gdi32

CreateSolidBrush

advapi32

RegCreateKeyA
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyA
RegDeleteKeyA
RegSetValueExA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetFolderPathW

d3dx11_43

D3DX11CreateShaderResourceViewFromMemory

msvcp140

_Xtime_get_ticks
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?_Winerror_map@std@@YAHH@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
_Query_perf_frequency
_Query_perf_counter
_Thrd_detach
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?uncaught_exceptions@std@@YAHXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
_Strxfrm
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$collate@D@std@@2V0locale@2@A
_Strcoll
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlInitAnsiString
RtlAnsiStringToUnicodeString
NtQuerySystemInformation
RtlCaptureContext

dbghelp

ImageNtHeader
ImageDirectoryEntryToData
ImageRvaToVa

d3d11

D3D11CreateDeviceAndSwapChain

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext

d3dcompiler_47

D3DCompile

dwmapi

DwmExtendFrameIntoClientArea

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
memmove
memcpy
memcmp
memchr
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
strrchr
longjmp
strchr
strstr
__std_terminate
_purecall
__std_exception_destroy
__intrinsic_setjmp
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-math-l1-1-0

acosf
asin
atan2
atan2f
ceil
ceilf
cos
cosf
exp
floor
_dclass
fmodf
frexp
tan
log
acos
llround
_dsign
log10
pow
powf
sin
ldexp
__setusermatherr
sinf
fmod
sqrtf
sqrt

api-ms-win-crt-string-l1-1-0

strncmp
isgraph
isspace
isupper
tolower
isalpha
strcmp
isxdigit
iscntrl
ispunct
islower
strcoll
isdigit
strspn
isalnum
toupper
_stricmp
strncpy
strpbrk
isblank

api-ms-win-crt-runtime-l1-1-0

system
abort
_invalid_parameter_noinfo_noreturn
perror
exit
_register_thread_local_exe_atexit_callback
_c_exit
strerror
__p___argv
__p___argc
terminate
_beginthreadex
_exit
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_initterm_e
_get_initial_narrow_environment
_initterm
_errno

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fwrite
__stdio_common_vsprintf_s
__stdio_common_vsscanf
_wfopen
_get_stream_buffer_pointers
fgetc
__p__commode
fputc
fread
freopen
fgetpos
feof
fgets
ferror
fseek
clearerr
_pclose
tmpfile
setvbuf
_popen
ungetc
_ftelli64
fopen
tmpnam
ftell
__acrt_iob_func
fflush
fclose
getc
__stdio_common_vfprintf
_fseeki64
__stdio_common_vsprintf
fsetpos

api-ms-win-crt-locale-l1-1-0

setlocale
_configthreadlocale
localeconv
___lc_codepage_func

api-ms-win-crt-time-l1-1-0

_difftime64
clock
_mktime64
strftime
_gmtime64
_localtime64
_time64

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-convert-l1-1-0

strtoll
strtoull
atof
strtod

api-ms-win-crt-filesystem-l1-1-0

remove
rename
_lock_file
_unlock_file

api-ms-win-crt-utility-l1-1-0

qsort
rand

Sections

.text
Size: 874KB - Virtual size: 874KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 638KB - Virtual size: 645KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alysum/hitsound.wav

Sharing

General

Malware Config

Signatures

Files

3840e670881df218d0b2d477711bb369

Headers

File Characteristics

Imports

advapi32

gdi32

imm32

kernel32

msvcrt

ole32

oleaut32

shell32

user32

version

winmm

Exports

Exports

Sections

.text Size: 1007KB - Virtual size: 1007KB

.data Size: 19KB - Virtual size: 19KB

.rdata Size: 91KB - Virtual size: 90KB

.pdata Size: 37KB - Virtual size: 36KB

.xdata Size: 35KB - Virtual size: 35KB

.bss Size: - Virtual size: 16KB

.edata Size: 16KB - Virtual size: 15KB

.idata Size: 10KB - Virtual size: 10KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 104B

.rsrc Size: 1024B - Virtual size: 788B

.reloc Size: 5KB - Virtual size: 4KB

81b488237bc1361b48c142323dd5595b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

d3dx11_43

msvcp140

ntdll

dbghelp

d3d11

imm32

d3dcompiler_47

dwmapi

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: 874KB - Virtual size: 874KB

.rdata Size: 186KB - Virtual size: 186KB

.data Size: 638KB - Virtual size: 645KB

.pdata Size: 38KB - Virtual size: 38KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 1007KB - Virtual size: 1007KB

.data
Size: 19KB - Virtual size: 19KB

.rdata
Size: 91KB - Virtual size: 90KB

.pdata
Size: 37KB - Virtual size: 36KB

.xdata
Size: 35KB - Virtual size: 35KB

.bss
Size: - Virtual size: 16KB

.edata
Size: 16KB - Virtual size: 15KB

.idata
Size: 10KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 104B

.rsrc
Size: 1024B - Virtual size: 788B

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 874KB - Virtual size: 874KB

.rdata
Size: 186KB - Virtual size: 186KB

.data
Size: 638KB - Virtual size: 645KB

.pdata
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 4KB - Virtual size: 3KB