61fae6e49e2466c768b57de7cadc3780N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

61fae6e49e2466c768b57de7cadc3780N.exe
Size

3.0MB
MD5

61fae6e49e2466c768b57de7cadc3780
SHA1

b048bb049495f672fb45eddb020ccb9f6c7ab601
SHA256

9cf23323534d5772c6c3bf588c0eb3da73140bd47889829d6440f7b7f1294251
SHA512

4ac97cef8b96d1fe88f66a2df8549850d2cdfcd85301d1f106774020b28eeac843576ba51278bdd9b28e73b416be93f2192ce63fa0d69e6c9d5fac53791ad1ae
SSDEEP

49152:s8dEnCOsx3R+ijGgz4M/CANQfUm3eeDRgh2xOfpDyYJNo/GnAMOghx96S7ks0PA:SCf6ijFUWAeeD2hnYDMOg0I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61fae6e49e2466c768b57de7cadc3780N.exe

Files

61fae6e49e2466c768b57de7cadc3780N.exe
.exe windows:4 windows x86 arch:x86

79e57618046f0692b4b4a6ce785b216a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Popcap\Lawn\releasefinal\PlantsVsZombies.pdb

Imports

kernel32

OutputDebugStringA
GetModuleFileNameA
GetModuleHandleA
WinExec
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
SetEndOfFile
SetEnvironmentVariableA
CreateFileW
GetLocaleInfoW
WriteConsoleW
LoadLibraryA
FreeLibrary
GetProcAddress
InterlockedDecrement
GetLastError
CloseHandle
FindNextFileA
Sleep
SetThreadPriority
GlobalFree
GetCurrentThread
GlobalLock
WaitForSingleObject
FindClose
GlobalUnlock
CreateMutexA
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
GetVersionExA
FindFirstFileA
EnterCriticalSection
GetCommandLineA
MultiByteToWideChar
DeleteFileA
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
CreateFileA
MulDiv
SetUnhandledExceptionFilter
GetCurrentProcess
OpenFileMappingA
IsBadWritePtr
UnmapViewOfFile
DeleteCriticalSection
CreateThread
GetThreadPriority
VirtualQuery
SetErrorMode
InitializeCriticalSection
InterlockedIncrement
GetCurrentDirectoryW
LoadLibraryW
GetWindowsDirectoryA
SetEvent
CreateEventA
LockResource
SizeofResource
LoadResource
GetFileSize
FindResourceA
WideCharToMultiByte
InterlockedExchange
InterlockedCompareExchange
GetLocaleInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitProcess
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
ExitThread
ResumeThread
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
RtlUnwind
RaiseException
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeFormatA
GetDateFormatA
CompareStringA
CompareStringW
GetStringTypeA
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetACP
GetOEMCP
IsValidCodePage
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
HeapSize
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
GetCurrentDirectoryA
SetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
RemoveDirectoryA

user32

ShowCaret
CloseClipboard
TranslateMessage
DialogBoxIndirectParamA
RegisterWindowMessageA
DefWindowProcA
AdjustWindowRect
ShowWindow
EndDialog
GetDC
IsWindowEnabled
GetClipboardData
SetClipboardData
DispatchMessageA
EnumDisplaySettingsA
SetForegroundWindow
GetWindowTextA
IsIconic
GetWindowLongA
GetDlgItem
SetFocus
ChangeDisplaySettingsA
GetClientRect
GetWindowPlacement
SetWindowTextA
GetWindowRect
ScreenToClient
GetCursorPos
PostMessageA
EmptyClipboard
SetTimer
DestroyWindow
SetCaretPos
ReleaseDC
GetSystemMetrics
PeekMessageA
InvalidateRect
DefWindowProcW
CreateWindowExA
LoadIconA
CreateCursor
ReleaseCapture
WindowFromPoint
ClientToScreen
MoveWindow
EnumWindows
SystemParametersInfoA
MessageBoxW
SetWindowLongA
BeginPaint
EndPaint
OpenClipboard
RegisterClassA
DestroyCursor
SetCapture
SetActiveWindow
AdjustWindowRectEx
OffsetRect
GetWindowInfo
FillRect
DrawTextExA
GetSysColorBrush
DrawTextA
GetMessageA
IsDialogMessageA
GetFocus
GetSysColor
CreateWindowExW
GetDesktopWindow
IsWindow
PostThreadMessageA
HideCaret
CreateCaret
DestroyCaret
IsWindowVisible
SetCursor
MessageBoxA
SendMessageA
LoadCursorA
GetActiveWindow

wininet

InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
InternetOpenA

winmm

timeGetTime
timeBeginPeriod
mixerGetLineControlsA
mixerOpen
mixerGetControlDetailsA
mixerSetControlDetails
timeEndPeriod
PlaySoundA
mixerGetDevCapsA
mixerGetLineInfoA
mixerClose

wsock32

inet_ntoa
recv
WSACleanup
select
htons
WSAGetLastError
socket
gethostbyname
ioctlsocket
closesocket
send
WSAStartup
__WSAFDIsSet
connect

gdi32

CreateCompatibleDC
GetObjectA
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
DeleteObject
IntersectClipRect
CreateSolidBrush
TextOutA
SetBkMode
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantClear

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PvZEN
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79e57618046f0692b4b4a6ce785b216a

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

wininet

winmm

wsock32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 284KB - Virtual size: 283KB

.data Size: 56KB - Virtual size: 787KB

.rsrc Size: 216KB - Virtual size: 215KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZ Size: 4KB - Virtual size: 4KB

PvZEN Size: 4KB - Virtual size: 4KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 284KB - Virtual size: 283KB

.data
Size: 56KB - Virtual size: 787KB

.rsrc
Size: 216KB - Virtual size: 215KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZ
Size: 4KB - Virtual size: 4KB

PvZEN
Size: 4KB - Virtual size: 4KB