NiggaLose[.]exe

Resubmissions

22/07/2024, 12:41

240722-pw52eaydrl 8

22/07/2024, 12:38

240722-pt6j6axela 7

22/07/2024, 12:36

240722-psxwmaxdrb 3

Sharing

Copy URL

Twitter E-mail

General

Target

NiggaLose.exe
Size

1.0MB
MD5

9f6fe8dca4848149a2e9a867f1b820ff
SHA1

7a93bfa3e94d4a477b82ffe74602d97686afdfce
SHA256

9ecd8e4471e1bb81a61148af9597a84c07075dffa03fcbfc13b200e6b4ffcf3f
SHA512

5435980eee2f5ff96ea8524988fa3d55d8ca000ade7531e0a2dd3f6aecd57b819589babab5baddb7a43186c6bf6999b790cf522422ee9795cbb293b4df9ded07
SSDEEP

24576:IxVs6ZB7z+UrX/KjJIpyXmi3puJ7HBUPpV3rqwGpqzzGX1/mb5vwzTnB:c7vrOwyXb3cJlaVdvwMgTnB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NiggaLose.exe

Files

NiggaLose.exe
.exe windows:6 windows x86 arch:x86

94201b625d85c485e28c24d95809a2eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Fedor\Desktop\Documents\hacks\CSGOhack\Release\NiggaLose.pdb

Imports

d3d9

Direct3DCreate9

kernel32

GetLocaleInfoA
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
FreeLibrary
QueryPerformanceCounter
WriteProcessMemory
SetPriorityClass
GetCommandLineW
GetCurrentProcess
Module32Next
WaitForSingleObject
GetCurrentThreadId
OpenProcess
CreateToolhelp32Snapshot
Process32Next
CloseHandle
GlobalUnlock
LocalFree
ReadProcessMemory
CreateRemoteThread
VirtualFreeEx
GetExitCodeProcess
MultiByteToWideChar
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetModuleHandleA
WideCharToMultiByte
GlobalLock
GlobalAlloc
GlobalFree
UnhandledExceptionFilter
VirtualAllocEx

user32

GetWindowThreadProcessId
DefWindowProcW
DispatchMessageA
GetWindowRect
DestroyWindow
SetWindowPos
ShowWindow
IsWindow
GetAsyncKeyState
SetClipboardData
SetWindowLongA
GetWindowTextA
GetWindowLongA
AttachThreadInput
MessageBoxA
SetCursor
CreateWindowExA
SetLayeredWindowAttributes
SetFocus
TranslateMessage
SendMessageA
PeekMessageA
UnregisterClassA
PostQuitMessage
RegisterClassExA
UpdateWindow
SetForegroundWindow
GetKeyState
GetMessageExtraInfo
LoadCursorA
ScreenToClient
GetCapture
EnumWindows
ClientToScreen
TrackMouseEvent
GetKeyboardLayout
GetForegroundWindow
SetCapture
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetClientRect
IsWindowUnicode
ReleaseCapture
SetCursorPos
GetCursorPos

shell32

ord680
CommandLineToArgvW

msvcp140

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
_Cnd_destroy_in_situ
_Thrd_join
_Xtime_get_ticks
_Query_perf_counter
_Thrd_id
_Thrd_sleep
_Cnd_do_broadcast_at_thread_exit
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_function_call@std@@YAXXZ
_Query_perf_frequency
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?uncaught_exceptions@std@@YAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPBD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?good@ios_base@std@@QBE_NXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
_Cnd_signal
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_lock
_Cnd_wait
_Mtx_unlock
_Cnd_broadcast
_Cnd_init_in_situ

imm32

ImmSetCandidateWindow
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

wininet

InternetCheckConnectionA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

d3dx9_43

D3DXCreateTextureFromFileInMemory

winmm

PlaySoundA

vcruntime140

memcpy
memchr
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
__std_terminate
strstr
__current_exception
__current_exception_context
memmove
_CxxThrowException
memset
_except_handler4_common

api-ms-win-crt-stdio-l1-1-0

ungetc
fflush
fread
_fseeki64
fclose
__p__commode
fputc
fgetc
fsetpos
fwrite
_get_stream_buffer_pointers
_set_fmode
fgetpos
ftell
__stdio_common_vsscanf
__stdio_common_vsprintf
_wfopen
__acrt_iob_func
setvbuf
__stdio_common_vfprintf
fseek

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_controlfp_s
_beginthreadex
terminate
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_register_thread_local_exe_atexit_callback
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_c_exit
_errno

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-string-l1-1-0

strncmp
strncpy_s
toupper
_stricmp
strcpy_s
strncpy

api-ms-win-crt-heap-l1-1-0

malloc
_set_new_mode
free
_callnewh

api-ms-win-crt-convert-l1-1-0

strtod
atof
strtoull
strtoll

api-ms-win-crt-math-l1-1-0

ceil
_libm_sse2_sqrt_precise
_libm_sse2_sin_precise
_libm_sse2_pow_precise
_dsign
_libm_sse2_cos_precise
_libm_sse2_acos_precise
_hypotf
__setusermatherr
_dclass
_CIfmod
roundf
_CIatan2

api-ms-win-crt-time-l1-1-0

_time64
_localtime64_s

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
localeconv

Sections

.text
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 366KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

94201b625d85c485e28c24d95809a2eb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

kernel32

user32

shell32

msvcp140

imm32

wininet

d3dx9_43

winmm

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 517KB - Virtual size: 516KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 366KB - Virtual size: 368KB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 517KB - Virtual size: 516KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 366KB - Virtual size: 368KB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 23KB - Virtual size: 22KB