isaac-ng[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

isaac-ng.exe
Size

2.6MB
MD5

abb297b2f727e9aa870f6216e693c706
SHA1

67a4530a84b5ea48752280f0488ff71dc34989f9
SHA256

527a575957b20371bb1a03d5983f1c5417728fc554649069131b3b72f3764597
SHA512

e9a3ef3154f6410bf7b39c8901479f9d57af14ebf78f4e0e8db31adc1c721b3f5cbb332209c6a201c26718427ea5b56c6f3862f40258eff8cec094b84cbdcbec
SSDEEP

49152:naHc6A4qN7IhwI8mEI4vJyY8uDiqBJBhz91sGWMfYDINd7wOR9vun4DqgOSPwabv:nTSggL8tIkyuf1WcY8TEORFuzgOSPDHJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
isaac-ng.exe

Files

isaac-ng.exe
.exe windows:5 windows x86 arch:x86

0208fff230bb8d8be7478addc6bc0dd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projekte\tears\isaac-ng\Bin\Win32\Submission EU\isaac-ng.pdb

Imports

libtheoraplayer

?stop@TheoraTimer@@UAEXXZ
?setSpeed@TheoraTimer@@UAEXM@Z
?pause@TheoraTimer@@UAEXXZ
?getTime@TheoraTimer@@UAEMXZ
??1TheoraTimer@@UAE@XZ
??0TheoraTimer@@QAE@XZ
?play@TheoraTimer@@UAEXXZ
?isPaused@TheoraTimer@@UAE_NXZ
?getDuration@TheoraVideoClip@@QAEMXZ
?setTimer@TheoraVideoClip@@QAEXPAVTheoraTimer@@@Z
??1TheoraDataSource@@UAE@XZ
?getHeight@TheoraVideoFrame@@QAEHXZ
?getBuffer@TheoraVideoFrame@@QAEPAEXZ
?getWidth@TheoraVideoClip@@QAEHXZ
?getHeight@TheoraVideoClip@@QAEHXZ
?popFrame@TheoraVideoClip@@QAEXXZ
?getNextFrame@TheoraVideoClip@@QAEPAVTheoraVideoFrame@@XZ
?getAudioInterface@TheoraVideoClip@@QAEPAVTheoraAudioInterface@@XZ
?getNumReadyFrames@TheoraVideoClip@@QAEHXZ
?isDone@TheoraVideoClip@@QAE_NXZ
?play@TheoraVideoClip@@QAEXXZ
?isPaused@TheoraVideoClip@@QAE_NXZ
??0TheoraVideoManager@@QAE@H@Z
??1TheoraVideoManager@@UAE@XZ
?createVideoClip@TheoraVideoManager@@QAEPAVTheoraVideoClip@@PAVTheoraDataSource@@W4TheoraOutputMode@@H_N@Z
?update@TheoraVideoManager@@QAEXM@Z
?setAudioInterfaceFactory@TheoraVideoManager@@QAEXPAVTheoraAudioInterfaceFactory@@@Z
?setLogFunction@TheoraVideoManager@@SAXP6AXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
??0TheoraAudioInterface@@QAE@PAVTheoraVideoClip@@HH@Z
??1TheoraAudioInterface@@UAE@XZ
?getSpeed@TheoraTimer@@UAEMXZ

opengl32

glReadPixels
glBindTexture
glEnable
glClearDepth
glGetIntegerv
glAlphaFunc
glDepthFunc
glClear
glClearColor
glDrawElements
glOrtho
glGetString
glBlendFunc
glCullFace
glMatrixMode
glViewport
wglGetProcAddress
glLoadIdentity
glEnableClientState
glColorPointer
glDisableClientState
glVertexPointer
glTexCoordPointer
wglGetCurrentDC
wglCreateContext
wglMakeCurrent
wglShareLists
wglDeleteContext
glDeleteTextures
glTexImage2D
glTexParameteri
glTexSubImage2D
glGenTextures

openal32

alcCloseDevice
alDeleteBuffers
alSourceUnqueueBuffers
alGenSources
alSourcePlay
alGenBuffers
alSourceStop
alDeleteSources
alSourcePause
alBufferData
alGetSourcei
alSourceQueueBuffers
alGetError
alcCreateContext
alcOpenDevice
alSourcei
alListenerfv
alcDestroyContext
alSource3f
alSourcef
alListener3f
alcProcessContext
alcMakeContextCurrent
alGetSourcef

steam_api

SteamUserStats
SteamUtils
SteamAPI_RegisterCallback
SteamUser
SteamAPI_UnregisterCallback
SteamAPI_Shutdown
SteamAPI_RunCallbacks
SteamAPI_Init
SteamRemoteStorage

winmm

timeEndPeriod
timeGetTime
timeGetDevCaps
timeBeginPeriod

kernel32

IsProcessorFeaturePresent
TlsFree
TlsAlloc
TlsSetValue
GetSystemTimeAsFileTime
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSetInformation
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
TlsGetValue
GlobalUnlock
GlobalLock
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObject
SetThreadExecutionState
LockFileEx
UnlockFileEx
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TryEnterCriticalSection
SetThreadPriority
GetModuleHandleA
OutputDebugStringA
CloseHandle
CreateDirectoryA
GetFileAttributesA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
LoadLibraryA
GetLocalTime
GetProcAddress
Sleep
GetCurrentProcess
CreateFileA

user32

GetMenu
ShowCursor
TranslateMessage
SetFocus
GetClientRect
MapVirtualKeyA
SetWindowLongA
SetCursorPos
GetActiveWindow
MessageBoxA
SetClassLongA
LoadIconA
RegisterClassA
GetWindowLongA
WindowFromPoint
TrackMouseEvent
SetForegroundWindow
GetKeyState
SetCapture
SetCursor
DestroyWindow
ClientToScreen
GetRawInputDeviceList
GetRawInputDeviceInfoA
OpenClipboard
GetClipboardData
CloseClipboard
ReleaseDC
GetDC
EnumDisplayDevicesA
ChangeDisplaySettingsExA
EnumDisplaySettingsA
GetMessageTime
LoadCursorA
ReleaseCapture
AdjustWindowRectEx
DispatchMessageA
ClipCursor
ShowWindow
GetCursorPos
SetWindowPos
DefWindowProcA
PeekMessageA
CreateWindowExA
GetAsyncKeyState
EnumDisplaySettingsExA
SystemParametersInfoA
UnregisterClassA
BringWindowToTop

gdi32

DeleteDC
SwapBuffers
GetDeviceCaps
CreateDCA
DescribePixelFormat
SetPixelFormat

advapi32

OpenProcessToken

msvcp100

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
??1_Container_base12@std@@QAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Xoverflow_error@std@@YAXPBD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

msvcr100

malloc
__iob_func
realloc
strcpy_s
_wassert
ldexp
_unlock
__dllonexit
_commode
_fmode
__set_app_type
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
abort
_fileno
memcpy
memset
_CIlog
_CIexp
longjmp
?terminate@@YAXXZ
_beginthreadex
strncmp
_strdup
qsort
calloc
free
strstr
__setusermatherr
_configthreadlocale
fseek
_get_osfhandle
ftell
fwrite
fread
_errno
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_lock
_onexit
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
??_V@YAXPAX@Z
_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
??0exception@std@@QAE@XZ
atoi
atof
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
_vsnprintf
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_snprintf
memchr
strncpy
_time64
tolower
ceil
perror
rand
sprintf
strchr
modf
sprintf_s
_CIpow
__CxxFrameHandler3
_CIatan2
_CIsqrt
_CIfmod
_CIsin
_CIcos
floor
_CxxThrowException
__RTDynamicCast
_setjmp3
strcat_s
fopen
_initterm_e
fprintf
getenv
fclose
sscanf
vsprintf
fputs
fflush
fgets
_unlink
remove

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.bind
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0208fff230bb8d8be7478addc6bc0dd7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libtheoraplayer

opengl32

openal32

steam_api

winmm

kernel32

user32

gdi32

advapi32

msvcp100

msvcr100

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 216KB - Virtual size: 215KB

.data Size: 160KB - Virtual size: 187KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 108KB - Virtual size: 108KB

.bind Size: 393KB - Virtual size: 393KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 216KB - Virtual size: 215KB

.data
Size: 160KB - Virtual size: 187KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 108KB - Virtual size: 108KB

.bind
Size: 393KB - Virtual size: 393KB