Cars_Mater_Hook[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Cars_Mater_Hook.exe
Size

3.3MB
MD5

2163e355b4e45fa8aaf72df299c151a8
SHA1

3fb438ff06a220c353c37aa53e0806d8bbcda016
SHA256

61ce23a3484970415ba4c388eef7e32972a773968fca3b66a1623235a01dfa12
SHA512

2682280f9ec61586e98c42295c22f641d650f4601b3d44f24d731782ade22db2b2d4c4146cba910eafff489562020443cb9ef8db38de74595df64840ce50fdf4
SSDEEP

49152:qPeagKddTENy6ruI2q6vEWKq7a+OjHeZ5dLRvUe8N:qPPV/Eo6dXLDY9UeY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Cars_Mater_Hook.exe

Files

Cars_Mater_Hook.exe
.exe windows:4 windows x86 arch:x86

5ed2a540eee64a0374e3d3dc51e71325

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

user32

wsprintfW
PostMessageA
ShowWindow
LoadCursorA
SetCursor
PostQuitMessage
DestroyWindow
IsIconic
DefWindowProcA
MoveWindow
AdjustWindowRect
UpdateWindow
SetWindowPos
CreateWindowExA
RegisterClassA
LoadImageA
TranslateMessage
DispatchMessageA
PeekMessageA
ShowCursor
FindWindowA
LoadStringA
MessageBoxA

gdi32

GetStockObject

kernel32

InitializeCriticalSection
CreateEventA
DeleteCriticalSection
SetEvent
DebugBreak
FindClose
FindNextFileA
FindFirstFileA
ReadFile
GetFileSize
CreateFileA
SetCurrentDirectoryA
GetModuleHandleA
GetFileAttributesA
CreateDirectoryA
WriteFile
DeleteFileA
GetExitCodeThread
ResumeThread
SleepEx
ReadFileEx
SuspendThread
CopyFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
QueryPerformanceCounter
EnterCriticalSection
GetLastError
CreateMutexA
CloseHandle
GetCurrentDirectoryA
GlobalMemoryStatusEx
GlobalMemoryStatus
GetSystemInfo
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
MultiByteToWideChar
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStdHandle
GetCurrentThreadId
GetCurrentThread
DuplicateHandle
LeaveCriticalSection
WaitForSingleObject
Sleep
ExitThread
GetSystemTime
ReleaseMutex
CreateThread
SetFilePointer
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
QueryPerformanceFrequency
SetLastError
TlsFree
LocalAlloc
InterlockedExchange
RaiseException
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
GetCommandLineA
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue

carsgdf

_BinkNextFrame@4
_BinkShouldSkip@4
_BinkDoFrame@4
_BinkSetSoundTrack@8
_BinkSetSoundSystem@8
_BinkCopyToBufferRect@44
_BinkClose@4
_BinkSetVolume@12
_BinkWait@4
_BinkPause@8
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkGetRects@8

d3dx9_34

D3DXGetImageInfoFromFileInMemory
D3DXFilterTexture
D3DXCompileShader
D3DXCreateBuffer
D3DXMatrixOrthoLH
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateTextureFromFileInMemoryEx

dinput8

DirectInput8Create

advapi32

RegCreateKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

bass

BASS_ChannelSet3DPosition
BASS_ChannelPause
BASS_ChannelIsActive
BASS_StreamFree
BASS_SampleFree
BASS_ChannelStop
BASS_ChannelPlay
BASS_ChannelSetAttributes
BASS_SampleGetChannels
BASS_SampleGetChannel
BASS_StreamCreateFile
BASS_ChannelSet3DAttributes
BASS_SampleGetInfo
BASS_Apply3D
BASS_Init
BASS_GetConfig
BASS_GetInfo
BASS_SetConfig
BASS_GetVolume
BASS_Set3DPosition
BASS_Set3DFactors
BASS_Free
BASS_GetDSoundObject
BASS_ChannelBytes2Seconds
BASS_ChannelGetPosition
BASS_Start
BASS_Pause
BASS_SampleLoad

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ed2a540eee64a0374e3d3dc51e71325

Headers

File Characteristics

Imports

winmm

user32

gdi32

kernel32

carsgdf

d3dx9_34

dinput8

advapi32

bass

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 444KB - Virtual size: 443KB

.data Size: 108KB - Virtual size: 239KB

.rsrc Size: 284KB - Virtual size: 282KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 444KB - Virtual size: 443KB

.data
Size: 108KB - Virtual size: 239KB

.rsrc
Size: 284KB - Virtual size: 282KB