c:\hudson\ZeusBase\ZeusGreen\GameMaker\Runner\VC_Runner\Win32\Release-Zeus\Runner.pdb
Static task
static1
1 signatures
General
-
Target
Tailbound.zip
-
Size
202.6MB
-
MD5
4e7a1df6db29ebda464db097a336103e
-
SHA1
8b98b106382736605581687366f5a9b8d9dbb3a1
-
SHA256
5162064f1e80c838666a9e8845488b8a8ecb767415863c252012f3a785a21e82
-
SHA512
0062e3a2ab62021145af7bec77c6b064ce94c0afddfe3d5da1ceac0e430a3ce57660c4e8fc925b82318a1584297ae044d0bdc1eb630bd6ed22b0bccbf7deca39
-
SSDEEP
3145728:bo8EZ9nK33O0f7169i9TpBzoCKwiJroaHDO4q03k51EfpVAMitCCCQ4:bNAYZfoiVpBzOnJRHCQkbKpOMXnQ4
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/Tailbound.exe unpack001/execute_shell_simple_ext.dll
Files
-
Tailbound.zip.zip
-
README.txt
-
Tailbound.exe.exe windows:6 windows x86 arch:x86
c17b24cb8326c8001ecfcf47c81faba4
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
wininet
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetCanonicalizeUrlA
InternetWriteFile
InternetConnectA
InternetCrackUrlA
HttpEndRequestW
HttpQueryInfoA
InternetGetConnectedState
dxgi
CreateDXGIFactory1
d3d11
D3D11CreateDevice
dbghelp
MiniDumpWriteDump
SymInitialize
SymFromAddr
winmm
mciSendStringA
joyGetPosEx
joyGetPos
joyGetDevCapsA
mciGetErrorStringA
ws2_32
gethostname
socket
shutdown
setsockopt
send
recvfrom
recv
listen
inet_ntoa
inet_addr
WSAStartup
ioctlsocket
connect
closesocket
bind
accept
getpeername
select
__WSAFDIsSet
ntohs
ntohl
htons
htonl
WSACleanup
WSAGetLastError
WSAAddressToStringA
getaddrinfo
getsockopt
freeaddrinfo
sendto
gdiplus
GdiplusStartup
GdiplusShutdown
comctl32
InitCommonControlsEx
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
kernel32
FindFirstFileExA
GetFullPathNameA
SetCurrentDirectoryW
HeapReAlloc
GetTimeZoneInformation
MoveFileExW
SetFilePointerEx
SetStdHandle
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
DecodePointer
EncodePointer
GetStringTypeW
GetACP
WriteFile
GetStdHandle
GetModuleFileNameA
PeekNamedPipe
GetFileType
GetDriveTypeW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
ReadFile
SetFileAttributesW
GetFileAttributesExW
GetModuleHandleExW
HeapWalk
HeapValidate
RtlUnwind
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
FindNextFileA
IsValidCodePage
InitializeSListHead
GetSystemTimeAsFileTime
RaiseException
GetStartupInfoW
GetProcAddress
LoadLibraryW
WideCharToMultiByte
CloseHandle
WaitForSingleObjectEx
CreateEventExW
OutputDebugStringA
MultiByteToWideChar
GetConsoleWindow
GetLastError
GetOEMCP
DeleteFileW
GetFullPathNameW
SetLastError
CreateThread
GetExitCodeThread
GetModuleHandleW
LocalFree
FormatMessageW
SetCurrentDirectoryA
GetCurrentDirectoryA
FreeLibrary
GetEnvironmentVariableW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
RemoveDirectoryW
Sleep
GetExitCodeProcess
CreateProcessW
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
SetWaitableTimer
GetTickCount
CreateWaitableTimerW
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetPriorityClass
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExW
GetLocaleInfoW
GetUserDefaultLCID
ExitProcess
lstrlenA
GetCommandLineW
ExpandEnvironmentStringsW
CreateFileW
SetUnhandledExceptionFilter
SetErrorMode
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
MoveFileA
LeaveCriticalSection
EnterCriticalSection
RtlCaptureStackBackTrace
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetConsoleCtrlHandler
OutputDebugStringW
WriteConsoleW
SetEndOfFile
GetCurrentDirectoryW
HeapSize
InitializeCriticalSectionAndSpinCount
user32
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
DrawTextW
GetDC
ReleaseDC
SetWindowTextW
ScreenToClient
MoveWindow
SetCursorPos
ClientToScreen
MapWindowPoints
GetActiveWindow
GetCursorPos
wsprintfW
GetMessageW
TranslateMessage
DispatchMessageW
GetAsyncKeyState
keybd_event
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
EndDialog
SetWindowTextA
MessageBoxA
SetDlgItemTextA
PeekMessageW
IsDialogMessageW
SetProcessDPIAware
GetForegroundWindow
UpdateWindow
SetWindowLongW
ChangeDisplaySettingsW
EnumDisplaySettingsW
MonitorFromWindow
GetMonitorInfoW
LoadCursorW
CallNextHookEx
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
SetForegroundWindow
GetSystemMetrics
ReleaseCapture
SetCapture
GetKeyState
SetFocus
DialogBoxParamW
CreateDialogParamW
GetFocus
BringWindowToTop
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
PostMessageW
SendMessageW
MessageBoxW
GetRawInputDeviceList
GetRawInputDeviceInfoA
LoadImageW
gdi32
GetDeviceCaps
DeleteObject
SelectObject
CreateFontA
comdlg32
GetSaveFileNameW
GetOpenFileNameW
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
shell32
SHGetFolderPathW
ShellExecuteW
ole32
CoInitialize
CoCreateInstance
CoTaskMemFree
CoCreateFreeThreadedMarshaler
dwmapi
DwmGetCompositionTimingInfo
Sections
.text Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 921KB - Virtual size: 921KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 553KB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
minATL Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mydata Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 368B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 990KB - Virtual size: 989KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
changelog.txt
-
data.win
-
execute_shell_simple_ext.dll.dll windows:6 windows x86 arch:x86
d711b9f4c3de94b98d9d0a08e445e3c8
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetCurrentDirectoryW
MultiByteToWideChar
shell32
ShellExecuteW
Exports
Exports
execute_shell_simple_raw
Sections
.text Size: 512B - Virtual size: 176B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 556B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 36B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
music credits.txt
-
options.ini