c:\hudson\ZeusBase\ZeusGreen\GameMaker\Runner\VC_Runner\Win32\Release-Zeus\Runner.pdb
Static task
static1
1 signatures
General
-
Target
darkred_v1.0.zip
-
Size
2.4MB
-
MD5
87266c1f469c6c0abd7d514e4e2b3fd1
-
SHA1
a66936f1730c4e8325202995fc938212c6be75cf
-
SHA256
27ae8e8dcb738511862e409c7d95e7bf7c93f29dcb3a58f501715c830e4bf30f
-
SHA512
797ca145b48003ee4b44c78700c1bb656339c6bbac96205eda46d6d131d835e6e1300ca78459424c5f23aec7677529fa4cca56764492cbec9e8ba82c09cea5c6
-
SSDEEP
49152:VcGIby6lcrDqsk7PSJwLnLCtHzS+nIOhTSPrCrCH0qO/zH8x7rVyuEsG9FbLrI:NI4fmaMnmtHuT0STCOH0TzH8BEq
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/DARKRED.exe
Files
-
darkred_v1.0.zip.zip
-
DARKRED.exe.exe windows:6 windows x86 arch:x86
351092a385adff9a3d8a8b11ca01d6ab
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
wininet
InternetReadFile
InternetWriteFile
HttpOpenRequestA
InternetCloseHandle
InternetCrackUrlA
HttpEndRequestW
HttpQueryInfoA
InternetConnectA
InternetOpenA
InternetCanonicalizeUrlA
HttpSendRequestA
InternetGetConnectedState
d3d11
D3D11CreateDevice
dbghelp
MiniDumpWriteDump
SymFromAddr
SymInitialize
winmm
mciSendStringA
mciGetErrorStringA
joyGetPos
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
joyGetPosEx
ws2_32
gethostname
WSACleanup
setsockopt
sendto
send
recvfrom
recv
listen
inet_ntoa
inet_addr
getsockopt
ioctlsocket
connect
closesocket
bind
accept
getpeername
select
__WSAFDIsSet
ntohs
ntohl
htons
htonl
WSAStartup
WSAGetLastError
WSAAddressToStringA
getaddrinfo
freeaddrinfo
socket
gdiplus
GdiplusStartup
GdiplusShutdown
comctl32
InitCommonControlsEx
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
rpcrt4
UuidToStringW
UuidCreate
dxgi
CreateDXGIFactory1
kernel32
HeapReAlloc
GetTimeZoneInformation
SetStdHandle
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
DecodePointer
WriteFile
GetStdHandle
PeekNamedPipe
GetFileType
GetFileInformationByHandle
GetDriveTypeW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
ReadFile
MoveFileExW
SetFileAttributesW
GetFileAttributesExW
GetModuleHandleExW
HeapWalk
HeapValidate
EncodePointer
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
InitializeSListHead
GetSystemTimeAsFileTime
IsValidCodePage
GetACP
RaiseException
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetProcAddress
LoadLibraryW
WideCharToMultiByte
CloseHandle
GetOEMCP
CreateEventExW
OutputDebugStringA
MultiByteToWideChar
GetConsoleWindow
GetLastError
GetCurrentDirectoryW
DeleteFileW
GetFullPathNameW
SetLastError
CreateThread
GetExitCodeThread
GetModuleHandleW
LocalFree
FormatMessageW
SetCurrentDirectoryA
GetCurrentDirectoryA
FreeLibrary
GetEnvironmentVariableW
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
RemoveDirectoryW
Sleep
GetExitCodeProcess
CreateProcessW
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
SetWaitableTimer
CreateWaitableTimerW
GetTickCount
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetPriorityClass
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExW
GetLocaleInfoW
GetUserDefaultLCID
ExitProcess
lstrlenA
GetCommandLineW
ExpandEnvironmentStringsW
CreateFileW
GetFinalPathNameByHandleW
SetUnhandledExceptionFilter
SetErrorMode
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameW
MoveFileA
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
OutputDebugStringW
SetCurrentDirectoryW
GetStringTypeW
SetEndOfFile
HeapSize
WaitForSingleObjectEx
WriteConsoleW
TlsFree
RtlCaptureStackBackTrace
user32
CreateDialogParamW
DialogBoxParamW
EndDialog
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
DrawTextW
GetDC
ReleaseDC
SetWindowTextW
ScreenToClient
MoveWindow
SetCursorPos
ClientToScreen
MapWindowPoints
GetActiveWindow
GetCursorPos
wsprintfW
GetAsyncKeyState
keybd_event
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
GetFocus
LoadImageW
AdjustWindowRectEx
TranslateMessage
DispatchMessageW
PeekMessageW
IsDialogMessageW
SetProcessDPIAware
GetForegroundWindow
UpdateWindow
SetWindowLongW
ChangeDisplaySettingsW
EnumDisplaySettingsW
MonitorFromWindow
GetMonitorInfoW
GetSystemMetrics
ReleaseCapture
SetCapture
GetKeyState
SetFocus
BringWindowToTop
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
PostMessageW
SendMessageW
LoadCursorW
CallNextHookEx
MessageBoxA
MessageBoxW
GetRawInputDeviceList
GetRawInputDeviceInfoA
GetWindowRect
SetCursor
GetClientRect
SetDlgItemTextA
SetForegroundWindow
gdi32
GetStockObject
DeleteObject
SelectObject
GetDeviceCaps
CreateFontA
comdlg32
GetOpenFileNameW
GetSaveFileNameW
advapi32
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
shell32
ShellExecuteW
SHGetFolderPathW
ole32
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoInitialize
dwmapi
DwmGetCompositionTimingInfo
Sections
.text Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1002KB - Virtual size: 1002KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 535KB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
minATL Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mydata Size: 512B - Virtual size: 8B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
data.win
-
options.ini