d:\Work\MyProjects\Frozen\Frozen\Anabios_Release\bios.pdb
Static task
static1
1 signatures
General
-
Target
cryostasis.exe
-
Size
2.9MB
-
MD5
a2f76843f5f2374503aa70c0a55f7550
-
SHA1
627673c0519cae1f5d324dc6055ab6829e1696cc
-
SHA256
05020a0c4d0cb46639afba6715ac6bf51b7847fef68950eb85af368f7d66c905
-
SHA512
932d57253918a3233cabe8287d9e78703c793e5b30eba9e64b4a6dfc3aefa16f7d72d27b1e627b49ba8fe24ed9db119031b0f5d9c7c1bfb63b10a129e968f510
-
SSDEEP
49152:SX8HlZY6XpMxMcKejp2FiNefEJ2CxCMnM6RPHa/Xhvcwa:SX8HlZYhxMcKejMYAfEJ2SCMnMa6/Xh6
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cryostasis.exe
Files
-
cryostasis.exe.exe windows:4 windows x86 arch:x86
7e4c0c5b6c5f054c514cef8178d0fdff
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
dinput8
DirectInput8Create
d3d9
Direct3DCreate9
d3dx9_39
D3DXCreateEffectFromFileA
D3DXFloat32To16Array
nxcooking
NxCookConvexMesh
NxCloseCooking
NxCookClothMesh
NxCookTriangleMesh
NxInitCooking
nxcharacter
NxReleaseControllerManager
NxCreateControllerManager
physxloader
NxGetUtilLib
NxCreatePhysicsSDK
fmodex
?createDSPByType@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PAPAVDSP@2@@Z
?addDSP@System@FMOD@@QAG?AW4FMOD_RESULT@@PAVDSP@2@PAPAVDSPConnection@2@@Z
?addDSP@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAVDSP@2@PAPAVDSPConnection@2@@Z
?getLength@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?setGeometrySettings@System@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?createGeometry@System@FMOD@@QAG?AW4FMOD_RESULT@@HHPAPAVGeometry@2@@Z
?getMaxPolygons@Geometry@FMOD@@QAG?AW4FMOD_RESULT@@PAH0@Z
?addPolygon@Geometry@FMOD@@QAG?AW4FMOD_RESULT@@MM_NHPBUFMOD_VECTOR@@PAH@Z
?addGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@@Z
?setPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getParameterInfo@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HPAD00HPAM1@Z
?getChannelsPlaying@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?getDriverCaps@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAIPAH1PAW4FMOD_SPEAKERMODE@@@Z
?setSpeakerMode@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_SPEAKERMODE@@@Z
?setDSPBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@IH@Z
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?set3DSettings@System@FMOD@@QAG?AW4FMOD_RESULT@@MMM@Z
?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z
?setParameter@DSP@FMOD@@QAG?AW4FMOD_RESULT@@HM@Z
?remove@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ
FMOD_Memory_Initialize
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?getUserData@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAPAX@Z
?getMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?setLoopCount@Sound@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setLoopCount@Channel@FMOD@@QAG?AW4FMOD_RESULT@@H@Z
?setMode@Channel@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?isPlaying@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?stop@Channel@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getPaused@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?set3DMinMaxDistance@Channel@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z
?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?setPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?setVolume@Channel@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?set3DAttributes@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@0@Z
?getNumParameters@DSP@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?set3DOcclusion@Channel@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z
fmod_event
?start@Event@FMOD@@QAG?AW4FMOD_RESULT@@XZ
_FMOD_EventSystem_Create@4
?stop@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getInfo@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAPADPAUFMOD_EVENT_INFO@@@Z
?getState@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?getParameter@Event@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVEventParameter@2@@Z
?set3DAttributes@Event@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@00@Z
?set3DOcclusion@Event@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z
?getValue@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@PAM@Z
?getRange@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@PAM0@Z
?setValue@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getParameterByIndex@Event@FMOD@@QAG?AW4FMOD_RESULT@@HPAPAVEventParameter@2@@Z
?keyOff@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getInfo@EventParameter@FMOD@@QAG?AW4FMOD_RESULT@@PAHPAPAD@Z
?getPaused@Event@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?getParentGroup@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVEventGroup@2@@Z
?setPaused@Event@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?getChannelGroup@Event@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z
kernel32
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
VirtualAlloc
FatalAppExitA
VirtualFree
ExitProcess
GetModuleFileNameA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
RtlUnwind
RaiseException
GetLastError
InterlockedExchange
LocalFree
LocalAlloc
SetStdHandle
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetTimeZoneInformation
CompareStringA
CompareStringW
IsDebuggerPresent
HeapSize
HeapAlloc
HeapFree
HeapReAlloc
LoadLibraryA
CloseHandle
TerminateProcess
GetCurrentProcess
SetThreadPriority
GetCurrentThread
CreateMutexA
OpenMutexA
GetSystemInfo
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
MoveFileExA
GetFileTime
CreateFileA
GetCurrentDirectoryA
CopyFileA
GetFileAttributesA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetFileAttributesA
SetFilePointer
ReadFile
WriteFile
FlushFileBuffers
CreateDirectoryA
GetSystemTime
GetModuleHandleA
WritePrivateProfileStringA
GetPrivateProfileStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
GetCurrentThreadId
HeapCreate
HeapDestroy
HeapCompact
CompareFileTime
FindNextFileA
FindClose
FindFirstFileA
lstrcpyA
GetFileSize
WaitForSingleObject
SetEvent
Sleep
SetThreadAffinityMask
CreateThread
CreateEventA
GetSystemTimeAsFileTime
GetLocalTime
SetEnvironmentVariableA
user32
ReleaseCapture
SetCapture
SetCursor
LoadCursorA
SetActiveWindow
GetActiveWindow
GetKeyState
SetWindowTextA
FindWindowA
EnableWindow
SetFocus
ShowWindow
ReleaseDC
GetDC
LoadIconA
RegisterClassA
ShowCursor
MessageBoxA
PeekMessageA
TranslateMessage
GetWindowRect
CreateWindowExA
DispatchMessageA
DestroyWindow
PostQuitMessage
SetWindowPos
DefWindowProcA
wsprintfA
gdi32
BitBlt
SetStretchBltMode
StretchBlt
DeleteObject
DeleteDC
CreateCompatibleDC
CreateDIBSection
SelectObject
GetStockObject
shell32
ShellExecuteA
ole32
CoInitialize
avifil32
AVIStreamSampleToTime
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamRelease
AVIStreamOpenFromFileA
AVIStreamInfoA
AVIStreamLength
AVIStreamGetFrameOpen
msvfw32
DrawDibOpen
DrawDibClose
DrawDibDraw
Exports
Exports
?Security_AllocateResources2@@YAXXZ
?Security_AllocateResources@@YAXXZ
?Security_CreateFile@@YA_NAAVFile@@@Z
?Security_InitCommands1@@YAXXZ
?Security_InitCommands2@@YAXXZ
?Security_InitCommands3@@YAXXZ
?Security_OpenFile@@YA_NAAVFile@@@Z
?Security_ReadDword@@YAXAAVFile@@PAX@Z
AgPmDestroySourceConnection
AgPmEventEnabled
AgPmEventLoggingEnabled
AgPmSubmitEvent
Sections
.text Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 240KB - Virtual size: 239KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 136KB - Virtual size: 129.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mysec Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ