33994da6090887deef1a718a2dff12077706d9ffd04c8e6e0e9588f56ebfd243

Sharing

Copy URL

Twitter E-mail

General

Target

33994da6090887deef1a718a2dff12077706d9ffd04c8e6e0e9588f56ebfd243
Size

7.3MB
MD5

b8d6211e17f5046af5f3d357b87d0e2c
SHA1

6841e69f029822fc98a0a95259661aa0afa8a8e2
SHA256

33994da6090887deef1a718a2dff12077706d9ffd04c8e6e0e9588f56ebfd243
SHA512

1e40cb851ffa8a6cd892eb3518fb9dec352f4f7906ab3c2c59970039e66d4bab52fbcf6c1efed0cdf3c4eea02e3d7d2f17c85695f7cd3eab9b089bae573ea6dd
SSDEEP

196608:K2kSKEko1nisbpW2/JuoLl5oSwf669WxvWU1ZMNZuc:ESKETnrdW2xuoLl5oSIrcIUzY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33994da6090887deef1a718a2dff12077706d9ffd04c8e6e0e9588f56ebfd243

Files

33994da6090887deef1a718a2dff12077706d9ffd04c8e6e0e9588f56ebfd243
.exe windows:5 windows x86 arch:x86

9bb8cb1f85a3976c1029795ecdc3a6c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vmagent_new\bin\joblist\765464\out\Release\GameAssistantSetup.pdb

Imports

kernel32

FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
GetLongPathNameW
GetVolumeInformationW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
GlobalAlloc
GlobalFree
MoveFileExW
GetFileAttributesExW
GetCurrentProcess
OpenThread
GetModuleHandleExW
lstrcmpiW
GetThreadLocale
SetThreadLocale
GetVersionExW
SystemTimeToFileTime
GetLocalTime
GetCommandLineW
GetCurrentDirectoryW
CreateDirectoryW
GetFileAttributesW
LocalFileTimeToFileTime
lstrcmpA
LocalFree
GetModuleHandleA
OpenProcess
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
MapViewOfFile
GetCurrentThreadId
lstrlenA
LoadLibraryW
UnmapViewOfFile
CreateFileMappingW
GetFileSize
GetTimeZoneInformation
GetPrivateProfileStringW
GetPrivateProfileIntW
FindResourceW
SizeofResource
LockResource
WriteConsoleW
SetStdHandle
FindClose
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
FlushFileBuffers
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
LCMapStringW
CompareStringW
GetFileType
GetStdHandle
ExitProcess
FreeLibraryAndExitThread
ExitThread
CreateThread
RtlUnwind
FreeResource
GetSystemWindowsDirectoryW
lstrcmpiA
InitializeSListHead
LoadResource
FindResourceExW
GetProcessHeap
HeapSize
HeapDestroy
OutputDebugStringW
WriteFile
SetFilePointer
ReadFile
GetFileSizeEx
ExpandEnvironmentStringsW
GetModuleFileNameW
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSection
GetUserDefaultLCID
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
GetTimeFormatW
GetDateFormatW
LoadLibraryExW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetSystemDirectoryW
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
TerminateProcess
Sleep
CreateEventW
CreateMutexW
WaitForSingleObjectEx
WaitForSingleObject
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
DeleteFileW
SetFilePointerEx
SetEnvironmentVariableW
IsDebuggerPresent
GetStringTypeW
LeaveCriticalSection
TryEnterCriticalSection
EnterCriticalSection
GetCPInfo
LCMapStringEx
DeviceIoControl
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentVariableW
FormatMessageW
GetACP
MulDiv
GlobalSize
VerSetConditionMask
VerifyVersionInfoW
GlobalUnlock
SetErrorMode
SetLastError
GetLastError
RaiseException
CloseHandle
SetFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
CreateFileA
HeapLock
HeapUnlock
HeapWalk
ReleaseMutex
TlsAlloc
TlsGetValue
TlsSetValue
GlobalLock
TlsFree
CreateFileW

user32

FindWindowW
PostMessageW
DefWindowProcW
RegisterClassExW
CreateWindowExW
IsWindow
DestroyWindow
ShowWindow
GetWindowLongW
SetWindowLongW
CharLowerW
GetSystemMetrics
IntersectRect
OffsetRect
EqualRect
PtInRect
GetMonitorInfoW
EnumDisplayMonitors
AttachThreadInput
IsIconic
BringWindowToTop
SetActiveWindow
GetForegroundWindow
SetForegroundWindow
GetDesktopWindow
DrawTextW
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
GetAsyncKeyState
GetSysColor
ClientToScreen
SetCursor
UnionRect
MonitorFromPoint
IsZoomed
GetCursorPos
GetKeyState
ScreenToClient
SendMessageTimeoutW
UpdateLayeredWindow
IsRectEmpty
GetUpdateRect
MoveWindow
EndPaint
BeginPaint
InvalidateRect
ReleaseCapture
SetCapture
GetFocus
GetDC
CallWindowProcW
RegisterClassW
LoadCursorW
ReleaseDC
GetWindowThreadProcessId
wsprintfW
SetWindowPos
IsWindowVisible
CharNextW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
PostQuitMessage
SetTimer
KillTimer
GetClientRect
GetWindowRect
MapWindowPoints
GetParent
GetWindow
LoadImageW
MonitorFromWindow
SetFocus
EnableWindow
SetWindowTextW
SetWindowRgn

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
CloseServiceHandle
RegQueryInfoKeyW
RegEnumKeyExW
StartServiceW
SetServiceObjectSecurity
QueryServiceStatus
QueryServiceObjectSecurity
OpenServiceW
ChangeServiceConfigW
RegEnumKeyExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetTokenInformation
OpenProcessToken
OpenSCManagerW

shell32

ord165
SHGetPathFromIDListW
SHGetSpecialFolderPathW
CommandLineToArgvW
ShellExecuteW
SHBrowseForFolderW
SHGetFolderPathW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc
CreateStreamOnHGlobal
CoCreateGuid
OleInitialize
OleUninitialize

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW
StrStrIW
PathAppendW
SHDeleteValueW
StrCmpIW
StrStrIA
PathRemoveFileSpecW
SHGetValueW
StrCmpNIW
PathCanonicalizeW
PathIsDirectoryW
PathIsPrefixW
PathIsRootW
PathRemoveBackslashW
PathIsRelativeW
PathFindFileNameW
SHSetValueW
SHGetValueA
SHSetValueA
PathCombineW
StrTrimA

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

psapi

GetModuleFileNameExW

gdiplus

GdipCreateRegionPath
GdipDeleteRegion
GdipSetPathGradientFocusScales
GdipFillRegion
GdipCreatePathGradientFromPath
GdiplusShutdown
GdipDeletePath
GdipCreatePath
GdipSetPixelOffsetMode
GdipImageGetFrameDimensionsList
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipSetPathGradientPresetBlend
GdipImageGetFrameCount
GdipCreateBitmapFromStream
GdiplusStartup
GdipAlloc
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipSetPathGradientWrapMode
GdipImageGetFrameDimensionsCount
GdipCloneBrush
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipCreatePen1
GdipCreateBitmapFromScan0
GdipDeleteGraphics
GdipDrawImageRectRectI
GdipDeleteBrush
GdipAddPathPath
GdipGetPropertyItem
GdipCreateFromHDC
GdipMeasureString
GdipFillEllipse
GdipDrawEllipse
GdipDrawString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipSetStringFormatTrimming
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawPath
GdipDrawRectangleI
GdipDrawLineI
GdipCreateLineBrushFromRectI
GdipFillPath
GdipCreateSolidFill
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipSetSmoothingMode
GdipClosePathFigure
GdipAddPathArc
GdipAddPathLine
GdipAddPathEllipse
GdipAddPathRectangle
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipGetWorldTransform
GdipLoadImageFromFile
GdipImageRotateFlip
GdipDrawImageRect
GdipSetWorldTransform
GdipRotateMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCreateMatrix
GdipCreatePen2
GdipSetLineBlend
GdipCreateLineBrushFromRect
GdipDrawArc
GdipDeletePen

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

crypt32

CryptBinaryToStringA

winmm

timeKillEvent
timeSetEvent

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

msimg32

AlphaBlend

iphlpapi

GetAdaptersInfo

wininet

InternetConnectW
InternetSetOptionW
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
InternetCrackUrlW
InternetOpenW
InternetCloseHandle
HttpOpenRequestW

gdi32

DeleteObject
GetObjectW
CreateRoundRectRgn
BitBlt
CreateFontIndirectW
GetDeviceCaps
GetWindowOrgEx
CreateRectRgnIndirect
SaveDC
ExtSelectClipRgn
RestoreDC
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteDC
SetWindowOrgEx
SetStretchBltMode
StretchBlt
SetTextColor
SetBkColor
SetBkMode
GetObjectA
GetStockObject

Sections

.text
Size: 969KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bb8cb1f85a3976c1029795ecdc3a6c2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

version

psapi

gdiplus

comctl32

crypt32

winmm

imm32

msimg32

iphlpapi

wininet

gdi32

Sections

.text Size: 969KB - Virtual size: 968KB

.rdata Size: 240KB - Virtual size: 239KB

.data Size: 35KB - Virtual size: 46KB

.rsrc Size: 6.0MB - Virtual size: 6.0MB

.reloc Size: 61KB - Virtual size: 60KB

.text
Size: 969KB - Virtual size: 968KB

.rdata
Size: 240KB - Virtual size: 239KB

.data
Size: 35KB - Virtual size: 46KB

.rsrc
Size: 6.0MB - Virtual size: 6.0MB

.reloc
Size: 61KB - Virtual size: 60KB