Rift X Installer[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Rift X Installer.exe
Size

4.8MB
MD5

e05e03bc8a0b9f435ca90fc0d78a828e
SHA1

19278a5f99f989bf504f7d6869c49afe207afe6d
SHA256

bd5ffa82831abac90451c60585110daa6ff7eee249fdaebf0db4dc37bcd77d19
SHA512

709a2b117f64b5e9e9fb16522075cc09521c69fc09230b08b06296f75e538af18af95cc7f1cd06be660cc6b6fee867332c0de1212076dc8491460fae19b3c737
SSDEEP

98304:groSJ17ADReD4g+i/HBYxWhczcW4ihY5VZQhWVwLx:groSJ174eD4g+yHBYxWhcgW4gUQhCSx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Rift X Installer.exe

Files

Rift X Installer.exe
.exe windows:4 windows x86 arch:x86

Password: Riftyxy

26ca8bfb8fa605a027fdf343592eca3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
SetFileAttributesA
CreateProcessA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetShortPathNameA
GetFullPathNameA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
GetDriveTypeA
LoadLibraryA
CopyFileA
FindFirstFileA
FindNextFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
FormatMessageA
GetVersionExW
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MoveFileA
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
TerminateProcess
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
HeapCompact
HeapAlloc
HeapFree
DeleteFileA
CreateFileA
FormatMessageW
WritePrivateProfileStringW
GetPrivateProfileStringW
FindNextFileW
FindFirstFileW
CopyFileW
LoadLibraryW
GetDriveTypeW
RemoveDirectoryW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
GetShortPathNameW
GetTempPathW
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
CreateProcessW
SetFileAttributesW
GetFileAttributesW
MoveFileW
DeleteFileW
FlushFileBuffers
CreateFileW
GetVersion
GetVersionExA
GetCommandLineW
GetCurrentProcess
MoveFileExW
WideCharToMultiByte
GetUserDefaultLangID
SetFileTime
SetErrorMode
GetLocalTime
Sleep
GetExitCodeProcess
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
SetFilePointer
WriteFile
ReadFile
FindClose
GetProcAddress
FreeLibrary
GetDiskFreeSpaceW
GetDiskFreeSpaceA
IsBadCodePtr
GetLastError

user32

PostMessageA
SendDlgItemMessageA
PeekMessageA
GetMessageA
DispatchMessageA
CharToOemA
GetDlgItemTextA
SetDlgItemTextA
SetWindowTextA
DrawTextA
FindWindowA
CreateWindowExA
RegisterClassA
LoadCursorW
GetWindow
GetSysColor
ScreenToClient
GetWindowLongA
CharToOemW
DispatchMessageW
GetMessageW
PeekMessageW
SendDlgItemMessageW
PostMessageW
GetWindowLongW
SetWindowLongW
MessageBoxW
GetDlgItemTextW
SetDlgItemTextW
SetWindowTextW
DrawTextW
IsDialogMessageW
DialogBoxParamW
CreateDialogParamW
CallWindowProcW
DefWindowProcW
SetWindowLongA
IsDialogMessageA
LoadIconA
DialogBoxParamA
CreateDialogParamA
CallWindowProcA
DefWindowProcA
LoadIconW
GetWindowRect
GetClassNameA
GetDlgItem
EndPaint
BeginPaint
GetClientRect
FillRect
GetSystemMetrics
SetCursor
LoadCursorA
EnableWindow
TranslateMessage
SendMessageA
SendMessageW
FindWindowW
CreateWindowExW
GetClassNameW
RegisterClassW
GetLastActivePopup
BringWindowToTop
ExitWindowsEx
IsIconic
PostQuitMessage
AdjustWindowRectEx
EndDialog
IsDlgButtonChecked
CheckDlgButton
CheckRadioButton
SetFocus
GetParent
UpdateWindow
IsWindowVisible
InvalidateRect
RedrawWindow
SetWindowPos
ShowWindow
DestroyWindow
IsWindowEnabled
ValidateRect

gdi32

AddFontResourceW
RemoveFontResourceW
CreateFontIndirectA
GetObjectW
AddFontResourceA
RemoveFontResourceA
CreateFontIndirectW
GetStockObject
SetBkMode
SetTextColor
StretchDIBits
SetStretchBltMode
SetBrushOrgEx
CreateSolidBrush
CreateDIBPatternBrush
CreateHalftonePalette
SelectPalette
RealizePalette
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
ExtTextOutA
SetBkColor
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
GetObjectA
BitBlt
DeleteDC

comdlg32

GetOpenFileNameA
GetOpenFileNameW

advapi32

RegDeleteValueW
AdjustTokenPrivileges
LookupPrivilegeValueA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
OpenProcessToken

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileW
ShellExecuteW
SHGetSpecialFolderLocation
SHGetMalloc
DragQueryFileA

ole32

CoGetMalloc
OleInitialize
OleUninitialize
CoCreateInstance

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerFindFileA
VerFindFileW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

comctl32

ImageList_LoadImageW
ord17
ImageList_LoadImageA

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: Riftyxy

26ca8bfb8fa605a027fdf343592eca3b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

version

comctl32

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 25KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 25KB

.rsrc
Size: 12KB - Virtual size: 10KB