8d5d56c86c34657f8bf8d8e9837474bfa22ef1a1e033cfb1eef04f77ed81e3c6

Sharing

Copy URL Twitter E-mail

General

Target

8d5d56c86c34657f8bf8d8e9837474bfa22ef1a1e033cfb1eef04f77ed81e3c6
Size

870KB
MD5

f000fa6d2988ad3cbbe41054f816971c
SHA1

7b42a27f24b5f39e156a6c566a7db1060bdb61af
SHA256

8d5d56c86c34657f8bf8d8e9837474bfa22ef1a1e033cfb1eef04f77ed81e3c6
SHA512

69a33916ed4a96a16fbc9de0634c066bca5a2328ad76a6e92939e0251ba96359e36a7afef941221327adf91be41f6dd90b3ae2ad9a670cfb4aeecace40c54b81
SSDEEP

6144:rOFUfV5ZMpTyha1C54ADt4ERM7rcESi3327hs01c8hSp9+/Jxy+bliIuRyA61iSi:rrPwTDc5wVr327Gd86Y/JxjXu8A7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d5d56c86c34657f8bf8d8e9837474bfa22ef1a1e033cfb1eef04f77ed81e3c6

Files

8d5d56c86c34657f8bf8d8e9837474bfa22ef1a1e033cfb1eef04f77ed81e3c6
.exe windows:6 windows x64 arch:x64

b5badf61d6c6bafb6ee326d880001874

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\assemblage\Builds\5512252788881623884sjcpbagcns\raygame\assemblage_outdir_bin\raygame.pdb

Imports

winmm

timeEndPeriod
timeBeginPeriod

kernel32

GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
FormatMessageW
WideCharToMultiByte
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
MultiByteToWideChar
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
HeapAlloc
VerSetConditionMask
SetThreadExecutionState
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
GetModuleHandleW
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
HeapFree
GetProcessHeap
RtlCaptureContext
VirtualQuery
GetCurrentThreadId

user32

ReleaseCapture
MsgWaitForMultipleObjects
GetSystemMetrics
SetForegroundWindow
GetDC
ReleaseDC
RedrawWindow
SetPropW
GetPropW
RemovePropW
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursorPos
SetCursor
GetCursorPos
ClientToScreen
GetClipboardData
WindowFromPoint
ClipCursor
SetRect
PtInRect
GetWindowLongW
SetWindowLongW
GetClassLongPtrW
LoadCursorW
DestroyIcon
LoadImageW
SetCapture
SystemParametersInfoW
MonitorFromWindow
GetMonitorInfoW
GetRawInputData
RegisterRawInputDevices
RegisterDeviceNotificationW
UnregisterDeviceNotification
ToUnicode
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplaySettingsExW
EnumDisplayDevicesW
EnumDisplayMonitors
GetRawInputDeviceInfoA
GetRawInputDeviceList
MapVirtualKeyW
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
GetKeyState
GetActiveWindow
SetFocus
CreateIconIndirect
EmptyClipboard
ShowWindow
TrackMouseEvent
TranslateMessage
DispatchMessageW
PeekMessageW
GetMessageTime
SendMessageW
PostMessageW
WaitMessage
DefWindowProcW
UnregisterClassW
RegisterClassExW
CreateWindowExW
DestroyWindow
ScreenToClient

gdi32

CreateBitmap
DeleteObject
CreateDIBSection
CreateDCW
DeleteDC
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers
CreateRectRgn

shell32

DragQueryPoint
DragQueryFileW
DragFinish
DragAcceptFiles

vcruntime140_1d

__CxxFrameHandler4

vcruntime140d

__current_exception_context
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_LoadLibraryExW
__C_specific_handler_noexcept
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__current_exception
memmove
memcmp
memset
memcpy
strstr
strrchr
strchr
__RTDynamicCast
__C_specific_handler
__std_type_info_destroy_list

ucrtbased

fputc
fputs
fwrite
__stdio_common_vsprintf
__stdio_common_vsscanf
_time64
_stat64i32
_access
_findclose
_findfirst64i32
_findnext64i32
_getcwd
_chdir
asinf
cosf
floor
fmod
log
powf
sinf
sqrt
sqrtf
strcmp
tan
strtod
strtol
feof
fopen
fread
fseek
ftell
__stdio_common_vfprintf
__stdio_common_vsprintf_s
fmax
fmin
frexp
hypot
ldexp
_hypotf
ceil
ceilf
logf
pow
exit
__acrt_iob_func
qsort
fgets
strncat
toupper
tolower
acos
fclose
strcspn
strspn
strtoul
fabs
_CrtDbgReport
_CrtDbgReportW
_callnewh
_free_dbg
_seh_filter_exe
_set_app_type
__setusermatherr
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_set_fmode
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
strcpy_s
strcat_s
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
_wmakepath_s
_wsplitpath_s
wcscpy_s
fopen_s
rand
srand
_errno
realloc
malloc
free
calloc
roundf
fminf
fmaxf
round
acosf
atan2f
strpbrk
strncpy
strncmp
cos
system

Sections

.textbss
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 512B - Virtual size: 430B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5badf61d6c6bafb6ee326d880001874

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

kernel32

user32

gdi32

shell32

vcruntime140_1d

vcruntime140d

ucrtbased

Sections

.textbss Size: - Virtual size: 260KB

.text Size: 558KB - Virtual size: 558KB

.rdata Size: 248KB - Virtual size: 248KB

.data Size: 11KB - Virtual size: 53KB

.pdata Size: 30KB - Virtual size: 29KB

.idata Size: 12KB - Virtual size: 11KB

.msvcjmc Size: 512B - Virtual size: 430B

.tls Size: 1024B - Virtual size: 796B

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.textbss
Size: - Virtual size: 260KB

.text
Size: 558KB - Virtual size: 558KB

.rdata
Size: 248KB - Virtual size: 248KB

.data
Size: 11KB - Virtual size: 53KB

.pdata
Size: 30KB - Virtual size: 29KB

.idata
Size: 12KB - Virtual size: 11KB

.msvcjmc
Size: 512B - Virtual size: 430B

.tls
Size: 1024B - Virtual size: 796B

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB