7ebd1cc27b164902cc694fae81394f580fb9d3c8ff1db764ae7b5ca9fd6ccc05

Sharing

Copy URL Twitter E-mail

General

Target

7ebd1cc27b164902cc694fae81394f580fb9d3c8ff1db764ae7b5ca9fd6ccc05
Size

1.1MB
MD5

656bf7857c8809c8471835910e892572
SHA1

aa1c0881c81b7568d7f79695a4c9c4b244cf4bce
SHA256

7ebd1cc27b164902cc694fae81394f580fb9d3c8ff1db764ae7b5ca9fd6ccc05
SHA512

8de304d1f92d032983f2682fc8d0d469d019392ca235fde3a98c8230260eefe47b94210079acad8cfffbcb886893686d405221c1b767f516c96607bdb4936b1b
SSDEEP

12288:3Jvb9ZnPkD2Eyf4SHpWpeV9i9+Juz0UA+E4r9l:95ZnPkD2EcHpWp689+Juz7A+Ew9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ebd1cc27b164902cc694fae81394f580fb9d3c8ff1db764ae7b5ca9fd6ccc05

Files

7ebd1cc27b164902cc694fae81394f580fb9d3c8ff1db764ae7b5ca9fd6ccc05
.exe windows:6 windows x64 arch:x64

6d879b5001086a065262f05cbb15b680

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\assemblage\Builds\7968497527307323802elaaiuupce\Custom-Physics-master\raygame\assemblage_outdir_bin\raygame.pdb

Imports

kernel32

LeaveCriticalSection
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetThreadExecutionState
GetProcessHeap
HeapFree
HeapAlloc
EnterCriticalSection
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VirtualQuery
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoW
LoadLibraryA
FormatMessageW
GetProcAddress
GetModuleHandleW
FreeLibrary
GetLastError
VerSetConditionMask
QueryPerformanceFrequency
RaiseException
QueryPerformanceCounter

user32

ClipCursor
ClientToScreen
ScreenToClient
WindowFromPoint
SetRect
PtInRect
GetWindowLongW
SetWindowLongW
GetClassLongPtrW
LoadCursorW
DestroyIcon
LoadImageW
CreateIconIndirect
CopyIcon
MonitorFromWindow
GetRawInputData
GetCursorPos
GetClientRect
GetRawInputDeviceList
IsWindowVisible
SetWindowPos
MoveWindow
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
RegisterClassExW
UnregisterClassW
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
TrackMouseEvent
SetCursor
SetCursorPos
AdjustWindowRectEx
RegisterRawInputDevices
GetWindowRect
SetWindowTextW
RemovePropW
GetPropW
SetPropW
RedrawWindow
SetForegroundWindow
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
GetAsyncKeyState
GetKeyState
GetActiveWindow
SetFocus
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
IsZoomed
BringWindowToTop
GetRawInputDeviceInfoA
TranslateMessage
DispatchMessageW
PeekMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
CreateWindowExW
DestroyWindow
ShowWindow
ToUnicode
MapVirtualKeyW
SystemParametersInfoW
GetDC
ReleaseDC
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplaySettingsExW
EnumDisplayDevicesW
GetMonitorInfoW
IsIconic

gdi32

CreateDCW
GetDeviceCaps
GetDeviceGammaRamp
SetDeviceGammaRamp
CreateBitmap
CreateRectRgn
DeleteObject
CreateDIBSection
ChoosePixelFormat
DescribePixelFormat
SetPixelFormat
SwapBuffers
DeleteDC

shell32

DragFinish
DragQueryPoint
DragQueryFileW
DragAcceptFiles

msvcp140d

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Debug_message@std@@YAXPEB_W0I@Z
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z

vcruntime140d

_CxxThrowException
memset
__std_exception_copy
__std_exception_destroy
memcpy
strrchr
strstr
memcmp
memmove
__C_specific_handler
__std_type_info_destroy_list
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_LoadLibraryExW
__CxxFrameHandler3

ucrtbased

fopen_s
fclose
fopen
fputc
fputs
fread
fseek
ftell
fwrite
rewind
__stdio_common_vsscanf
calloc
free
malloc
realloc
srand
rand
strcmp
strcpy
strlen
strncmp
strncpy
_time64
tolower
_getcwd
_chdir
qsort
strncat
fgets
__stdio_common_vsprintf
_wassert
cos
fmod
pow
ceil
ceilf
logf
exit
__acrt_iob_func
__stdio_common_vfprintf
strcat
frexp
strtod
strtol
sinf
fmin
hypot
ldexp
_hypotf
feof
strcspn
strspn
strtoul
wcscmp
wcscpy
_callnewh
_free_dbg
_seh_filter_exe
_set_app_type
__setusermatherr
_configure_narrow_argv
_initialize_narrow_environment
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
_set_fmode
__p___argc
__p___argv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_configthreadlocale
_set_new_mode
__p__commode
_CrtDbgReport
_seh_filter_dll
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
terminate
__stdio_common_vsprintf_s
_wmakepath_s
_wsplitpath_s
wcscpy_s
_CrtDbgReportW
_invalid_parameter
powf
cosf
atan2f
asinf
fminf
fmaxf
round
sqrtf
tan
sqrt
log
fabs
atan2
acos
fmax
abs
floor

Sections

.textbss
Size: - Virtual size: 326KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 255KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 341B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d879b5001086a065262f05cbb15b680

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

msvcp140d

vcruntime140d

ucrtbased

Sections

.textbss Size: - Virtual size: 326KB

.text Size: 676KB - Virtual size: 675KB

.rdata Size: 119KB - Virtual size: 119KB

.data Size: 255KB - Virtual size: 279KB

.pdata Size: 26KB - Virtual size: 26KB

.idata Size: 13KB - Virtual size: 12KB

.gfids Size: 512B - Virtual size: 341B

.00cfg Size: 512B - Virtual size: 283B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

.textbss
Size: - Virtual size: 326KB

.text
Size: 676KB - Virtual size: 675KB

.rdata
Size: 119KB - Virtual size: 119KB

.data
Size: 255KB - Virtual size: 279KB

.pdata
Size: 26KB - Virtual size: 26KB

.idata
Size: 13KB - Virtual size: 12KB

.gfids
Size: 512B - Virtual size: 341B

.00cfg
Size: 512B - Virtual size: 283B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB