toy2[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

toy2.exe
Size

1.2MB
MD5

9a0b9432ac4dd8c06e7e46d4ceaec3cf
SHA1

175e57449b204504571202e17e1c75d65e44e4ac
SHA256

023eb6a9459443b34d24cf685591bfeb3b95e1acf579405f6d8fa4407ccbdaf0
SHA512

c3b1b5fc9ebed8e4c43625b80343fd7bc1c3ce0bb8ed7cb130a0090d6b2b8de43342c27f1217921a538e21be6f07f607f9d8ab513b940a6cba84ca3f144e83a5
SSDEEP

24576:JgM5zoZ9tBwEjQ1XPD0cn1aU1SNlY3NoF8dDgBISlFXqatR62BW:JJy9tBwEjQ1XPIcn1a2SN77ACPg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
toy2.exe

Files

toy2.exe
.exe windows:4 windows x86 arch:x86

5955863762131cd1a8a1a76be463cd76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mmioSetInfo
timeGetTime
mmioCreateChunk
mmioWrite
mmioGetInfo
mmioAdvance
mmioSeek
mmioOpenA
mmioRead
mmioClose
mmioDescend
mmioAscend

ddraw

DirectDrawCreate
DirectDrawEnumerateA

dinput

DirectInputCreateA

dsound

ord2
ord1

kernel32

GetLastError
GlobalAlloc
GlobalUnlock
GlobalHandle
GlobalLock
ResetEvent
ReleaseSemaphore
GlobalFree
DeviceIoControl
CreateFileA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
RaiseException
SetEvent
WaitForMultipleObjects
WaitForSingleObject
CreateEventA
InitializeCriticalSection
CreateThread
LeaveCriticalSection
CreateSemaphoreA
CloseHandle
lstrlenA
EnterCriticalSection
MulDiv
lstrcpyA
OutputDebugStringA
lstrcatA
GetOEMCP
CompareStringA
LoadLibraryA
LocalFree
GetACP
FormatMessageA
MultiByteToWideChar
lstrcmpA
RtlUnwind
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleFileNameA
UnhandledExceptionFilter
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
WriteFile
ReadFile
LCMapStringW
LCMapStringA
GetCPInfo
HeapSize
IsBadWritePtr
WideCharToMultiByte
VirtualAlloc
VirtualFree
HeapReAlloc
HeapDestroy
GetVersion
HeapCreate
GetStartupInfoA
DeleteFileA
GetCommandLineA
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
lstrcmpiA
ExitProcess
GetProcAddress
Sleep
GetModuleHandleA
GetStringTypeW
SetStdHandle
GetStringTypeA
FlushFileBuffers

user32

DrawMenuBar
ShowWindow
SetFocus
DispatchMessageA
PostQuitMessage
DefWindowProcA
DestroyWindow
UpdateWindow
LoadCursorA
CreateWindowExA
RegisterClassA
SetRect
LoadIconA
SetWindowTextA
ClientToScreen
ReleaseDC
GetDC
SendMessageA
SetWindowPos
GetWindowRect
GetWindowLongA
AdjustWindowRectEx
GetMenu
BeginPaint
GetClientRect
EndPaint
LoadAcceleratorsA
RegisterClassExA
wsprintfA
MessageBoxA
AppendMenuA
SystemParametersInfoA
GetAsyncKeyState
LoadImageA
GetSystemMetrics
PeekMessageA
InvalidateRect
EndDialog
ShowCursor
LoadStringA
TranslateMessage
GetMessageA
RedrawWindow
TranslateAcceleratorA
AdjustWindowRect
GetMenuItemCount
SendDlgItemMessageA
DialogBoxParamA
DialogBoxIndirectParamA

gdi32

CreateDIBSection
GetDIBColorTable
SetDIBits
GetTextMetricsA
DeleteObject
GetSystemPaletteEntries
GetTextExtentPointA
GetPixel
CreateFontIndirectA
GetDeviceCaps
SelectObject
TextOutA
CreateFontA
SetTextColor
BitBlt
CreateDIBitmap
DeleteDC
GetObjectA
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutA
StretchBlt
GetTextExtentPoint32A
SetBkColor
SetPixel
GetStockObject

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 876KB - Virtual size: 875KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 9.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5955863762131cd1a8a1a76be463cd76

Headers

File Characteristics

Imports

winmm

ddraw

dinput

dsound

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 876KB - Virtual size: 875KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 176KB - Virtual size: 9.4MB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 88KB - Virtual size: 85KB

.reloc Size: 96KB - Virtual size: 93KB

.text
Size: 876KB - Virtual size: 875KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 176KB - Virtual size: 9.4MB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 88KB - Virtual size: 85KB

.reloc
Size: 96KB - Virtual size: 93KB