4adac0ce98888e6acefb38702593871905503c5732eae2f40adc9e4a0b6f9812

Sharing

Copy URL Twitter E-mail

General

Target

4adac0ce98888e6acefb38702593871905503c5732eae2f40adc9e4a0b6f9812
Size

3.0MB
MD5

18627a2ef3d34872173c6226a405c9fe
SHA1

0f9566e4eb1093c2283dcab17b7eddf88d958e51
SHA256

4adac0ce98888e6acefb38702593871905503c5732eae2f40adc9e4a0b6f9812
SHA512

dbd274d631b142e044ce08d90e9d40889a87a6f3c0bb1f19156b0c5893ee6e00698aacdde1656a2e5ad3084acfee0e98eebf949e9464d5cda611efc2b2e5abee
SSDEEP

49152:JLxHwMqexKfl3h4fohZv4WLIpm2nrLPJ1CPkGczJW0jN7:Jeied//vnIpmY7J1CMGA00jN7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4adac0ce98888e6acefb38702593871905503c5732eae2f40adc9e4a0b6f9812

Files

4adac0ce98888e6acefb38702593871905503c5732eae2f40adc9e4a0b6f9812
.exe windows:4 windows x86 arch:x86

bab33bfa41823efb6ba95ccc2751a8d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Speed\Pc\cd\SpeedR.pdb

Imports

d3d9

Direct3DCreate9

dinput8

DirectInput8Create

user32

SetWindowLongA
ShowCursor
PostThreadMessageA
wsprintfA
GetForegroundWindow
GetKeyState
keybd_event
RegisterClassA
IsIconic
GetWindowLongA
AdjustWindowRectEx
CreateWindowExA
GetDesktopWindow
ShowWindow
SetFocus
ClientToScreen
UnhookWindowsHookEx
wvsprintfA
SetCursorPos
EndPaint
DestroyWindow
GetMessageA
PostQuitMessage
SetCapture
BeginPaint
TranslateMessage
PeekMessageA
DefWindowProcA
PostMessageA
DispatchMessageA
ReleaseCapture
SetCursor
GetWindowRect
RegisterClassExA
SetForegroundWindow
GetClientRect
SetWindowsHookExA
LoadCursorA
AdjustWindowRect
SetRect
UnregisterClassA
SetActiveWindow
GetSystemMetrics
SetWindowPos
LoadIconA
CharUpperA
SystemParametersInfoA
SendNotifyMessageA
CallNextHookEx
GetAsyncKeyState
UpdateWindow

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA

winmm

timeGetTime
timeBeginPeriod
timeKillEvent
timeSetEvent
timeEndPeriod
timeGetDevCaps

gdi32

GetStockObject
DeleteObject

shfolder

SHGetFolderPathA

shell32

ShellExecuteA

ws2_32

socket
shutdown
bind
connect
ioctlsocket
setsockopt
WSAStartup
WSAGetLastError
closesocket
listen
accept
sendto
send
recvfrom
recv
getsockopt
select
getpeername
getsockname
WSAIoctl
gethostbyname
WSACleanup
ntohl
ntohs
htons
htonl

kernel32

GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
ReadConsoleInputA
IsBadCodePtr
SetUnhandledExceptionFilter
SetStdHandle
VirtualQuery
VirtualProtect
GetOEMCP
GetACP
GetCurrentProcessId
GetStringTypeW
GetStringTypeA
IsValidCodePage
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
IsValidLocale
EnumSystemLocalesA
CompareStringA
GetLocaleInfoA
GetUserDefaultLCID
GetCPInfo
RaiseException
FlushFileBuffers
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
HeapReAlloc
HeapCreate
HeapDestroy
TlsAlloc
TlsFree
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
TlsGetValue
TlsSetValue
ExitThread
GetSystemTimeAsFileTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
Process32First
Sleep
GetLastError
GetLongPathNameA
Process32Next
CreateToolhelp32Snapshot
CloseHandle
GetVersionExA
GetCurrentDirectoryA
FindClose
FindFirstFileA
DeleteFileA
CreateDirectoryA
SetCurrentDirectoryA
WaitForSingleObject
GetModuleHandleA
GetLogicalDrives
GetDriveTypeA
SuspendThread
ResumeThread
OutputDebugStringA
GetTimeFormatA
GetDateFormatA
SetProcessAffinityMask
SetPriorityClass
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
GetPriorityClass
SetThreadPriority
GetThreadPriority
GetProcessAffinityMask
QueryPerformanceFrequency
IsBadReadPtr
IsBadWritePtr
GetSystemInfo
IsProcessorFeaturePresent
lstrcmpiA
GetFullPathNameA
WideCharToMultiByte
MapViewOfFile
GetFileSize
CreateFileMappingA
CreateFileA
CreateFileW
UnmapViewOfFile
GetProcAddress
LoadLibraryA
SetEvent
ResetEvent
SetLastError
CreateEventA
LocalFree
FormatMessageA
WriteFile
SetFilePointer
MoveFileA
ReadFile
GetVolumeInformationA
SetEndOfFile
GetLogicalDriveStringsA
GetDiskFreeSpaceA
TerminateThread
SleepEx
GetCurrentThreadId
GetExitCodeThread
DuplicateHandle
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
CreateMutexA
ReleaseMutex
VirtualFree
VirtualAlloc
CreateThread
InterlockedExchange
HeapFree
GetProcessHeap
HeapAlloc
WaitCommEvent
GetOverlappedResult
SetCommMask
WaitForMultipleObjects
PurgeComm
SetCommState
GetCommState
SetCommConfig
GetCommConfig
SetCommTimeouts
SetupComm
GetCommandLineA
ExitProcess
TerminateProcess

dsound

ord1

ddraw

DirectDrawCreate

tapi32

lineOpen
lineGetDevCaps
lineShutdown
lineInitialize
lineAnswer
lineMakeCall
lineGetID
lineClose
lineNegotiateAPIVersion

netapi32

Netbios

dinput

DirectInputCreateA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 767KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bab33bfa41823efb6ba95ccc2751a8d1

Headers

File Characteristics

PDB Paths

Imports

d3d9

dinput8

user32

advapi32

winmm

gdi32

shfolder

shell32

ws2_32

kernel32

dsound

ddraw

tapi32

netapi32

dinput

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 208KB - Virtual size: 767KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 208KB - Virtual size: 767KB