G:\Projects\mdl-flip\build\bin\RelWithDebInfo\mdl-flip.pdb
Static task
static1
1 signatures
General
-
Target
mdl-flip_v12.zip
-
Size
1.6MB
-
MD5
ea6cb324c3a0f49ee867fcb21fbd30d0
-
SHA1
5f333139885257f35e32341e613e44229a799fd2
-
SHA256
86727e7a96be89f413015181494253bce216a2bb191fcc284bbe103515956ea6
-
SHA512
d7bcb63ab68b4586809997bc91f03e52b912b333f54acb9b3d03ae35231b8b73409136d4f6777f5cbb2c2de21fdac52543f442e10ec2b2218b5506f3f6f8f8af
-
SSDEEP
24576:9FGEOK0Qgjh+6+ecuH8n9Gv5XfYLmY3O629ULcJTzgndv8/hb4WSiiecGCNUs9Xl:9YMgjpCi8QRPYLmY3O6Ohgndv9WuGYGQ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack001/mdl-flip.exe unpack001/utils/mdldec.exe unpack001/utils/pxstudiomdl.exe unpack001/utils/studiomdl_funnkyhd.exe unpack001/utils/studiomdl_p2s.exe
Files
-
mdl-flip_v12.zip.zip
-
mdl-flip.exe.exe windows:6 windows x86 arch:x86
94441a14f3dd1553896c9b6604a4bca2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
kernel32
WriteConsoleW
GetStdHandle
GetConsoleMode
SetConsoleMode
SetConsoleOutputCP
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetModuleFileNameW
RaiseException
RtlUnwind
GetLastError
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapSize
QueryPerformanceCounter
QueryPerformanceFrequency
LocalFree
FormatMessageA
GetLocaleInfoEx
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetFullPathNameW
SetFileAttributesW
SetFileInformationByHandle
SetFileTime
GetTempPathW
AreFileApisANSI
DeviceIoControl
GetModuleHandleW
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSectionEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
InitOnceExecuteOnce
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
DecodePointer
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
SetStdHandle
GetFileType
WriteFile
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
GetCurrentThread
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleOutputCP
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
CreateProcessW
SetConsoleCtrlHandler
GetTimeZoneInformation
OutputDebugStringW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetEndOfFile
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 1024B - Virtual size: 802B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 382KB - Virtual size: 381KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
utils/activities.txt
-
utils/mdldec.exe.exe windows:5 windows x86 arch:x86
c6cf9e5f989bbe3ebcff2ca4c4d4f938
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
G:\Projects\xashoeblya\source code\xash3d-fwgs\build\utils\mdldec\mdldec.pdb
Imports
kernel32
GetFileAttributesA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
SetEndOfFile
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
CloseHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
HeapReAlloc
GetConsoleOutputCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
ReadFile
ReadConsoleW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
MultiByteToWideChar
SetStdHandle
CreateDirectoryW
GetTimeZoneInformation
WideCharToMultiByte
OutputDebugStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetProcessHeap
SetConsoleCtrlHandler
FlushFileBuffers
DecodePointer
HeapSize
WriteConsoleW
Sections
.textbss Size: - Virtual size: 242KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 532KB - Virtual size: 531KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 81KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.00cfg Size: 512B - Virtual size: 270B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
utils/pxstudiomdl.exe.exe windows:6 windows x86 arch:x86
e95114eaec94811339fc63f242dd9822
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
G:\Projects\xashoeblya\source code\PrimeXT\build\utils\pxstudiomdl\pxstudiomdl.pdb
Imports
dbghelp
SymCleanup
SymFromAddr
SymSetOptions
StackWalk64
SymInitialize
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetOptions
SymGetModuleBase64
MiniDumpWriteDump
user32
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
advapi32
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
SystemFunction036
kernel32
OutputDebugStringW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
DecodePointer
CreateDirectoryW
GetFileSizeEx
HeapSize
GetEnvironmentStringsW
SleepConditionVariableSRW
QueryPerformanceFrequency
GlobalAlloc
GlobalLock
QueryPerformanceCounter
GlobalUnlock
SetConsoleTextAttribute
GetStdHandle
WriteFile
Sleep
SetLastError
GetCurrentProcess
SetErrorMode
LocalAlloc
GetCurrentThreadId
GetLastError
CreateFileA
GetCurrentThread
CloseHandle
K32GetModuleBaseNameA
K32GetModuleInformation
GetCurrentProcessId
K32EnumProcessModules
IsDebuggerPresent
SetUnhandledExceptionFilter
GetFileAttributesA
GetFullPathNameA
GetEnvironmentVariableA
WriteConsoleA
FlsAlloc
FlsSetValue
FlsFree
GetProcessTimes
K32GetProcessMemoryInfo
GetCurrentProcessorNumber
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
GetLargePageMinimum
VirtualUnlock
FreeLibrary
GetProcAddress
LoadLibraryA
GetNumaHighestNodeNumber
GetNumaProcessorNode
GetNumaNodeProcessorMask
HeapReAlloc
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEndOfFile
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
WriteConsoleW
InitializeCriticalSectionEx
SetFileInformationByHandle
GetTempPathW
FlsGetValue
InitOnceExecuteOnce
SleepConditionVariableCS
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetFileInformationByHandleEx
CreateSymbolicLinkW
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
FindClose
FindFirstFileExW
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ReadFile
GetConsoleMode
ReadConsoleW
CreateFileW
GetFileType
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
GetFullPathNameW
SetFilePointerEx
GetConsoleOutputCP
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
HeapFree
HeapAlloc
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
SetStdHandle
ws2_32
ntohl
htonl
Sections
.text Size: 754KB - Virtual size: 754KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 67.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 162KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
utils/studiomdl_funnkyhd.exe.exe windows:6 windows x86 arch:x86
ed592603df190f2fd32f20c07845b0b5
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Alin Valentin\Desktop\TENTACION\hl_master\utils\studiomdl\Release\studiomdl.pdb
Imports
kernel32
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
ReadFile
ExitProcess
GetModuleHandleExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
CloseHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
GetStdHandle
WriteFile
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetCurrentThread
GetConsoleCP
SetCurrentDirectoryW
GetCurrentDirectoryW
MultiByteToWideChar
SetStdHandle
WideCharToMultiByte
CreateDirectoryW
DecodePointer
HeapReAlloc
OutputDebugStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetProcessHeap
SetConsoleCtrlHandler
FlushFileBuffers
GetTimeZoneInformation
HeapSize
SetEndOfFile
WriteConsoleW
Sections
.text Size: 415KB - Virtual size: 415KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 67KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 254.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
utils/studiomdl_p2s.exe.exe windows:4 windows x86 arch:x86
92f0af3d4af864db923ec41ac24e44c1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_mkdir
_ftol
_CIpow
_CIacos
_CIasin
_CIfmod
printf
atoi
atof
vsprintf
free
memmove
malloc
realloc
ceil
floor
isdigit
fgets
strtok
sscanf
strncpy
isspace
system
sprintf
calloc
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fprintf
fflush
fclose
fopen
_getcwd
_vsnprintf
isgraph
exit
_close
_read
_lseek
_open
_write
_strdup
_stricmp
kernel32
Sleep
GetStdHandle
WriteFile
SetConsoleTextAttribute
QueryPerformanceCounter
QueryPerformanceFrequency
Sections
.text Size: 160KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 34.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
utils/utility_manifest.json