D:\Devops\agent\workspace\p-111758179e0043a5b011650a32a71ea0\src\TGBDownloader\Output\TGBDownloader\Release\TGBDownloader.pdb
Static task
static1
Behavioral task
behavioral1
Sample
GLP_installer_900223152_com.activision.callofduty.shooter.exe
Resource
win10v2004-20240802-en
General
-
Target
GLP_installer_900223152_com.activision.callofduty.shooter.exe
-
Size
3.6MB
-
MD5
ffdae295997fa24ba82bfbbf8a264e08
-
SHA1
e716d310d8dc7ca56785e432226aef621eb16afc
-
SHA256
5ad1c96fb46f820479d9244c0f7d33a76924263c7a19f1a217926863cd932dfa
-
SHA512
810bb8ccaed219451fb94a277b7b9d1f422392575de4e055b042d4221a65d4e37607dae66c32f2d7daf4cc41afcee9ab672f5861833de42b2db8f36fd710e55f
-
SSDEEP
49152:7H+h/5pzoJmJ2cey6mfoMm5WMzktmR2Gg2u2qtbMvlvLWH9WAKHRPCpTpH6XePDx:7H+hIMYceyboMYYtmReAAqdXPqn
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource GLP_installer_900223152_com.activision.callofduty.shooter.exe
Files
-
GLP_installer_900223152_com.activision.callofduty.shooter.exe.exe windows:5 windows x86 arch:x86
edf81f35a58fa4c5a6421941bbe9a966
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
psapi
GetModuleFileNameExA
ws2_32
ntohl
htons
WSAStartup
WSAGetLastError
__WSAFDIsSet
select
shutdown
connect
recv
send
socket
ioctlsocket
setsockopt
closesocket
gethostbyname
htonl
WSACleanup
kernel32
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
EnterCriticalSection
LeaveCriticalSection
DuplicateHandle
SetErrorMode
TerminateProcess
RaiseException
GetFileTime
GetCurrentDirectoryW
SetCurrentDirectoryW
GetTempPathW
CopyFileW
GetFileAttributesW
GetFileSizeEx
GetTempPathA
LocalFree
TerminateThread
FreeResource
GetUserDefaultUILanguage
DecodePointer
ProcessIdToSessionId
OpenMutexW
CreateMutexW
GetLogicalDrives
GetDriveTypeW
DeviceIoControl
FindFirstFileW
RemoveDirectoryW
MoveFileExW
FindNextFileW
FindClose
GetExitCodeProcess
IsDBCSLeadByte
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryW
SetFileTime
GetFullPathNameW
SetEndOfFile
SetFilePointerEx
CreateFileA
SwitchToThread
CreateDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetVersionExW
LoadLibraryA
GetSystemDefaultLangID
OpenProcess
SleepEx
CreateMutexA
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
UnlockFileEx
HeapValidate
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
FlushViewOfFile
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
FlushFileBuffers
GetStdHandle
GetFileType
GlobalMemoryStatus
FlushConsoleInputBuffer
MulDiv
GetACP
lstrlenW
GlobalUnlock
ExitProcess
VerifyVersionInfoW
VerSetConditionMask
GlobalAlloc
lstrcpyW
lstrcmpiW
IsValidCodePage
SetStdHandle
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetConsoleCP
ReadConsoleW
SetEnvironmentVariableA
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
GetModuleHandleExW
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
ResetEvent
IsDebuggerPresent
LCMapStringW
CompareStringW
GetCPInfo
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
QueryPerformanceFrequency
FindFirstFileExW
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThread
GetStringTypeW
EncodePointer
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetSystemDirectoryW
GetEnvironmentVariableW
GetLocaleInfoW
GetPrivateProfileSectionW
GetPrivateProfileIntW
GlobalLock
SetUnhandledExceptionFilter
GetPrivateProfileStringW
GetCommandLineW
GetSystemInfo
GetDiskFreeSpaceExW
GlobalMemoryStatusEx
OutputDebugStringW
IsProcessorFeaturePresent
PeekNamedPipe
CreateProcessA
CreatePipe
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryW
FreeLibrary
InterlockedExchangeAdd
GetTickCount
GetFileAttributesExW
GetLocalTime
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
MoveFileW
DeleteFileW
SetFilePointer
SetEvent
WaitForSingleObject
CreateEventW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
Sleep
InterlockedExchange
InterlockedCompareExchange
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
GetCurrentThreadId
GlobalFree
MultiByteToWideChar
GetCurrentProcess
GetFileSize
WriteFile
ReadFile
GetLastError
GetModuleHandleW
GetProcAddress
CreateFileW
CloseHandle
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
GetModuleHandleA
user32
GetWindowTextW
InvalidateRgn
wsprintfW
EnumDisplayDevicesW
GetDC
MonitorFromWindow
GetMonitorInfoW
ReleaseDC
DestroyWindow
DefWindowProcW
GetSystemMetrics
MessageBoxW
GetWindowTextLengthW
SetWindowTextW
IsWindowEnabled
DestroyMenu
TrackPopupMenu
InvalidateRect
IsWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
IsRectEmpty
IntersectRect
PtInRect
SetCursor
LoadCursorW
CreateAcceleratorTableW
OffsetRect
InflateRect
UnionRect
SendMessageW
GetWindowRect
ScreenToClient
GetKeyState
GetClientRect
SetWindowPos
GetWindowLongW
SetWindowLongW
IsIconic
GetActiveWindow
GetWindow
SetFocus
BeginPaint
EndPaint
GetUpdateRect
IsWindowVisible
MapWindowPoints
CreateWindowExW
GetCursorPos
ReleaseCapture
GetSysColor
GetMessageW
EnableMenuItem
AppendMenuW
CreatePopupMenu
GetCaretBlinkTime
TranslateMessage
DispatchMessageW
IsZoomed
PostMessageW
GetFocus
SetTimer
KillTimer
SetCapture
GetParent
LoadImageW
SetWindowRgn
ShowWindow
EnableWindow
PostQuitMessage
RegisterClassW
GetClassInfoExW
RegisterClassExW
GetGUIThreadInfo
SetForegroundWindow
MapVirtualKeyExW
GetKeyNameTextW
CharNextW
CallWindowProcW
SetPropW
ClientToScreen
SetCaretPos
GetCaretPos
HideCaret
ShowCaret
GetPropW
EqualRect
FillRect
CreateCaret
GetWindowRgn
UpdateLayeredWindow
MoveWindow
CharPrevW
DrawTextW
SetRect
GetKeyboardLayout
gdi32
SelectClipRgn
CreateRoundRectRgn
PlayEnhMetaFile
GetEnhMetaFileHeader
CreateDIBitmap
AddFontMemResourceEx
GetTextMetricsW
CloseEnhMetaFile
CreateEnhMetaFileW
SetWindowOrgEx
Rectangle
RestoreDC
BitBlt
SaveDC
SelectObject
CreateCompatibleDC
CombineRgn
RemoveFontMemResourceEx
CreatePen
GetClipBox
GetStockObject
GetObjectW
GetObjectA
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
CreateDIBSection
StretchBlt
CreateRectRgn
SetStretchBltMode
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
PtInRegion
CreatePatternBrush
CreateRectRgnIndirect
CreateFontIndirectW
ExtSelectClipRgn
GetBitmapBits
SetBitmapBits
SetBkMode
SetTextColor
SetBkColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
DeleteDC
GdiFlush
advapi32
RegQueryValueExA
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
RegOpenKeyExA
shell32
SHCreateDirectoryExW
ord165
ShellExecuteExW
SHChangeNotify
SHGetPathFromIDListW
DragQueryFileW
SHGetSpecialFolderPathW
SHGetFolderPathA
CommandLineToArgvW
SHBrowseForFolderW
ole32
ReleaseStgMedium
CreateStreamOnHGlobal
RegisterDragDrop
DoDragDrop
OleDuplicateData
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
CoTaskMemFree
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
OleLockRunning
comctl32
ord17
_TrackMouseEvent
gdiplus
GdipDrawString
GdipMeasureString
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipDrawImageRectI
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipCloneStringFormat
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipSetTextRenderingHint
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipDrawRectangleI
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipFillRectangleI
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteGraphics
GdipCreateFromHDC
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromStream
GdiplusShutdown
GdiplusStartup
GdipSetPenMode
GdipRotateWorldTransform
GdipSetStringFormatTrimming
imm32
ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
winhttp
WinHttpWriteData
WinHttpSetOption
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpCloseHandle
WinHttpOpen
shlwapi
PathFileExistsW
PathRemoveFileSpecW
PathAddBackslashW
PathRemoveFileSpecA
PathIsDirectoryW
d3d9
Direct3DCreate9
version
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
netapi32
Netbios
Sections
.text Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 536KB - Virtual size: 535KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 65KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.QMGuid Size: 512B - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 377KB - Virtual size: 376KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ