0e207f0576bcfbe47cef7f31e12e396e7015b5e56dc4d711737344fb405ec0c7

Sharing

Copy URL

Twitter E-mail

General

Target

0e207f0576bcfbe47cef7f31e12e396e7015b5e56dc4d711737344fb405ec0c7
Size

7.8MB
MD5

1abc4c0c1d7e4c7c31ae906d02c79182
SHA1

988aa5d68994c21667c12d4a0cc47447c1c6b432
SHA256

0e207f0576bcfbe47cef7f31e12e396e7015b5e56dc4d711737344fb405ec0c7
SHA512

be4e54e9986458e06de10b97f46081981e050f7ef1de7c07cb45261fc99092194c8aa6a464b97093f672e96ae560e9333d863b108a82f20093a8b7f79f0aadd3
SSDEEP

49152:NmEHZPET1oabOAi/KTof5iOhct/nkvjrc65Fq9uv6DUom/naWbdmM/6yY6notlKK:NmX/fGXg0CjKHGySxZ+8DgMO1i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e207f0576bcfbe47cef7f31e12e396e7015b5e56dc4d711737344fb405ec0c7

Files

0e207f0576bcfbe47cef7f31e12e396e7015b5e56dc4d711737344fb405ec0c7
.exe windows:6 windows x86 arch:x86

23afbd50c5abb1d2dfd9e5c34b6acb44

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\micky\Downloads\PvZ-QotL-Widescreen-wide-v2.0\PvZ-QotL-Widescreen-wide-v2.0\Debug\LawnProject.pdb

Imports

kernel32

DeleteFileA
SetErrorMode
InitializeCriticalSection
DeleteCriticalSection
Sleep
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
GetVersionExA
VirtualProtect
VirtualQuery
GetModuleFileNameA
IsBadWritePtr
GetWindowsDirectoryA
GetCommandLineA
WaitForSingleObject
CreateMutexA
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
SetEndOfFile
RemoveDirectoryW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
CreateDirectoryW
MoveFileExW
DeleteFileW
CreatePipe
GetFileAttributesExW
GetExitCodeProcess
GetProcessHeap
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
FlushFileBuffers
GetTimeZoneInformation
SetFilePointerEx
GetFileSizeEx
FileTimeToSystemTime
ReadConsoleW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
IsThreadAFiber
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetConsoleCtrlHandler
OutputDebugStringW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableW
GetLocalTime
GetFullPathNameW
GetDriveTypeW
CreateProcessW
DuplicateHandle
GetSystemInfo
HeapValidate
HeapAlloc
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
CompareStringEx
MulDiv
GetSystemDirectoryA
LeaveCriticalSection
EnterCriticalSection
GetFileTime
SetUnhandledExceptionFilter
RaiseException
OutputDebugStringA
GetFileAttributesExA
CompareFileTime
GetFileSize
FindNextFileA
FindFirstFileA
FindClose
CreateFileA
GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
QueryPerformanceFrequency
QueryPerformanceCounter
MapViewOfFile
CreateFileMappingA
GetTickCount
IsDebuggerPresent
MultiByteToWideChar
lstrlenW
GetModuleFileNameW
GetCurrentProcessId
WaitNamedPipeW
PeekNamedPipe
CreateFileW
GetLastError
CloseHandle
WriteFile
ReadFile
GetConsoleOutputCP
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
GetLocaleInfoEx
LocalFree
CreateSymbolicLinkW
GetFileInformationByHandleEx
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
FreeLibraryWhenCallbackReturns
GetTickCount64
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
InitOnceExecuteOnce
InitializeCriticalSectionEx
GetTempPathW
SetFileInformationByHandle
WideCharToMultiByte
FormatMessageA
WakeConditionVariable
TryAcquireSRWLockExclusive
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
InitializeSListHead
GetSystemTimeAsFileTime
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW

user32

MoveWindow
GetSystemMetrics
DrawTextExA
GetDC
ReleaseDC
GetActiveWindow
AdjustWindowRectEx
ClientToScreen
FillRect
OffsetRect
EnumDisplaySettingsA
GetWindowInfo
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
SetCursor
SendMessageA
DefWindowProcA
RegisterClassA
CreateWindowExA
MessageBoxA
GetClientRect
CreateWindowExW
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
CreateCaret
GetCursor
SystemParametersInfoA
ChangeDisplaySettingsA
DestroyCursor
CreateCursor
GetClassNameA
EnumWindows
EnumChildWindows
SetWindowLongA
GetWindowLongA
WindowFromPoint
ScreenToClient
GetCursorPos
SetCursorPos
GetWindowRect
EndPaint
BeginPaint
SetForegroundWindow
ReleaseCapture
SetCapture
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgItem
EndDialog
DialogBoxIndirectParamA
IsIconic
IsWindowVisible
GetWindowPlacement
DefWindowProcW
PostMessageA
PeekMessageA
RegisterWindowMessageA
LoadIconA
GetSysColorBrush
MessageBoxW
AdjustWindowRect
GetWindowTextA
SetWindowTextA
SetTimer
SetFocus
ShowWindow
DestroyWindow

gdi32

SelectClipRgn
CreateRectRgn
GetTextExtentPoint32A
GdiFlush
TextOutA
GetObjectA
CreateDIBSection
GetTextMetricsA
SetTextColor
StretchBlt
SetBkMode
SelectObject
Rectangle
IntersectClipRect
GetStockObject
GetDeviceCaps
DeleteObject
DeleteDC
CreateFontA
CreateFontIndirectA
CreateCompatibleDC
BitBlt

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize

oleaut32

VariantChangeType
VariantInit
VariantClear
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SysAllocString
SysFreeString

winmm

mixerGetLineInfoA
mixerSetControlDetails
mixerGetControlDetailsA
PlaySoundA
timeGetTime
timeBeginPeriod
timeEndPeriod
mixerGetDevCapsA
mixerOpen
mixerClose
mixerGetLineControlsA

ws2_32

recv
WSAGetLastError
WSACleanup
__WSAFDIsSet
closesocket
connect
ioctlsocket
htons
inet_addr
gethostbyname
select
send
socket
WSAStartup

Sections

.text
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 643KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fptable
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23afbd50c5abb1d2dfd9e5c34b6acb44

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

ws2_32

Sections

.text Size: 6.7MB - Virtual size: 6.7MB

.rdata Size: 643KB - Virtual size: 643KB

.data Size: 64KB - Virtual size: 937KB

.idata Size: 10KB - Virtual size: 10KB

.tls Size: 1024B - Virtual size: 777B

.00cfg Size: 512B - Virtual size: 270B

.fptable Size: 512B - Virtual size: 409B

.rsrc Size: 204KB - Virtual size: 203KB

.reloc Size: 154KB - Virtual size: 154KB

.text
Size: 6.7MB - Virtual size: 6.7MB

.rdata
Size: 643KB - Virtual size: 643KB

.data
Size: 64KB - Virtual size: 937KB

.idata
Size: 10KB - Virtual size: 10KB

.tls
Size: 1024B - Virtual size: 777B

.00cfg
Size: 512B - Virtual size: 270B

.fptable
Size: 512B - Virtual size: 409B

.rsrc
Size: 204KB - Virtual size: 203KB

.reloc
Size: 154KB - Virtual size: 154KB