\x\\iw4mp.pdb
Static task
static1
1 signatures
General
-
Target
codzw.exe
-
Size
3.7MB
-
MD5
72d20ac3c9225b77a03bbe8b76aacded
-
SHA1
3e836d53367a68adde8550f872b32aee81670d01
-
SHA256
289a55ac06174a7a161023f9c8218ba1c5e0f26768c1b73d7570227e289aa6e4
-
SHA512
abd71a80c0233f2577451032cf857fa622e4008d708b62f81ae4f74bacad53a0a6c75c4c1c1b569586b6f744c28b982bb822f78a09bf970312b974bf9f667c92
-
SSDEEP
98304:dGH10A+iaKQciC2N1XsemQ3MGlv5bNEmlBV4qCxD:dGV0A+iaKFiC2N1XsvAB5Dls
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource codzw.exe
Files
-
codzw.exe.exe windows:4 windows x86 arch:x86
11360ee8ca16c11c955b75083a9ed974
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
winmm
timeGetTime
mixerGetLineControlsA
mixerClose
mixerGetLineInfoA
mixerOpen
mixerGetNumDevs
waveInGetNumDevs
mixerSetControlDetails
timeBeginPeriod
timeEndPeriod
mixerGetControlDetailsA
wsock32
sendto
closesocket
bind
htons
setsockopt
inet_ntoa
socket
recv
send
connect
ntohl
gethostname
WSACleanup
WSASetLastError
getsockopt
accept
listen
__WSAFDIsSet
WSAGetLastError
gethostbyname
ioctlsocket
ntohs
recvfrom
WSAStartup
getsockname
inet_addr
select
htonl
codzw.dll....
SteamMatchmaking
SteamGameServer
SteamNetworking
SteamRemoteStorage
SteamAPI_RegisterCallResult
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamUser
SteamAPI_RunCallbacks
SteamGameServer_Shutdown
SteamMasterServerUpdater
SteamGameServer_Init
SteamUtils
SteamAPI_Init
SteamAPI_Shutdown
SteamFriends
SteamAPI_RegisterCallback
SteamGameServer_RunCallbacks
mss32
_AIL_stop_sample@4
_AIL_end_sample@4
_AIL_set_DirectSound_HWND@8
_AIL_stream_sample_handle@4
_AIL_set_sample_3D_position@16
_AIL_digital_CPU_percent@4
_AIL_shutdown@0
_AIL_startup@0
_AIL_set_sample_processor@12
_AIL_sample_processor@8
_AIL_sample_stage_property@24
_AIL_find_filter@8
_AIL_open_filter@8
_AIL_allocate_sample_handle@4
_AIL_init_sample@12
_AIL_set_stream_loop_count@8
_AIL_resume_sample@4
_AIL_size_processed_digital_audio@16
_AIL_process_digital_audio@24
_AIL_set_sample_info@8
_AIL_set_sample_loop_count@8
_AIL_set_sample_ms_position@8
_AIL_set_file_callbacks@16
_AIL_set_redist_directory@4
_AIL_set_3D_distance_factor@8
_AIL_set_3D_rolloff_factor@8
_AIL_set_speaker_configuration@16
_AIL_sample_playback_rate@4
_AIL_stream_ms_position@12
_AIL_last_error@0
_AIL_open_stream@12
_AIL_close_stream@4
_AIL_pause_stream@8
_AIL_set_sample_reverb_levels@12
_AIL_sample_channel_levels@8
_AIL_stream_info@20
_AIL_set_sample_3D_distances@16
_AIL_set_preference@8
_AIL_set_sample_playback_rate@8
_AIL_set_stream_ms_position@8
_AIL_open_digital_driver@16
_AIL_speaker_configuration@20
_AIL_set_room_type@8
_AIL_sample_volume_levels@12
_AIL_set_sample_volume_levels@12
_AIL_sample_ms_position@12
_AIL_sample_volume_pan@12
_AIL_sample_3D_position@16
_AIL_sample_status@4
_AIL_set_sample_channel_levels@12
_AIL_stream_status@4
binkw32
_BinkOpenMiles@4
_BinkGetFrameBuffersInfo@8
_BinkSetIOSize@4
_BinkPause@8
_BinkSetMixBinVolumes@20
_BinkRegisterFrameBuffers@8
_BinkSetError@4
_BinkSetSoundTrack@8
_BinkOpen@8
_BinkGetError@0
_BinkControlBackgroundIO@8
_BinkNextFrame@4
_BinkGetRealtime@12
_BinkSetSoundSystem@8
_BinkSetMemory@8
_BinkDoFrame@4
_BinkWait@4
_BinkGetRects@8
_BinkClose@4
d3d9
Direct3DCreate9
dsound
ord11
ord6
powrprof
CallNtPowerInformation
kernel32
GetConsoleMode
GetConsoleCP
SetHandleCount
DeleteCriticalSection
HeapCreate
HeapDestroy
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
ExitThread
GetStartupInfoA
GetCommandLineA
CreateDirectoryA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetEnvironmentStrings
HeapReAlloc
RtlUnwind
GetDriveTypeA
FileTimeToLocalFileTime
MoveFileA
VirtualQuery
ExpandEnvironmentStringsA
LoadLibraryA
FreeLibrary
GetStdHandle
GetFileType
PeekNamedPipe
TerminateThread
GetExitCodeThread
CreateMutexA
WaitForMultipleObjects
ReleaseMutex
FindNextFileA
FindFirstFileA
FindClose
GlobalMemoryStatusEx
FreeEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsA
OpenEventA
OpenFileMappingA
CreateSemaphoreA
CreateFileMappingA
MapViewOfFile
GetModuleHandleExA
SetEnvironmentVariableW
TerminateProcess
GetFullPathNameA
ReleaseSemaphore
SetLastError
InterlockedExchange
InterlockedExchangeAdd
GetFileSize
GetLastError
ReadFileEx
SleepEx
CloseHandle
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
Sleep
GetCurrentThreadId
SetEvent
ResetEvent
CreateEventA
WaitForSingleObject
GetProcessAffinityMask
GetCurrentProcess
DuplicateHandle
GetCurrentThread
SetThreadPriority
RaiseException
CreateThread
SuspendThread
ResumeThread
SetThreadAffinityMask
GetThreadPriority
SetFileAttributesA
GetFileAttributesA
VirtualAlloc
VirtualFree
CreateFileA
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleFileNameA
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GlobalMemoryStatus
GetProcAddress
SetProcessAffinityMask
GetSystemInfo
FormatMessageA
GlobalUnlock
GlobalSize
GlobalLock
GetVersionExA
Module32Next
Module32First
CreateToolhelp32Snapshot
OpenProcess
WriteFile
ReadFile
GetCurrentProcessId
DeleteFileA
SetErrorMode
GetSystemTime
SystemTimeToFileTime
MulDiv
SetPriorityClass
SetThreadExecutionState
GetCurrentDirectoryA
OutputDebugStringA
GetSystemTimeAsFileTime
HeapFree
GetProcessHeap
lstrcmpiW
CreateFileW
GetFileInformationByHandle
GetFullPathNameW
HeapAlloc
HeapSize
GetTimeZoneInformation
GetComputerNameA
GetTickCount
ExitProcess
FileTimeToSystemTime
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
UnmapViewOfFile
LockResource
LoadResource
SizeofResource
FindResourceW
GetConsoleWindow
GetCurrentDirectoryW
GetEnvironmentStringsW
GetCommandLineW
GetStartupInfoW
user32
LoadCursorA
IsWindow
EnumDisplayMonitors
AdjustWindowRectEx
MonitorFromPoint
MessageBoxA
SetWindowLongA
GetWindowLongA
GetWindowTextA
ReleaseDC
GetDC
GetDesktopWindow
EnumThreadWindows
ChangeDisplaySettingsA
GetActiveWindow
SetCursorPos
GetWindowRect
SetFocus
GetForegroundWindow
ScreenToClient
GetCursorPos
ClientToScreen
ShowCursor
PostMessageA
ShowWindow
TranslateMessage
DispatchMessageA
GetMessageA
CloseClipboard
GetClipboardData
OpenClipboard
RegisterClassExA
PeekMessageA
LoadIconA
SetWindowPos
AdjustWindowRect
SendMessageA
CreateWindowExA
LoadImageA
GetSystemMetrics
RegisterClassA
DefWindowProcA
UpdateWindow
DestroyWindow
PostQuitMessage
CallWindowProcA
SetWindowTextA
CloseWindow
CallNextHookEx
GetAsyncKeyState
UnhookWindowsHookEx
SetWindowsHookExA
SystemParametersInfoA
MapVirtualKeyA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
RegisterWindowMessageA
gdi32
SetDeviceGammaRamp
CreateFontA
GetDeviceCaps
CreateSolidBrush
advapi32
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExA
RegOpenKeyA
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryValueExW
shell32
ShellExecuteA
ole32
StringFromGUID2
ddraw
DirectDrawCreateEx
DirectDrawEnumerateExA
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 760KB - Virtual size: 757KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 56KB - Virtual size: 104.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 4KB - Virtual size: 37B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.version Size: 4KB - Virtual size: 4B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 92KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ