Big Adventure\Big City Adventure 4 Vancouver\BigCityAdventureVan[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Big Adventure\Big City Adventure 4 Vancouver\BigCityAdventureVan.exe
Size

1.7MB
MD5

198a4d5c4f012b5bb29f8c0994cc1881
SHA1

5e0e908a7fdbbba23cbbaafab8b73f0ee450eec8
SHA256

51b8573194358c217973680bf626b5ccef54288b768b84f55faaad0cc609216c
SHA512

2153a67e3a9f0ca3b6cdeebd72b9e66e1d15cf852c2b62411cdac3e226a17d50172094dd6be14120d9465edae756d7056c8a29e23c3e3b960a27faf90e5c6f78
SSDEEP

49152:1InxTcPcPFug1z3LT3cVlYe11rBSPx0RL:KxYP4ggZn0l3rFSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Big Adventure\Big City Adventure 4 Vancouver\BigCityAdventureVan.exe

Files

Big Adventure\Big City Adventure 4 Vancouver\BigCityAdventureVan.exe
.exe windows:4 windows x86 arch:x86

Password: infected

a121a4917857c5486c9756706327599f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\_CCode\BCAVancouver\BigCityAdventureVan.pdb

Imports

bass

BASS_ChannelIsActive
BASS_ChannelSlideAttributes
BASS_SampleStop
BASS_StreamCreateFile
BASS_ChannelPause
BASS_ChannelSeconds2Bytes
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelStop
BASS_ChannelRemoveSync
BASS_ChannelPlay
BASS_SampleGetChannel
BASS_ChannelSetAttributes
BASS_SampleLoad
BASS_Free
BASS_Init
BASS_StreamFree
BASS_SampleFree

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetLocaleInfoA
FreeLibrary
InitializeCriticalSection
RtlUnwind
GetTimeFormatA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetNumberFormatA
CreateMutexA
FindResourceA
SizeofResource
LoadResource
LockResource
OutputDebugStringA
CreateFileA
SetFilePointer
GetLocalTime
CreateDirectoryA
LocalFree
CloseHandle
ReadFile
GetFileSize
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
lstrcpyA
GetSystemDirectoryA
GetFileTime
FileTimeToSystemTime
lstrcatA
FormatMessageA
VirtualQuery
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
lstrcpynA
lstrlenA
MulDiv
FindClose
FindNextFileA
FindFirstFileA
GetTickCount
GetFileAttributesA
lstrcmpiA
lstrcmpA
DeleteFileA
DeleteCriticalSection
SetEndOfFile

user32

ShowWindow
MessageBeep
EqualRect
IsCharAlphaNumericA
LoadIconA
RegisterClassA
WindowFromPoint
ClientToScreen
SetTimer
KillTimer
LoadImageA
LoadCursorA
OpenClipboard
GetClipboardData
CloseClipboard
GetCursorPos
ScreenToClient
SetCapture
EmptyClipboard
SetClipboardData
ReleaseCapture
DefWindowProcA
GetWindowLongA
SetCursor
CallWindowProcA
SetDlgItemTextA
UpdateWindow
CreateWindowExA
SetWindowLongA
DestroyWindow
MessageBoxA
GetClientRect
FillRect
GetWindowRect
DefDlgProcA
SendDlgItemMessageA
EndDialog
DialogBoxIndirectParamA
ChangeDisplaySettingsA
EnumThreadWindows
wvsprintfA
ReleaseDC
GetDC
GetSystemMetrics
IsIconic
SetForegroundWindow
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
PostQuitMessage
InflateRect
GetKeyState
SetRect
PtInRect
IntersectRect
CopyRect
OffsetRect
UnionRect
LoadStringA
SystemParametersInfoA

gdi32

GetStockObject
GetDeviceCaps

advapi32

RegDeleteKeyA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA

shell32

ShellExecuteA

winmm

timeGetTime

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 768KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 730KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 764KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

a121a4917857c5486c9756706327599f

Headers

File Characteristics

PDB Paths

Imports

bass

kernel32

user32

gdi32

advapi32

shell32

winmm

version

Sections

.text Size: 768KB - Virtual size: 766KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 56KB - Virtual size: 730KB

.rsrc Size: 764KB - Virtual size: 760KB

.text
Size: 768KB - Virtual size: 766KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 56KB - Virtual size: 730KB

.rsrc
Size: 764KB - Virtual size: 760KB