Big Adventure\Big City Adventure 1 San Francisco\BigCityAdventureSF[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Big Adventure\Big City Adventure 1 San Francisco\BigCityAdventureSF.exe
Size

812KB
MD5

39bd0eb74cdfe94cd95f2832e98ff7d3
SHA1

f18241869def1f3ddd1d832ad432b9a14dbc8bc3
SHA256

16c7764882e8db7cb022c0a0346dfb2f70d799c9a0820be86fac2cb16a96caa2
SHA512

3188daf8e1b57022d85d7fc556c0839a798c71ae090c483165532e7c9099a132a7511d253f2fbc6119400059b136b402873075a3a833e6fd45a7516e6164cab1
SSDEEP

12288:AnNQSVLJGzFIquWJlnsEDifnJ2KghSOUZ9g61p44LiVM:KNQULJGzFzJ1sEDifJOhSVI+e4e2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Big Adventure\Big City Adventure 1 San Francisco\BigCityAdventureSF.exe

Files

Big Adventure\Big City Adventure 1 San Francisco\BigCityAdventureSF.exe
.exe windows:4 windows x86 arch:x86

Password: infected

15552534957bdefc9bc6a0c26939bc35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

bass

BASS_ChannelIsActive
BASS_SampleStop
BASS_ChannelSlideAttributes
BASS_SampleGetChannel
BASS_ChannelStop
BASS_ChannelSetSync
BASS_ChannelPlay
BASS_ChannelPause
BASS_ChannelSetAttributes
BASS_SampleLoad
BASS_Free
BASS_Init
BASS_SampleFree
BASS_StreamCreateFile
BASS_StreamFree

winmm

timeGetTime

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

FindClose
FindNextFileA
FindFirstFileA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
LoadLibraryA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
GetTickCount
MulDiv
InterlockedIncrement
InterlockedDecrement
lstrlenA
GetNumberFormatA
GetLocaleInfoA
GetTimeFormatA
CreateMutexA
lstrcpynA
FreeLibrary
CreateFileA
CreateDirectoryA
LocalFree
CloseHandle
SetFilePointer
ReadFile
GetFileSize
Sleep
GlobalUnlock
GlobalLock
lstrcpyA
GlobalFree
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
GetCurrentThreadId
OutputDebugStringA
GetLocalTime
FormatMessageA
VirtualQuery
GetCurrentThread
lstrcatA
FileTimeToSystemTime
GetFileTime
GetSystemDirectoryA
GetProcessHeap
GetProcAddress
GetFileAttributesA
lstrcmpiA
lstrcmpA
DeleteFileA
RaiseException
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr
SetEndOfFile

user32

ReleaseDC
GetDC
GetSystemMetrics
PostQuitMessage
ShowWindow
IsIconic
SetForegroundWindow
FindWindowA
MessageBeep
IsCharAlphaNumericA
RegisterClassA
LoadIconA
KillTimer
LoadCursorA
LoadImageA
ScreenToClient
GetCursorPos
SetCapture
ReleaseCapture
SetTimer
CloseClipboard
GetClipboardData
OpenClipboard
SetClipboardData
EmptyClipboard
GetKeyState
EqualRect
FillRect
GetClientRect
CallWindowProcA
SetCursor
DefWindowProcA
GetWindowLongA
SetDlgItemTextA
SetWindowLongA
CreateWindowExA
MessageBoxA
EnumThreadWindows
ChangeDisplaySettingsA
wvsprintfA
DefDlgProcA
EndDialog
SendDlgItemMessageA
DialogBoxIndirectParamA
SetWindowPos
GetWindowRect
ClientToScreen
UpdateWindow
WindowFromPoint
GetMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
LoadStringA
InflateRect
UnionRect
OffsetRect
IntersectRect
CopyRect
SetRect
PtInRect
PeekMessageA

shell32

ShellExecuteA

gdi32

GetStockObject
GetDeviceCaps

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegDeleteKeyA

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

15552534957bdefc9bc6a0c26939bc35

Headers

File Characteristics

Imports

bass

winmm

version

kernel32

user32

shell32

gdi32

advapi32

Sections

.text Size: 528KB - Virtual size: 527KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 52KB - Virtual size: 67KB

.rsrc Size: 180KB - Virtual size: 178KB

.text
Size: 528KB - Virtual size: 527KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 52KB - Virtual size: 67KB

.rsrc
Size: 180KB - Virtual size: 178KB