Big Adventure\Big City Adventure 7 Tokyo\BigCityAdventureTokyo[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Big Adventure\Big City Adventure 7 Tokyo\BigCityAdventureTokyo.exe
Size

1.5MB
MD5

dbf965eab7cb59b9da10523d0ca3a22b
SHA1

d6dd767f933a524674970a35c5c6f94eb1806850
SHA256

b55943546fa678bdf739d971295155685feee8653c3bc85d6ca75f66cfc456a0
SHA512

b1b5e3d20fc34c4196e49c1e5920862960eecaf0081aa6d6101877e0c1eeadd2136ffc065ee02a1cd7480514dbe9986af4dcf29fd13aa0e8d07552c200cf9fea
SSDEEP

24576:D61RjCWj05oZMWcPi2HbYPpbAsN3Ocupb30hSji23Y+aklAtQWvfm7sY9Sg:O7zbAO3du930Sji23Y+NlApfmwYYg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Big Adventure\Big City Adventure 7 Tokyo\BigCityAdventureTokyo.exe

Files

Big Adventure\Big City Adventure 7 Tokyo\BigCityAdventureTokyo.exe
.exe windows:4 windows x86 arch:x86

Password: infected

1ebbd0c33b4a638fd4e66a156b22b216

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\_CCode\BCATokyo\BigCityAdventureTokyo.pdb

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

bass

BASS_ChannelSetAttributes
BASS_SampleGetChannel
BASS_ChannelPlay
BASS_ChannelPause
BASS_ChannelIsActive
BASS_ChannelSlideAttributes
BASS_SampleStop
BASS_StreamCreateFile
BASS_SampleLoad
BASS_ChannelGetLength
BASS_ChannelSeconds2Bytes
BASS_ChannelSetSync
BASS_ChannelSetPosition
BASS_ChannelRemoveSync
BASS_ChannelStop
BASS_ChannelIsSliding
BASS_Free
BASS_Init
BASS_StreamFree
BASS_SampleFree

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateFontIndirectA
AddFontMemResourceEx
RemoveFontMemResourceEx
GetStockObject
DeleteDC
GetGlyphIndicesA
GetGlyphOutline
GetTextMetricsA
DeleteObject
SelectObject

kernel32

GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLastError
RaiseException
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameA
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
LockResource
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
HeapFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryA
GetLocaleInfoA
FreeLibrary
InitializeCriticalSection
RtlUnwind
LCMapStringA
LCMapStringW
GetTimeFormatA
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetNumberFormatA
lstrcpy
OutputDebugStringA
CreateFileA
SetFilePointer
GetLocalTime
FindResourceA
SizeofResource
LoadResource
CreateMutexA
CreateDirectoryA
LocalFree
CloseHandle
ReadFile
GetFileSize
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
FormatMessageA
VirtualQuery
lstrcat
GetSystemDirectoryA
GetFileTime
FileTimeToSystemTime
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
lstrlen
lstrcpyn
MulDiv
FindClose
FindNextFileA
FindFirstFileA
GetTickCount
GetFileAttributesA
lstrcmpi
lstrcmp
DeleteFileA
GetSystemTimeAsFileTime
SetEndOfFile

shell32

ShellExecuteA

user32

SetClipboardData
WindowFromPoint
SetTimer
ClientToScreen
KillTimer
LoadImageA
LoadCursorA
OpenClipboard
GetClipboardData
CloseClipboard
GetCursorPos
ScreenToClient
SetCapture
DefWindowProcA
GetWindowLongA
SetCursor
CallWindowProcA
SetDlgItemTextA
CreateWindowExA
SetWindowLongA
DestroyWindow
MessageBoxA
ReleaseCapture
SendDlgItemMessageA
EndDialog
DialogBoxIndirectParamA
ChangeDisplaySettingsA
EnumThreadWindows
wvsprintfA
GetClientRect
FillRect
GetWindowRect
LoadIconA
IsCharAlphaNumericA
EqualRect
MessageBeep
GetKeyState
ShowWindow
SystemParametersInfoA
ReleaseDC
UpdateWindow
GetSystemMetrics
IsIconic
SetForegroundWindow
FindWindowA
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
PostQuitMessage
EmptyClipboard
DefDlgProcA
SetRect
PtInRect
IntersectRect
CopyRect
OffsetRect
LoadStringA
InflateRect
GetDC
UnionRect
RegisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeGetTime

Sections

.text
Size: 916KB - Virtual size: 913KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

1ebbd0c33b4a638fd4e66a156b22b216

Headers

File Characteristics

PDB Paths

Imports

advapi32

bass

gdi32

kernel32

shell32

user32

version

winmm

Sections

.text Size: 916KB - Virtual size: 913KB

.rdata Size: 152KB - Virtual size: 150KB

.data Size: 60KB - Virtual size: 732KB

.rsrc Size: 364KB - Virtual size: 361KB

.text
Size: 916KB - Virtual size: 913KB

.rdata
Size: 152KB - Virtual size: 150KB

.data
Size: 60KB - Virtual size: 732KB

.rsrc
Size: 364KB - Virtual size: 361KB