Subway Surfers[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Subway Surfers.exe
Size

8.7MB
MD5

f43c3eeca7a4813d0ca3a667505124a2
SHA1

3eacc14671e4a54a1d834b243aff28b4a7b57799
SHA256

892e5e86615a3579babdacf8b989190a53759d9268f2037882653aa072c8cd2c
SHA512

6dc2cec0295604b8e47b0b2150ca8f71c5104e41ed70ae2bffd6be073bd0a56425a48128e44e85c2af38797817c1bbe7d87399f5e5976db702d1c5f29516311e
SSDEEP

196608:nsV+/bRu/R9X49Lj4FM40m/j22jqHtbn9kMFcbo2NirKqwgi:tY/vo9LsFM40m/j22CqboKig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Subway Surfers.exe

Files

Subway Surfers.exe
.exe windows:5 windows x86 arch:x86

76d0993732f4bd9712f43fe5a4d927fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BuildAgent\work\14194e8ce88cdf47\build\WindowsStandalonePlayer\UnityPlayer_Symbols.pdb

Imports

kernel32

SetUnhandledExceptionFilter
OutputDebugStringA
SetLastError
ReadProcessMemory
GetEnvironmentVariableA
GetFileAttributesA
GetModuleFileNameA
GetCurrentDirectoryA
ResumeThread
GetThreadContext
SuspendThread
GetCurrentThread
IsBadReadPtr
ResetEvent
GetTickCount
CopyFileW
MoveFileExW
FileTimeToDosDateTime
FileTimeToLocalFileTime
lstrlenA
GetFileTime
VirtualQuery
GlobalMemoryStatus
GetSystemTimeAsFileTime
CreateProcessW
IsDebuggerPresent
SetErrorMode
WritePrivateProfileStringW
HeapValidate
SetThreadAffinityMask
TerminateThread
WaitForMultipleObjects
GlobalUnlock
FindFirstFileW
FindNextFileW
RemoveDirectoryW
DeleteFileW
FindClose
WriteFile
GetFileAttributesW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetProcessHeap
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
SetFileAttributesW
SetStdHandle
InitializeCriticalSectionAndSpinCount
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
HeapSize
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
GetTimeZoneInformation
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
GetDriveTypeA
PeekNamedPipe
GetFileInformationByHandle
GetTempPathW
WriteConsoleW
GetStartupInfoA
GetCommandLineA
GetCurrentProcessId
ExitThread
TerminateProcess
ExitProcess
UnhandledExceptionFilter
SetConsoleCtrlHandler
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
InterlockedDecrement
InterlockedIncrement
CreateSemaphoreW
CreateMutexW
GetModuleHandleW
SignalObjectAndWait
GetThreadLocale
GetProcessAffinityMask
FlushConsoleInputBuffer
FindFirstFileA
GetStdHandle
GetFileType
GetVersion
GetSystemDirectoryA
OpenEventA
VirtualAlloc
VirtualFree
UnmapViewOfFile
CreateFileA
CreateFileMappingA
MapViewOfFile
GetFileSize
GetLastError
ReadFile
CreateFileW
SetEndOfFile
SetFilePointer
GetCurrentThreadId
SleepEx
CreateThread
SetThreadPriority
RaiseException
ReleaseMutex
WaitForSingleObject
CreateMutexA
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetEvent
CreateEventA
QueryPerformanceFrequency
QueryPerformanceCounter
FormatMessageA
LocalFree
GetFullPathNameW
ReleaseSemaphore
WaitForSingleObjectEx
Sleep
CloseHandle
CreateSemaphoreA
LoadLibraryW
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
CreateDirectoryW
MultiByteToWideChar
TlsSetValue
lstrcmpiA
GetFullPathNameA
InterlockedExchange
InterlockedCompareExchange
GetUserDefaultLangID
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
GetModuleHandleA
GetCurrentProcess
ExpandEnvironmentStringsA
CreateEventW
GetOverlappedResult
CancelIo
DuplicateHandle
GetComputerNameW
TlsGetValue
TlsFree
TlsAlloc
lstrlenW
GetCommandLineW
lstrcpynW
lstrcpyA
lstrcpynA
GetModuleFileNameW
GlobalAlloc
FileTimeToSystemTime
GlobalLock
GetConsoleCP
InterlockedExchangeAdd
HeapWalk

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
IsClipboardFormatAvailable
SetCapture
ReleaseCapture
GetProcessWindowStation
GetUserObjectInformationW
RegisterDeviceNotificationW
UnregisterDeviceNotification
SystemParametersInfoW
ClientToScreen
DefWindowProcW
DestroyWindow
ReleaseDC
GetDC
CreateWindowExW
MessageBoxW
GetAsyncKeyState
GetKeyState
wsprintfA
RegisterRawInputDevices
GetRawInputData
GetRawInputDeviceList
GetRawInputDeviceInfoW
SendMessageTimeoutA
EnumWindows
SendMessageA
SetForegroundWindow
ShowWindow
IsIconic
RegisterWindowMessageA
GetUserObjectInformationA
GetThreadDesktop
GetParent
GetWindowRect
GetWindowLongA
SetWindowPos
GetClientRect
CreateDialogParamA
IsWindowVisible
GetCursorPos
WindowFromPoint
ScreenToClient
wvsprintfA
MonitorFromWindow
EnumDisplayDevicesA
GetCaretBlinkTime
PeekMessageA
GetMessageA
DispatchMessageA
ValidateRect
LoadImageA
DialogBoxParamA
IsDlgButtonChecked
CheckDlgButton
CreateDialogParamW
EnableWindow
PeekMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
SetWindowTextW
RegisterClassW
PostQuitMessage
SetWindowLongW
GetWindowLongW
SetFocus
SetCursorPos
ClipCursor
ShowCursor
GetFocus
LoadCursorA
RegisterClassExW
DialogBoxParamW
EndDialog
LoadIconA
SendDlgItemMessageW
SetDlgItemTextA
SetDlgItemTextW
MessageBoxA
CopyRect
OffsetRect
GetAncestor
UnregisterClassW
GetDesktopWindow
EnumDisplaySettingsA
AdjustWindowRectEx
GetSystemMetrics
ChangeDisplaySettingsA
GetDlgItem
SetWindowLongA

gdi32

GetDeviceCaps
ChoosePixelFormat
SetPixelFormat
GetObjectW
GetGlyphOutlineW
AddFontMemResourceEx
CreateCompatibleDC
GetFontUnicodeRanges
GetObjectA
SetTextAlign
SetTextColor
CreateFontIndirectW
SelectObject
GetTextFaceW
EnumFontFamiliesExW
DeleteDC
DeleteObject
RemoveFontMemResourceEx
SetBkMode
GetBitmapBits
BitBlt
CreateCompatibleBitmap
CreateDCA
SwapBuffers

advapi32

RegisterEventSourceA
ReportEventA
DeregisterEventSource
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
RegDeleteValueA
GetUserNameA
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptDestroyHash
CryptGetHashParam

shell32

ShellExecuteW
CommandLineToArgvW
SHGetFolderPathW

ole32

CoUninitialize
CoInitialize
CoCreateGuid
StringFromGUID2
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

version

GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeA

opengl32

glStencilFunc
glIsEnabled
glClear
glClearStencil
glClearDepth
glClearColor
glFrontFace
glLoadMatrixf
glMatrixMode
glMultMatrixf
glGetFloatv
glColorMaterial
glLightModeli
glMaterialf
glMaterialfv
glColor4fv
glViewport
glScissor
glTexEnvfv
glBindTexture
glTexGenfv
glTexGeni
glLightfv
glLightf
glLightModelfv
glFogfv
glFogf
glFogi
glDeleteTextures
glFinish
glVertex3f
glNormal3f
glStencilOp
glTexCoord3f
glBegin
glEnd
glReadPixels
glLoadIdentity
glLightModelf
glHint
glTexParameteri
wglDeleteContext
glGenTextures
glTexImage2D
glDrawArrays
glReadBuffer
glDrawBuffer
glCopyTexSubImage2D
glPixelStorei
glTexSubImage2D
glIsTexture
glNormalPointer
glTexCoordPointer
glStencilMask
glDepthFunc
glDepthMask
glCullFace
glPolygonOffset
glColorMask
glDisable
glColorPointer
wglCreateContext
wglMakeCurrent
glGetIntegerv
glEnable
wglGetCurrentContext
wglGetCurrentDC
wglShareLists
wglGetProcAddress
glGetError
glGetString
glDrawElements
glBlendFunc
glAlphaFunc
glTexEnvi
glTexEnvf
glDisableClientState
glEnableClientState
glColor4f
glVertexPointer

winmm

waveOutGetDevCapsW
waveInGetNumDevs
waveOutPrepareHeader
waveInReset
waveInClose
waveInOpen
waveOutGetNumDevs
waveInGetDevCapsW
waveInGetDevCapsA
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveOutGetPosition
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveInStart
timeGetTime
timeEndPeriod
timeBeginPeriod
waveOutGetDevCapsA

ws2_32

inet_ntoa
WSAStartup
freeaddrinfo
getsockname
WSACleanup
getaddrinfo
closesocket
inet_addr
connect
htons
WSAGetLastError
gethostname
socket
htonl

shlwapi

PathIsDirectoryW
PathFileExistsW
SHDeleteKeyA

oleaut32

SysFreeString
VariantInit
VariantClear
VariantChangeType
SysStringLen
SysAllocString

imm32

ImmGetContext
ImmAssociateContext
ImmAssociateContextEx
ImmGetCompositionStringW
ImmGetConversionStatus
ImmSetOpenStatus
ImmReleaseContext
ImmSetCompositionStringW

dnsapi

DnsFree
DnsQuery_A

iphlpapi

GetIpAddrTable

hid

HidP_GetData
HidD_GetPreparsedData
HidD_GetProductString
HidP_GetCaps
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_MaxDataListLength
HidD_FreePreparsedData
HidD_GetHidGuid

wsock32

inet_ntoa
gethostbyaddr
gethostbyname
recv
send
select
WSACancelAsyncRequest
WSAAsyncGetHostByName
listen
bind
accept
ntohs
getsockopt
getpeername
setsockopt
sendto
recvfrom
__WSAFDIsSet
shutdown
WSASetLastError

msacm32

acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmFormatSuggest
acmStreamOpen

Exports

Exports

AgPmDestroySourceConnection
AgPmEventEnabled
AgPmEventLoggingEnabled
AgPmSubmitEvent
NxCreateCoreSDK

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 698KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76d0993732f4bd9712f43fe5a4d927fe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

version

opengl32

winmm

ws2_32

shlwapi

oleaut32

imm32

dnsapi

iphlpapi

hid

wsock32

msacm32

Exports

Exports

Sections

.text Size: 7.1MB - Virtual size: 7.1MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 154KB - Virtual size: 698KB

.trace Size: 25KB - Virtual size: 24KB

.rsrc Size: 348KB - Virtual size: 347KB

.text
Size: 7.1MB - Virtual size: 7.1MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 154KB - Virtual size: 698KB

.trace
Size: 25KB - Virtual size: 24KB

.rsrc
Size: 348KB - Virtual size: 347KB