SETUPAPPLICATION SOVIET_g[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SETUPAPPLICATION SOVIET_g.exe
Size

771KB
MD5

61b14c9adfb88284e3829cc44c3cd2a9
SHA1

1c8d9b18133835c441952a472d99e8ef269606fc
SHA256

a32b2c20b2b61e53eace9ab9323192691cff4b41245e2735d2d59156ceddd52d
SHA512

fda89273e8f60f7e636272426e17b5705df085dfe12645c7becc23f61201fdc96a9cd0bf99daad4d3ac72b06735df297f242d8e03bee687f210bc78d2f6d3ec0
SSDEEP

12288:FZ6VIhYE3/+eZp+6GPJVqG8CvAq4tF0U4eBnC2NtumzIXNqVx4fAq:F+IOU/+l6afq9uAqC01eBC/8wNWOIq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SETUPAPPLICATION SOVIET_g.exe

Files

SETUPAPPLICATION SOVIET_g.exe
.exe windows:6 windows x64 arch:x64

451667d84aa7389d022e096b4b203591

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\Turbo\Saved\GitHub\soviet-republic\SETUPAPPLICATION SOVIET_g.pdb

Imports

c3ddll64

?C3DLog_PrintInfo@@YAXPEADZZ
?GetValueString@C3D_CONFIGURATOR@@QEAAPEADPEAD@Z
?GetValueIntegerPointer@C3D_CONFIGURATOR@@QEAAPEAHPEAD@Z
?GetValueInteger@C3D_CONFIGURATOR@@QEAAHPEAD@Z
?CheckIntegrity@C3D_CONFIGURATOR@@QEAAXPEAV1@@Z
?SaveConfigParams@C3D_CONFIGURATOR@@QEAAHXZ
?LoadConfigParams@C3D_CONFIGURATOR@@QEAAHPEAD_N0@Z
??1C3D_CONFIGURATOR@@QEAA@XZ
??0C3D_CONFIGURATOR@@QEAA@XZ
?C3DLog_PrintError@@YAXPEADZZ
?C3DPath_SetPathPrefix@@YAXPEBD@Z
?GetString@C3D_LANGUAGE@@QEAAPEA_WH@Z
?Destroy@C3D_LANGUAGE@@QEAAXXZ
?Initialize@C3D_LANGUAGE@@QEAAXPEAD0@Z
??0C3D_LANGUAGE@@QEAA@XZ
?C3DHelp_CheckIfFileExist@@YA_NPEBD_N1@Z
??1C3D_LANGUAGE@@QEAA@XZ

dxgi

CreateDXGIFactory1

galaxy64

?Shutdown@api@galaxy@@YAXXZ
?Init@api@galaxy@@YAXAEBUInitOptions@12@@Z
?ProcessData@api@galaxy@@YAXXZ
?Apps@api@galaxy@@YAPEAVIApps@12@XZ
?User@api@galaxy@@YAPEAVIUser@12@XZ

kernel32

WriteConsoleW
GetCurrentDirectoryA
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
HeapSize
SetStdHandle
CloseHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
EncodePointer
RaiseException
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetACP
HeapFree
HeapAlloc
GetFileType
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
CreateFileW

user32

LoadImageW
EnableWindow
CreateDialogParamW
MessageBoxW
EnumDisplayMonitors
SendMessageW
EndDialog
GetScrollPos
DispatchMessageW
IsDialogMessageW
GetMonitorInfoW
PeekMessageW
EnumDisplaySettingsA
TranslateMessage
SendMessageA
GetDlgItem
SetScrollPos

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 601KB - Virtual size: 601KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

451667d84aa7389d022e096b4b203591

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

c3ddll64

dxgi

galaxy64

kernel32

user32

shell32

ole32

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 3KB - Virtual size: 172KB

.pdata Size: 5KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 204B

.rsrc Size: 601KB - Virtual size: 601KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 3KB - Virtual size: 172KB

.pdata
Size: 5KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 204B

.rsrc
Size: 601KB - Virtual size: 601KB