WindowsZone[.]zip

Resubmissions

10/10/2024, 15:13

241010-slz9yssare 3

10/10/2024, 15:09

241010-sjq89sxdjq 3

Sharing

Copy URL Twitter E-mail

General

Target

WindowsZone.zip
Size

1.5MB
MD5

92fc68e9236c24927f15692c112351b7
SHA1

4e648134bc314a53bb177beef70e9f2758c0755a
SHA256

67996a18dc5f5085b6016405cb40d623ab9d0cfe3b462dce7b82481e3399ef10
SHA512

345b2e443500abae1b80b72ff4e637731124fdd4cdedcacab077fd9695d97a931c6f8ecc1b9ec422d9f3bda78269af0831c744adcc5da95be18931880db5958f
SSDEEP

49152:k2duKfzK6WoKxeL+smdMH5xF2aUoJFXJa:HduSzSeL+smdY0oJFZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ICSharpCode.SharpZipLib.dll
unpack002/Interop.IWshRuntimeLibrary.dll
unpack002/ManagedWinapi.dll
unpack002/ManagedWinapiNativeHelper.dll
unpack002/Rat234.dll
unpack002/WindowsZone.exe
unpack002/WindowsZoneAPI.dll
unpack002/WindowsZoneUpdater.exe

Files

WindowsZone.zip
.zip
WindowsZone.7z
.7z
1up.wav
1upitem.png
.png
GAMEOVER.png
.png
HUD/-.png
.png
HUD/..png
.png
HUD/0.png
.png
HUD/1.png
.png
HUD/2.png
.png
HUD/3.png
.png
HUD/4.png
.png
HUD/5.png
.png
HUD/6.png
.png
HUD/7.png
.png
HUD/8.png
.png
HUD/9.png
.png
HUD/A.png
.png
HUD/B.png
.png
HUD/C.png
.png
HUD/D.png
.png
HUD/E.png
.png
HUD/F.png
.png
HUD/G.png
.png
HUD/H.png
.png
HUD/I.png
.png
HUD/J.png
.png
HUD/K.png
.png
HUD/L.png
.png
HUD/M.png
.png
HUD/N.png
.png
HUD/O.png
.png
HUD/P.png
.png
HUD/Q.png
.png
HUD/R.png
.png
HUD/S.png
.png
HUD/T.png
.png
HUD/U.png
.png
HUD/V.png
.png
HUD/W.png
.png
HUD/X.png
.png
HUD/Y.png
.png
HUD/Z.png
.png
HUD/col.png
.png
HUD/spc.png
.png
ICSharpCode.SharpZipLib.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Interop.IWshRuntimeLibrary.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ManagedWinapi.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Michael\programm\csharp\ManagedWinAPI\ManagedWinapi\obj\Release\ManagedWinapi.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ManagedWinapiNativeHelper.dll
.dll windows:4 windows x86 arch:x86

2d77a847a8c87b5b9bee5a0762eef43c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
HeapAlloc
GetProcessHeap

Exports

Exports

_AllocHookWrapper@4
_FreeHookWrapper@4

Sections

.text
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Monbroke.png
.png
Monitor.png
.png
Rat234.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Mike\Documents\Visual Studio 2008\Projects\Rat234\Rat234\obj\Release\Rat234.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 141B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Rat234.pdb
Rat234.xml
WindowsZone.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Mike\Documents\Visual Studio 2008\Projects\WindowsZone\WindowsZone\obj\x86\Release\WindowsZone.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsZone.pdb
WindowsZone.xml
WindowsZoneAPI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Mike\Documents\Visual Studio 2008\Projects\WindowsZone\WindowsZoneAPI\obj\Release\WindowsZoneAPI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 162B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsZoneAPI.pdb
WindowsZoneAPI.xml
WindowsZoneUpdater.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Mike\Documents\Visual Studio 2008\Projects\WindowsZone\WindowsZoneUpdater\obj\Release\WindowsZoneUpdater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 170B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WindowsZoneUpdater.pdb
WindowsZoneUpdater.xml
bosshit.wav
brake.wav
dashrelease.wav
die.wav
explode.wav
explosion.ini
explosion/boom1.png
.png
explosion/boom2.png
.png
explosion/boom3.png
.png
explosion/boom4.png
.png
explosion/boom5.png
.png
gameover.wav
invitem.png
.png
jump.wav
megamoto.ini
megamoto/Moto1.png
.png
megamoto/Moto2.png
.png
megamoto/Moto3.png
.png
megamoto/Moto4.png
.png
metalsonic.ini
motobug.ini
motobug/Moto1.png
.png
motobug/Moto2.png
.png
motobug/Moto3.png
.png
ring.ini
ring.wav
ring/collect1.png
.png
ring/collect2.png
.png
ring/collect3.png
.png
ring/collect4.png
.png
ring/spin1.png
.png
ring/spin2.png
.png
ring/spin3.png
.png
ring/spin4.png
.png
ringitem.png
.png
roll.wav
shield.wav
shield/shield.ini
shield/shield1.png
.png
shield/shield2.png
.png
shield/shield3.png
.png
shielditem.png
.png
sonic.ini
sonic/balancel1.png
.png
sonic/balancel2.png
.png
sonic/balancel3.png
.png
sonic/balancer1.png
.png
sonic/balancer2.png
.png
sonic/balancer3.png
.png
sonic/brake1.png
.png
sonic/brake2.png
.png
sonic/brake3.png
.png
sonic/brake4.png
.png
sonic/die.png
.png
sonic/duck1.png
.png
sonic/duck2.png
.png
sonic/hurt1.png
.png
sonic/hurt2.png
.png
sonic/lookup1.png
.png
sonic/lookup2.png
.png
sonic/push1.png
.png
sonic/push2.png
.png
sonic/push3.png
.png
sonic/push4.png
.png
sonic/run1.png
.png
sonic/run2.png
.png
sonic/run3.png
.png
sonic/run4.png
.png
sonic/spin1.png
.png
sonic/spin2.png
.png
sonic/spin3.png
.png
sonic/spin4.png
.png
sonic/spin5.png
.png
sonic/spindash1.png
.png
sonic/spindash2.png
.png
sonic/spindash3.png
.png
sonic/spindash4.png
.png
sonic/spindash5.png
.png
sonic/spindash6.png
.png
sonic/stand.png
.png
sonic/walk1.png
.png
sonic/walk2.png
.png
sonic/walk3.png
.png
sonic/walk4.png
.png
sonic/walk5.png
.png
sonic/walk6.png
.png
sonic/walk7.png
.png
sonic/walk8.png
.png
spike.ini
spike/spike1.png
.png
spike/spike2.png
.png
spike/spike3.png
.png
spike/spike4.png
.png
spike/spike5.png
.png
spike/spike6.png
.png
spikes.ini
spikes/spikesD.png
.png
spikes/spikesH.png
.png
spikes/spikesU.png
.png
spindash.wav

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 176KB - Virtual size: 173KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 944B

.reloc Size: 4KB - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 96KB - Virtual size: 94KB

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 4KB - Virtual size: 12B

2d77a847a8c87b5b9bee5a0762eef43c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 394B

.rdata Size: 512B - Virtual size: 337B

.data Size: - Virtual size: 172B

.rsrc Size: 512B - Virtual size: 176B

.reloc Size: 512B - Virtual size: 208B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 44KB - Virtual size: 43KB

.sdata Size: 512B - Virtual size: 141B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 126KB - Virtual size: 125KB

.sdata Size: 512B - Virtual size: 160B

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

.text
Size: 176KB - Virtual size: 173KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 36KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 944B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 96KB - Virtual size: 94KB

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 512B - Virtual size: 394B

.rdata
Size: 512B - Virtual size: 337B

.data
Size: - Virtual size: 172B

.rsrc
Size: 512B - Virtual size: 176B

.reloc
Size: 512B - Virtual size: 208B

.text
Size: 44KB - Virtual size: 43KB

.sdata
Size: 512B - Virtual size: 141B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 126KB - Virtual size: 125KB

.sdata
Size: 512B - Virtual size: 160B

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 52KB - Virtual size: 51KB

.sdata
Size: 512B - Virtual size: 162B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 47KB - Virtual size: 47KB

.sdata
Size: 512B - Virtual size: 170B

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 512B - Virtual size: 12B