cda9a04ed3a88aaa0db19cab1a0ac141c393f60d3085819332d6ad96571b483f

Sharing

Copy URL Twitter E-mail

General

Target

cda9a04ed3a88aaa0db19cab1a0ac141c393f60d3085819332d6ad96571b483f
Size

5.2MB
MD5

b64fbb7004bd0a325ed72760f651f076
SHA1

7202e5462ab444cf6de9226cd8653e8f05904c42
SHA256

cda9a04ed3a88aaa0db19cab1a0ac141c393f60d3085819332d6ad96571b483f
SHA512

7bc81199a8c49e7b38ebbf5d4508cd8346ba85bc9a96188fa60391e70718b5f2ab0339b0ea086075f04c1ebd476a5362b868a06666f0dd225712a2302b1d80d8
SSDEEP

49152:uM7/nMg1KW3HsIuUY277Lz79Y2Nbxw77CTcl7AKwyMqLREJs7CBJQqSwojdIB77y:1LuUb5s+BJQqsQan9+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cda9a04ed3a88aaa0db19cab1a0ac141c393f60d3085819332d6ad96571b483f

Files

cda9a04ed3a88aaa0db19cab1a0ac141c393f60d3085819332d6ad96571b483f
.exe windows:6 windows x86 arch:x86

2aa8204de8b151d172124130306f3a57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Working Directory\PROJECT_X_CLASSIC\Obj\LUNA\Release\LUNA.pdb

Imports

soundlib

CreateSoundLib

ss3dgfunc

_MatrixMultiply2@12
_TransformV3TOV4@16
_SetInverseMatrix@8
_COLORtoDWORD@16
_WriteTGA@24
_CalcDistance@8
_VBHDeleteAll@4
_VBHRelease@4
_VBHInitialize@16
_VBHCreate@0
_VBHInsert@16
_VBHSelect@20
_RotatePositionWithPivot@24
_SetRotationYMatrix@8
_SetRotationXMatrix@8
_TransformVector3_VPTR2@16
_IsCollisionSphereAndBox@8
_Normalize@8
_CrossProduct@12
_VECTOR3Length@4

dinput8

DirectInput8Create

wtaerpc

Initialize_Wtae
Update_Wtae

kernel32

RemoveDirectoryA
CloseHandle
RaiseException
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
GetCurrentThreadId
FlushInstructionCache
GetWindowsDirectoryA
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
LoadLibraryExA
LoadResource
SizeofResource
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
lstrcmpA
lstrcmpiA
FindResourceA
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
FormatMessageA
lstrcpynA
lstrcpyA
IsBadReadPtr
Sleep
GetTickCount
CreateDirectoryA
GetVersionExA
LoadLibraryA
GetVolumeInformationA
OutputDebugStringA
CreateFileA
GetFileSize
ReadFile
InterlockedCompareExchange
WriteFile
GetSystemTime
GetStdHandle
FindClose
WriteConsoleA
InterlockedExchange
CreateThread
SetCurrentDirectoryA
SetEndOfFile
CreateFileW
EnumSystemLocalesEx
IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
GetLocaleInfoEx
FindNextFileA
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
DeleteFileA
GetTickCount64
QueryPerformanceCounter
GetFileAttributesExW
SetFilePointerEx
LoadLibraryW
LoadLibraryExW
WaitForSingleObjectEx
OutputDebugStringW
SetConsoleCtrlHandler
GetConsoleCP
SetFilePointer
ReadConsoleW
GetConsoleMode
HeapQueryInformation
HeapSize
HeapReAlloc
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
AreFileApisANSI
ExitProcess
InitOnceExecuteOnce
GetCurrentThread
GetModuleHandleW
GetStartupInfoW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
UnhandledExceptionFilter
FatalAppExitA
GetCommandLineA
WriteConsoleW
GetModuleHandleExW
GetModuleFileNameW
GetFileType
GetSystemTimeAsFileTime
VirtualQuery
VirtualProtect
SetThreadStackGuarantee
GetSystemInfo
HeapValidate
EncodePointer
HeapAlloc
RtlUnwind
IsDebuggerPresent
DecodePointer
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
GetCurrentDirectoryA
lstrlenA
GetLocalTime
IsDBCSLeadByte
lstrlenW
LocalFree
InitializeCriticalSectionEx
GetStringTypeW
FindFirstFileA
OpenFile
GetEnvironmentStringsW

user32

InvalidateRgn
CharNextA
CharPrevA
IsWindowVisible
GetWindowTextA
GetWindowTextLengthA
GetTopWindow
GetWindow
MessageBoxA
wsprintfA
RegisterWindowMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
SendMessageA
DefWindowProcA
PostQuitMessage
CallWindowProcA
GetCursorPos
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
OffsetRect
LoadCursorFromFileA
SetCursor
CopyRect
SetRect
PtInRect
LoadIconA
LoadCursorA
GetClassNameA
GetParent
GetDesktopWindow
SetWindowLongA
GetWindowLongA
FillRect
GetSysColor
ScreenToClient
ClientToScreen
ShowCursor
GetWindowRect
GetClientRect
SetWindowTextA
RedrawWindow
PostMessageA
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
UpdateWindow
GetSystemMetrics
DestroyAcceleratorTable
CreateAcceleratorTableA
ReleaseCapture
SetCapture
GetFocus
SetFocus
GetDlgItem
EndDialog
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsChild
IsWindow
CreateWindowExA
GetClassInfoExA
RegisterClassExA
UnregisterClassA

gdi32

DeleteDC
GetDeviceCaps
SelectObject
GetStockObject
DeleteObject
GetTextExtentPoint32A
CreateSolidBrush
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateFontIndirectA
GetObjectA

advapi32

RegQueryValueExA
RegQueryInfoKeyA
GetCurrentHwProfileA
RegSetValueExA
RegQueryInfoKeyW
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

ole32

CLSIDFromString
CoCreateInstance
CoGetClassObject
CreateStreamOnHGlobal
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
OleInitialize
OleUninitialize
OleLockRunning
CoUninitialize
CoFreeUnusedLibraries

oleaut32

GetErrorInfo
VariantChangeType
SetErrorInfo
OleCreateFontIndirect
LoadRegTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
VariantInit
VariantClear
VarUI4FromStr
CreateErrorInfo
LoadTypeLi

freeimage

_FreeImage_GetInfo@4
_FreeImage_ConvertTo16Bits565@4
_FreeImage_GetBits@4
_FreeImage_Load@12
_FreeImage_SaveJPEG@12
_FreeImage_Unload@4

iphlpapi

GetAdaptersInfo

winmm

timeGetTime

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 455KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2aa8204de8b151d172124130306f3a57

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

soundlib

ss3dgfunc

dinput8

wtaerpc

kernel32

user32

gdi32

advapi32

ole32

oleaut32

freeimage

iphlpapi

winmm

Sections

.text Size: 3.3MB - Virtual size: 3.3MB

.rdata Size: 455KB - Virtual size: 455KB

.data Size: 1.3MB - Virtual size: 1.6MB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 165KB - Virtual size: 165KB

.text
Size: 3.3MB - Virtual size: 3.3MB

.rdata
Size: 455KB - Virtual size: 455KB

.data
Size: 1.3MB - Virtual size: 1.6MB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 165KB - Virtual size: 165KB