MovieDuels[.]x86[.]exe

Resubmissions

30/03/2025, 21:06

250330-zx7lqsxsaz 10

30/03/2025, 21:02

250330-zvd7eayrv4 8

30/03/2025, 20:49

250330-zmf12awyh1 10

Sharing

Copy URL

Twitter E-mail

General

Target

MovieDuels.x86.exe
Size

830KB
MD5

e0f676512de7503cf559cb1e5212e7e7
SHA1

6a19ca3de64e3d3e16d160d9b3f10a9019302660
SHA256

2b6d4cefa77ae47c33bbad9dba1dbce9f83a83ed31a0fc5039d24b2c649a7dca
SHA512

b31185e3a5af2421382d56b82c7329c092a5287005be3667638acb7c2ccaabe5a89c10695ccac97406e72bc1d52ac6865e9b0a84437875d8abe35f65d5fb60fa
SSDEEP

24576:hHKxoUWVvBO9Pw0JivckQxgiKZj3z4wBpdwV9RNdJB5nS3T4+LX:hqxnivmAj3z4wBpiSTRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
MovieDuels.x86.exe

Files

MovieDuels.x86.exe
.exe windows:6 windows x86 arch:x86

Password: ddadad

728e680423bd5faae6b74ae80d18627c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeGetTime

openal32

alGetProcAddress
alListenerf
alListenerfv
alGenSources
alDeleteSources
alSourcei
alSourcef
alSourcefv
alGetSourcei
alSourcePlay
alGetError
alSourceStop
alGenBuffers
alDeleteBuffers
alBufferData
alGetBufferi
alSourceQueueBuffers
alSourceUnqueueBuffers
alcOpenDevice
alcCloseDevice
alcCreateContext
alcMakeContextCurrent
alcGetCurrentContext
alcGetContextsDevice
alcDestroyContext
alcGetError
alIsExtensionPresent

sdl2

SDL_PeepEvents
SDL_PumpEvents
SDL_JoystickClose
SDL_JoystickGetButton
SDL_JoystickGetBall
SDL_JoystickGetHat
SDL_JoystickGetAxis
SDL_JoystickEventState
SDL_JoystickUpdate
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickNumBalls
SDL_JoystickNumAxes
SDL_JoystickOpen
SDL_JoystickNameForIndex
SDL_NumJoysticks
SDL_ShowCursor
SDL_SetRelativeMouseMode
SDL_wcslen
SDL_WarpMouseInWindow
SDL_StopTextInput
SDL_StartTextInput
SDL_SetHint
SDL_GetScancodeName
SDL_GetKeyFromScancode
SDL_SetWindowGrab
SDL_GetWindowFlags
SDL_WasInit
SDL_QuitSubSystem
SDL_Init
SDL_CloseAudioDevice
SDL_UnlockAudioDevice
SDL_LockAudioDevice
SDL_PauseAudioDevice
SDL_OpenAudioDevice
SDL_GetCurrentAudioDriver
SDL_Quit
SDL_ShowSimpleMessageBox
SDL_UnloadObject
SDL_LoadObject
SDL_HasClipboardText
SDL_GetClipboardText
SDL_free
SDL_LoadFunction
SDL_GetError
SDL_PollEvent
SDL_calloc
SDL_CreateRGBSurfaceFrom
SDL_FreeSurface
SDL_iconv_string
SDL_GetWindowWMInfo
SDL_GL_DeleteContext
SDL_GL_SwapWindow
SDL_GL_SetSwapInterval
SDL_GL_CreateContext
SDL_GL_SetAttribute
SDL_GL_ExtensionSupported
SDL_GL_GetProcAddress
SDL_DestroyWindow
SDL_SetWindowGammaRamp
SDL_SetWindowBrightness
SDL_SetWindowFullscreen
SDL_GetCurrentVideoDriver
SDL_GetWindowPosition
SDL_SetWindowIcon
SDL_CreateWindow
SDL_GetWindowDisplayMode
SDL_SetWindowDisplayMode
SDL_GetWindowDisplayIndex
SDL_GetDesktopDisplayMode
SDL_GetDisplayMode
SDL_GetNumDisplayModes
SDL_GetKeyName
SDL_GetNumVideoDisplays
SDL_MinimizeWindow
SDL_SetMainReady

kernel32

TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
CreateDirectoryA
GetCurrentThreadId
Sleep
GetCurrentProcess
GlobalMemoryStatusEx
LocalFree
GetProcessAffinityMask
SetProcessAffinityMask
FormatMessageA
CreateFileA
UnhandledExceptionFilter
GetFileAttributesA
GetFileTime
SetFileAttributesA
CloseHandle
CopyFileA
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
GetSystemTimeAsFileTime
OutputDebugStringA
InitializeSListHead
GetCommandLineW
GetLastError
SetUnhandledExceptionFilter

user32

GetKeyState

shell32

SHGetFolderPathA
CommandLineToArgvW

advapi32

GetUserNameA

msvcp140

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xlength_error@std@@YAXPBD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Xout_of_range@std@@YAXPBD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?_Xbad_function_call@std@@YAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ

vcruntime140

__current_exception
__current_exception_context
_except_handler4_common
__std_exception_copy
memcpy
memset
strstr
memmove
strchr
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
strrchr
__std_terminate
memchr
_purecall

api-ms-win-crt-convert-l1-1-0

strtod
atoi
atof

api-ms-win-crt-string-l1-1-0

strtok
strncmp
strncpy
isspace
isalpha
tolower
isdigit
toupper

api-ms-win-crt-stdio-l1-1-0

_ftelli64
__stdio_common_vsprintf
__stdio_common_vsscanf
_set_fmode
__p__commode
fclose
ferror
setvbuf
fflush
ftell
fseek
fread
fopen
_getcwd
__acrt_iob_func
fwrite
__stdio_common_vfprintf
_fseeki64

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
exit
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
abort
_c_exit
_register_thread_local_exe_atexit_callback
terminate
_controlfp_s

api-ms-win-crt-utility-l1-1-0

rand
qsort

api-ms-win-crt-math-l1-1-0

_libm_sse2_cos_precise
__setusermatherr
floor
_libm_sse2_tan_precise
_libm_sse2_sqrt_precise
_libm_sse2_acos_precise
_libm_sse2_sin_precise
_libm_sse2_pow_precise
_libm_sse2_atan_precise
_CIatan2
ceil

api-ms-win-crt-heap-l1-1-0

realloc
_set_new_mode
free
_callnewh
malloc
calloc

api-ms-win-crt-time-l1-1-0

_localtime64
asctime
strftime
_time64

api-ms-win-crt-filesystem-l1-1-0

remove
rename
_findclose
_findnext64i32
_findfirst64i32

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Exports

Exports

openjk_minizip_free
openjk_minizip_malloc
vmMain

Sections

.text
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 31.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: ddadad

728e680423bd5faae6b74ae80d18627c

Headers

DLL Characteristics

File Characteristics

Imports

winmm

openal32

sdl2

kernel32

user32

shell32

advapi32

msvcp140

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 510KB - Virtual size: 510KB

.rdata Size: 172KB - Virtual size: 171KB

.data Size: 35KB - Virtual size: 31.3MB

.rsrc Size: 68KB - Virtual size: 67KB

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 510KB - Virtual size: 510KB

.rdata
Size: 172KB - Virtual size: 171KB

.data
Size: 35KB - Virtual size: 31.3MB

.rsrc
Size: 68KB - Virtual size: 67KB

.reloc
Size: 44KB - Virtual size: 43KB