5dc7584385dbca755d675655b94e77ba1cf3e3bb5df0b98a65d88ee214796c2e

Sharing

Copy URL Twitter E-mail

General

Target

5dc7584385dbca755d675655b94e77ba1cf3e3bb5df0b98a65d88ee214796c2e
Size

788KB
MD5

606e12f559e5e7f503dd1fb0c3b05bf0
SHA1

2a558138bdb6c5df80dd3cbba57f4973f90dc8d8
SHA256

5dc7584385dbca755d675655b94e77ba1cf3e3bb5df0b98a65d88ee214796c2e
SHA512

d08becb268dd70580eb6348bd7f1cedc626f1d850bf81e0c53ab5d895fbf4da994ef3237ae5261caefcfb77664ed939ed510aee1f3a7596b1263aca076f4d995
SSDEEP

12288:yJnXWShzfZ5zhz/HEkbnoQt+EA2hqvQ2uqD2SXynNrSjQnwP9+W/VcPTsDYixfmO:WnXWkzfZNhzPEkbo0wy7lWiTGnxuSoa

Score

N/A

Malware Config

Signatures

Files

5dc7584385dbca755d675655b94e77ba1cf3e3bb5df0b98a65d88ee214796c2e
.exe windows x86

5acc9948d24bf6c3cad99f55953ef6dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
HeapSize
TerminateProcess
HeapReAlloc
ExitProcess
FindNextFileA
SetCurrentDirectoryA
RtlUnwind
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
FileTimeToLocalFileTime
SetErrorMode
GetFileTime
GetFileAttributesA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
RaiseException
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetTickCount
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalAlloc
FormatMessageA
LocalFree
InterlockedDecrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentThreadId
CloseHandle
GetVersion
CompareStringA
lstrcmpiA
GetLastError
CompareStringW
lstrlenA
MultiByteToWideChar
Sleep
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateDirectoryA
GetLocalTime
GetModuleFileNameA
SizeofResource
LockResource
LoadResource
FindResourceA

user32

SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
RegisterClipboardFormatA
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
PostMessageA
EnableWindow
UpdateWindow
SetTimer
KillTimer
GetDC
GetClientRect
ReleaseDC
GetCursorPos
ScreenToClient
LoadCursorA
LoadImageA
LoadIconA
RedrawWindow
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
SetRectEmpty
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
TranslateAcceleratorA
EndDialog
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
MoveWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
PostQuitMessage
GetSysColor
InflateRect
GetWindowRect
InvalidateRect
SendMessageA
CharUpperA
SetMenu
FindWindowA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
PostThreadMessageA
GetMenuItemInfoA
GetSysColorBrush
CharNextA
DestroyCursor
SetCursorPos
SetCapture
BringWindowToTop
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
DefWindowProcA
wsprintfA

gdi32

SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
GetDeviceCaps
CreatePen
Escape
CreateCompatibleBitmap
PatBlt
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetTextExtentPoint32A
GetRgnBox
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetObjectA
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetBkMode
SetBkColor
CreateSolidBrush
SetPixel
StretchBlt
SetDIBits
GetDIBits
GetCurrentObject
SetBrushOrgEx
Rectangle
CreateDIBSection
SaveDC
BitBlt
RestoreDC

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueA

shell32

DragQueryFileA
DragFinish
ShellExecuteA

comctl32

ImageList_GetImageInfo
ImageList_Draw
ord17
ImageList_Destroy

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
CLSIDFromString
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoTaskMemFree
CoGetClassObject

oleaut32

OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
VariantChangeType
SysFreeString
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

client_io

?alloc_packet@io_proxy@@QAEPADPAX@Z
??0io_proxy@@QAE@PBDK@Z
?close@io_proxy@@QAEXXZ
?release_packet@io_proxy@@QAEXPAD@Z
?send_packet@io_proxy@@QAEXPADII@Z
?alloc_size@io_proxy@@QBEIPAX@Z
?choose_allocator@io_proxy@@QAEPAXI@Z
?is_connected@io_proxy@@QBE_NXZ
?is_valid@io_proxy@@QBE_NXZ
?add_xy_handler@io_proxy@@QAEXPAV?$protocol_handler@Vio_proxy@@@@@Z
?connect@io_proxy@@QAEXXZ
??1io_proxy@@UAE@XZ

fmodex

?getMasterChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
FMOD_System_Create
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?stop@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_CHANNELINDEX@@PAVSound@2@_NPAPAVChannel@2@@Z
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ

player_list

?hwnd@player_list@@QBEPAUHWND__@@XZ
?create@player_list@@QAE_NPAUHWND__@@I@Z
?set_visible@player_list@@QAEXW4player_list_column@@_N@Z
?remove_player@player_list@@QAEXI@Z
?get_player@player_list@@QAEPAV?$player_t@Vio_proxy@@@@I@Z
??1player_list@@UAE@XZ
??0player_list@@QAE@PAVio_proxy@@PAVchat@@@Z
?handle_protocol@player_list@@QAE_NAAVio_proxy@@IAAVbistream@@@Z
?set_self_id@player_list@@QAEXI@Z
?add_player@player_list@@QAEXPBV?$player_t@Vio_proxy@@@@@Z

chat

?set_self_id@chat@@QAEXI@Z
?add_msg@chat@@QAEXPBDW4msg_type@1@@Z
?handle_protocol@chat@@QAE_NAAVio_proxy@@IAAVbistream@@@Z
??0chat@@QAE@PAVio_proxy@@PAVplayer_list@@@Z
??1chat@@UAE@XZ
?enable_sound@chat@@QAEX_N@Z
?create@chat@@QAE_NPAUHWND__@@I@Z

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 564KB - Virtual size: 562KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5acc9948d24bf6c3cad99f55953ef6dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

client_io

fmodex

player_list

chat

msimg32

Sections

.text Size: 564KB - Virtual size: 562KB

.rdata Size: 136KB - Virtual size: 132KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 64KB - Virtual size: 61KB

.text
Size: 564KB - Virtual size: 562KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 64KB - Virtual size: 61KB