826a69d3fa68165d907c72563f46311df8c9e9a8a90e55ee405ac49b0ea0b374

Sharing

Copy URL Twitter E-mail

General

Target

826a69d3fa68165d907c72563f46311df8c9e9a8a90e55ee405ac49b0ea0b374
Size

701KB
MD5

114c998ee6349ceb6a47eb501f5f5050
SHA1

af6b690771775ffd59446648414ee355f0c8661d
SHA256

826a69d3fa68165d907c72563f46311df8c9e9a8a90e55ee405ac49b0ea0b374
SHA512

9e299d7f9c9b59ca2ae77ffd66abb9fd694329b8cff1a4dc9f6656892827185d57f89cf12b45abf93b92eece36a623e7b05907d246a6b52e32a592e0f891fa0e
SSDEEP

12288:oxRHNQq/oZEkBaOzygCil3sFIeXVYfTke9ZTJtCjzY1C4doIEjaeMtPaGo:8QEK6piOnXy5T1EgiaekPaGo

Score

N/A

Malware Config

Signatures

Files

826a69d3fa68165d907c72563f46311df8c9e9a8a90e55ee405ac49b0ea0b374
.exe windows x86

9c7976f287445bee3575407efcec0d5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

wininet

InternetReadFile
InternetOpenW
InternetOpenUrlW
InternetCloseHandle

kernel32

CreateFileW
GetCurrentDirectoryW
CloseHandle
GetCurrentProcessId
lstrcpyW
OutputDebugStringA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MoveFileW
GetFileTime
DeleteFileW
GetFileSize
MapViewOfFile
UnmapViewOfFile
ReadFile
GetLastError
CreateFileMappingW
MultiByteToWideChar
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalReAlloc
CreateFileA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
VirtualAlloc
HeapReAlloc
HeapSize
GetLocaleInfoA
Sleep
GetStringTypeW
GetStringTypeA
LoadLibraryW
WriteConsoleW
DebugBreak
GetModuleHandleA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetStdHandle
GetModuleFileNameA
LCMapStringW
LCMapStringA
IsBadReadPtr
HeapValidate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleW
TlsGetValue
GetProcAddress
OpenProcess
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateProcessW
SetFilePointer
lstrlenW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitThread
GetCurrentThreadId
CreateThread
SwitchToThread
ExitProcess
lstrlenA
InterlockedExchangeAdd
InterlockedExchange

user32

GetDlgItemTextW
SetDlgItemTextW
SendMessageW
CallWindowProcW
SetWindowPos
ShowWindow
SetWindowLongW
GetDlgItem
SetClassLongW
GetWindowLongW
SetRect
SetTimer
KillTimer
GetFocus
SetFocus
FillRect
GetDC
ReleaseDC
CreateDialogParamW
GetSystemMetrics
GetWindow
MoveWindow
DestroyWindow
GetMessageW
PostQuitMessage
LoadCursorW
FindWindowW
wsprintfW
TranslateMessage
LoadIconW
CreateWindowExW
MessageBoxW
RegisterClassW
DefWindowProcW
DispatchMessageW
EndPaint
ScreenToClient
GetWindowRect
DrawTextW
TrackMouseEvent
GetClientRect
BeginPaint
InvalidateRect

gdi32

CombineRgn
GetObjectW
CreateCompatibleDC
CreateDIBSection
DeleteObject
ExtCreateRegion
CreateFontW
BitBlt
SetTextColor
DeleteDC
SetBkMode
SelectObject
GetStockObject

ole32

OleUninitialize
OleInitialize
CoCreateInstance

ngmfunc

NGMLib_SetLogFilePathW
NGMLib_Init
NGMLib_Cancel
NGMLib_GetLastErrCode
NGMLib_GetProgressInfoW
NGMLib_PatchW

nmcogame

NMCO_MemoryFree
NMCO_SetLocaleAndRegion
NMCO_CallNMFunc

Exports

Exports

LauncherMain

Sections

.text
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c7976f287445bee3575407efcec0d5e

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

wininet

kernel32

user32

gdi32

ole32

ngmfunc

nmcogame

Exports

Exports

Sections

.text Size: 370KB - Virtual size: 369KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 11KB - Virtual size: 33KB

.rsrc Size: 141KB - Virtual size: 140KB

.reloc Size: 83KB - Virtual size: 82KB

.text
Size: 370KB - Virtual size: 369KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 11KB - Virtual size: 33KB

.rsrc
Size: 141KB - Virtual size: 140KB

.reloc
Size: 83KB - Virtual size: 82KB