6d7d377e305271372dd8b2e7a923edfeb3fb13ddd9ca93719e02e164a8fc3846

Sharing

Copy URL

Twitter E-mail

General

Target

6d7d377e305271372dd8b2e7a923edfeb3fb13ddd9ca93719e02e164a8fc3846
Size

240KB
MD5

4c8c0374e5a408dd905ee592ac250280
SHA1

4ca4def9d6b1257ae25c93b6adf6ac546a9d4f67
SHA256

6d7d377e305271372dd8b2e7a923edfeb3fb13ddd9ca93719e02e164a8fc3846
SHA512

0f071c978d3697732a699e27b0f2df57f485b9e3b47cbd95bbb9c2e11238efcbef12e4d94976a2a6802216397c3289f87466c1f6bde4854cd13fc1e37b5e5c2b
SSDEEP

3072:irvnpT299s/V8uOqYSeZfZYkbv+n/Y82LgISoa944K+7YswhlJ1+XvGRM6p7BfZ1:OfYDZfOb2LflfYYsa8izSMR+o

Score

N/A

Malware Config

Signatures

Files

6d7d377e305271372dd8b2e7a923edfeb3fb13ddd9ca93719e02e164a8fc3846
.exe windows x86

dcdb1a96f849dcde1008486a134bcea8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
CallNextHookEx
SetForegroundWindow
GetDesktopWindow
GetAsyncKeyState
DefWindowProcA
RegisterWindowMessageA
UnhookWindowsHookEx
MessageBoxA

core

?alloc@MemoryMgr@@QAEPAXHI@Z
?g_MemoryPtr@@3PAVMemoryMgr@@A
?ParamEqualsInt32@Parser@@QAE_NPADPBDPAH@Z
?SetMinimized@Platform@@YAX_N@Z
?SetActive@Platform@@YAX_N@Z
?GetActive@Platform@@YA_NXZ
?RawKeyToLocalKey@Platform@@YAHH@Z
?GetAppFilePrefix@Platform@@YAPBDXZ
?SetApp@Platform@@YAXPAUHINSTANCE__@@@Z
?GetCPUInfo@@YAHXZ
?BeginTimePeriod@Platform@@YAXXZ
?EndTimePeriod@Platform@@YAXXZ
?touchMemory@MemoryMgr@@QAEXXZ
?checkMemory@MemoryMgr@@QAEHHPAI_N@Z
??0MemoryMgr@@QAE@XZ
?defineBank@MemoryMgr@@QAEHW4e_MemoryLocation@@W4e_MemoryBankType@@PBDI@Z
??1MemoryMgr@@UAE@XZ
?SetAppState@Platform@@YAXW4e_AppState@@@Z
?LoadSoundAPI@@YA_NPBD@Z
?sndCreateSndSubsystem@@3P6GPAVsndSubsystem@@XZA
?LoadGraphicsAPI@@YA_NPBD@Z
?gfxCreateGfxSubsystem@@3P6GPAVgfxSubsystem@@XZA
?GetPlatformOS@Platform@@YA?AW4e_OperatingSystem@@XZ
?LoadIconA@Platform@@YAPAUHICON__@@H@Z
?GetApp@Platform@@YAPAUHINSTANCE__@@XZ
?InitWindow@Platform@@YAPAUHWND__@@PAUHINSTANCE__@@PAU2@PBDPAUHICON__@@HHHH_N4P6GJ1IIJ@Z@Z
?SetWindow@Platform@@YAXPAUHWND__@@@Z
?MessagePump@Platform@@YAHXZ
?GetWindow@Platform@@YAPAUHWND__@@XZ
?UnloadGraphicsAPI@@YA_NXZ
?UnloadSoundAPI@@YA_NXZ
?free@MemoryMgr@@QAEHHPAX@Z
?mt_range@@YAMMM@Z
?mt_rand@@YAIXZ
?mt_randomi@@YAII@Z
?GetEqualsToken@Parser@@QAE_NXZ
?ParamEqualsInt8@Parser@@QAE_NPADPBDPAC@Z
?ParamEqualsString@Parser@@QAE_NPADPBD0I@Z
?GetToken@Parser@@QAEPADPAD@Z
?ParseLine@Parser@@QAE_NXZ
??0Parser@@QAE@PAD@Z
??1Parser@@UAE@XZ
?ParamEqualsUInt32@Parser@@QAE_NPADPBDPAI@Z
?ParamEqualsFloat32@Parser@@QAE_NPADPBDPAM@Z
?ParamEqualsInt16@Parser@@QAE_NPADPBDPAF@Z
?mt_srand@@YAXI@Z
?GetTime@Platform@@YAIXZ
?ParamEqualsInt64@Parser@@QAE_NPADPBDPA_J@Z
?getArgs@CommandLine@@QAE_NPBDPAHPAPAPAD@Z
?cmdExists@CommandLine@@QAE_NPBD@Z
?GetCommandLineA@Platform@@YAPAVCommandLine@@XZ
?CreateDir@Platform@@YAHPBD@Z
?Sleep@Platform@@YAXI@Z
?ReportCPUInfo@@YAXXZ
?GetAppVersion@Platform@@YAPBDXZ
?CreateAppFilename@Platform@@YAPBDPBD0@Z
??1CommandLine@@UAE@XZ
?initialize@MemoryMgr@@QAEHXZ
?SetCommandLine@Platform@@YAXPAVCommandLine@@@Z
?SystemCheck@Platform@@YA_NXZ
?init@CommandLine@@QAEXHPAPAD@Z
?addCommand@CommandLine@@QAEXPBDHH@Z
?MessageBoxA@Platform@@YAXPBD0ZZ
?GetAppTitle@Platform@@YAPBDXZ
??0CommandLine@@QAE@XZ
?GetString@Parser@@QAEPADXZ

file

?close@File@@YAHPAU_MjzFileType_s@@@Z
?read@File@@YAIPAXIIPAU_MjzFileType_s@@@Z
?getLength@File@@YAHPAU_MjzFileType_s@@@Z
?open@File@@YAPAU_MjzFileType_s@@PBD0@Z
?write@File@@YAIPBXIIPAU_MjzFileType_s@@@Z
?unregisterThread@File@@YAXXZ
?registerThread@File@@YAXXZ
?initArchive@File@@YAHPBD_N@Z

ui

?activate@uiWidget@@QAEX_N0@Z
?_releaseSprite@uiWidget@@IAEXH@Z
??_7uiNonVisualWidget@@6B@
??1uiNonVisualWidget@@UAE@XZ
?_inputEvent@uiNonVisualWidget@@MAE_NW4e_uiEvent@@HHH_N@Z
?_parseParams@uiVisualWidget@@MAEXPAVgfxSubsystem@@PAVParser@@PAD@Z
?_lerpToTargetAlpha@uiVisualWidget@@IAEXXZ
?setAlpha@uiVisualWidget@@UAEXEII@Z
??1uiVisualWidget@@UAE@XZ
??0uiVisualWidget@@QAE@XZ
?_inputEvent@uiVisualWidget@@MAE_NW4e_uiEvent@@HHH_N@Z
?_activate@uiVisualWidget@@MAEXXZ
?_deactivate@uiVisualWidget@@MAEXXZ
?setSprite@uiVisualWidget@@UAE_NPAVgfxSubsystem@@PBDHH_N@Z
?reset@uiParticleSystem@@QAEXXZ
?setFrame@uiVisualWidget@@UAEXH@Z
?getFrame@uiVisualWidget@@UAEHXZ
?getSpriteId@uiVisualWidget@@UAEHXZ
?_parseParams@uiDigitalBanner@@MAEXPAVgfxSubsystem@@PAVParser@@PAD@Z
?_removeMessage@uiDigitalBanner@@IAEXPAUdbMessage_t@@@Z
?print@uiDigitalBanner@@QAAXPBDZZ
??0uiDigitalBanner@@QAE@XZ
??1uiDigitalBanner@@UAE@XZ
?_render@uiDigitalBanner@@MAEXPAVgfxSubsystem@@HH@Z
?print@uiDigitalBanner@@UAAXIPBDZZ
?setStep@uiProgressBar@@QAEXH@Z
?reset@uiSprite@@QAEX_NHI@Z
?s_getDepthValue@uiWidget@@SAHPBD@Z
?s_fDeltaTime@uiWidget@@2MA
?s_iDeltaTime@uiWidget@@2IA
??1uiWidget@@UAE@XZ
?isType@uiWidget@@UAE_NPBD@Z
??0uiWidget@@QAE@XZ
?_parseParams@uiWidget@@MAEXPAVgfxSubsystem@@PAVParser@@PAD@Z
?_inputEvent@uiWidget@@MAE_NW4e_uiEvent@@HHH_N@Z
??1uiTextWidget@@UAE@XZ
?_getDepthValue@uiWidget@@IAEHPBD@Z
?addChild@uiWidget@@QAEXPAV1@@Z
??0uiTextWidget@@QAE@XZ
?getType@uiTextWidget@@UAEPBDXZ
?isType@uiTextWidget@@UAE_NPBD@Z
?inputEvent@uiWidget@@UAE_NW4e_uiEvent@@HHH_N@Z
?applyScriptlet@uiWidget@@UAEXPBD@Z
?stopLoopingSounds@uiWidget@@UAEXXZ
?_playWithPan@uiWidget@@UAEPAVsndHandle@@PBDIMH@Z
?setFocus@uiWidget@@UAEX_N0@Z
?_parseBoolean@uiWidget@@MAE_NPAVgfxSubsystem@@PAVParser@@@Z
?_parseParams@uiTextWidget@@MAEXPAVgfxSubsystem@@PAVParser@@PAD@Z
?_parseFlags@uiWidget@@MAEXPAVgfxSubsystem@@PAVParser@@@Z
?_parseSingleFlag@uiWidget@@MAEXPBD@Z
?_render@uiTextWidget@@MAEXPAVgfxSubsystem@@HH@Z
?_inputEvent@uiTextWidget@@MAE_NW4e_uiEvent@@HHH_N@Z
?_activate@uiWidget@@MAEXXZ
?_deactivate@uiWidget@@MAEXXZ
?_gainFocus@uiWidget@@MAEXXZ
?_loseFocus@uiWidget@@MAEXXZ
?_testBounds@uiWidget@@MAE_NHH@Z
?setFont@uiTextWidget@@UAE_NPAVgfxSubsystem@@PBD@Z
?setJustify@uiTextWidget@@UAEXI@Z
?setAlpha@uiTextWidget@@UAEXEII@Z
?_print@uiTextWidget@@MAEXHPBD@Z
?_lerpToTargetAlpha@uiTextWidget@@MAEXXZ
?assignCallbacks@uiWidget@@QAEXPAU_WidgetMap_s@@PAX@Z
?registerProgCb@uiWidget@@SAXP6AXPAV1@PAXW4e_uiProgressEvent@@@Z1@Z
?setValue@uiSliderButton@@QAEXM@Z
?getValue@uiSliderButton@@QBEMXZ
?step@uiProgressBar@@QAEXXZ
?setRange@uiProgressBar@@QAEXHH@Z
?setValue@uiProgressBar@@QAEXH@Z
?g_ui@@3PAVuiSubsystem@@A
?loadUI@uiSubsystem@@QAEPAVuiWidget@@PBD@Z
?getWidget@uiWidget@@QAEPAV1@PBDH@Z
?setTopLevelWidget@uiSubsystem@@QAEXPAVuiWidget@@@Z
?setCustomCursor@uiSubsystem@@QAEXPAVuiWidget@@@Z
?initialize@uiSubsystem@@QAEHPAVPreferences@@@Z
??0uiSubsystem@@QAE@XZ
??1uiSubsystem@@UAE@XZ
?shutdown@uiSubsystem@@QAEHXZ
?forceTerminate@uiSubsystem@@QAEXXZ
?render@uiSubsystem@@QAEHI@Z
?defineDepth@uiWidget@@SAXPBDI@Z
?inputEvent@uiSubsystem@@QAEXW4e_uiEvent@@HHH@Z
?s_registerWidget@uiSubsystem@@SAXPBDP6APAVuiWidget@@XZ@Z
?stop@uiParticleSystem@@QAEXXZ
?loadPsys@uiParticleSystem@@QAEXPBD@Z
?print@uiTextWidget@@QAAXHPBDZZ
?setAnim@uiVisualWidget@@UAEXH@Z

snd

?g_snd@@3PAVsndSubsystem@@A

gfx2d

?g_gfx@@3PAVgfxSubsystem@@A

logger

?log@udLogger@@SAXHPBDZZ
?registerClient@udLogger@@SAHPBD@Z
?terminate@udLogger@@SAXXZ
?isVisible@udLogger@@SA_NXZ
?showWindow@udLogger@@SAX_N@Z
?start@udLogger@@SAXPBD@Z
?ReportLastError@@YAXXZ

msvcrt

fopen
fclose
_purecall
_beginthreadex
atoi
__CxxFrameHandler
sprintf
strncpy
_snprintf
_stricmp
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p___argv
__p___argc
_ftol

kernel32

WaitForSingleObject
CloseHandle
Sleep
CreateMutexA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetVersionExA
GetModuleHandleA
ReleaseMutex
GetStartupInfoA

crash

?InitCrashHandler@@YA_NPBD0@Z

dsetup

ord11

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mydata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dcdb1a96f849dcde1008486a134bcea8

Headers

File Characteristics

Imports

user32

core

file

ui

snd

gfx2d

logger

msvcrt

kernel32

crash

dsetup

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 32KB - Virtual size: 34KB

.mydata Size: 4KB - Virtual size: 4B

.rsrc Size: 100KB - Virtual size: 100KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 32KB - Virtual size: 34KB

.mydata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 100KB - Virtual size: 100KB