3dde722705520b67f584d111a242ea22d55ef4fe739b482cf2a4ab01be0daed3

Sharing

Copy URL Twitter E-mail

General

Target

3dde722705520b67f584d111a242ea22d55ef4fe739b482cf2a4ab01be0daed3
Size

268KB
MD5

81778900b8a2144b3244f1643092e3a0
SHA1

96b9ecb748abe901d66eb5386d41255db75ae9e1
SHA256

3dde722705520b67f584d111a242ea22d55ef4fe739b482cf2a4ab01be0daed3
SHA512

c641b55bf345b91be764fd061a5194fdbcb9af316dabc2e9901813fd5b3e4dc223a4fb637ea570b6bf176451bc2975b390ca14d263579594672043842c771561
SSDEEP

6144:shEY4fVYVjl7oQeVoU4Zjnjwtf3z/uUYipVTsub4q/RJE9n8fZcgqlsIBhUoCF/b:P7nE9n8fZcrlVBhUoC5SsPH

Score

N/A

Malware Config

Signatures

Files

3dde722705520b67f584d111a242ea22d55ef4fe739b482cf2a4ab01be0daed3
.exe windows x86

c484f1838bb6ac61501bbf9ff083ae19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
GetCurrentProcessId
GetProcAddress
TerminateProcess
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
CloseHandle
WriteFile
FlushFileBuffers
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetFilePointer
SetStdHandle
IsBadReadPtr
GetLastError
MultiByteToWideChar
GetModuleFileNameA
lstrcpyA
GetCurrentThreadId
WideCharToMultiByte
GetTickCount
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
HeapDestroy
HeapReAlloc
HeapSize
RtlUnwind
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapCreate
VirtualFree
IsBadWritePtr

user32

BeginPaint
MoveWindow
DrawTextA
GetActiveWindow
CreateDialogParamA
GetDlgItem
EndPaint
CallWindowProcA
GetWindowLongA
DefWindowProcA
PtInRect
PostMessageA
GetCapture
ReleaseCapture
OffsetRect
SetCursor
LoadCursorA
FlashWindow
KillTimer
SetTimer
ShowWindow
GetClientRect
SetWindowPos
SetWindowTextA
SetWindowLongA
FillRect
UnregisterClassA
DestroyWindow
SendMessageA

gdi32

GetStockObject
CreateFontA
SetTextColor
SetBkMode
DeleteDC
CreateFontIndirectA
CreatePatternBrush
DeleteObject
CreateCompatibleDC
SelectObject
StretchBlt
BitBlt

shell32

ShellExecuteA

ruleedit

?GetNumericConfig@CRuleConfig@@QAEHIAA_J_J@Z
?PraseRuleString@CRuleConfig@@QAEHPBD0@Z
??1CRuleConfig@@QAE@XZ
??0CRuleConfig@@QAE@XZ

asdeatlgameframe

?CTextUnit_Construct@CTextUnit@@CAXPAV1@@Z
?GetSoundManager@CMainFrame@@QAEPAVCSoundManager@@XZ
?LVChangeSize@CViewUnit@@QAEXHHHH@Z
?GetDDSC@CDDrawSurface@@QAEAAU_DDSURFACEDESC@@XZ
?SubClass@CSkinCheckBox@@QAEXPAUHWND__@@@Z
?SetSkin@CSkinCheckBox@@QAEXPAVCFaceCheckBox@@@Z
?OnOk@CDialog@@QAEJGGPAUHWND__@@AAH@Z
?SubClass@CSkinButton@@QAEXPAUHWND__@@@Z
?SubClass@CSkinStatic@@QAEXPAUHWND__@@@Z
?GetUIFace@CSkinResouce@@QAEPAVCFaceUI@@PBD0@Z
?GetSubUIFace@CFaceUI@@QAEPAV1@PBD0@Z
?SetSkin@CSkinButton@@QAEXPAVCFaceButton@@@Z
??0CDDrawSurface@@QAE@PAUIDirectDrawSurface@@@Z
??1CDDrawSurface@@QAE@XZ
??0CDDrawSurface@@QAE@XZ
?SendFrameOperation@CMainFrame@@QAEHIJAAJ@Z
?AllocLayers@CViewManager@@QAEXG@Z
?LoadSkin@CSkinResouce@@SAPAV1@PAD@Z
?BuildPlayerListCtrlColumn@CMainFrame@@QAEJJPAUPLColumnInfo@@@Z
?ReSetRect@CViewUnit@@QAEXHHHH@Z
?DisplayChatText@CMainFrame@@QAEHV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@0H@Z
?Create@CDDrawSurface@@QAEJPAVCDisplay@@PAU_DDSURFACEDESC@@@Z
?LockDC@CDDrawSurface@@QAEPAUHDC__@@XZ
?GetCmdPlayerInfoAtServerSeat@CMainFrame@@QAEPAUPLAYERINFO@@F@Z
?UnlockDC@CDDrawSurface@@QAEJPAUHDC__@@@Z
?DoModal@CDialog@@QAEHPAUHWND__@@J@Z
?GetDeskViewUnit@CMainFrame@@QAEPAVCViewUnit@@XZ
?AttachUnit@CViewManager@@QAEXPAVCViewUnit@@GG@Z
?CMainFrame_DisConstruct@CMainFrame@@CAXPAV1@@Z
?CMainFrame_Construct@CMainFrame@@CAXPAV1@PADFAAVCMainFrameTraits@@W4AD_GAME_TYPE@@@Z
?ProcessWindowMessage@CMainFrame@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessFrameEvent@CMainFrame@@UAEHIJAAJ@Z
?CDialog_DisConstruct@CDialog@@CAXPAV1@@Z
?CDialog_Construct@CDialog@@CAXPAV1@IPBD@Z
?ProcessWindowMessage@CDialog@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessFrameEvent@CDialog@@UAEHIJAAJ@Z
?ProcessWindowMessage@CSkinCheckBox@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessWindowMessage@CSkinStatic@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessWindowMessage@CSkinButton@@UAEHPAUHWND__@@IIJAAJK@Z
?PlayESound@CSoundManager@@QAEXPAVCSoundBuffer@@KK@Z
?SeatClientToServer@CMainFrame@@QAEFF@Z
?ClientToGameRect@CMainFrame@@QAEXPAUtagPOINT@@@Z
?GetMyInfo@CMainFrame@@QAEPAUPLAYERINFO@@XZ
?SendPackage@CMainFrame@@QAEHPADG_N@Z
?Attach@CSingleUnit2@@QAEJAAUtagRECT@@PAVCViewManager@@GGIPAUtagPOINT@@PAVCImageResource@@3@Z
?Attach@CSingleUnit@@QAEJPAVCViewManager@@GGIPAVCImageResource@@1@Z
?GetGameSaveHandle@CMainFrame@@QAEPAVCGameSave@@XZ
?ProcessSocketXieYi@CMainFrame@@UAEHIAAVbistream@Win32Tools@@AAJK@Z
?LVMoveTo@CViewUnit@@QAEXHHH@Z
?GetViewManager@CMainFrame@@QAEPAVCViewManager@@XZ
?Attach@CSingleUnit2@@QAEJPAVCViewManager@@GGIPAUtagPOINT@@PAVCImageResource@@2@Z
?ApplyText@CTextUnit@@QAEXPAD@Z
?Attach@CTextUnit@@QAEJAAUtagRECT@@PAVCViewManager@@GGPAVCDevice@@KPAUHFONT__@@IHKKK@Z
?FreeSkin@CSkinResouce@@SAXAAPAV1@@Z
?SeatServerToClient@CMainFrame@@QAEFF@Z
?LVShow@CViewUnit@@QAEXEH@Z
?LVRefresh@CViewUnit@@QAEXH@Z
?BltAlpha@CDDrawRender@@QAEJKKPAVCDDrawSurface@@0PAUtagRECT@@0KK@Z
?LVChangeRect@CViewUnit@@QAEXHHHHH@Z
?ReSetRect@CViewUnit@@QAEXAAUtagRECT@@@Z
?OnDraw@CSingleUnit2@@UAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?OnDraw@CSingleUnit@@UAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?CTextUnit_DisConstruct@CTextUnit@@CAXPAV1@@Z
?OnDraw@CTextUnit@@EAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?OnDetchFrom@CTextUnit@@EAEXPAUCViewLayer@@PAUCViewArea@@@Z
?OnDrawText@CTextUnit@@UAEHPAUHDC__@@0PAVCImageResource@@1UtagRECT@@PBDHIPAUHFONT__@@KKK@Z
?GetBackBuffer@CDisplay@@QAEPAVCDDrawSurface@@XZ
??0CDDrawRender@@QAE@PAVCDDrawSurface@@@Z
?Blt@CDDrawRender@@QAEJKKPAVCDDrawSurface@@PAUtagRECT@@K@Z
??1CDDrawRender@@QAE@XZ
??0CViewRect@@QAE@XZ
?__init__@CViewUnit@@AAEXHHHHE@Z
??1CViewRect@@QAE@XZ
?GetCmdInfo@CMainFrame@@QAEAAUCMDINFO@@XZ
?AsdeForceExitApplication@@YAJHH@Z
?SetToEVolume@CSoundManager@@QAEXPAVCSoundBuffer@@@Z
?Destroy@CDDrawSurface@@QAEJXZ
?AsdeInitApplication@@YAJPAUHINSTANCE__@@HPBD111J@Z
?Create@CMainFrame@@QAEPAUHWND__@@PAU2@V_U_RECT@ATL@@PBDKKV_U_MENUorID@4@PAX@Z
?AsdeTimerRunApplication@@YAJHK@Z
?AsdeUnInitApplication@@YAXXZ
?AsdeSetSkin@@YAPAVCSkinResouce@@PAV1@@Z
?DetchSelf@CViewUnit@@QAEXXZ
?GetGameRect@CMainFrame@@QAEXPAUtagRECT@@@Z
?CreateFromBitmap@CDDrawSurface@@QAEJPAVCDisplay@@PBDKK@Z
?CreateFromJpeg@CDDrawSurface@@QAEJPAVCDisplay@@PBDKK@Z
?GetDrawDevice@CMainFrame@@QAEPAVCDevice@@XZ
?GetDDSurf@CDDrawSurface@@QAEPAUIDirectDrawSurface@@XZ
?CreateOgg@CSoundManager@@QAEJPAPAVCSoundBuffer@@PADKU_GUID@@K@Z
?LoadImageA@CImageResource@@SAPAUHBITMAP__@@PBDKK@Z

gamesave

?SnapStep@CGameSave@@QAEHIAAGAAK1AAPAD@Z

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c484f1838bb6ac61501bbf9ff083ae19

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ruleedit

asdeatlgameframe

gamesave

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 29KB

.rsrc Size: 52KB - Virtual size: 49KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 29KB

.rsrc
Size: 52KB - Virtual size: 49KB