c065741ea6bdc6e7fbe8508fab95a6e0d8b461c8c933c52ba6d170f931dc0734

Sharing

Copy URL Twitter E-mail

General

Target

c065741ea6bdc6e7fbe8508fab95a6e0d8b461c8c933c52ba6d170f931dc0734
Size

248KB
MD5

4dda875d758ac58e55dd512a2ad3d5d0
SHA1

edd08dc786f5bf356aae45b61cd9f2c57e0c19cf
SHA256

c065741ea6bdc6e7fbe8508fab95a6e0d8b461c8c933c52ba6d170f931dc0734
SHA512

b56b292b919acfe9fbd8dd6d1c82ff1c3bf92254af0db72cb4b1543966e80f9da10c2cf3e4247123a3e844233e7f0bc17352f19d2e9a1edcaf61c4b1a0b0028a
SSDEEP

6144:xj6dAndDdkWE7zKoPt0QFZ0VM5TjpiUSH6HXVZun2zo0naG/:MdAndDdQv10WpiUSaHu2PaG/

Score

N/A

Malware Config

Signatures

Files

c065741ea6bdc6e7fbe8508fab95a6e0d8b461c8c933c52ba6d170f931dc0734
.exe windows x86

35d4eae03576aedd9da597a405d8b3bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetOEMCP
GetCurrentProcess
TlsGetValue
SetUnhandledExceptionFilter
CloseHandle
WriteFile
FlushFileBuffers
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetFilePointer
TerminateProcess
SetStdHandle
IsBadReadPtr
GetLastError
MultiByteToWideChar
GetModuleFileNameA
lstrcpyA
WideCharToMultiByte
GetTickCount
GetProcessHeap
HeapFree
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapReAlloc
HeapSize
RtlUnwind
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

DrawTextA
GetActiveWindow
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
SetRect
PtInRect
PostMessageA
GetCapture
ReleaseCapture
OffsetRect
SendMessageA
FlashWindow
KillTimer
SetTimer
CreateWindowExA
FillRect
SetCursor
LoadCursorA
DestroyWindow
GetDlgItem

gdi32

DeleteObject
CreateFontA
DeleteDC
BitBlt
StretchBlt
SelectObject
CreateCompatibleDC
SetTextColor
CreatePatternBrush
SetBkMode
CreateFontIndirectA

shell32

ShellExecuteA

ruleedit

?GetSelectConfig@CRuleConfig@@QAEHIAAHH@Z
?GetNumericConfig@CRuleConfig@@QAEHIAA_J_J@Z
?PraseRuleString@CRuleConfig@@QAEHPBD0@Z
??1CRuleConfig@@QAE@XZ
??0CRuleConfig@@QAE@XZ

asdeatlgameframe

?LVShow@CViewUnit@@QAEXEH@Z
?LVChangeSize@CViewUnit@@QAEXHHHH@Z
?GetDDSC@CDDrawSurface@@QAEAAU_DDSURFACEDESC@@XZ
?SubClass@CSkinCheckBox@@QAEXPAUHWND__@@@Z
?GetUIFace@CSkinResouce@@QAEPAVCFaceUI@@PBD0@Z
?SetSkin@CSkinButton@@QAEXPAVCFaceButton@@@Z
?SetSkin@CSkinCheckBox@@QAEXPAVCFaceCheckBox@@@Z
?OnOk@CDialog@@QAEJGGPAUHWND__@@AAH@Z
?SubClass@CSkinButton@@QAEXPAUHWND__@@@Z
?BlockRecv@CMainFrame@@QAEHXZ
?UnBlockRecv@CMainFrame@@QAEHH@Z
?DisplayChatText@CMainFrame@@QAEHV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@0H@Z
?SendFrameOperation@CMainFrame@@QAEHIJAAJ@Z
?AllocLayers@CViewManager@@QAEXG@Z
?LoadSkin@CSkinResouce@@SAPAV1@PAD@Z
?BuildPlayerListCtrlColumn@CMainFrame@@QAEJJPAUPLColumnInfo@@@Z
?GetCmdPlayerInfoAtClientSeat@CMainFrame@@QAEPAUPLAYERINFO@@F@Z
?LoadVisualize@@YAHAAPAUHBITMAP__@@HHHHHPAPAU1@@Z
?CreateFromHANDLE@CDDrawSurface@@QAEJPAVCDisplay@@PAUHBITMAP__@@@Z
?Create@CDDrawSurface@@QAEJPAVCDisplay@@PAU_DDSURFACEDESC@@@Z
?Blt@CDDrawRender@@QAEJKKPAVCDDrawSurface@@PAUtagRECT@@K@Z
?LockDC@CDDrawSurface@@QAEPAUHDC__@@XZ
?SeatClientToServer@CMainFrame@@QAEFF@Z
?GetCmdPlayerInfoAtServerSeat@CMainFrame@@QAEPAUPLAYERINFO@@F@Z
?UnlockDC@CDDrawSurface@@QAEJPAUHDC__@@@Z
??0CDDrawSurface@@QAE@XZ
??0CDDrawSurface@@QAE@PAUIDirectDrawSurface@@@Z
?DoModal@CDialog@@QAEHPAUHWND__@@J@Z
??1CDDrawSurface@@QAE@XZ
?CMainFrame_DisConstruct@CMainFrame@@CAXPAV1@@Z
?CMainFrame_Construct@CMainFrame@@CAXPAV1@PADFAAVCMainFrameTraits@@W4AD_GAME_TYPE@@@Z
?ProcessWindowMessage@CMainFrame@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessFrameEvent@CMainFrame@@UAEHIJAAJ@Z
?CDialog_DisConstruct@CDialog@@CAXPAV1@@Z
?CDialog_Construct@CDialog@@CAXPAV1@IPBD@Z
?ProcessWindowMessage@CDialog@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessFrameEvent@CDialog@@UAEHIJAAJ@Z
?ProcessWindowMessage@CSkinCheckBox@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessWindowMessage@CSkinButton@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessSocketXieYi@CMainFrame@@UAEHIAAVbistream@Win32Tools@@AAJK@Z
?ClientToGameRect@CMainFrame@@QAEXPAUtagPOINT@@@Z
?GetDeskViewUnit@CMainFrame@@QAEPAVCViewUnit@@XZ
?AttachUnit@CViewManager@@QAEXPAVCViewUnit@@GG@Z
?SendPackage@CMainFrame@@QAEHPADG_N@Z
?GetGameSaveHandle@CMainFrame@@QAEPAVCGameSave@@XZ
?ReSetRect@CViewUnit@@QAEXHHHH@Z
?Attach@CSingleUnit2@@QAEJAAUtagRECT@@PAVCViewManager@@GGIPAUtagPOINT@@PAVCImageResource@@3@Z
?PlayESound@CSoundManager@@QAEXPAVCSoundBuffer@@KK@Z
?SeatServerToClient@CMainFrame@@QAEFF@Z
?LVMoveTo@CViewUnit@@QAEXHHH@Z
?Attach@CSingleUnit2@@QAEJPAVCViewManager@@GGIPAUtagPOINT@@PAVCImageResource@@2@Z
?Attach@CTextUnit@@QAEJAAUtagRECT@@PAVCViewManager@@GGPAVCDevice@@KPAUHFONT__@@IHKKK@Z
?GetViewManager@CMainFrame@@QAEPAVCViewManager@@XZ
?Attach@CSingleUnit@@QAEJPAVCViewManager@@GGIPAVCImageResource@@1@Z
?GetCmdInfo@CMainFrame@@QAEAAUCMDINFO@@XZ
?FreeSkin@CSkinResouce@@SAXAAPAV1@@Z
?LVRefresh@CViewUnit@@QAEXH@Z
?GetBackBuffer@CDisplay@@QAEPAVCDDrawSurface@@XZ
??0CDDrawRender@@QAE@PAVCDDrawSurface@@@Z
?BltAlpha@CDDrawRender@@QAEJKKPAVCDDrawSurface@@0PAUtagRECT@@0KK@Z
??1CDDrawRender@@QAE@XZ
?LVChangeRect@CViewUnit@@QAEXHHHHH@Z
?ReSetRect@CViewUnit@@QAEXAAUtagRECT@@@Z
?OnDraw@CSingleUnit2@@UAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?OnDraw@CSingleUnit@@UAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?CTextUnit_DisConstruct@CTextUnit@@CAXPAV1@@Z
?CTextUnit_Construct@CTextUnit@@CAXPAV1@@Z
?OnDraw@CTextUnit@@EAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?OnDetchFrom@CTextUnit@@EAEXPAUCViewLayer@@PAUCViewArea@@@Z
?OnDrawText@CTextUnit@@UAEHPAUHDC__@@0PAVCImageResource@@1UtagRECT@@PBDHIPAUHFONT__@@KKK@Z
??0CViewRect@@QAE@XZ
?__init__@CViewUnit@@AAEXHHHHE@Z
??1CViewRect@@QAE@XZ
?ApplyText@CTextUnit@@QAEXPAD@Z
?CreateOgg@CSoundManager@@QAEJPAPAVCSoundBuffer@@PADKU_GUID@@K@Z
?GetDDSurf@CDDrawSurface@@QAEPAUIDirectDrawSurface@@XZ
?GetDrawDevice@CMainFrame@@QAEPAVCDevice@@XZ
?CreateFromJpeg@CDDrawSurface@@QAEJPAVCDisplay@@PBDKK@Z
?CreateFromBitmap@CDDrawSurface@@QAEJPAVCDisplay@@PBDKK@Z
?GetMyInfo@CMainFrame@@QAEPAUPLAYERINFO@@XZ
?DetchSelf@CViewUnit@@QAEXXZ
?GetGameRect@CMainFrame@@QAEXPAUtagRECT@@@Z
?LoadImageA@CImageResource@@SAPAUHBITMAP__@@PBDKK@Z
?AsdeForceExitApplication@@YAJHH@Z
?AsdeSetSkin@@YAPAVCSkinResouce@@PAV1@@Z
?SetToEVolume@CSoundManager@@QAEXPAVCSoundBuffer@@@Z
?GetSoundManager@CMainFrame@@QAEPAVCSoundManager@@XZ
?Destroy@CDDrawSurface@@QAEJXZ
?AsdeUnInitApplication@@YAXXZ
?AsdeTimerRunApplication@@YAJHK@Z
?Create@CMainFrame@@QAEPAUHWND__@@PAU2@V_U_RECT@ATL@@PBDKKV_U_MENUorID@4@PAX@Z
?AsdeInitApplication@@YAJPAUHINSTANCE__@@HPBD111J@Z

gamesave

?SnapStep@CGameSave@@QAEHIAAGAAK1AAPAD@Z

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35d4eae03576aedd9da597a405d8b3bc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ruleedit

asdeatlgameframe

gamesave

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 42KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 42KB

.rsrc
Size: 48KB - Virtual size: 47KB