12ffba36de3039a40a238901fc806fa6a1cf72c209481ad4aa1340148a33237a

Sharing

Copy URL

Twitter E-mail

General

Target

12ffba36de3039a40a238901fc806fa6a1cf72c209481ad4aa1340148a33237a
Size

4.1MB
MD5

225ea70c5dad335d76da90a491421489
SHA1

08a743d3e8534891245713e72f9dfdd235a0cd28
SHA256

12ffba36de3039a40a238901fc806fa6a1cf72c209481ad4aa1340148a33237a
SHA512

a4dcaa210a60de0f17006a9f761897660d5b252460ae17b18c600a0cfbfcee55738fc2774fc82f0fdc89e29d6d624d8dcbda728239c255ccf73efaaeb4772bd1
SSDEEP

98304:seYo32rC3gyGpJjnggxX2aVP65UDGCC4PUeN25p+QYNThQ9cbA:z32u3gyQBBX2aI5a/NKY5TA

Score

N/A

Malware Config

Signatures

Files

12ffba36de3039a40a238901fc806fa6a1cf72c209481ad4aa1340148a33237a
.rar
龙王三国志/Ryuou Sangokushi.hdi
龙王三国志/font.tmp
龙王三国志/np2.chm
.chm
龙王三国志/np2.exe
.exe windows x86

2886ea781b7a096401482d6546c9ca72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
FindResourceA
WritePrivateProfileStringA
GetProcAddress
LoadLibraryA
LoadResource
GetPrivateProfileStringA
lstrcmpA
GetCommandLineA
SizeofResource
LockResource
OpenMutexA
GetLocalTime
IsDBCSLeadByte
GetCommState
SetCommState
WriteFile
CreateFileA
CloseHandle
GetTickCount
Sleep
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
DeleteFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
SetEndOfFile
SetFilePointer
ClearCommError
ReadFile
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetModuleFileNameA
HeapAlloc
FreeEnvironmentStringsA
HeapFree
GetTimeZoneInformation
GetSystemTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
lstrlenA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetCPInfo
LCMapStringA
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
LCMapStringW
RaiseException
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

TranslateMessage
GetMessageA
PeekMessageA
MessageBoxA
SetForegroundWindow
FindWindowA
DispatchMessageA
GetSystemMetrics
TrackPopupMenu
DrawFocusRect
LoadImageA
CloseWindow
LoadCursorA
RegisterClassA
ShowWindow
GetKeyState
CallWindowProcA
GetDlgCtrlID
SetWindowLongA
InvalidateRect
GetWindowTextA
SetWindowTextA
GetWindowLongA
DialogBoxParamA
SendDlgItemMessageA
GetDlgItemTextA
SendMessageA
EnableWindow
SetDlgItemTextA
GetWindowRect
GetClientRect
GetParent
ClientToScreen
GetDlgItem
SetFocus
LoadBitmapA
WINNLSEnableIME
GetClassLongA
ShowCursor
ClipCursor
SetClassLongA
SetCursorPos
AppendMenuA
EnableMenuItem
LoadStringA
GetSystemMenu
GetMenuItemCount
GetMenuItemInfoA
CreatePopupMenu
InsertMenuItemA
FillRect
SetRect
GetDC
ReleaseDC
CheckMenuItem
CreateWindowExA
UpdateWindow
DefWindowProcA
DestroyWindow
BeginPaint
EndDialog
PostMessageA
wsprintfA
EndPaint
SetScrollInfo
ModifyMenuA
GetSubMenu
SetWindowPos
SetMenu
GetMenu
DrawMenuBar
DestroyMenu
SystemParametersInfoA
MoveWindow
PostQuitMessage
LoadIconA
DefDlgProcA
GetCursorPos
InsertMenuA
GetKeyboardType

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
TextOutA
SetBkColor
SetTextColor
CreateFontA
PatBlt
CreateSolidBrush
CreateCompatibleBitmap
GetSystemPaletteEntries
SetDIBColorTable
GetTextExtentPoint32A
GetStockObject
GetObjectA
DeleteObject
BitBlt

ddraw

DirectDrawCreate

dsound

ord1

winmm

midiInStop
midiInUnprepareHeader
joyGetPos
midiInGetNumDevs
midiInStart
midiInAddBuffer
midiInPrepareHeader
midiOutClose
midiInReset
midiInOpen
midiOutOpen
midiOutReset
midiOutGetDevCapsA
midiOutGetNumDevs
midiInGetDevCapsA
joyGetNumDevs
midiOutShortMsg
midiOutLongMsg
midiInClose
midiOutPrepareHeader
midiOutUnprepareHeader

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

PropertySheetA
CreatePropertySheetPageA

wsock32

recv
WSACleanup
closesocket
WSAGetLastError
connect
htons
WSAAsyncSelect
socket
WSAStartup
send
inet_ntoa

shell32

DragFinish
DragQueryFileA
DragAcceptFiles
ShellExecuteA

Sections

.text
Size: 392KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
龙王三国志/np2.ini
龙王三国志/np21.exe
.exe windows x86

f2212add645c84d8b396cfcf48a0f639

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
FindResourceA
WritePrivateProfileStringA
GetProcAddress
LoadLibraryA
LoadResource
GetPrivateProfileStringA
lstrcmpA
GetCommandLineA
SizeofResource
LockResource
OpenMutexA
GetLocalTime
IsDBCSLeadByte
GetCommState
SetCommState
WriteFile
CreateFileA
CloseHandle
Sleep
GetTickCount
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
DeleteFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
SetEndOfFile
SetFilePointer
ClearCommError
ReadFile
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetModuleFileNameA
ExitProcess
GetCurrentProcess
GetTimeZoneInformation
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetSystemTime
GetEnvironmentVariableA
GetVersionExA
GetVersion
HeapCreate
VirtualFree
HeapDestroy
RtlUnwind
HeapReAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetEnvironmentStringsW
SetHandleCount
GetEnvironmentStrings
GetFileType
GetLastError
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
FlushFileBuffers
GetStringTypeA
HeapFree
TerminateProcess
SetStdHandle
GetStringTypeW
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualAlloc
RaiseException
lstrlenA

user32

GetKeyboardType
SetForegroundWindow
GetSystemMetrics
CallWindowProcA
PeekMessageA
GetKeyState
DrawFocusRect
LoadImageA
CloseWindow
LoadCursorA
RegisterClassA
TranslateMessage
InsertMenuA
DispatchMessageA
GetMessageA
MessageBoxA
InvalidateRect
GetWindowTextA
SetWindowTextA
GetWindowLongA
DialogBoxParamA
SendDlgItemMessageA
GetDlgItemTextA
SendMessageA
EnableWindow
SetDlgItemTextA
GetWindowRect
GetClientRect
LoadBitmapA
PostQuitMessage
GetClassLongA
WINNLSEnableIME
TrackPopupMenu
ShowCursor
ShowWindow
ClipCursor
GetParent
ClientToScreen
GetDlgItem
SetFocus
SetClassLongA
SetCursorPos
AppendMenuA
ModifyMenuA
GetMenuItemInfoA
GetSystemMenu
GetMenuItemCount
FillRect
CreatePopupMenu
InsertMenuItemA
ReleaseDC
SetRect
GetDC
UpdateWindow
CheckMenuItem
CreateWindowExA
BeginPaint
DefWindowProcA
DestroyWindow
GetDlgCtrlID
LoadIconA
EndPaint
EndDialog
PostMessageA
wsprintfA
SetScrollInfo
SetMenu
GetSubMenu
SetWindowPos
DestroyMenu
GetMenu
DrawMenuBar
SystemParametersInfoA
MoveWindow
GetCursorPos
DefDlgProcA
SetWindowLongA
LoadStringA
EnableMenuItem
FindWindowA

gdi32

DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
TextOutA
SetBkColor
SetTextColor
CreateFontA
PatBlt
CreateSolidBrush
CreateCompatibleBitmap
GetSystemPaletteEntries
SetDIBColorTable
GetTextExtentPoint32A
GetStockObject
GetObjectA
DeleteObject
BitBlt

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

DragAcceptFiles
ShellExecuteA
DragFinish
DragQueryFileA

ddraw

DirectDrawCreate

dsound

ord1

winmm

midiOutPrepareHeader
midiOutLongMsg
midiInClose
midiOutGetDevCapsA
midiOutGetNumDevs
midiInGetDevCapsA
midiInGetNumDevs
midiInStart
midiInAddBuffer
midiInPrepareHeader
midiOutClose
midiInReset
joyGetNumDevs
joyGetPos
midiInStop
midiInUnprepareHeader
midiInOpen
midiOutReset
midiOutUnprepareHeader
midiOutShortMsg
midiOutOpen

comctl32

PropertySheetA
CreatePropertySheetPageA

wsock32

recv
WSACleanup
closesocket
WSAGetLastError
connect
htons
WSAAsyncSelect
socket
WSAStartup
send
inet_ntoa

Sections

.text
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
龙王三国志/np21.ini
龙王三国志/np2tool.zip
.zip

Sharing

General

Malware Config

Signatures

Files

2886ea781b7a096401482d6546c9ca72

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ddraw

dsound

winmm

comdlg32

comctl32

wsock32

shell32

Sections

.text Size: 392KB - Virtual size: 390KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 20KB - Virtual size: 3.5MB

.rsrc Size: 36KB - Virtual size: 32KB

f2212add645c84d8b396cfcf48a0f639

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ddraw

dsound

winmm

comctl32

wsock32

Sections

.text Size: 508KB - Virtual size: 504KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 36KB - Virtual size: 4.1MB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 392KB - Virtual size: 390KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 20KB - Virtual size: 3.5MB

.rsrc
Size: 36KB - Virtual size: 32KB

.text
Size: 508KB - Virtual size: 504KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 36KB - Virtual size: 4.1MB

.rsrc
Size: 36KB - Virtual size: 32KB