c3f24a18aeadcd1cc9073992ae7ecd504d6ba3e174fcd7f47d1334be5c06eb96

Sharing

Copy URL Twitter E-mail

General

Target

c3f24a18aeadcd1cc9073992ae7ecd504d6ba3e174fcd7f47d1334be5c06eb96
Size

728KB
MD5

06428f7169d7b2ec86185b8c1ff775f0
SHA1

0a8b5ffeb4cc60ac08322d6e5fcce80ce435a06f
SHA256

c3f24a18aeadcd1cc9073992ae7ecd504d6ba3e174fcd7f47d1334be5c06eb96
SHA512

c79edbcc61429412ea4cf9fa9cd169f8cf02fa6efc2615384ac73b92d9391617f030739fbc3e8726384010f5ec96d8d7fbfd300dcb417e52907ac32f05a534d7
SSDEEP

12288:yIGC+WsUx3rEzM37u82csUQ6EUf6n9QJ1Lz68rPUnbdYCkSJlWpwJB+PiF57FTs0:fGCOUx3rEY3y823IJ1LEbdE0+PinhTRP

Score

N/A

Malware Config

Signatures

Files

c3f24a18aeadcd1cc9073992ae7ecd504d6ba3e174fcd7f47d1334be5c06eb96
.exe windows x86

0cbee2346a86755eec3b9548e0cc85a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetLocaleInfoW
SetEnvironmentVariableA
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
HeapSize
TerminateProcess
FindNextFileA
SetCurrentDirectoryA
HeapReAlloc
ExitProcess
RtlUnwind
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
FileTimeToLocalFileTime
SetErrorMode
GetFileTime
GetFileAttributesA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
RaiseException
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalAlloc
FormatMessageA
LocalFree
InterlockedDecrement
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentThreadId
CloseHandle
GetVersion
CompareStringA
lstrcmpiA
GetLastError
CompareStringW
lstrlenA
MultiByteToWideChar
GetTickCount
Sleep
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateDirectoryA
GetLocalTime
GetModuleFileNameA
SizeofResource
LockResource
LoadResource
GetUserDefaultLCID
FindResourceA

user32

SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
SetMenu
CallWindowProcA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
EndPaint
BeginPaint
GetWindowDC
PostMessageA
EnableWindow
UpdateWindow
PeekMessageA
TranslateMessage
DispatchMessageA
GetDC
GetClientRect
ReleaseDC
GetCursorPos
ScreenToClient
LoadImageA
LoadCursorA
KillTimer
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
IsDialogMessageA
SetWindowTextA
ShowWindow
PostQuitMessage
RegisterClipboardFormatA
GetParent
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
ValidateRect
MoveWindow
CharUpperA
MapDialogRect
SetWindowContextHelpId
SetCursor
ShowOwnedPopups
TranslateAcceleratorA
SetTimer
LoadIconA
RedrawWindow
GetSysColor
InflateRect
GetWindowRect
InvalidateRect
SendMessageA
BringWindowToTop
SetRectEmpty
FindWindowA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
PostThreadMessageA
GetMenuItemInfoA
GetSysColorBrush
CharNextA
DestroyCursor
SetCursorPos
SetCapture
wsprintfA
LoadMenuA
DestroyMenu
UnpackDDElParam
ReuseDDElParam
CreatePopupMenu
LoadAcceleratorsA
DefWindowProcA
InsertMenuItemA
ReleaseCapture

gdi32

OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
GetDeviceCaps
CreatePen
Escape
CreateCompatibleBitmap
PatBlt
CreateFontIndirectA
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
SetViewportOrgEx
GetRgnBox
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetObjectA
DeleteObject
GetClipBox
SetMapMode
GetTextExtentPoint32A
SelectObject
SetTextColor
SetStretchBltMode
SetBkMode
SetBkColor
CreateSolidBrush
SetPixel
StretchBlt
SetDIBits
GetDIBits
GetCurrentObject
SetBrushOrgEx
Rectangle
CreateDIBSection
SaveDC
BitBlt
RestoreDC

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueA

shell32

DragFinish
DragQueryFileA
ShellExecuteA

comctl32

ImageList_GetImageInfo
ImageList_Draw
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoGetClassObject
CoRevokeClassObject
CLSIDFromString
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

OleCreateFontIndirect
SysAllocStringByteLen
SysStringLen
VariantChangeType
SysFreeString
SysAllocStringLen
VariantClear
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

client_io

??0io_proxy@@QAE@PBDK@Z
?is_valid@io_proxy@@QBE_NXZ
?send_packet@io_proxy@@QAEXPADII@Z
?add_xy_handler@io_proxy@@QAEXPAV?$protocol_handler@Vio_proxy@@@@@Z
?close@io_proxy@@QAEXXZ
?alloc_packet@io_proxy@@QAEPADPAX@Z
?alloc_size@io_proxy@@QBEIPAX@Z
?choose_allocator@io_proxy@@QAEPAXI@Z
?is_connected@io_proxy@@QBE_NXZ
?connect@io_proxy@@QAEXXZ
?release_packet@io_proxy@@QAEXPAD@Z
??1io_proxy@@UAE@XZ

dsound

ord1

player_list

?hwnd@player_list@@QBEPAUHWND__@@XZ
?create@player_list@@QAE_NPAUHWND__@@I@Z
?remove_player@player_list@@QAEXI@Z
?add_player@player_list@@QAEXPBV?$player_t@Vio_proxy@@@@@Z
?get_player@player_list@@QAEPAV?$player_t@Vio_proxy@@@@I@Z
??1player_list@@UAE@XZ
??0player_list@@QAE@PAVio_proxy@@PAVchat@@@Z
?handle_protocol@player_list@@QAE_NAAVio_proxy@@IAAVbistream@@@Z
?set_self_id@player_list@@QAEXI@Z
?set_visible@player_list@@QAEXW4player_list_column@@_N@Z

chat

?set_self_id@chat@@QAEXI@Z
?add_msg@chat@@QAEXPBDW4msg_type@1@@Z
?handle_protocol@chat@@QAE_NAAVio_proxy@@IAAVbistream@@@Z
??0chat@@QAE@PAVio_proxy@@PAVplayer_list@@@Z
??1chat@@UAE@XZ
?enable_sound@chat@@QAEX_N@Z
?create@chat@@QAE_NPAUHWND__@@I@Z

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 520KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cbee2346a86755eec3b9548e0cc85a0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

client_io

dsound

player_list

chat

msimg32

Sections

.text Size: 520KB - Virtual size: 518KB

.rdata Size: 124KB - Virtual size: 121KB

.data Size: 20KB - Virtual size: 34KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 520KB - Virtual size: 518KB

.rdata
Size: 124KB - Virtual size: 121KB

.data
Size: 20KB - Virtual size: 34KB

.rsrc
Size: 60KB - Virtual size: 59KB