5aeadc33a0b233f6859effe47355defc19f243b2b8bffb1f0c1cb71f2374df1d

Sharing

Copy URL Twitter E-mail

General

Target

5aeadc33a0b233f6859effe47355defc19f243b2b8bffb1f0c1cb71f2374df1d
Size

244KB
MD5

2055f76861376839bd8eff553ae14400
SHA1

f1fab779214b548466622a8de2bc2ee2ee9058a0
SHA256

5aeadc33a0b233f6859effe47355defc19f243b2b8bffb1f0c1cb71f2374df1d
SHA512

cc2c03cf24bb964720513d614486c97af66cf0431f6eb08ff8271ad2acb9a8dd8f715f56b4850d0be32981ed3b87df2232151e573dbfef3412b235526347c861
SSDEEP

6144:0c3x5ts+35BvZJf6/Ev9DQj7Xh38UIoMbug5ydvaSsQLH5AdS:0Wxoy7bGSSsPdS

Score

N/A

Malware Config

Signatures

Files

5aeadc33a0b233f6859effe47355defc19f243b2b8bffb1f0c1cb71f2374df1d
.exe windows x86

f4543536e719f027b6dbc05cc5ff7483

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetSystemTimeAsFileTime
GetDateFormatA
GetTimeFormatA
LCMapStringW
GetCPInfo
TlsSetValue
HeapCreate
VirtualFree
IsBadWritePtr
GetOEMCP
TlsAlloc
VirtualAlloc
TlsGetValue
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
RtlUnwind
ExitProcess
HeapSize
HeapReAlloc
HeapDestroy
InterlockedIncrement
InterlockedDecrement
WriteFile
GetSystemInfo
VirtualQuery
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
SetLastError
LCMapStringA
FlushFileBuffers
SetFilePointer
InterlockedExchange
GetTimeZoneInformation
TerminateProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoW
SetEndOfFile
CompareStringW
CompareStringA
GetLastError
MultiByteToWideChar
GetPrivateProfileIntA
WritePrivateProfileStringA
lstrcpyA
LoadLibraryA
GetProcAddress
FreeLibrary
FindFirstFileA
CreateFileA
GetFileSize
ReadFile
CloseHandle
FindNextFileA
FindClose
DeleteFileA
GetCurrentThreadId
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetModuleFileNameA
CreateDirectoryA
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
TlsFree
SetEnvironmentVariableA

user32

MessageBoxA
CheckRadioButton
EnableWindow
GetCapture
ReleaseCapture
OffsetRect
SetCursor
FillRect
PostMessageA
SetRect
DrawTextA
SetFocus
KillTimer
SetTimer
RedrawWindow
ReleaseDC
LoadCursorA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
DestroyWindow
GetActiveWindow
DialogBoxParamA
CallWindowProcA
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
SetWindowPos
IsWindow
GetDlgItem
GetParent
ShowWindow
InvalidateRect
EndPaint
BeginPaint
GetClientRect
MoveWindow
GetWindowLongA
CreateWindowExA
SetWindowLongA
SendMessageA
EndDialog
DefWindowProcA
PtInRect
UnregisterClassA
GetDC

gdi32

SetBkMode
CreateFontIndirectA
CreatePatternBrush
CreateCompatibleDC
SelectObject
BitBlt
StretchBlt
DeleteObject
SetTextColor
GetStockObject

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

shell32

ShellExecuteA

ruleedit

?GetNumericConfig@CRuleConfig@@QAEHIAA_J_J@Z
?PraseRuleString@CRuleConfig@@QAEHPBD0@Z
??1CRuleConfig@@QAE@XZ
??0CRuleConfig@@QAE@XZ

gamesave

?GetFileInfo@CGameSave@@QAEAAUFP_FILEINFO_V1@@XZ
?SnapStep@CGameSave@@QAEHIAAGAAK1AAPAD@Z
?Clear@CGameSave@@QAEXHH@Z
??0CGameSave@@QAE@XZ
??1CGameSave@@QAE@XZ
?LoadFromStream@CGameSave@@QAEHPAXAAK@Z

asdeatlgameframe

?SubClass@CSkinCheckBox@@QAEXPAUHWND__@@@Z
??0CDDrawSurface@@QAE@PAUIDirectDrawSurface@@@Z
??1CDDrawSurface@@QAE@XZ
??0CDDrawSurface@@QAE@XZ
?BlockRecv@CMainFrame@@QAEHXZ
?UnBlockRecv@CMainFrame@@QAEHH@Z
?SendFrameOperation@CMainFrame@@QAEHIJAAJ@Z
?AllocLayers@CViewManager@@QAEXG@Z
?LoadSkin@CSkinResouce@@SAPAV1@PAD@Z
?BuildPlayerListCtrlColumn@CMainFrame@@QAEJJPAUPLColumnInfo@@@Z
?AsdeForceExitApplication@@YAJHH@Z
?CMainFrame_DisConstruct@CMainFrame@@CAXPAV1@@Z
?CMainFrame_Construct@CMainFrame@@CAXPAV1@PADFAAVCMainFrameTraits@@W4AD_GAME_TYPE@@@Z
?ProcessWindowMessage@CMainFrame@@UAEHPAUHWND__@@IIJAAJK@Z
?ProcessSocketXieYi@CMainFrame@@UAEHIAAVbistream@Win32Tools@@AAJK@Z
?ProcessFrameEvent@CMainFrame@@UAEHIJAAJ@Z
?ProcessWindowMessage@CSkinCheckBox@@UAEHPAUHWND__@@IIJAAJK@Z
?ApplyText@CTextUnit@@QAEXPAD@Z
?Attach@CTextUnit@@QAEJAAUtagRECT@@PAVCViewManager@@GGPAVCDevice@@KPAUHFONT__@@IHKKK@Z
?SeatClientToServer@CMainFrame@@QAEFF@Z
?SendPackage@CMainFrame@@QAEHPADG_N@Z
?GetGameSaveHandle@CMainFrame@@QAEPAVCGameSave@@XZ
?GetCmdInfo@CMainFrame@@QAEAAUCMDINFO@@XZ
?LVMoveTo@CViewUnit@@QAEXHHH@Z
?FreeSkin@CSkinResouce@@SAXAAPAV1@@Z
?LVChangeRect@CViewUnit@@QAEXHHHHH@Z
?ReSetRect@CViewUnit@@QAEXAAUtagRECT@@@Z
?CTextUnit_DisConstruct@CTextUnit@@CAXPAV1@@Z
?CTextUnit_Construct@CTextUnit@@CAXPAV1@@Z
?OnDraw@CTextUnit@@EAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
?OnDetchFrom@CTextUnit@@EAEXPAUCViewLayer@@PAUCViewArea@@@Z
?OnDrawText@CTextUnit@@UAEHPAUHDC__@@0PAVCImageResource@@1UtagRECT@@PBDHIPAUHFONT__@@KKK@Z
?GetMyInfo@CMainFrame@@QAEPAUPLAYERINFO@@XZ
?SeatServerToClient@CMainFrame@@QAEFF@Z
?GetGameRect@CMainFrame@@QAEXPAUtagRECT@@@Z
?PlayESound@CSoundManager@@QAEXPAVCSoundBuffer@@KK@Z
?GetDeskViewUnit@CMainFrame@@QAEPAVCViewUnit@@XZ
?GetDrawDevice@CMainFrame@@QAEPAVCDevice@@XZ
?CreateFromBitmap@CDDrawSurface@@QAEJPAVCDisplay@@PBDKK@Z
?LoadImageA@CImageResource@@SAPAUHBITMAP__@@PBDKK@Z
?SetToEVolume@CSoundManager@@QAEXPAVCSoundBuffer@@@Z
?GetSoundManager@CMainFrame@@QAEPAVCSoundManager@@XZ
?CreateOgg@CSoundManager@@QAEJPAPAVCSoundBuffer@@PADKU_GUID@@K@Z
?Destroy@CDDrawSurface@@QAEJXZ
?AsdeInitApplication@@YAJPAUHINSTANCE__@@HPBD111J@Z
?Create@CMainFrame@@QAEPAUHWND__@@PAU2@V_U_RECT@ATL@@PBDKKV_U_MENUorID@4@PAX@Z
?AsdeTimerRunApplication@@YAJHK@Z
?AsdeUnInitApplication@@YAXXZ
?SubClass@CSkinButton@@QAEXPAUHWND__@@@Z
?GetUIFace@CSkinResouce@@QAEPAVCFaceUI@@PBD0@Z
?GetSubUIFace@CFaceUI@@QAEPAV1@PBD0@Z
?SetSkin@CSkinButton@@QAEXPAVCFaceButton@@@Z
?ProcessWindowMessage@CSkinButton@@UAEHPAUHWND__@@IIJAAJK@Z
?GetBitmap@CGdiBitmap@@QAEPAUHBITMAP__@@XZ
?GetBmpInfo@CGdiBitmap@@QAEAAUtagBITMAP@@XZ
?GetSkinImage@CFaceUI@@QAEPAVCGdiBitmap@@XZ
?DetchSelf@CViewUnit@@QAEXXZ
?OnDraw@CSingleUnit2@@UAEJPAVCDevice@@AAUtagRECT@@HPAX@Z
??0CViewRect@@QAE@XZ
?__init__@CViewUnit@@AAEXHHHHE@Z
??1CViewRect@@QAE@XZ
?GetViewManager@CMainFrame@@QAEPAVCViewManager@@XZ
?Attach@CSingleUnit2@@QAEJAAUtagRECT@@PAVCViewManager@@GGIPAUtagPOINT@@PAVCImageResource@@3@Z
?GetBackBuffer@CDisplay@@QAEPAVCDDrawSurface@@XZ
??0CDDrawRender@@QAE@PAVCDDrawSurface@@@Z
?BltAlpha@CDDrawRender@@QAEJKKPAVCDDrawSurface@@0PAUtagRECT@@0KK@Z
??1CDDrawRender@@QAE@XZ
?GetDDSC@CDDrawSurface@@QAEAAU_DDSURFACEDESC@@XZ
?ReSetRect@CViewUnit@@QAEXHHHH@Z
?AttachUnit@CViewManager@@QAEXPAVCViewUnit@@GG@Z
?LVRefresh@CViewUnit@@QAEXH@Z
?DisplayChatText@CMainFrame@@QAEHV?$CStringT@DV?$StrTraitATL@DV?$ChTraitsCRT@D@ATL@@@ATL@@@ATL@@0H@Z
?AsdeSetSkin@@YAPAVCSkinResouce@@PAV1@@Z
?LVShow@CViewUnit@@QAEXEH@Z

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4543536e719f027b6dbc05cc5ff7483

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ruleedit

gamesave

asdeatlgameframe

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 18KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 18KB

.rsrc
Size: 48KB - Virtual size: 45KB