b2be0a8fbf293f3e8916a3b8539ac03525b945f7418bd488685f143c21403a29

Sharing

Copy URL

Twitter E-mail

General

Target

b2be0a8fbf293f3e8916a3b8539ac03525b945f7418bd488685f143c21403a29
Size

932KB
MD5

13cc08e9d292e2201f0b8e9627d66110
SHA1

358149010795a4d081e2d31b3383125578eaf56d
SHA256

b2be0a8fbf293f3e8916a3b8539ac03525b945f7418bd488685f143c21403a29
SHA512

36654f893f5a5d3f73a26ff1a39c52ee57111c91c2c0c6fe522e6e3bfd6cb4e7033d4058edc6ad80f5ec695bcec19a5a3449313480bf7a76c81e4f98596e68df
SSDEEP

24576:hn6jLuJPy2Od0TuSddwJPucjsta1MpKvV3:hsaPy2OdUYaU93

Score

N/A

Malware Config

Signatures

Files

b2be0a8fbf293f3e8916a3b8539ac03525b945f7418bd488685f143c21403a29
.dll windows x86

4f4ea178a6b3a43eabfe6706ce6f5141

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

MultiByteToWideChar
GetLastError
GetCurrentProcess
Thread32First
Thread32Next
FormatMessageA
OutputDebugStringA
ResumeThread
GetThreadContext
SetThreadContext
VirtualQuery
InterlockedCompareExchange
VirtualAlloc
VirtualProtect
GetCurrentThreadId
SuspendThread
SetLastError
GetFileSize
SetFilePointer
MapViewOfFile
UnmapViewOfFile
WriteFile
GetCurrentThread
CreateToolhelp32Snapshot
FreeLibrary
GlobalUnlock
GlobalLock
GlobalAlloc
LeaveCriticalSection
GetLocalTime
EnterCriticalSection
IsProcessorFeaturePresent
FindResourceW
FindResourceA
SizeofResource
LoadResource
LockResource
GetVersionExA
CreateFileW
GetLocaleInfoW
SetEndOfFile
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameA
GlobalFree
GetModuleHandleA
Sleep
GetCurrentProcessId
Module32Next
WriteConsoleW
GetConsoleOutputCP
CloseHandle
Module32First
HeapFree
FlushInstructionCache
LoadLibraryA
GetProcessHeap
HeapAlloc
GetProcAddress
CreateFileMappingA
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
CreateFileA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
GetCommandLineA
RtlUnwind
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
ExitProcess
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
ReadFile
LCMapStringA
LCMapStringW

user32

EmptyClipboard
OpenClipboard
GetClientRect
GetWindowLongA
PostMessageA
GetKeyboardLayout
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowThreadProcessId
FindWindowA
ReleaseDC
GetDC
SetClipboardData
DefWindowProcA
ShowWindow
SwitchToThisWindow
SendMessageA
DrawTextA
DrawTextW
SetWindowLongA
GetClipboardData
CloseClipboard
GetDesktopWindow

gdi32

CreateCompatibleDC
SetBkMode
SetBkColor
SetTextColor
DeleteDC
CreateFontIndirectA
GetObjectA
DeleteObject
CreateFontA
GetFontData
CreateDIBSection
GetTextExtentPoint32A
SelectObject

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

dinput8

DirectInput8Create

imm32

ImmAssociateContextEx
ImmIsIME
ImmGetContext
ImmGetConversionStatus
ImmReleaseContext
ImmGetCandidateListA
ImmGetCompositionStringA
ImmEscapeA

Exports

Exports

DLLInstalled
GHDX8Direct3DDevice8Present
GHDX8Direct3DDevice8Reset
GetHornMessage
GetSupportStatus
HFLibDataExchange
HFLibInitGameSvc
InstallDLLByName
InstallDLLByProcessID
ReturnToGame
SetFont
SetHornNumber
SetText
SetTextEx
SetWndKey
UnInstallDLL

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hjsdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f4ea178a6b3a43eabfe6706ce6f5141

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

advapi32

shell32

dinput8

imm32

Exports

Exports

Sections

.text Size: 592KB - Virtual size: 591KB

.rdata Size: 148KB - Virtual size: 148KB

.data Size: 85KB - Virtual size: 95KB

.data1 Size: 2KB - Virtual size: 2KB

.hjsdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 23KB - Virtual size: 23KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 592KB - Virtual size: 591KB

.rdata
Size: 148KB - Virtual size: 148KB

.data
Size: 85KB - Virtual size: 95KB

.data1
Size: 2KB - Virtual size: 2KB

.hjsdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 23KB - Virtual size: 23KB

.rmnet
Size: 56KB - Virtual size: 60KB