e0e41749d82154fabf20958abf33efeee6acce8e995ba500db55e96e2eb69304

Sharing

Copy URL Twitter E-mail

General

Target

e0e41749d82154fabf20958abf33efeee6acce8e995ba500db55e96e2eb69304
Size

408KB
MD5

30e96004ece1d049ac5165b2ae970d40
SHA1

92f981892458b6b471e64baff7ec7fbc79fa8964
SHA256

e0e41749d82154fabf20958abf33efeee6acce8e995ba500db55e96e2eb69304
SHA512

335b7993a35366cf4059115e0bd6ea8ad9cd2c1fe37b17f31b31d198256273960032a3053d766d703010bcd4a9088642fe3fdbf75d0481a4defc64a577a34803
SSDEEP

6144:qm8y1du8ofYzrGBzb+eXQY+jAuHSbtM4tFp4wIzZ/Ypop:38ye8oAzrGV/Z+jmhM4tj4pqpop

Score

N/A

Malware Config

Signatures

Files

e0e41749d82154fabf20958abf33efeee6acce8e995ba500db55e96e2eb69304
.dll windows x86

a23b46f6a8cf54e0cf0389e0a56449e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ck2

?SetPitch@CKWaveSound@@QAEXM@Z
?RegisterNewEnum@CKParameterManager@@QAEJUCKGUID@@PAD1@Z
?RegisterNewFlags@CKParameterManager@@QAEJUCKGUID@@PAD1@Z
?GetParameterManager@CKContext@@QAEPAVCKParameterManager@@XZ
?UnRegisterParameterType@CKParameterManager@@QAEJUCKGUID@@@Z
?CKStoreDeclaration@@YAXPAV?$XArray@PAVCKObjectDeclaration@@@@PAVCKObjectDeclaration@@@Z
?SetCompatibleClassId@CKObjectDeclaration@@QAEXJ@Z
?SetCreationFunction@CKObjectDeclaration@@QAEXP6AJPAPAVCKBehaviorPrototype@@@Z@Z
?SetVersion@CKObjectDeclaration@@QAEXK@Z
?SetAuthorName@CKObjectDeclaration@@QAEXPAD@Z
?SetAuthorGuid@CKObjectDeclaration@@QAEXUCKGUID@@@Z
?SetGuid@CKObjectDeclaration@@QAEXUCKGUID@@@Z
?SetType@CKObjectDeclaration@@QAEXH@Z
?SetCategory@CKObjectDeclaration@@QAEXPAD@Z
?SetDescription@CKObjectDeclaration@@QAEXPAD@Z
?CreateCKObjectDeclaration@@YAPAVCKObjectDeclaration@@PAD@Z
?SetBehaviorCallbackFct@CKBehaviorPrototype@@QAEXP6AJABUCKBehaviorContext@@@ZKPAX@Z
?SetBehaviorFlags@CKBehaviorPrototype@@QAEXW4CK_BEHAVIOR_FLAGS@@@Z
?SetFunction@CKBehaviorPrototype@@QAEXP6AHABUCKBehaviorContext@@@Z@Z
?SetFlags@CKBehaviorPrototype@@QAEXW4CK_BEHAVIORPROTOTYPE_FLAGS@@@Z
?DeclareLocalParameter@CKBehaviorPrototype@@QAEHPADUCKGUID@@0@Z
?DeclareSetting@CKBehaviorPrototype@@QAEHPADUCKGUID@@0@Z
?CreateCKBehaviorPrototypeRunTime@@YAPAVCKBehaviorPrototype@@PAD@Z
?GetTimeManager@CKContext@@QAEPAVCKTimeManager@@XZ
?SetLocalParameterValue@CKBehavior@@QAEJHPBXH@Z
?GetLocalParameterValue@CKBehavior@@QAEJHPAX@Z
?GetInputParameterValue@CKBehavior@@QAEJHPAX@Z
?GetInputParameterObject@CKBehavior@@QAEPAVCKObject@@H@Z
?ActivateOutput@CKBehavior@@QAEXHH@Z
?ActivateInput@CKBehavior@@QAEXHH@Z
?IsInputActive@CKBehavior@@QAEHH@Z
?GetTarget@CKBehavior@@QAEPAVCKBeObject@@XZ
?SetOutputParameterObject@CKBehavior@@QAEJHPAVCKObject@@@Z
?OutputToConsole@CKContext@@QAEJPADH@Z
?SetName@CKObject@@QAEXPADH@Z
?NeedManager@CKObjectDeclaration@@QAEXUCKGUID@@@Z
?SetOutputParameterValue@CKBehavior@@QAEJHPBXH@Z
?GetOutputParameterValue@CKBehavior@@QAEJHPAX@Z
?EnableOutputParameter@CKBehavior@@QAEXHH@Z
?GetObjectA@CKGroup@@QAEPAVCKBeObject@@H@Z
?GetObjectCount@CKGroup@@QAEHXZ
?CreateObject@CKContext@@QAEPAVCKObject@@JPADW4CK_OBJECTCREATION_OPTIONS@@PAW4CK_LOADMODE@@@Z
?GetLocalParameterReadDataPtr@CKBehavior@@QAEPAXH@Z
?GetInputParameterReadDataPtr@CKBehavior@@QAEPAXH@Z
?CKDestroyObject@@YAXPAVCKObject@@KPAVCKDependencies@@@Z
?GetObjectByName@CKContext@@QAEPAVCKObject@@PADPAV2@@Z
?GetColumnType@CKDataArray@@QAE?AW4CK_ARRAYTYPE@@H@Z
?GetElementValue@CKDataArray@@QAEHHHPAX@Z
?GetColumnParameterGuid@CKDataArray@@QAE?AUCKGUID@@H@Z
?GetRowCount@CKDataArray@@QAEHXZ
?IsParentScriptActiveInScene@CKBehavior@@QAEHPAVCKScene@@@Z
?IsActive@CKBehavior@@QAEHXZ
?GetInputParameter@CKBehavior@@QAEPAVCKParameterIn@@H@Z
?GetObjectA@CKContext@@QAEPAVCKObject@@K@Z
?GetAttributeParameter@CKBeObject@@QAEPAVCKParameterOut@@H@Z
?GetGlobalAttributeListPtr@CKAttributeManager@@QAEABVXObjectPointerArray@@H@Z
?GetAttributeTypeByName@CKAttributeManager@@QAEHPAD@Z
?GetAttributeManager@CKContext@@QAEPAVCKAttributeManager@@XZ
?SetLocalParameterObject@CKBehavior@@QAEJHPAVCKObject@@@Z
?GetLocalParameterObject@CKBehavior@@QAEPAVCKObject@@H@Z
?SetAttributeDefaultValue@CKAttributeManager@@QAEXHPAD@Z
?SetAttributeCategory@CKAttributeManager@@QAEXHPAD@Z
?RegisterNewAttributeType@CKAttributeManager@@QAEHPADUCKGUID@@JW4CK_ATTRIBUT_FLAGS@@@Z
??1CKMemoryPool@@QAE@XZ
?GetOutputCount@CKBehavior@@QAEHXZ
??0CKMemoryPool@@QAE@PAVCKContext@@H@Z
?GetLocalParameterWriteDataPtr@CKBehavior@@QAEPAXH@Z
?GetManagerByGuid@CKContext@@QAEPAVCKBaseManager@@UCKGUID@@@Z
?DestroyObject@CKContext@@QAEJPAVCKObject@@KPAVCKDependencies@@@Z
?AddObject@CKLevel@@QAEJPAVCKObject@@@Z
?CreateInputParameter@CKBehavior@@QAEPAVCKParameterIn@@PADUCKGUID@@@Z
?RemoveInputParameter@CKBehavior@@QAEPAVCKParameterIn@@H@Z
?GetInputParameterCount@CKBehavior@@QAEHXZ
?OutputToConsoleExBeep@CKContext@@QAAJPADZZ
?RemoveOutput@CKBehavior@@QAEPAVCKBehaviorIO@@H@Z
?CreateOutput@CKBehavior@@QAEPAVCKBehaviorIO@@PAD@Z
?CKIsChildClassOf@@YAHPAVCKObject@@J@Z
?GetOutputParameter@CKBehavior@@QAEPAVCKParameterOut@@H@Z
?GetInputCount@CKBehavior@@QAEHXZ
?CKStrdup@@YAPADPAD@Z
?FindRowIndex@CKDataArray@@QAEHHW4CK_COMPOPERATOR@@KHH@Z
?GetDataSize@CKParameter@@QAEHXZ
?GetObjectIterator@CKScene@@QAE?AVCKSceneObjectIterator@@XZ
?GetCurrentScene@CKContext@@QAEPAVCKScene@@XZ
?AddObjectToScene@CKScene@@QAEXPAVCKSceneObject@@H@Z
?SetPixel@CKBitmapData@@QAEHHHKH@Z
?LockSurfacePtr@CKBitmapData@@QAEPAEH@Z
?GetRenderManager@CKContext@@QAEPAVCKRenderManager@@XZ
?RemoveRow@CKDataArray@@QAEXH@Z
?SetElementStringValue@CKDataArray@@QAEHHHPAD@Z
?InsertRow@CKDataArray@@QAEPAV?$XSArray@K@@H@Z
?GetSlotFileName@CKBitmapData@@QAEPADH@Z
?GetSlotCount@CKBitmapData@@QAEHXZ
?GetObjectsListByClassID@CKContext@@QAEPAKJ@Z
?GetObjectsCountByClassID@CKContext@@QAEHJ@Z
?SaveImage@CKBitmapData@@QAEHPADHH@Z
?GetPixel@CKBitmapData@@QAEKHHH@Z
?ReleaseSurfacePtr@CKBitmapData@@QAEHH@Z
?IsObjectActive@CKScene@@QAEHPAVCKSceneObject@@@Z
?AddOutput@CKBehavior@@QAEHPAD@Z
?DeleteOutput@CKBehavior@@QAEJH@Z
?GetOutput@CKBehavior@@QAEPAVCKBehaviorIO@@H@Z
?GetScript@CKBeObject@@QAEPAVCKBehavior@@H@Z
?GetScriptCount@CKBeObject@@QAEHXZ
?Activate@CKScene@@QAEXPAVCKSceneObject@@H@Z
?CKReadObjectState@@YAJPAVCKObject@@PAVCKStateChunk@@@Z
?GetObjectInitialValue@CKScene@@QAEPAVCKStateChunk@@PAVCKSceneObject@@@Z
?IsInScene@CKSceneObject@@QAEHPAVCKScene@@@Z
?SetObjectInitialValue@CKScene@@QAEHPAVCKSceneObject@@PAVCKStateChunk@@@Z
?CKSaveObjectState@@YAPAVCKStateChunk@@PAVCKObject@@K@Z
?SetDirectSource@CKParameterIn@@QAEJPAVCKParameter@@@Z
?IsCompatibleWith@CKParameter@@QAEHPAV1@@Z
?GetSubBehavior@CKBehavior@@QAEPAV1@H@Z
?GetSubBehaviorCount@CKBehavior@@QAEHXZ
?GetLocalParameter@CKBehavior@@QAEPAVCKParameterLocal@@H@Z
?GetLocalParameterCount@CKBehavior@@QAEHXZ
?GetOutputParameterCount@CKBehavior@@QAEHXZ
?RenamePath@CKPathManager@@QAEJHHAAVXString@@@Z
?GetPathName@CKPathManager@@QAEJHHAAVXString@@@Z
?GetPathCount@CKPathManager@@QAEHH@Z
?GetPathManager@CKContext@@QAEPAVCKPathManager@@XZ
?GetPlayerRenderContext@CKContext@@QAEPAVCKRenderContext@@XZ
?Stop@CKWaveSound@@QAEXM@Z
?IsPlaying@CKWaveSound@@QAEHXZ
?RegisterNewStructure@CKParameterManager@@QAAJUCKGUID@@PAD1ZZ
?Play@CKWaveSound@@QAEXMM@Z
?SetGain@CKWaveSound@@QAEXM@Z
?SetLoopMode@CKWaveSound@@QAEXH@Z
?OutputToConsoleEx@CKContext@@QAAJPADZZ
?GetParent@CKBehavior@@QAEPAV1@XZ
?GetOwner@CKBehavior@@QAEPAVCKBeObject@@XZ
?GetOwnerScript@CKBehavior@@QAEPAV1@XZ
?GetStringBuffer@CKContext@@QAEPADH@Z
?SetFunction@CKBehavior@@QAEXP6AHABUCKBehaviorContext@@@Z@Z
?GetVersion@CKBehavior@@QAEKXZ
?RemoveOutputParameter@CKBehavior@@QAEPAVCKParameterOut@@H@Z
?CreateOutputParameter@CKBehavior@@QAEPAVCKParameterOut@@PADUCKGUID@@@Z
?SetElementValue@CKDataArray@@QAEHHHPAXH@Z
?InsertColumn@CKDataArray@@QAEXHW4CK_ARRAYTYPE@@PADUCKGUID@@@Z
??1CKBaseManager@@UAE@XZ
?RegisterNewManager@CKContext@@QAEJPAVCKBaseManager@@@Z
??0CKBaseManager@@QAE@PAVCKContext@@UCKGUID@@PAD@Z
?CKGetPluginManager@@YAPAVCKPluginManager@@XZ

vxmath

??0XString@@QAE@H@Z
?VxScanCodeToAscii@@YADKQAE@Z
?Vx3DRotateVector@@YAXPAUVxVector@@ABVVxMatrix@@PBU1@@Z
??0XString@@QAE@PBDH@Z
?Vx3DMatrixFromRotation@@YAXAAVVxMatrix@@ABUVxVector@@M@Z
?RGBAFTOCOLOR@@YAKMMMM@Z
?Vx3DMultiplyMatrixVector@@YAXPAUVxVector@@ABVVxMatrix@@PBU1@@Z
?axisY@VxVector@@SAABU1@XZ
?Normalize@VxVector@@QAEXXZ
?Identity@VxMatrix@@SAABV1@XZ
?RGBAFTOCOLOR@@YAKPBUVxColor@@@Z
??1XString@@QAE@XZ
?axis0@VxVector@@SAABU1@XZ
??4XString@@QAEAAV0@PBD@Z

kernel32

FatalAppExitA
SetUnhandledExceptionFilter
GetLocaleInfoW
GetTimeZoneInformation
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidLocale
SetEndOfFile
IsValidCodePage
LCMapStringW
LCMapStringA
ReadFile
GetStringTypeW
CopyFileA
CreateDirectoryA
DeleteFileA
GetFileAttributesA
GetCurrentDirectoryA
FindClose
GetLastError
FindNextFileA
FindFirstFileA
RemoveDirectoryA
SetCurrentDirectoryA
GlobalMemoryStatus
GetVersionExA
RtlUnwind
RaiseException
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
HeapFree
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetStringTypeA
Sleep
WideCharToMultiByte
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
SetFilePointer
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
CreateFileA
LoadLibraryA
SetConsoleCtrlHandler

Exports

Exports

CKGetPluginInfo
CKGetPluginInfoCount
RegisterNEMOExtensions

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a23b46f6a8cf54e0cf0389e0a56449e0

Headers

File Characteristics

Imports

ck2

vxmath

kernel32

Exports

Exports

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 40KB - Virtual size: 49KB

.idata Size: 16KB - Virtual size: 13KB

.rsrc Size: 16KB - Virtual size: 12KB

.reloc Size: 12KB - Virtual size: 11KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 40KB - Virtual size: 49KB

.idata
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 16KB - Virtual size: 12KB

.reloc
Size: 12KB - Virtual size: 11KB

.rmnet
Size: 60KB - Virtual size: 60KB