3b8d9f713c035c997e2f4e32db88ef256a72dbc71a9d21f7c8b20a9d201a5c7d

Sharing

Copy URL Twitter E-mail

General

Target

3b8d9f713c035c997e2f4e32db88ef256a72dbc71a9d21f7c8b20a9d201a5c7d
Size

703KB
MD5

5232d1660fc562df4bbe50799aa101d0
SHA1

b844af20908bf1211331e91524e6b8d759863b21
SHA256

3b8d9f713c035c997e2f4e32db88ef256a72dbc71a9d21f7c8b20a9d201a5c7d
SHA512

addc1694d2e9f752ca74a47fd63b74fac4fe1a12327dee03def109b59744f5d4c58294cde2550ea257b843e8ae5ac508155168f2d7422d158efe100c67930181
SSDEEP

12288:nRHNQq/oZEkBaOzygCil3sFIeXVYfTke9ZTJtCjzY1C4doIEjaeM2SsPax:LQEK6piOnXy5T1Egiae5Som

Score

N/A

Malware Config

Signatures

Files

3b8d9f713c035c997e2f4e32db88ef256a72dbc71a9d21f7c8b20a9d201a5c7d
.exe windows x86

9c7976f287445bee3575407efcec0d5e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend

wininet

InternetReadFile
InternetOpenW
InternetOpenUrlW
InternetCloseHandle

kernel32

CreateFileW
GetCurrentDirectoryW
CloseHandle
GetCurrentProcessId
lstrcpyW
OutputDebugStringA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MoveFileW
GetFileTime
DeleteFileW
GetFileSize
MapViewOfFile
UnmapViewOfFile
ReadFile
GetLastError
CreateFileMappingW
MultiByteToWideChar
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalReAlloc
CreateFileA
GetConsoleMode
GetConsoleCP
InitializeCriticalSectionAndSpinCount
LoadLibraryA
VirtualAlloc
HeapReAlloc
HeapSize
GetLocaleInfoA
Sleep
GetStringTypeW
GetStringTypeA
LoadLibraryW
WriteConsoleW
DebugBreak
GetModuleHandleA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetStdHandle
GetModuleFileNameA
LCMapStringW
LCMapStringA
IsBadReadPtr
HeapValidate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetModuleHandleW
TlsGetValue
GetProcAddress
OpenProcess
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateProcessW
SetFilePointer
lstrlenW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitThread
GetCurrentThreadId
CreateThread
SwitchToThread
ExitProcess
lstrlenA
InterlockedExchangeAdd
InterlockedExchange

user32

GetDlgItemTextW
SetDlgItemTextW
SendMessageW
CallWindowProcW
SetWindowPos
ShowWindow
SetWindowLongW
GetDlgItem
SetClassLongW
GetWindowLongW
SetRect
SetTimer
KillTimer
GetFocus
SetFocus
FillRect
GetDC
ReleaseDC
CreateDialogParamW
GetSystemMetrics
GetWindow
MoveWindow
DestroyWindow
GetMessageW
PostQuitMessage
LoadCursorW
FindWindowW
wsprintfW
TranslateMessage
LoadIconW
CreateWindowExW
MessageBoxW
RegisterClassW
DefWindowProcW
DispatchMessageW
EndPaint
ScreenToClient
GetWindowRect
DrawTextW
TrackMouseEvent
GetClientRect
BeginPaint
InvalidateRect

gdi32

CombineRgn
GetObjectW
CreateCompatibleDC
CreateDIBSection
DeleteObject
ExtCreateRegion
CreateFontW
BitBlt
SetTextColor
DeleteDC
SetBkMode
SelectObject
GetStockObject

ole32

OleUninitialize
OleInitialize
CoCreateInstance

ngmfunc

NGMLib_SetLogFilePathW
NGMLib_Init
NGMLib_Cancel
NGMLib_GetLastErrCode
NGMLib_GetProgressInfoW
NGMLib_PatchW

nmcogame

NMCO_MemoryFree
NMCO_SetLocaleAndRegion
NMCO_CallNMFunc

Exports

Exports

LauncherMain

Sections

.text
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c7976f287445bee3575407efcec0d5e

Headers

DLL Characteristics

File Characteristics

Imports

msimg32

wininet

kernel32

user32

gdi32

ole32

ngmfunc

nmcogame

Exports

Exports

Sections

.text Size: 370KB - Virtual size: 369KB

.rdata Size: 95KB - Virtual size: 94KB

.data Size: 11KB - Virtual size: 33KB

.rsrc Size: 141KB - Virtual size: 140KB

.reloc Size: 85KB - Virtual size: 85KB

.text
Size: 370KB - Virtual size: 369KB

.rdata
Size: 95KB - Virtual size: 94KB

.data
Size: 11KB - Virtual size: 33KB

.rsrc
Size: 141KB - Virtual size: 140KB

.reloc
Size: 85KB - Virtual size: 85KB