916944e57fc34497ff3ae642d03e22144496ef2d7a18bc1c00775a71be643a53

Sharing

Copy URL Twitter E-mail

General

Target

916944e57fc34497ff3ae642d03e22144496ef2d7a18bc1c00775a71be643a53
Size

2.8MB
MD5

622302cb695cce34e2d1ef4bafb4457d
SHA1

e62837c535216968eb35ce705d6d098f9d770aab
SHA256

916944e57fc34497ff3ae642d03e22144496ef2d7a18bc1c00775a71be643a53
SHA512

64ea2dad8f82d87f1570fa4d5acd0e01c2a57002f29a69ed580a7a0ee12b9367967f55a868cf520000ec119be4d55f0590ca732d73eab5466578d7c2d612058a
SSDEEP

24576:mcsPqsFT3I3nzPV7lmFFGB8Se4QPiv7E/hxkq7Jq6nGHD6Z2pl4aHMzXBXq/70fH:IWnLVAFwBvXAkD57sWAMD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
916944e57fc34497ff3ae642d03e22144496ef2d7a18bc1c00775a71be643a53

Files

916944e57fc34497ff3ae642d03e22144496ef2d7a18bc1c00775a71be643a53
.exe windows x86

b6f534824f4ec953e1fe1ae443e70c2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
TlsSetValue
GetCurrentThreadId
VirtualAlloc
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
SetLastError
RtlUnwind
GetSystemTimeAsFileTime
HeapReAlloc
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
TlsGetValue
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FlushFileBuffers
SetHandleCount
GetFileType
ReadFile
SetFilePointer
GetStringTypeA
GetStringTypeW
RaiseException
GetCPInfo
GetACP
GetOEMCP
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
CreateDirectoryA
GetCurrentDirectoryA
GetFullPathNameA
SetFileAttributesA
GetFileAttributesA
GlobalAlloc
GetLastError
GetSystemInfo
ExitProcess
GlobalAddAtomA
GlobalDeleteAtom
GlobalFree
OutputDebugStringA
QueryDosDeviceA
DefineDosDeviceA
CreateFileA
DeviceIoControl
CloseHandle
Sleep
FreeLibrary
QueryPerformanceFrequency
QueryPerformanceCounter
SetErrorMode
LoadLibraryA
GetProcAddress
GetVersionExA
lstrcpyA
lstrcatA
lstrlenA
GetStdHandle
WriteFile
GetModuleHandleA
DeleteFileA

user32

LoadIconA
DispatchMessageA
TranslateMessage
PeekMessageA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
GetKeyboardLayout
SetRect
ReleaseCapture
SetCapture
GetWindowDC
GetScrollPos
DestroyWindow
CallWindowProcA
CopyRect
GetSysColorBrush
GetFocus
DrawTextA
DrawFocusRect
IsWindow
GetMessageA
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
DefWindowProcA
MessageBoxA
GetActiveWindow
wvsprintfA
ReleaseDC
GetDC
GetWindowLongA
ClientToScreen
GetSystemMetrics
WINNLSEnableIME
wsprintfA
ScreenToClient
PtInRect
GetMessagePos
InflateRect
GetSysColor
SetMenuItemInfoA
TrackPopupMenu
AdjustWindowRectEx
GetWindowTextA
RegisterWindowMessageA
GetSubMenu
EnableMenuItem
CheckMenuRadioItem
SetFocus
FindWindowA
PostMessageA
LoadAcceleratorsA
GetParent
GetMenu
MoveWindow
CreateIconFromResourceEx
CreateIconFromResource
TranslateAcceleratorA
IsDialogMessageA
DestroyAcceleratorTable
GetWindowTextLengthA
SendDlgItemMessageA
KillTimer
SetTimer
DialogBoxParamA
PostQuitMessage
EnableWindow
GetCursorPos
SetCursorPos
ShowCursor
GetAsyncKeyState
GetKeyboardState
SetKeyboardState
FillRect
GetClientRect
GetDlgItem
BeginPaint
EndPaint
SendMessageA
SetCursor
InvalidateRect
UpdateWindow
DestroyMenu
EndDialog
SetWindowTextA
LoadMenuA
SetMenu
CheckMenuItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect

gdi32

GetTextMetricsA
SelectObject
CreateRectRgnIndirect
SelectClipRgn
CreateHalftonePalette
SelectPalette
RealizePalette
SetBkColor
DeleteDC
GetTextExtentPoint32A
CreateFontIndirectA
DeleteObject
CreateSolidBrush
GetClipBox
GetDCOrgEx
GetDeviceCaps
GetStockObject
SetTextColor
RestoreDC
LineTo
MoveToEx
CreatePen
SaveDC
CreateBitmap
CreateCompatibleBitmap
StretchDIBits
CreateDIBitmap
BitBlt
PatBlt
CreateCompatibleDC
CreatePalette

comctl32

ImageList_Draw
ImageList_DrawEx
ImageList_Create
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_Destroy
ord2
ord17
CreateToolbarEx
ord6
PropertySheetA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegQueryInfoKeyA
RegOpenKeyExA

winmm

joyGetDevCapsA
joyGetNumDevs
timeEndPeriod
timeBeginPeriod
timeGetTime
joyGetPosEx

shell32

ExtractIconA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA

avifil32

AVIStreamRelease
AVIFileRelease
AVIStreamWrite
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVISaveOptions
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileExit

msvfw32

ord2

zlib

ord21
ord26
ord3
ord2
ord19
ord20

kailleraclient

_kailleraSelectServerDialog@4
_kailleraSetInfos@4
_kailleraEndGame@0
_kailleraChatSend@4
_kailleraInit@0
_kailleraModifyPlayValues@8

imm32

ImmGetConversionStatus
ImmGetDescriptionA
ImmIsIME
ImmSetOpenStatus
ImmGetOpenStatus
ImmGetContext
ImmGetDefaultIMEWnd
ImmGetCompositionStringA
ImmSetCompositionWindow
ImmGetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1008KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6f534824f4ec953e1fe1ae443e70c2d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

comdlg32

advapi32

winmm

shell32

avifil32

msvfw32

zlib

kailleraclient

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 188KB - Virtual size: 186KB

.data Size: 1008KB - Virtual size: 4.0MB

.rsrc Size: 140KB - Virtual size: 139KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 188KB - Virtual size: 186KB

.data
Size: 1008KB - Virtual size: 4.0MB

.rsrc
Size: 140KB - Virtual size: 139KB