72a4d73fe5ee9cfc92eac6077f3ae2f0c99ea58f4ebfa29615df4d49b1185daf

Sharing

Copy URL Twitter E-mail

General

Target

72a4d73fe5ee9cfc92eac6077f3ae2f0c99ea58f4ebfa29615df4d49b1185daf
Size

770KB
MD5

a0575d8045d78ee5ae543f4e61c32214
SHA1

095fd7889bdd2b2d15d1c2213e9b175883173644
SHA256

72a4d73fe5ee9cfc92eac6077f3ae2f0c99ea58f4ebfa29615df4d49b1185daf
SHA512

8930d193874c718f7575958688a1b255dce3290e21870c72bd0c64a1fb104815d992d7026a9e901e9a8c97dff458f82a1df71c5fc55baa9f5b54618f70c08570
SSDEEP

12288:bEbI7eeyYp76VDiG4eW/awvPhXy7PgjM7sMc0xBESi+jkqPXwN7sCzf8UUtxVP59:bU5EjMvEn0oFY+7y1xTWfW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72a4d73fe5ee9cfc92eac6077f3ae2f0c99ea58f4ebfa29615df4d49b1185daf

Files

72a4d73fe5ee9cfc92eac6077f3ae2f0c99ea58f4ebfa29615df4d49b1185daf
.dll windows:5 windows x86

29adb42bb552b356e0714aa5995c56c2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSizeEx
GetCurrentDirectoryW
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetFileType
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsDebuggerPresent
IsProcessorFeaturePresent
VirtualAlloc
VirtualProtect
VirtualQuery
GetCommandLineA
RtlUnwind
ExitThread
ExitProcess
GetModuleHandleExW
HeapQueryInformation
ReadConsoleW
GetStdHandle
IsValidCodePage
GetCPInfo
GetStartupInfoW
GetFileAttributesExW
GetStringTypeW
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteConsoleW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
GetDriveTypeW
SetEnvironmentVariableA
GetFileTime
GetFileAttributesW
GetUserDefaultLCID
GlobalFlags
GetLocaleInfoW
CompareStringW
lstrcmpA
GlobalGetAtomNameW
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetTickCount
FileTimeToSystemTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
GetModuleHandleA
SetLastError
OutputDebugStringA
GetACP
Sleep
DecodePointer
HeapSize
RaiseException
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetPrivateProfileStringW
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
CreateDirectoryW
GetModuleFileNameW
MoveFileW
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedDecrement
GlobalFree
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetVersionExW
GetSystemInfo
GetLastError
TerminateProcess
OpenProcess
GetCurrentProcessId
FreeLibrary
LoadLibraryW
LocalFree
FormatMessageW
ResumeThread
CloseHandle
CreateThread
MultiByteToWideChar
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
GetOEMCP
WideCharToMultiByte

user32

InsertMenuItemW
CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
SetRectEmpty
RealChildWindowFromPoint
GetSysColorBrush
MapDialogRect
SetWindowContextHelpId
CharUpperW
SetRect
InvalidateRgn
CopyAcceleratorTableW
GetMenuItemInfoW
DestroyMenu
IsRectEmpty
DrawIcon
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IntersectRect
InflateRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
ShowWindow
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
EqualRect
CopyRect
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
FillRect
LoadBitmapW
GetDC
ReleaseDC
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
ShowOwnedPopups
MessageBeep
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetNextDlgGroupItem
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
GetMonitorInfoW
EnableWindow
GetWindowRect
SetWindowRgn
InvalidateRect
SendMessageW
SetCursor
LoadCursorW
GetParent
GetSysColor
GetClientRect
SystemParametersInfoW
ScreenToClient
PostMessageW
CharNextW
PostQuitMessage
MessageBoxW
PostThreadMessageW
wsprintfW
GetCursorPos
SetCapture
OffsetRect
ReleaseCapture
IsWindow
GetWindowLongW
AdjustWindowRectEx
MoveWindow
GetWindowThreadProcessId
GetWindowTextA
IsWindowVisible
EnumWindows
IsIconic
SetWindowPos
ShowWindowAsync
GetSystemMenu
DeleteMenu
AppendMenuW
GetSystemMetrics
GetSubMenu
KillTimer
SetTimer
SetWindowLongW
UpdateLayeredWindow
PtInRect
SetForegroundWindow
UnregisterClassW
SendDlgItemMessageA
LoadMenuW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
CreateEllipticRgn
LPtoDP
GetTextExtentPoint32W
GetRgnBox
GetBkColor
GetTextColor
ExtTextOutW
TextOutW
Ellipse
CreateCompatibleDC
SetMapMode
SetBkMode
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
CreateSolidBrush
CreatePatternBrush
CreateRectRgnIndirect
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps
CreateFontIndirectW
BitBlt
GetPixel
CreateCompatibleBitmap
GetObjectW
DeleteObject
DeleteDC
GetStockObject
SelectObject
CreateDIBSection

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

DragQueryFileW
DragFinish
ShellExecuteW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemAlloc
OleDraw
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoTaskMemFree

oleaut32

SysStringByteLen
VariantCopy
SysAllocStringLen
VariantChangeType
LoadRegTypeLi
DispCallFunc
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SafeArrayCreate
SysAllocStringByteLen
SysAllocString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
VariantInit
VariantClear
SafeArrayGetDim
SysFreeString
SafeArrayGetElemsize

oledlg

OleUIBusyW

gdiplus

GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipCreateStringFormat
GdipLoadImageFromStream
GdipSetSmoothingMode
GdipDrawImageRect
GdipCreateSolidFill
GdipDeleteBrush
GdipFillRectangleI
GdipCreatePath
GdipDeletePath
GdipAddPathLine
ord1
GdipFillPath
GdipCreateFontFamilyFromName
GdipCreateFont
GdipDeleteFont
GdipMeasureString

wininet

InternetSetCookieW
InternetGetCookieW
InternetGetConnectedState

iphlpapi

GetAdaptersInfo

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpSetTimeouts
WinHttpOpen
WinHttpCloseHandle
WinHttpReadData
WinHttpSetOption

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Exports

Exports

DoMGLogin
DoMGLogout
DoMGPay
GetMGVersion
InitZzMGSDK
SetGameProcessId

Sections

.text
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29adb42bb552b356e0714aa5995c56c2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

gdiplus

wininet

iphlpapi

winhttp

oleacc

Exports

Exports

Sections

.text Size: 504KB - Virtual size: 503KB

.rdata Size: 138KB - Virtual size: 138KB

.data Size: 17KB - Virtual size: 34KB

.rsrc Size: 73KB - Virtual size: 73KB

.reloc Size: 37KB - Virtual size: 36KB

.text
Size: 504KB - Virtual size: 503KB

.rdata
Size: 138KB - Virtual size: 138KB

.data
Size: 17KB - Virtual size: 34KB

.rsrc
Size: 73KB - Virtual size: 73KB

.reloc
Size: 37KB - Virtual size: 36KB