Age-of-Empires[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Age-of-Empires.zip
Size

37.0MB
MD5

f5f5e95a7eda2e7baeeb366755fd8276
SHA1

3bc271a54e242e58f48f5a156535ccbe9a93327f
SHA256

674dbfce63e9b9c7386873191bf899c94727fd88d46f9b0c65ea24c4cb83a2b0
SHA512

f6a6b002428992be8de92d93910fd55da5b60c69a8a6ec6699ff2b41efa6c3df7190461e18d5b0ecb207f7a6fdf73b12c21d1fc0b071fd791d6a0cd702853fe1
SSDEEP

786432:BOwVjfHh+id6oCn5cDYXz3KGkZxWY0ArAmzGpTTVi5uBBn:BOgjfHh+aCyDYXkvW7awTpi5ufn

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AoEHlp.dll
unpack001/Empires.exe
unpack001/SETUPENU.DLL
unpack001/Setup.exe
unpack001/aelaunch.dll
unpack001/data/closedpw.exe
unpack001/language.dll

Files

Age-of-Empires.zip
.zip
AoEHlp.dll
.dll windows:4 windows x86

a8354c454bdfa09199d5d2d7b23231ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenProcess
lstrcpyA
lstrcatA
ReadFile
Sleep
CreateFileA
GlobalLock
CloseHandle
GlobalAlloc
GlobalFree
GlobalUnlock
lstrlenA
HeapAlloc
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
WriteFile
HeapFree
FindFirstFileA
ExitProcess
GetVersion
TerminateProcess
GetProcAddress
GetCommandLineA
GetModuleHandleA
LoadLibraryA
VirtualAlloc

user32

SetClassLongA
ShowWindow
SendMessageA
LoadStringA
GetDlgCtrlID
GetWindowLongA
GetWindowRect
LoadIconA
GetSystemMetrics
SetWindowTextA
GetDesktopWindow
SetWindowPos
FindWindowA
DestroyWindow
GetMenu
CreateMenu
SetMenu
DestroyMenu
DrawMenuBar
WinHelpA
LoadCursorA
RegisterClassA
GetDC
ReleaseDC
DefWindowProcA
BeginPaint
EndPaint
MessageBoxA
CreateWindowExA
SetWindowLongA
CallWindowProcA
PostMessageA
WaitForInputIdle
GetWindowThreadProcessId
GetWindow

gdi32

CreatePalette
RealizePalette
SelectPalette
BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
CreateDIBitmap

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

msvfw32

MCIWndRegisterClass

winmm

PlaySoundA

Exports

Exports

CallWinHelp
CloseSplash
HideSplash
LDLLHandler
OpenTreeviewBook
PlayAVI
PlayBMP
PlayWAV
SetTabControl

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Empires.HLP
Empires.exe
.exe windows:4 windows x86

f060043a29910d8b427ee409310ded76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
HeapAlloc
GetProcessHeap
VirtualLock
HeapFree
IsBadCodePtr
MapViewOfFileEx
OpenFileMappingA
EnterCriticalSection
VirtualQuery
VirtualQueryEx
OpenMutexA
UnmapViewOfFile
VirtualFree
ReleaseMutex
CreateEventA
SetEvent
GetVersion
LeaveCriticalSection
CompareStringA
WaitForSingleObject
GetSystemInfo
GetTempFileNameA
GetDriveTypeA
GetVolumeInformationA
MulDiv
CloseHandle
FreeLibrary
LoadLibraryA
GlobalMemoryStatus
GetCurrentDirectoryA
OpenFile
GetTempPathA
WinExec
FindFirstFileA
FileTimeToSystemTime
MapViewOfFile
CreateFileA
CreateFileMappingA
OutputDebugStringA
GetVersionExA
GetProcAddress
_llseek
GlobalAlloc
_lread
FindResourceA
GetModuleHandleA
GlobalReAlloc
LoadResource
LockResource
GlobalHandle
GlobalLock
GlobalUnlock
_lclose
GlobalFree
_hread
GetLastError
IsDBCSLeadByte
CreateMutexA
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReadFile
OpenProcess
GetCurrentProcess
SetFilePointer
FindNextFileA
GetFileType
FileTimeToLocalFileTime
ExitProcess
RtlUnwind
TerminateProcess
GetSystemTime
GetTimeZoneInformation
GetLocalTime
WriteFile
DeleteFileA
GetFullPathNameA
GetStartupInfoA
FindClose
SetEnvironmentVariableA
GetCommandLineA
SetEndOfFile
SetHandleCount
GetStringTypeW
GetStdHandle
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
LCMapStringW
RaiseException
FlushFileBuffers
GetStringTypeA
CompareStringW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr

user32

GetWindowRect
ScreenToClient
SetRect
DrawTextA
FindWindowA
SetSysColors
GetForegroundWindow
GetKeyState
LoadCursorA
CallWindowProcA
GetSysColor
IsClipboardFormatAvailable
GetWindowLongA
SetWindowLongA
GetClientRect
MoveWindow
InvalidateRect
ReleaseDC
GetDC
ClientToScreen
GetAsyncKeyState
GetKeyboardState
PostMessageA
SetCursorPos
GetCursorPos
ShowWindow
SystemParametersInfoA
LoadStringA
GetMessageA
DispatchMessageA
TranslateMessage
PeekMessageA
RegisterClassA
LoadIconA
UpdateWindow
SetWindowPos
GetSystemMetrics
BringWindowToTop
GetLastActivePopup
SetForegroundWindow
GetUpdateRect
FillRect
GetWindowTextA
SetCursor
SetClassLongA
MessageBoxA
CharUpperA
CreateWindowExA
DestroyWindow
SetTimer
SetFocus
OpenClipboard
GetClipboardData
CloseClipboard
SendMessageA
GetFocus
GetActiveWindow
DrawTextExA
ReleaseCapture
MessageBeep
GetCapture
KillTimer
SetCapture
SetWindowTextA
GetWindowThreadProcessId
PostQuitMessage
DefWindowProcA
WinHelpA
IsIconic
ValidateRect
GetCaretBlinkTime

gdi32

SelectClipRgn
SelectObject
GetStockObject
MoveToEx
SetBkMode
TextOutA
GetPaletteEntries
DeleteObject
DeleteDC
SetTextColor
CreateICA
RealizePalette
GetDeviceCaps
GetTextExtentPoint32A
CreatePen
SelectPalette
CreateFontIndirectA
SetBkColor
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
ResizePalette
GetObjectA
CreateRectRgn
GetSystemPaletteEntries
SetPaletteEntries
LineTo

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

dplayx

ord1
ord2
ord4

dsound

DirectSoundCreate

ddraw

DirectDrawCreate

winmm

mmioAdvance
mmioSetInfo
mmioGetInfo
mixerClose
mixerGetControlDetailsA
timeGetTime
mciSendCommandA
mciGetErrorStringA
mixerSetControlDetails
timeKillEvent
timeEndPeriod
timeBeginPeriod
timeSetEvent
mixerGetLineControlsA
mmioRead
mmioAscend
mmioSeek
mmioOpenA
mmioDescend
mixerOpen
mmioClose
mixerGetNumDevs
mixerGetLineInfoA

imm32

ImmReleaseContext
ImmNotifyIME
ImmSetOpenStatus
ImmAssociateContext
ImmGetContext

msvfw32

MCIWndCreateA
ICInfo

ole32

CoCreateInstance
CoInitialize
CoUninitialize

wsock32

gethostname
WSAStartup
WSACleanup
gethostbyname

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

THIS_COD
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

THIS_DAT
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Inf32Dat
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SETUPENU.DLL
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows:4 windows x86

12935b91d5a597703a17728e22d8e2c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey

kernel32

GetCurrentDirectoryA
GetCommandLineA
GetVersion
HeapFree
GetLastError
CloseHandle
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetProcAddress
LoadLibraryA
SetFilePointer
SetEndOfFile
ReadFile

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
aelaunch.dll
.dll windows:4 windows x86

60ad486e7dfff962be76ccc229dd1a13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SetForegroundWindow
IsIconic
ShowWindow
MessageBoxA
LoadStringA
FindWindowA

kernel32

GetModuleFileNameA
GetCPInfo
SetFilePointer
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
CloseHandle
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
LeaveCriticalSection
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
HeapAlloc
HeapFree
VirtualAlloc

Exports

Exports

ActivateTribeGame

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 929B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
campaign/Ascent of Egypt Learning Campaign.cpn
campaign/Glory of Greece.cpn
campaign/Voices of Babylon.cpn
campaign/Yamato Empire of the Rising Sun.cpn
data/Archers Bronze.ai
data/Archers Iron.ai
data/Assyria Ballista.ai
data/Assyria Bowmen.ai
data/Babylon Scouts.ai
data/Babylon Swordsmen.ai
data/Border.drs
data/Cav Archer Iron.ai
data/Cavalry Bronze.ai
data/Cavalry Iron.ai
data/Choson Axemen.ai
data/Choson Swordsmen.ai
data/Death Match Assyria.ai
data/Death Match Babylon.ai
data/Death Match Choson.ai
data/Death Match Egypt.ai
data/Death Match Greek.ai
data/Death Match Hittite.ai
data/Death Match Minoa.ai
data/Death Match Persia.ai
data/Death Match Phoenicia.ai
data/Death Match Shang.ai
data/Death Match Sumeria.ai
data/Death Match Yamato.ai
data/Default.cty
data/Default.per
data/Defensive.per
data/Egypt Chariots.ai
data/Egypt War Elephants.ai
data/Elephant Archer Iron.ai
data/Empires.dat
data/Greek Phalanx.ai
data/Hittite Bowmen.ai
data/Hittite Horse Archers.ai
data/Immortal Assyria.ai
data/Immortal Egypt.ai
data/Immortal Greek.ai
data/Immortal Minoa.ai
data/Immortal Sumeria.ai
data/Immortal Yamato.ai
data/Infantry Bronze.ai
data/Infantry Stone.ai
data/Infantry Tool.ai
data/Interfac.drs
data/Minoa Composite bowmen.ai
data/Passive Aggressive.per
data/Passive.per
data/Persia Elephant Archers.ai
data/Phalanx Bronze.ai
data/Phalanx Iron.ai
data/Phoenicia Elephants.ai
data/Priest Bronze.ai
data/Priest Iron.ai
data/Shang Cavalry.ai
data/Shang Clubmen.ai
data/Shang Heavy Cavalry.ai
data/Sumeria Catapults.ai
data/Sumeria Scouts.ai
data/TILEEDGE.DAT
data/Terrain.drs
data/Trireme Bronze.ai
data/Trireme Iron.ai
data/War Elephant Iron.ai
data/Yamato Heavy Cavalry.ai
data/aggressive 3 attackers.per
data/aggressive no defend.per
data/aggressive.per
data/aoe.ply
data/closedpw.exe
.exe windows:4 windows x86

3443450a10d6d557144798ae521a009f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetParent
GetWindowTextA
DefWindowProcA
SetTimer
KillTimer
PostQuitMessage
FindWindowA
GetWindowThreadProcessId
EnumWindows
SendMessageA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA

kernel32

GetModuleFileNameA
UnhandledExceptionFilter
ReadFile
SetEndOfFile
SetFilePointer
LoadLibraryA
GetProcAddress
CreateFileA
FlushFileBuffers
SetStdHandle
VirtualAlloc
HeapAlloc
WriteFile
VirtualFree
HeapCreate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
GetLastError
CloseHandle
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetStdHandle
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/graphics.drs
data/list.cr
data/rules.rps
data/shadow.col
data/sounds.drs
data/super aggressive.per
eula.txt
game0.nfo
help/5028.wav
help/5074.wav
help/5144.wav
help/5169.wav
help/T_Acad.bmp
help/T_Arch.bmp
help/T_Barr.bmp
help/T_Dock.bmp
help/T_Farm.bmp
help/T_Govt.bmp
help/T_Gran.bmp
help/T_House.bmp
help/T_Mark.bmp
help/T_Pit.bmp
help/T_Seige.bmp
help/T_Stbl.bmp
help/T_Tmple.bmp
help/T_Towers.BMP
help/T_TwnCtr.bmp
help/T_Wall.bmp
help/T_Wond.bmp
help/abadacus.wav
help/academy.wav
help/archery.wav
help/attack.wav
help/ballista.wav
help/barrack.wav
help/barracks.wav
help/boat.wav
help/boatwar.wav
help/button1.wav
help/button2.wav
help/button4.wav
help/catapult.wav
help/cav1.wav
help/dock.wav
help/elephant.wav
help/farm.wav
help/govcntr.wav
help/granary.wav
help/house.wav
help/market.wav
help/monument.wav
help/pit.wav
help/ready.wav
help/rudken.wav
help/seigewrk.wav
help/stable.wav
help/temple.wav
help/tower.wav
help/twncntr.wav
help/villager.wav
help/wall.wav
language.dll
.dll windows:4 windows x86

eb3a8f5882b953e13fb5878c5c3baf99

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfo
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCommandLineA
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 835B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
learn/Default.uh
learn/Learn.txt
mapdefault.bmp
savegame/SaveGame.txt
scenario/Multiplayer Border Patrol (4-Player only).scn
scenario/Multiplayer Border Patrol (8-Player only).scn
scenario/Multiplayer Come and Get Me (4-Player only).scn
scenario/Multiplayer Come and Get Me (8-Player only).scn
scenario/Multiplayer Crossroads (4-Player maximum).scn
scenario/Multiplayer Crossroads (8-Player only).scn
scenario/Multiplayer Cutthroat (4-Player only).scn
scenario/Multiplayer Cutthroat (8-Player only).scn
scenario/Multiplayer Gold Rush (4-Player maximum).scn
scenario/Multiplayer Gold Rush (8-Player maximum).scn
scenario/Multiplayer Hill Country (4-Player maximum).scn
scenario/Multiplayer Hill Country (8-Player maximum).scn
scenario/Multiplayer Hostile Lands (8-Player maximum).scn
scenario/Multiplayer Intruder (2-Player only).scn
scenario/Multiplayer Marooned (4-Player only).scn
scenario/Multiplayer Marooned (8-Player only).scn
scenario/Multiplayer Oasis (4-Player maximum).scn
scenario/Multiplayer Oasis (8-Player only).scn
scenario/Multiplayer Passes (4-Player maximum).scn
scenario/Multiplayer Passes (8-Player only).scn
scenario/Multiplayer Pathfinder (4-Player only).scn
scenario/Multiplayer Pathfinder (8-Player only).scn
scenario/Multiplayer Rising Tide (4-Player only).scn
scenario/Multiplayer Rising Tide (8-Player only).scn
scenario/scenario.inf
sound/BIRD.WAV
sound/BIRDS1.WAV
sound/Forest2.WAV
sound/Forest3.WAV
sound/Grass2.WAV
sound/LAKE1.WAV
sound/LOST.MID
sound/MUSIC1.MID
sound/MUSIC2.MID
sound/MUSIC3.MID
sound/MUSIC4.MID
sound/MUSIC5.MID
sound/MUSIC6.MID
sound/MUSIC7.MID
sound/MUSIC8.MID
sound/MUSIC9.MID
sound/OPEN.MID
sound/TAUNT008.wav
sound/TAUNT009.wav
sound/TAUNT011.wav
sound/TAUNT016.wav
sound/TAUNT017.wav
sound/TAUNT018.wav
sound/Taunt001.wav
sound/Taunt002.wav
sound/Taunt003.wav
sound/Taunt004.wav
sound/Taunt005.wav
sound/Taunt006.wav
sound/Taunt007.wav
sound/Taunt010.wav
sound/Taunt015.wav
sound/Taunt019.wav
sound/Taunt020.wav
sound/Taunt021.wav
sound/Taunt022.wav
sound/Taunt023.wav
sound/Taunt024.wav
sound/Taunt025.wav
sound/WON.MID
sound/desert1.WAV
sound/desert2.WAV
sound/desert3.wav
sound/desert4.WAV
sound/forest1.wav
sound/forest4.WAV
sound/grass3.WAV
sound/ocean1.wav
sound/ocean2.wav
sound/ocean3.WAV
sound/ocean4.WAV
sound/ocean5.WAV
sound/stream2.wav
sound/taunt012.wav
sound/taunt013.wav
sound/taunt014.wav
sound/wind1.WAV
sound/wind2.wav

Sharing

General

Malware Config

Signatures

Files

a8354c454bdfa09199d5d2d7b23231ec

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvfw32

winmm

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 9KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

f060043a29910d8b427ee409310ded76

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

dplayx

dsound

ddraw

winmm

imm32

msvfw32

ole32

wsock32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

THIS_COD Size: 43KB - Virtual size: 42KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 55KB - Virtual size: 1.6MB

.idata Size: 7KB - Virtual size: 6KB

THIS_DAT Size: 512B - Virtual size: 144B

Inf32Dat Size: 43KB - Virtual size: 43KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 75KB - Virtual size: 74KB

Headers

File Characteristics

Sections

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 512B - Virtual size: 12B

12935b91d5a597703a17728e22d8e2c5

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 1024B - Virtual size: 943B

.data Size: 11KB - Virtual size: 15KB

.idata Size: 1KB - Virtual size: 1KB

60ad486e7dfff962be76ccc229dd1a13

Headers

File Characteristics

Imports

user32

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 1024B - Virtual size: 929B

.data Size: 10KB - Virtual size: 16KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 392B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 9KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 1.2MB - Virtual size: 1.2MB

THIS_COD
Size: 43KB - Virtual size: 42KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 55KB - Virtual size: 1.6MB

.idata
Size: 7KB - Virtual size: 6KB

THIS_DAT
Size: 512B - Virtual size: 144B

Inf32Dat
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 1024B - Virtual size: 943B

.data
Size: 11KB - Virtual size: 15KB

.idata
Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 929B

.data
Size: 10KB - Virtual size: 16KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 392B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 1024B - Virtual size: 943B

.data
Size: 5KB - Virtual size: 9KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 835B

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 147KB - Virtual size: 146KB

.reloc
Size: 1KB - Virtual size: 1KB