1[.]0[.]5[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

1.0.5.7z
Size

5.4MB
MD5

b51338c7eb3ff92cb80ae904760d5d3f
SHA1

e0ad607219962a8afb29be7edd463da4f2012b9f
SHA256

7d5339c3fcd7e1488f2045c7f9ea6f37b325e3b844eb6fb511406cb62d32acf8
SHA512

79682ff82dc13191600732aa5013a0aab015c76034980ebef5b1cd868dcc49b796c94d9c5f255859993e32f0b22da96407f90dc31d7f3b86b3576b1b8ef9227d
SSDEEP

98304:wvajAqQKuCSiDsOcDnhRdRstN7/yQRMr6DFnC1mP+lrhGyUxF184NxzeBv:wajAD6Lbc5RstN76rr6Bn5mldGDxzfNG

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1.0.5/Alice.exe
unpack001/1.0.5/Alice512.exe
unpack001/1.0.5/AliceSSE.exe
unpack001/1.0.5/dbg_alice.exe
unpack001/1.0.5/launch_alice.exe

Files

1.0.5.7z
.7z
1.0.5/Alice.exe
.exe windows:6 windows x64 arch:x64

3e2f121d69f8700a4aaf91556708794c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

glBindTexture
glBlendFunc
glClear
glClearColor
glCullFace
glDeleteTextures
glDepthRange
glDisable
glDrawArrays
glDrawElements
glEnable
glGenTextures
glGetError
glGetIntegerv
glGetString
glLineWidth
glPixelStorei
glTexImage2D
glTexParameteri
glTexSubImage2D
glViewport
wglCreateContext
wglDeleteContext
wglGetCurrentDC
wglGetProcAddress
wglMakeCurrent

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
htons
inet_pton
ioctlsocket
listen
recv
select
send
setsockopt
shutdown
socket

kernel32

AcquireSRWLockExclusive
CloseHandle
CloseThreadpoolTimer
CloseThreadpoolWait
CompareStringW
CreateDirectoryW
CreateEventExW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateProcessW
CreateSemaphoreExW
CreateThread
CreateThreadpoolTimer
CreateThreadpoolWait
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushProcessWriteBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumberEx
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLogicalProcessorInformationEx
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadGroupAffinity
GetThreadPriority
GetThreadTimes
GetTickCount64
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSRWLockExclusive
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadGroupAffinity
SetThreadPriority
SetThreadpoolTimer
SetThreadpoolWait
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

AdjustWindowRectExForDpi
BeginPaint
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
EndPaint
GetClientRect
GetDC
GetDpiForWindow
GetKeyState
GetMonitorInfoW
GetSystemMetrics
GetWindowLongPtrW
LoadCursorFromFileW
LoadCursorW
LoadImageW
MessageBoxA
MessageBoxW
MonitorFromWindow
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
SetCapture
SetClassLongPtrW
SetCursor
SetProcessDpiAwarenessContext
SetUserObjectInformationA
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
ShowWindow
TranslateMessage
UpdateWindow

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers

shell32

CommandLineToArgvW
SHGetKnownFolderPath

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 33.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1.0.5/Alice512.exe
.exe windows:6 windows x64 arch:x64

3e2f121d69f8700a4aaf91556708794c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

glBindTexture
glBlendFunc
glClear
glClearColor
glCullFace
glDeleteTextures
glDepthRange
glDisable
glDrawArrays
glDrawElements
glEnable
glGenTextures
glGetError
glGetIntegerv
glGetString
glLineWidth
glPixelStorei
glTexImage2D
glTexParameteri
glTexSubImage2D
glViewport
wglCreateContext
wglDeleteContext
wglGetCurrentDC
wglGetProcAddress
wglMakeCurrent

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
htons
inet_pton
ioctlsocket
listen
recv
select
send
setsockopt
shutdown
socket

kernel32

AcquireSRWLockExclusive
CloseHandle
CloseThreadpoolTimer
CloseThreadpoolWait
CompareStringW
CreateDirectoryW
CreateEventExW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateProcessW
CreateSemaphoreExW
CreateThread
CreateThreadpoolTimer
CreateThreadpoolWait
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushProcessWriteBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumberEx
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLogicalProcessorInformationEx
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadGroupAffinity
GetThreadPriority
GetThreadTimes
GetTickCount64
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSRWLockExclusive
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadGroupAffinity
SetThreadPriority
SetThreadpoolTimer
SetThreadpoolWait
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

AdjustWindowRectExForDpi
BeginPaint
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
EndPaint
GetClientRect
GetDC
GetDpiForWindow
GetKeyState
GetMonitorInfoW
GetSystemMetrics
GetWindowLongPtrW
LoadCursorFromFileW
LoadCursorW
LoadImageW
MessageBoxA
MessageBoxW
MonitorFromWindow
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
SetCapture
SetClassLongPtrW
SetCursor
SetProcessDpiAwarenessContext
SetUserObjectInformationA
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
ShowWindow
TranslateMessage
UpdateWindow

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers

shell32

CommandLineToArgvW
SHGetKnownFolderPath

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 33.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1.0.5/AliceSSE.exe
.exe windows:6 windows x64 arch:x64

3e2f121d69f8700a4aaf91556708794c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

glBindTexture
glBlendFunc
glClear
glClearColor
glCullFace
glDeleteTextures
glDepthRange
glDisable
glDrawArrays
glDrawElements
glEnable
glGenTextures
glGetError
glGetIntegerv
glGetString
glLineWidth
glPixelStorei
glTexImage2D
glTexParameteri
glTexSubImage2D
glViewport
wglCreateContext
wglDeleteContext
wglGetCurrentDC
wglGetProcAddress
wglMakeCurrent

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
htons
inet_pton
ioctlsocket
listen
recv
select
send
setsockopt
shutdown
socket

kernel32

AcquireSRWLockExclusive
CloseHandle
CloseThreadpoolTimer
CloseThreadpoolWait
CompareStringW
CreateDirectoryW
CreateEventExW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateProcessW
CreateSemaphoreExW
CreateThread
CreateThreadpoolTimer
CreateThreadpoolWait
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushProcessWriteBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentProcessorNumberEx
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLogicalProcessorInformationEx
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadGroupAffinity
GetThreadPriority
GetThreadTimes
GetTickCount64
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSRWLockExclusive
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadGroupAffinity
SetThreadPriority
SetThreadpoolTimer
SetThreadpoolWait
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableSRW
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForSingleObject
WaitForSingleObjectEx
WaitForThreadpoolTimerCallbacks
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

AdjustWindowRectExForDpi
BeginPaint
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
EndPaint
GetClientRect
GetDC
GetDpiForWindow
GetKeyState
GetMonitorInfoW
GetSystemMetrics
GetWindowLongPtrW
LoadCursorFromFileW
LoadCursorW
LoadImageW
MessageBoxA
MessageBoxW
MonitorFromWindow
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
SetCapture
SetClassLongPtrW
SetCursor
SetProcessDpiAwarenessContext
SetUserObjectInformationA
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
ShowWindow
TranslateMessage
UpdateWindow

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers

shell32

CommandLineToArgvW
SHGetKnownFolderPath

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

Sections

.text
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 33.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1.0.5/assets/alice.csv
1.0.5/assets/alice.gfx
1.0.5/assets/alice.gui
1.0.5/assets/alice_ds.png
.png
1.0.5/assets/alice_save_entry.png
.png
1.0.5/assets/alice_ws.png
.png
1.0.5/assets/battle_blue.png
.png
1.0.5/assets/battle_ends.png
.png
1.0.5/assets/battle_red.png
.png
1.0.5/assets/coastborder.dds
1.0.5/assets/diginpips.png
.png
1.0.5/assets/event_auto.png
.png
1.0.5/assets/fonts/LibreCaslonText-Italic.ttf
1.0.5/assets/fonts/LibreCaslonText-Regular.ttf
1.0.5/assets/fonts/OFL-lct.txt
1.0.5/assets/fonts/OFL-ssp4.txt
1.0.5/assets/fonts/SourceSerif4Subhead-Regular.ttf
1.0.5/assets/fonts/font.txt
1.0.5/assets/gold_dot_strip.png
.png
1.0.5/assets/gradient.dds
1.0.5/assets/imp_border.dds
1.0.5/assets/launcher_bg.png
.png
1.0.5/assets/launcher_big_button.png
.png
1.0.5/assets/launcher_big_left.png
.png
1.0.5/assets/launcher_big_right.png
.png
1.0.5/assets/launcher_check.png
.png
1.0.5/assets/launcher_close.png
.png
1.0.5/assets/launcher_down.png
.png
1.0.5/assets/launcher_left.png
.png
1.0.5/assets/launcher_line_bg.png
.png
1.0.5/assets/launcher_no_check.png
.png
1.0.5/assets/launcher_right.png
.png
1.0.5/assets/launcher_up.png
.png
1.0.5/assets/leader_select_replacement.png
.png
1.0.5/assets/mapfont.png
.png
1.0.5/assets/mapmode_con.png
.png
1.0.5/assets/mapmode_employment.png
.png
1.0.5/assets/mapmode_factory.png
.png
1.0.5/assets/mapmode_fort.png
.png
1.0.5/assets/mapmode_growth.png
.png
1.0.5/assets/mapmode_ideology.png
.png
1.0.5/assets/mapmode_income.png
.png
1.0.5/assets/mapmode_issues.png
.png
1.0.5/assets/mapmode_literacy.png
.png
1.0.5/assets/mapmode_militancy.png
.png
1.0.5/assets/mapmode_religion.png
.png
1.0.5/assets/message_disp_options.png
.png
1.0.5/assets/nat_border.dds
1.0.5/assets/naval_combat_bg_2.png
.png
1.0.5/assets/new_panel_bg.png
.png
1.0.5/assets/odds_icon.dds
1.0.5/assets/orgbar_bottom.png
.png
1.0.5/assets/orgbar_top.png
.png
1.0.5/assets/port_bars.png
.png
1.0.5/assets/port_empty.png
.png
1.0.5/assets/port_ex.png
.png
1.0.5/assets/port_small.png
.png
1.0.5/assets/port_small_nc.png
.png
1.0.5/assets/prov_border.dds
1.0.5/assets/retreat.png
.png
1.0.5/assets/river.dds
1.0.5/assets/shaders/glsl/line_unit_arrow_f.glsl
1.0.5/assets/shaders/glsl/line_unit_arrow_v.glsl
1.0.5/assets/shaders/glsl/map_f.glsl
1.0.5/assets/shaders/glsl/map_v.glsl
1.0.5/assets/shaders/glsl/msaa_f_shader.glsl
1.0.5/assets/shaders/glsl/msaa_v_shader.glsl
1.0.5/assets/shaders/glsl/screen_v.glsl
1.0.5/assets/shaders/glsl/text_line_f.glsl
1.0.5/assets/shaders/glsl/text_line_v.glsl
1.0.5/assets/shaders/glsl/textured_line_b_f.glsl
1.0.5/assets/shaders/glsl/textured_line_b_v.glsl
1.0.5/assets/shaders/glsl/textured_line_f.glsl
1.0.5/assets/shaders/glsl/textured_line_v.glsl
1.0.5/assets/shaders/glsl/ui_f_shader.glsl
1.0.5/assets/shaders/glsl/ui_v_shader.glsl
1.0.5/assets/shaders/glsl/white_color_f.glsl
1.0.5/assets/shaders/hlsl/line_unit_arrow_pix.txt
1.0.5/assets/shaders/hlsl/line_unit_arrow_vtx.txt
1.0.5/assets/shaders/hlsl/map_pix.txt
1.0.5/assets/shaders/hlsl/map_vtx.txt
1.0.5/assets/shaders/hlsl/msaa_pix_shader.txt
1.0.5/assets/shaders/hlsl/msaa_vex_shader.txt
1.0.5/assets/shaders/hlsl/screen_vex.txt
1.0.5/assets/shaders/hlsl/text_line_pix.txt
1.0.5/assets/shaders/hlsl/text_line_vtx.txt
1.0.5/assets/shaders/hlsl/textured_line_b_pix.txt
1.0.5/assets/shaders/hlsl/textured_line_b_vtx.txt
1.0.5/assets/shaders/hlsl/textured_line_pix.txt
1.0.5/assets/shaders/hlsl/textured_line_vtx.txt
1.0.5/assets/shaders/hlsl/ui_pix_shader.txt
1.0.5/assets/shaders/hlsl/ui_vtx_shader.txt
1.0.5/assets/shaders/hlsl/white_color_pix.txt
1.0.5/assets/siege_bottom.png
.png
1.0.5/assets/siege_top.png
.png
1.0.5/assets/siegeframe.png
.png
1.0.5/assets/sm_gold_cannon.png
.png
1.0.5/assets/sm_gold_train.png
.png
1.0.5/assets/small_bank.dds
1.0.5/assets/small_fort.dds
1.0.5/assets/small_port.dds
1.0.5/assets/small_rail.dds
1.0.5/assets/small_uframes.png
.png
1.0.5/assets/small_university.dds
1.0.5/assets/state_border.dds
1.0.5/assets/trigger_not.dds
1.0.5/assets/trigger_yes.dds
1.0.5/assets/unit_flag_mask.png
.png
1.0.5/assets/unit_flag_overlay.png
.png
1.0.5/assets/unitframes.png
.png
1.0.5/assets/unitleftedges.png
.png
1.0.5/assets/unitrightedge.png
.png
1.0.5/assets/unitstatus.png
.png
1.0.5/dbg_alice.exe
.exe windows:6 windows x64 arch:x64

c8a76406b2714db9b744d4e994e5d89d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetProcAddress
WriteConsoleW
CreateToolhelp32Snapshot
Process32FirstW
GetCurrentProcessId
CloseHandle
Process32NextW
CreateDirectoryW
Thread32First
GetProcessId
OpenThread
Thread32Next
CreateFileW
AttachConsole
GetStdHandle
OpenProcess
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
GetCurrentProcess
TerminateProcess
SetStdHandle
GetFileType
DuplicateHandle
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
WriteFile
HeapAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
FlushFileBuffers
GetConsoleOutputCP

user32

MessageBoxW

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1.0.5/launch_alice.exe
.exe windows:6 windows x64 arch:x64

a55b87833435e763c53904a83fcc95d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

opengl32

glGetIntegerv
glGetString
wglGetProcAddress
wglGetCurrentDC
glDrawArrays
wglDeleteContext
wglMakeCurrent
wglCreateContext
glDeleteTextures
glTexImage2D
glTexSubImage2D
glTexParameteri
glBindTexture
glGenTextures
glDepthRange
glViewport
glBlendFunc
glEnable
glClear
glClearColor

kernel32

GetModuleHandleA
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetCurrentThread
EncodePointer
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
LoadLibraryW
LoadLibraryExW
SetLastError
GetLastError
DeleteCriticalSection
SleepConditionVariableSRW
WakeAllConditionVariable
GetStringTypeW
SetStdHandle
HeapSize
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
VirtualAlloc
GetSystemInfo
VirtualFree
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
MapViewOfFile
GetFileSizeEx
GetModuleFileNameW
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
WriteFile
SetEndOfFile
CreateDirectoryW
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
IsProcessorFeaturePresent
CreateProcessW
GlobalLock
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
CreateThread
GetProcAddress
GetCurrentProcess
InitializeCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
ReadFile
HeapFree
CreateFileA
HeapReAlloc
HeapAlloc
CreateFileMappingA
GetProcessHeap
TryAcquireSRWLockExclusive
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetFileType
GetStdHandle
ExitProcess
GetModuleHandleExW
ExitThread
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
RtlUnwind
RtlUnwindEx
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcessId
GetStartupInfoW
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VerifyVersionInfoW
GetProcessAffinityMask
VerSetConditionMask
ReleaseSemaphore
DuplicateHandle
SetThreadGroupAffinity
GetThreadGroupAffinity
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
InitializeSListHead
SetEvent
GlobalUnlock
SignalObjectAndWait
AcquireSRWLockExclusive
GetCurrentProcessorNumberEx
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetThreadPriority
LoadLibraryA
WriteConsoleW
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObjectEx
Sleep
SwitchToThread
GetCurrentThreadId
GetExitCodeThread
InitializeCriticalSectionEx
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetSystemTimeAsFileTime
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
ReleaseSRWLockExclusive
SetThreadPriority

user32

GetKeyState
MessageBoxA
MessageBoxW
GetWindowRect
GetMessageW
SetProcessDpiAwarenessContext
SetUserObjectInformationA
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
InvalidateRect
DispatchMessageW
TranslateMessage
UpdateWindow
CreateWindowExW
RegisterClassExW
GetSystemMetrics
LoadImageW
LoadCursorW
EndPaint
BeginPaint
PostQuitMessage
DefWindowProcW
GetDC
PostMessageW
ShowWindow
SetWindowPos
GetDpiForWindow
GetMonitorInfoW
MonitorFromWindow

gdi32

ChoosePixelFormat
SwapBuffers
SetPixelFormat

shell32

SHGetKnownFolderPath
ShellExecuteW

ole32

CoTaskMemFree
CoUninitialize
CoInitializeEx

advapi32

GetUserNameA

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 620KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1.0.5/leeme O SI NO.txt
1.0.5/read me OR ELSE.txt

Sharing

General

Malware Config

Signatures

Files

3e2f121d69f8700a4aaf91556708794c

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 7.1MB - Virtual size: 7.1MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 23KB - Virtual size: 33.4MB

.pdata Size: 298KB - Virtual size: 297KB

.00cfg Size: 512B - Virtual size: 56B

.gxfg Size: 6KB - Virtual size: 6KB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 181KB - Virtual size: 181KB

3e2f121d69f8700a4aaf91556708794c

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 7.6MB - Virtual size: 7.6MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 23KB - Virtual size: 33.4MB

.pdata Size: 296KB - Virtual size: 295KB

.00cfg Size: 512B - Virtual size: 56B

.gxfg Size: 6KB - Virtual size: 6KB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 181KB - Virtual size: 181KB

3e2f121d69f8700a4aaf91556708794c

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

ws2_32

kernel32

user32

gdi32

shell32

ole32

Sections

.text Size: 7.0MB - Virtual size: 7.0MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 23KB - Virtual size: 33.4MB

.pdata Size: 297KB - Virtual size: 296KB

.00cfg Size: 512B - Virtual size: 56B

.gxfg Size: 7KB - Virtual size: 6KB

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 67KB - Virtual size: 66KB

.reloc Size: 181KB - Virtual size: 181KB

c8a76406b2714db9b744d4e994e5d89d

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

.text
Size: 7.1MB - Virtual size: 7.1MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 23KB - Virtual size: 33.4MB

.pdata
Size: 298KB - Virtual size: 297KB

.00cfg
Size: 512B - Virtual size: 56B

.gxfg
Size: 6KB - Virtual size: 6KB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 181KB - Virtual size: 181KB

.text
Size: 7.6MB - Virtual size: 7.6MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 23KB - Virtual size: 33.4MB

.pdata
Size: 296KB - Virtual size: 295KB

.00cfg
Size: 512B - Virtual size: 56B

.gxfg
Size: 6KB - Virtual size: 6KB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 181KB - Virtual size: 181KB

.text
Size: 7.0MB - Virtual size: 7.0MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 23KB - Virtual size: 33.4MB

.pdata
Size: 297KB - Virtual size: 296KB

.00cfg
Size: 512B - Virtual size: 56B

.gxfg
Size: 7KB - Virtual size: 6KB

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 181KB - Virtual size: 181KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 5KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 5.3MB - Virtual size: 5.3MB

.rdata
Size: 620KB - Virtual size: 619KB

.data
Size: 14KB - Virtual size: 60KB

.pdata
Size: 153KB - Virtual size: 152KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 67KB - Virtual size: 66KB

.reloc
Size: 21KB - Virtual size: 20KB