94565429864d56368b14b416fe2c0ee827d8570d1c93536afbd6b8139405ace2

Sharing

Copy URL Twitter E-mail

General

Target

94565429864d56368b14b416fe2c0ee827d8570d1c93536afbd6b8139405ace2
Size

982KB
MD5

40330a2dc43bcdce2e1d858ee0b572fb
SHA1

98b76a46fa3d02365aaa202caa4207cd2c488c10
SHA256

94565429864d56368b14b416fe2c0ee827d8570d1c93536afbd6b8139405ace2
SHA512

9fbd0fead8f94516e54f742025e8452378abc1318bd44574437eccea29c562015a8b62ce8d06584defc52ceed305e9847936bc7c300aaeda9cd60bd29778941e
SSDEEP

24576:BtyFQz056ZVBRgPWFIuoQ43WY2ADjZYrmldlI7OWxl:BtyizBX43WY2ADjZ/xI7OW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94565429864d56368b14b416fe2c0ee827d8570d1c93536afbd6b8139405ace2

Files

94565429864d56368b14b416fe2c0ee827d8570d1c93536afbd6b8139405ace2
.dll windows:5 windows x64 arch:x64

4607a484babee94dded7a71556e2d9af

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\PC4399SDKProject\PC4399SDK\x64\Release\PC4399SDK.pdb

Imports

kernel32

GetUserDefaultLCID
GetFileAttributesExW
GetFileSizeEx
GetCurrentDirectoryW
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetFileType
GetConsoleCP
GetConsoleMode
SetFilePointerEx
IsDebuggerPresent
IsProcessorFeaturePresent
VirtualAlloc
VirtualProtect
VirtualQuery
GetCommandLineA
RtlUnwindEx
RtlLookupFunctionEntry
RtlPcToFileHeader
ExitThread
ExitProcess
HeapQueryInformation
ReadConsoleW
GetStdHandle
GetOEMCP
GetCPInfo
GetStringTypeW
SetStdHandle
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteConsoleW
GetDateFormatW
GetTimeFormatW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
GetDriveTypeW
SetEnvironmentVariableA
GetFileTime
GetFileAttributesW
GlobalFlags
GetStartupInfoW
GetLocaleInfoW
CompareStringW
lstrcmpA
GlobalGetAtomNameW
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetTickCount
FileTimeToSystemTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
SuspendThread
SetThreadPriority
CreateEventW
WaitForSingleObject
SetEvent
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
GetSystemDirectoryW
EncodePointer
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
GetModuleHandleExW
SetLastError
OutputDebugStringA
GetACP
Sleep
DecodePointer
HeapSize
RaiseException
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetPrivateProfileStringW
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
CreateDirectoryW
GetModuleFileNameW
MoveFileW
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFree
GetVersionExW
GetSystemInfo
GetLastError
TerminateProcess
OpenProcess
GetCurrentProcessId
FreeLibrary
LoadLibraryW
LocalFree
FormatMessageW
ResumeThread
CloseHandle
CreateThread
MultiByteToWideChar
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
IsValidCodePage
WideCharToMultiByte

user32

CreatePopupMenu
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
SetRectEmpty
CharNextW
RealChildWindowFromPoint
GetSysColorBrush
MapDialogRect
SetWindowContextHelpId
CharUpperW
SetRect
InvalidateRgn
CopyAcceleratorTableW
GetMenuItemInfoW
DestroyMenu
IsRectEmpty
DrawIcon
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
IntersectRect
InflateRect
ClientToScreen
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
IsDialogMessageW
SetWindowTextW
IsWindowEnabled
ShowWindow
GetMonitorInfoW
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongPtrW
SetWindowLongPtrW
GetWindowLongPtrW
EqualRect
CopyRect
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
GetForegroundWindow
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
FillRect
LoadBitmapW
GetDC
ReleaseDC
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyWindow
IsChild
CreateWindowExW
GetClassInfoExW
ShowOwnedPopups
MessageBeep
GetNextDlgGroupItem
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
RegisterClipboardFormatW
ReuseDDElParam
UnpackDDElParam
MonitorFromWindow
InsertMenuItemW
EnableWindow
GetWindowRect
SetWindowRgn
InvalidateRect
SendMessageW
SetCursor
LoadCursorW
GetParent
GetSysColor
GetClientRect
SystemParametersInfoW
ScreenToClient
PostMessageW
PostQuitMessage
MessageBoxW
PostThreadMessageW
wsprintfW
GetCursorPos
SetCapture
OffsetRect
ReleaseCapture
IsWindow
GetWindowLongW
AdjustWindowRectEx
MoveWindow
GetWindowThreadProcessId
GetWindowTextA
IsWindowVisible
EnumWindows
IsIconic
SetWindowPos
ShowWindowAsync
GetSystemMenu
DeleteMenu
AppendMenuW
GetSystemMetrics
GetSubMenu
KillTimer
SetTimer
SetWindowLongW
UpdateLayeredWindow
PtInRect
SetForegroundWindow
UnregisterClassW
SendDlgItemMessageA
LoadMenuW
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos

gdi32

SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetMapMode
CreateEllipticRgn
LPtoDP
GetTextExtentPoint32W
GetRgnBox
GetBkColor
GetTextColor
ExtTextOutW
TextOutW
Ellipse
CreateCompatibleDC
SetMapMode
SetBkMode
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
CreateSolidBrush
CreatePatternBrush
CreateRectRgnIndirect
CreateBitmap
SetTextColor
SetBkColor
GetDeviceCaps
CreateFontIndirectW
BitBlt
GetPixel
CreateCompatibleBitmap
GetObjectW
DeleteObject
DeleteDC
GetStockObject
SelectObject
CreateDIBSection

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW

shell32

DragQueryFileW
DragFinish
ShellExecuteW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoTaskMemFree
OleDraw
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysStringByteLen
VariantCopy
SysAllocStringLen
VariantChangeType
LoadRegTypeLi
DispCallFunc
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
LoadTypeLi
SafeArrayCreate
SysAllocStringByteLen
SysAllocString
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
OleCreateFontIndirect
VariantInit
VariantClear
SafeArrayGetDim
SysFreeString
SafeArrayGetElemsize

oledlg

OleUIBusyW

gdiplus

GdipDrawString
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateFromHDC
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipCreateStringFormat
GdipLoadImageFromStream
GdipSetSmoothingMode
GdipDrawImageRect
GdipCreateSolidFill
GdipDeleteBrush
GdipFillRectangleI
GdipCreatePath
GdipDeletePath
GdipAddPathLine
ord1
GdipFillPath
GdipCreateFontFamilyFromName
GdipCreateFont
GdipDeleteFont
GdipMeasureString

wininet

InternetSetCookieW
InternetGetCookieW
InternetGetConnectedState

iphlpapi

GetAdaptersInfo

winhttp

WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpConnect
WinHttpCrackUrl
WinHttpSetTimeouts
WinHttpOpen
WinHttpCloseHandle
WinHttpReadData
WinHttpSetOption

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Exports

Exports

DoMGLogin
DoMGLogout
DoMGPay
GetMGVersion
InitZzMGSDK
SetGameProcessId

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4607a484babee94dded7a71556e2d9af

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

oledlg

gdiplus

wininet

iphlpapi

winhttp

oleacc

Exports

Exports

Sections

.text Size: 592KB - Virtual size: 591KB

.rdata Size: 246KB - Virtual size: 245KB

.data Size: 21KB - Virtual size: 48KB

.pdata Size: 35KB - Virtual size: 35KB

.rsrc Size: 73KB - Virtual size: 73KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 592KB - Virtual size: 591KB

.rdata
Size: 246KB - Virtual size: 245KB

.data
Size: 21KB - Virtual size: 48KB

.pdata
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 73KB - Virtual size: 73KB

.reloc
Size: 13KB - Virtual size: 12KB