[Ryuumgames] RY-RJ212641 (1)[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

[Ryuumgames] RY-RJ212641 (1).rar
Size

609.1MB
MD5

895c5c6d87c225f600d0250808be4c36
SHA1

e4512588cc7b529eec83cf4b8fcc2f28097e0c08
SHA256

11212e7149996d8b0c45f84d90e073e8a7200bb776211a59eb6210ae6619bf96
SHA512

5dd6ed7658c2035f6ae8113ec88867e9cc5a78142168287e76f64c97a1039a1ac873ef6ec934895e4434d3e9de2c645c111f0759ad29ac29f463ec2004fe5c27
SSDEEP

12582912:6mMX/FcoFilYsPOrootPou8wR0bNuPotI:94ypYsPru3kUJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RJ212641/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[1.53/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[.exe

Files

[Ryuumgames] RY-RJ212641 (1).rar
.rar

Password: ryuugames.com
Download Visual Novel Japanese and English - Ryuugames.url
RJ212641/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[1.53/ReadMe.txt
RJ212641/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[1.53/data.pac
RJ212641/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[1.53/à–¾‘.txt
RJ212641/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[1.53/ƒSƒuƒŠƒ“ƒEƒH[ƒJ[.exe
.exe windows:5 windows x86 arch:x86

Password: ryuugames.com

e6eb9784e3e43efe106eacda31be13ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeBeginPeriod
timeEndPeriod
mmioStringToFOURCCA
joyGetPosEx
joyGetDevCapsW
mmioAscend
mmioDescend
mmioSeek
mmioRead
mmioClose
mmioOpenW
timeGetDevCaps

imm32

ImmDisableIME
ImmSetCompositionWindow
ImmGetContext

shlwapi

PathIsDirectoryW
PathFileExistsW

d3d9

Direct3DCreate9

dsound

ord11

kernel32

GetFileType
DecodePointer
GetACP
CreateProcessA
ExitThread
GetModuleHandleExW
VirtualQuery
RtlUnwind
RaiseException
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
GetTimeFormatW
CompareStringW
FindFirstFileExA
GetCPInfo
EnumSystemLocalesW
GetConsoleMode
GetUserDefaultUILanguage
LockResource
GlobalMemoryStatusEx
LocalFree
GetCurrentProcessId
GetCurrentThread
SetThreadAffinityMask
GetLastError
SetLastError
IsDebuggerPresent
ReleaseMutex
Sleep
LoadResource
SizeofResource
GetFileSize
GetStdHandle
FindClose
CloseHandle
GetLocalTime
GetTickCount
FormatMessageA
GetModuleFileNameW
OutputDebugStringA
OutputDebugStringW
FindResourceA
EnumResourceTypesA
EnumResourceNamesA
GetSystemDirectoryW
GetTempPathW
GetCurrentDirectoryW
CreateFileW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
WideCharToMultiByte
FillConsoleOutputCharacterA
FillConsoleOutputAttribute
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
SetConsoleTextAttribute
AllocConsole
FreeConsole
TerminateThread
WaitForSingleObject
lstrlenA
LoadLibraryExA
GetModuleHandleW
FindResourceW
EnumResourceNamesW
FlushFileBuffers
MapViewOfFile
ReadConsoleW
GetSystemTime
GetSystemTimeAsFileTime
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
LCMapStringW
CreateFileMappingA
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
HeapReAlloc
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
GetVersionExW
CreateMutexW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
GetDiskFreeSpaceW
InterlockedCompareExchange
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
GetCurrentThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameA
ExitProcess
InterlockedExchange
lstrcmpiA
GetModuleHandleA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
EncodePointer
UnregisterWait
RegisterWaitForSingleObject
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
ResetEvent
SetEvent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
SwitchToThread
GetCurrentProcess
DuplicateHandle
SetFilePointerEx
GetStringTypeW
GetDriveTypeW
GetConsoleCP
GetTimeZoneInformation
GetExitCodeProcess
GetDateFormatW
GetLocaleInfoW
IsValidLocale
LockFileEx
GetUserDefaultLCID
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW
CreateFileMappingW
MoveFileExW
CreatePipe

user32

EnableMenuItem
CheckMenuItem
GetSystemMenu
GetMenu
IsZoomed
IsIconic
IsWindowVisible
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
PostQuitMessage
InsertMenuItemW
SendMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetKeyState
GetMonitorInfoA
MonitorFromRect
SystemParametersInfoW
IntersectRect
MessageBoxA
GetSystemMetrics
GetActiveWindow
GetDoubleClickTime
MessageBoxW
GetAsyncKeyState
wsprintfW
GetMenuItemInfoW
SetMenuItemInfoW
GetForegroundWindow
InvalidateRect
SetWindowTextW
GetClientRect
GetWindowRect
AdjustWindowRectEx
SetCursor
GetCursorPos
ScreenToClient
GetWindowLongA
GetWindowLongW
SetWindowLongW
LoadCursorW
DestroyCursor
ReleaseCapture
SetCapture
GetCapture
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
DrawIconEx
GetMenuItemCount
LoadImageA
DefWindowProcW
LoadIconW

gdi32

CreateDIBSection
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC

shell32

ShellExecuteW
SHGetFolderPathW
DragAcceptFiles

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ryuugames.txt

Sharing

General

Malware Config

Signatures

Files

Password: ryuugames.com

Password: ryuugames.com

e6eb9784e3e43efe106eacda31be13ae

Headers

DLL Characteristics

File Characteristics

Imports

winmm

imm32

shlwapi

d3d9

dsound

kernel32

user32

gdi32

shell32

advapi32

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rdata Size: 2.1MB - Virtual size: 2.1MB

.data Size: 100KB - Virtual size: 176KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 528KB - Virtual size: 528KB

.reloc Size: 182KB - Virtual size: 181KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 100KB - Virtual size: 176KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 528KB - Virtual size: 528KB

.reloc
Size: 182KB - Virtual size: 181KB