a2898de6d879ec54dde6311d03a366fbebae59006d762a1e321d57807ad04b3a

Sharing

Copy URL Twitter E-mail

General

Target

a2898de6d879ec54dde6311d03a366fbebae59006d762a1e321d57807ad04b3a
Size

3.5MB
MD5

6d9c95d2656529de34ee380ebf19ae85
SHA1

00f4ea586d0341b14e39236d2d3e8d53799099f9
SHA256

a2898de6d879ec54dde6311d03a366fbebae59006d762a1e321d57807ad04b3a
SHA512

dd0d2a42b8d01c6a03a15c418d98cd5d9eb1fd0c2a8ac32edab658c390c2cda8bc7c51c2297da76c78a0700428b0644917b726d11e233fd4774b493a32912d20
SSDEEP

98304:fMAsRPQPhkIsLayfXLN9+/494ujauK9xEMXC95bWIhp4Kb7:fMAsPQ2Iu5a3mWIhpf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2898de6d879ec54dde6311d03a366fbebae59006d762a1e321d57807ad04b3a

Files

a2898de6d879ec54dde6311d03a366fbebae59006d762a1e321d57807ad04b3a
.exe windows:5 windows x86 arch:x86

2e646f4a60d7d7c547c3fb8754e3317b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Work\製品\Fantasy1A\CeluSystem\Item\CeluSystem.pdb

Imports

dsound

ord11

dinput8

DirectInput8Create

d3dx9_31

D3DXFrameFind
D3DXMatrixScaling
D3DXMatrixRotationYawPitchRoll
D3DXMatrixMultiply
D3DXComputeNormals
D3DXMatrixMultiplyTranspose
D3DXMatrixTranslation

d3d11

D3D11CreateDeviceAndSwapChain

d3dx11d_43

D3DX11GetImageInfoFromMemory
D3DX11GetImageInfoFromFileW
D3DX11SaveTextureToFileW
D3DX11CompileFromFileW
D3DX11CreateShaderResourceViewFromMemory
D3DX11CreateShaderResourceViewFromFileW

d2d1

ord1

dwrite

DWriteCreateFactory

winmm

PlaySoundW
mmioGetInfo
timeGetTime
timeEndPeriod
timeBeginPeriod
mmioAscend
mmioRead
mmioDescend
mmioClose
mmioOpenW
mmioSeek
mmioSetInfo
mmioAdvance

steam_api

SteamAPI_GetHSteamPipe
SteamInternal_ContextInit
SteamAPI_GetHSteamUser
SteamAPI_Shutdown
SteamInternal_CreateInterface
SteamAPI_Init

kernel32

RaiseException
HeapFree
ExitThread
CreateThread
IsDebuggerPresent
EncodePointer
DecodePointer
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
ExitProcess
HeapQueryInformation
HeapSize
VirtualAlloc
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
RtlUnwind
QueryPerformanceCounter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetProcessHeap
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
CreateFileA
GetDriveTypeW
SetEnvironmentVariableA
GetStartupInfoW
HeapSetInformation
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateDirectoryW
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetNumberFormatW
GetWindowsDirectoryW
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesW
GetFileAttributesExW
GetTempPathW
GetTempFileNameW
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
InitializeCriticalSection
CloseHandle
WaitForMultipleObjects
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
DeleteFileW
GlobalFlags
GetSystemDirectoryW
ReleaseActCtx
CreateActCtxW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetThreadLocale
lstrlenA
GlobalGetAtomNameW
GlobalFindAtomW
GetVersionExW
CompareStringW
InitializeCriticalSectionAndSpinCount
FreeResource
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
CreateEventW
SuspendThread
SetEvent
SetThreadPriority
lstrcmpA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetModuleFileNameW
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
ActivateActCtx
LoadLibraryW
DeactivateActCtx
lstrcmpW
FreeLibrary
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleW
GetProcAddress
FindFirstFileW
FindNextFileW
FindClose
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
MulDiv
GetLastError
SetLastError
WideCharToMultiByte
WaitForSingleObject
GetExitCodeThread
ResumeThread
CopyFileW
InterlockedDecrement
InterlockedIncrement
lstrcpyW
GetLocalTime
GetCurrentDirectoryW
SetCurrentDirectoryW
IsProcessorFeaturePresent

user32

EnableScrollBar
GetIconInfo
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageW
WaitMessage
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
MapVirtualKeyExW
SubtractRect
DrawIcon
DestroyCursor
GetWindowRgn
UnregisterClassW
UnionRect
SetParent
GetSystemMenu
CopyImage
MessageBeep
GetNextDlgGroupItem
SetCapture
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
CharNextW
CharUpperW
RealChildWindowFromPoint
SetLayeredWindowAttributes
EnumDisplayMonitors
DeleteMenu
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
LoadImageW
DestroyIcon
ReleaseCapture
LoadAcceleratorsW
InvalidateRect
IsIconic
InsertMenuItemW
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
MapVirtualKeyW
GetKeyNameTextW
LoadMenuW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
HideCaret
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
RedrawWindow
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcW
CallWindowProcW
GetMenu
CopyRect
PtInRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetNextDlgTabItem
SetWindowContextHelpId
MapDialogRect
GetWindowTextLengthW
GetWindowTextW
SetFocus
SetWindowPos
MoveWindow
SetWindowLongW
GetDlgCtrlID
IsWindow
IsDialogMessageW
SendDlgItemMessageW
GetDlgItem
CheckDlgButton
GetWindow
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
wsprintfW
GetClientRect
ValidateRect
EnableWindow
LoadCursorW
GetFocus
GetParent
EnableMenuItem
CheckMenuItem
PostMessageW
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemCount
RemoveMenu
SetRect
MonitorFromPoint
GetMonitorInfoW
InvertRect
GetMenuDefaultItem
RegisterClipboardFormatW
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
GetSystemMetrics
GetCursorPos
ShowCursor
GetActiveWindow
SetWindowTextW
GetWindowRect
LoadIconW
SetMenuItemInfoW
GetSubMenu
GetMenuItemID
ModifyMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
DestroyAcceleratorTable
MonitorFromWindow
SetWindowRgn
SetCaretPos
SendMessageW
GetCaretPos
EndDialog
KillTimer
SetTimer
SetDlgItemTextW
ShowWindow
CreateDialogParamW
IsZoomed

gdi32

SetLayout
DeleteObject
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
GetBkColor
GetTextColor
GetLayout
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
GetRgnBox
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
CreateBitmap
CreateDCW
CopyMetaFileW
GetDeviceCaps
GetTextMetricsW
CreateFontW

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegCloseKey
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegEnumValueW
RegEnumKeyExW
RegOpenKeyExW

shell32

SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
SHGetFileInfoW
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteExW
SHGetPathFromIDListW
SHGetDesktopFolder
ShellExecuteW

comctl32

ImageList_GetIconSize
InitCommonControlsEx

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

ReleaseStgMedium
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
RevokeDragDrop
CoLockObjectExternal
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleUninitialize
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
OleCreateFontIndirect
SysFreeString
SysStringLen
SysAllocStringByteLen

oledlg

OleUIBusyW

gdiplus

GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdipGetImageWidth
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdiplusStartup

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e646f4a60d7d7c547c3fb8754e3317b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dsound

dinput8

d3dx9_31

d3d11

d3dx11d_43

d2d1

dwrite

winmm

steam_api

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 488KB - Virtual size: 488KB

.data Size: 34KB - Virtual size: 64KB

.rsrc Size: 209KB - Virtual size: 209KB

.reloc Size: 219KB - Virtual size: 218KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 488KB - Virtual size: 488KB

.data
Size: 34KB - Virtual size: 64KB

.rsrc
Size: 209KB - Virtual size: 209KB

.reloc
Size: 219KB - Virtual size: 218KB