c49fa434723f9615f4df3461ad9ccd42

Sharing

Copy URL Twitter E-mail

General

Target

c49fa434723f9615f4df3461ad9ccd42
Size

29.6MB
MD5

c49fa434723f9615f4df3461ad9ccd42
SHA1

3d404638985ceba15b3689ec4c5f3f22ba8a2058
SHA256

8b1e2ed07e27f153eb869b123730c56aaf7de6f5b8be1f8ed6d56880ed9bd6d1
SHA512

0dcea5387dc7574e74e3e3694b35d7d4edd59857d923ed2c23d671aa5a04e3f466385eaa86a1982fb9f84fcc0371f44b160049f3b130c223747df83f10bb4436
SSDEEP

786432:BePUM72ltyXoqBnk7V/sRY5Z2oKXOW7rRlgDPJzRpuj:BecM8oYqGgOUf+J1puj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Tibia.exe

Files

c49fa434723f9615f4df3461ad9ccd42
.zip
Tibia.dat
Tibia.exe
.exe windows:5 windows x86 arch:x86

3f40663193a9a1350c3b5d86ef93c65a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\myProjects\Player_trunk\Release\Tibia.pdb

Imports

glu32

gluOrtho2D

opengl32

glTexParameteri
wglCreateContext
glAlphaFunc
wglGetCurrentContext
glTexSubImage2D
glTexCoord2f
glLoadIdentity
wglDeleteContext
glGenTextures
wglGetProcAddress
glEnable
wglShareLists
glViewport
glMatrixMode
glBlendFunc
glTexCoord2d
glReadBuffer
glDrawBuffer
glDeleteTextures
glCopyTexSubImage2D
wglMakeCurrent
glRecti
wglGetCurrentDC
glGetTexImage
glBegin
glGetString
glDisable
glTexImage2D
glVertex2i
glBindTexture
glEnd
glColor3ub

ddraw

DirectDrawCreate

winmm

timeGetTime
PlaySoundA

kernel32

GetLastError
Sleep
lstrcpynA
GetVersionExA
GetCurrentDirectoryA
GetUserDefaultLCID
CreateMutexA
LocalAlloc
LocalFree
InterlockedExchange
RaiseException
MultiByteToWideChar
SizeofResource
LockResource
LoadResource
FindResourceW
DeactivateActCtx
ActivateActCtx
WideCharToMultiByte
GlobalAddAtomA
GlobalGetAtomNameA
lstrlenA
GetCurrentProcessId
lstrcmpW
LoadLibraryW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
EnterCriticalSection
FreeLibrary
CompareStringA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
FreeResource
FindResourceA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
lstrcmpA
LoadLibraryExA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetModuleFileNameA
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
CloseHandle
SetThreadPriority
ResumeThread
WaitForSingleObject
InitializeCriticalSection
GlobalFree
GlobalFlags
MulDiv
lstrlenW
FormatMessageA
CopyFileA
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetSystemDirectoryW
lstrcpyA
GetCPInfo
GetOEMCP
GetACP
lstrcmpiA
CreateFileA
DeleteFileA
MoveFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesExA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetNumberFormatA
SetErrorMode
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
LeaveCriticalSection
FindResourceExW
HeapFree
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
ExitThread
CreateThread
FindFirstFileExA
FindNextFileA
CreateDirectoryA
ExitProcess
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RtlUnwind
HeapQueryInformation
HeapSize
VirtualAlloc
VirtualQuery
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetStdHandle
IsValidCodePage
GetLocaleInfoW
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeW
CompareStringW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
GetProcAddress
LoadLibraryA
OutputDebugStringA
SetLastError
GlobalSize
GetVersion
QueryPerformanceFrequency
GetModuleHandleA
GetSystemInfo
QueryPerformanceCounter
GetLocaleInfoA
GlobalMemoryStatus
GlobalUnlock
GlobalAlloc
GlobalLock

user32

IsDialogMessageA
SetWindowTextA
MoveWindow
WaitMessage
PostQuitMessage
ShowOwnedPopups
TranslateMessage
GetMessageA
RealChildWindowFromPoint
GetSysColorBrush
RemoveMenu
InsertMenuA
AppendMenuA
GetMenuStringA
InflateRect
GetMenuItemInfoA
SystemParametersInfoA
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetKeyNameTextA
MapVirtualKeyA
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
UnionRect
CopyImage
UnregisterClassA
CharUpperA
SetWindowRgn
DestroyAcceleratorTable
WindowFromPoint
NotifyWinEvent
GetAsyncKeyState
SetClassLongA
LoadMenuW
MessageBeep
DrawStateA
DrawIconEx
DrawEdge
DrawFrameControl
DrawFocusRect
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
GetMenuDefaultItem
InvertRect
HideCaret
EnableScrollBar
GetNextDlgTabItem
GetIconInfo
GetNextDlgGroupItem
EndDialog
CreateDialogIndirectParamA
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
MonitorFromPoint
UpdateLayeredWindow
IsMenu
CreateMenu
PostThreadMessageA
SetMenuDefaultItem
FrameRect
GetUpdateRect
LoadImageW
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
IsCharLowerA
SubtractRect
MapDialogRect
DrawIcon
GetWindowRgn
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
CallWindowProcA
GetClassNameA
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
SetWindowPos
LoadImageA
DestroyIcon
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongA
GetDlgCtrlID
GetKeyState
PeekMessageA
GetCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InvalidateRect
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
GetMenu
GetLastActivePopup
BringWindowToTop
SetMenu
GetDesktopWindow
GetWindow
ShowWindow
GetWindowLongA
IsWindow
EnableWindow
TranslateAcceleratorA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
RegisterClassA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
LoadCursorA
GetSystemMetrics
ReleaseCapture
PostMessageA
GetCursorPos
DestroyCursor
MapVirtualKeyExA
GetKeyboardLayout
PtInRect
GetClientRect
IsZoomed
KillTimer
SetCapture
IsIconic
GetWindowRect
ScreenToClient
SetTimer
SetCursor
ClientToScreen
UpdateWindow
MessageBoxA
LoadIconW
SetForegroundWindow
ShowScrollBar
RedrawWindow
ValidateRect
CreateWindowExA
GetClassInfoExA
CloseClipboard
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
OpenClipboard
SetClipboardData
EnumDisplaySettingsA
ReleaseDC
ChangeDisplaySettingsA
SetRect
GetDC
SendMessageA

gdi32

SetTextAlign
MoveToEx
LineTo
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
Escape
IntersectClipRect
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
GetClipBox
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetTextExtentPoint32A
ExtTextOutA
SelectObject
ExcludeClipRect
SetPixelV
GetTextFaceA
ChoosePixelFormat
DescribePixelFormat
SwapBuffers
SetPixelFormat
BitBlt
CreateFontIndirectA
CreateDCA
CopyMetaFileA
ExtSelectClipRgn
DeleteDC
GetDeviceCaps
DeleteObject
GetObjectA
SetBkColor
SetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
OffsetWindowOrgEx
CreateBitmap
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
GetRgnBox
OffsetRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
CreatePatternBrush
GetStockObject
SelectPalette
DPtoLP
CombineRgn
SetRectRgn
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateDIBitmap
PatBlt
CreateRectRgnIndirect
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType

advapi32

RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

shlwapi

PathRemoveFileSpecW
PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA

wsock32

WSAGetLastError
WSACancelAsyncRequest
inet_addr
recv
shutdown
WSAAsyncGetHostByName
WSAAsyncSelect
recvfrom
sendto
connect
WSASetLastError
htons
htonl
gethostbyname
select
send
bind
socket
accept
ioctlsocket
closesocket
WSACleanup
WSAStartup

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipGetImagePalette
GdipBitmapLockBits

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetFileTitleA

ole32

OleGetClipboard
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
CoCreateGuid

oleaut32

VariantInit
SysAllocStringLen
SysFreeString
VariantChangeType
VariantClear
SysStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysAllocString

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Tibia.pic
Tibia.spr

Sharing

General

Malware Config

Signatures

Files

3f40663193a9a1350c3b5d86ef93c65a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

glu32

opengl32

ddraw

winmm

kernel32

user32

gdi32

advapi32

msimg32

comctl32

shlwapi

wsock32

oleacc

gdiplus

imm32

winspool.drv

comdlg32

ole32

oleaut32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 30KB - Virtual size: 1.9MB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 358KB - Virtual size: 357KB

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 30KB - Virtual size: 1.9MB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 358KB - Virtual size: 357KB