c955a2e97f7a45b22c8ac36580f74f37

Sharing

Copy URL Twitter E-mail

General

Target

c955a2e97f7a45b22c8ac36580f74f37
Size

67KB
MD5

c955a2e97f7a45b22c8ac36580f74f37
SHA1

230873ebf4e88a7a8d48ba5e490e644f301c4ec1
SHA256

7737912a4f4b7885467b698cf4fb30a9bed14a252e2110f9b48a6f0c73494d2b
SHA512

01b0ca28f249e33fe3f7556e39d32ce3a6604b931f078bc33cd74b8e605da145e438859ddce407a5874fdd6c0b89d4eaa075749d893132c51bc7d655ef32f412
SSDEEP

1536:4job5jGOAD4QaGOAAhGOA2EGOAbGOAeGOADi25GOAdeJGOAq:4jo16OAD4QDOApOA2xOAqOA3OAO2UOAP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c955a2e97f7a45b22c8ac36580f74f37

Files

c955a2e97f7a45b22c8ac36580f74f37
.dll windows:4 windows x86 arch:x86

1fb5c5a0f493b7373354b80065b16cd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\mcbox\build_temp\Win32\compile\release\tool\GMUrlEncrypt\K8UrlEncrypt.pdb

Imports

k8common

?Decode@GMBlowFish@GameMgr@@QAEXPAEI0@Z
?Encode@GMBlowFish@GameMgr@@QAEIPAEI0@Z
?Initialize@GMBlowFish@GameMgr@@QAEXQAEH@Z
??1GMBlowFish@GameMgr@@QAE@XZ
??0GMBlowFish@GameMgr@@QAE@XZ
?MakeLower@GMStringUtils@GameMgr@@SAXAAV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?Decode@GMUrlEncode@GameMgr@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@ABV34@_N@Z
?GetEncodedUrl@GMUrlEncode@GameMgr@@QAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?AddGetParam@GMUrlEncode@GameMgr@@QAEXV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@0_N@Z
??1GMUrlEncode@GameMgr@@QAE@XZ
??0GMUrlEncode@GameMgr@@QAE@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@_N@Z
?Encrypt@GMBase64@GameMgr@@QAEPADPBDH@Z
?Decode@GMBase64@GameMgr@@QAEHPADPBDH@Z
??1GMBase64@GameMgr@@QAE@XZ
??0GMBase64@GameMgr@@QAE@XZ
?CalcuteMD5String@GMMD5Utils@GameMgr@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?GMStringToGMStringA@GMStringConvert@GameMgr@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@4@@Z
?CharToGMString@GMStringConvert@GameMgr@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBD@Z
?GetParamsMap@GMUrlParser@GameMgr@@QAEXAAV?$map@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@U?$less@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V12@@std@@@2@@std@@@Z
?GetUrl@GMUrlParser@GameMgr@@QAE?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@XZ
?Parse@GMUrlParser@GameMgr@@QAE_NV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
??1GMUrlParser@GameMgr@@QAE@XZ
??0GMUrlParser@GameMgr@@QAE@PB_W@Z

msvcp80

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??$?9_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_WI@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

msvcr80

_initterm
_initterm_e
_amsg_exit
_decode_pointer
__CppXcptFilter
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_encoded_null
free
_malloc_crt
_encode_pointer
??2@YAPAXI@Z
??_V@YAXPAX@Z
??3@YAXPAX@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
_adjust_fdiv
__CxxFrameHandler3
_CxxThrowException
memcpy
memset

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcr100

_isctype

mfc42u

ord6582

ole32

OleFlushClipboard

gdi32

ord1002
GetTextMetricsW

shlwapi

ord8

rpcrt4

TowerExplode

Exports

Exports

Decode
DecodeData
Encode
EncodeData

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1fb5c5a0f493b7373354b80065b16cd5

Headers

File Characteristics

PDB Paths

Imports

k8common

msvcp80

msvcr80

kernel32

msvcr100

mfc42u

ole32

gdi32

shlwapi

rpcrt4

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.l1 Size: 6KB - Virtual size: 6KB

.l1 Size: 6KB - Virtual size: 6KB

.l1 Size: 6KB - Virtual size: 6KB

.l1 Size: 6KB - Virtual size: 6KB

.l1 Size: 6KB - Virtual size: 6KB

.l1 Size: 6KB - Virtual size: 6KB

.l1 Size: 6KB - Virtual size: 6KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.l1
Size: 6KB - Virtual size: 6KB

.l1
Size: 6KB - Virtual size: 6KB

.l1
Size: 6KB - Virtual size: 6KB

.l1
Size: 6KB - Virtual size: 6KB

.l1
Size: 6KB - Virtual size: 6KB

.l1
Size: 6KB - Virtual size: 6KB

.l1
Size: 6KB - Virtual size: 6KB