aba9f4d4b5dc4a187a1364e322eb39236408963654f552c9a7d0e1a54874dc88

Sharing

Copy URL Twitter E-mail

General

Target

aba9f4d4b5dc4a187a1364e322eb39236408963654f552c9a7d0e1a54874dc88
Size

500KB
MD5

afaf87da82cd29e2a2b520b1836d562b
SHA1

757905003f6a2221c50237b40828a3c2afbccc69
SHA256

aba9f4d4b5dc4a187a1364e322eb39236408963654f552c9a7d0e1a54874dc88
SHA512

413e4b55adf19422a23c6b0ab29ff4afd390398a042d37a8aaa405283357b8eddb92c19986e5e39ab3f1b69e8f4a36cb8e1c3fb8e2b3c0b5dad33a1b7e06f3ea
SSDEEP

6144:1WoWQkLOCUfoTdb2BMdG0+PTyvSBTqTxB50+PTyvSBTqTxBjb:UoOOC/Tlo6+PTyqB+VQ+PTyqB+V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aba9f4d4b5dc4a187a1364e322eb39236408963654f552c9a7d0e1a54874dc88

Files

aba9f4d4b5dc4a187a1364e322eb39236408963654f552c9a7d0e1a54874dc88
.exe windows:5 windows x86 arch:x86

4e838bd2981c2b167c30f5153e29087d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrador\Desktop\MuServerX401\MuServer\MundoMU\Source MundoMU\MHP\HackServer\Release\MHPServer.pdb

Imports

kernel32

GetLocalTime
CreateFileA
SetFilePointer
WriteFile
GetFileSize
ReadFile
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetErrorMode
SetUnhandledExceptionFilter
GetFullPathNameA
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
GetProcAddress
GetModuleHandleA
GetProcessId
CreateMutexA
CreateRemoteThread
WaitForSingleObject
DeleteFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
TerminateThread
CreateIoCompletionPort
GetLastError
SetThreadPriority
GetSystemInfo
CreateDirectoryA
ReleaseSemaphore
GetQueuedCompletionStatus
TerminateProcess
CompareStringW
CreateFileW
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetStringTypeW
LCMapStringW
FlushFileBuffers
SetStdHandle
LoadLibraryW
HeapReAlloc
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
Sleep
CreateSemaphoreA
CreateThread
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
MultiByteToWideChar
SetEnvironmentVariableA
HeapCreate
GetModuleFileNameW
GetStdHandle
RtlUnwind
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
ExitProcess
HeapSize
InterlockedDecrement
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsDebuggerPresent
UnhandledExceptionFilter
RaiseException
GetStartupInfoW
EncodePointer
DecodePointer
HeapAlloc
HeapFree
MoveFileA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation

user32

wsprintfA
LoadStringA
SetTimer
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
DialogBoxParamA
MessageBoxA
DestroyWindow
DefWindowProcA
PostQuitMessage
EndDialog
SetWindowTextA
GetClientRect
GetDC
FillRect
ReleaseDC

gdi32

TextOutA
SetTextColor
SelectObject
SetBkMode
DeleteObject
CreateSolidBrush
CreateFontA
GetStockObject

ws2_32

WSAStartup
socket
gethostbyname
connect
WSAGetLastError
closesocket
send
WSASocketA
htonl
bind
listen
WSASend
WSARecv
inet_ntoa
WSAAccept
htons
recv

dbghelp

MiniDumpWriteDump

psapi

GetModuleFileNameExA
EnumProcessModules
GetModuleBaseNameA
EnumProcesses

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Y�3T�up
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e838bd2981c2b167c30f5153e29087d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ws2_32

dbghelp

psapi

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 23KB - Virtual size: 459KB

.rsrc Size: 319KB - Virtual size: 319KB

.reloc Size: 11KB - Virtual size: 11KB

Y�3T�up Size: 16KB - Virtual size: 20KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 23KB - Virtual size: 459KB

.rsrc
Size: 319KB - Virtual size: 319KB

.reloc
Size: 11KB - Virtual size: 11KB

Y�3T�up
Size: 16KB - Virtual size: 20KB