537008dd6210d3316e01fd0f609ae52566a76e782fe6782d3b4d943265d59480

Sharing

Copy URL Twitter E-mail

General

Target

537008dd6210d3316e01fd0f609ae52566a76e782fe6782d3b4d943265d59480
Size

7.4MB
MD5

9034b456f2915f556e141b3d801af33e
SHA1

c27976d7313b4f5cf1b7e981b5266c25b37a4101
SHA256

537008dd6210d3316e01fd0f609ae52566a76e782fe6782d3b4d943265d59480
SHA512

27de103bd14acdb71e4447e3c2b3cf19dc8a34bd4dea1050060659763c0f462a6c0be4315dfe9f8d49d356a89a58fdd8884632f8ba5ec1389a735d524d8bb1fd
SSDEEP

98304:FIXty4nuOHuzkX9/Fm5s5l8FpOCtQ7PAD4qMnP8xau+qxL0wUr2xoyWR:FuYFOHX9/UsLQcPhqAyxL0wUlR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
537008dd6210d3316e01fd0f609ae52566a76e782fe6782d3b4d943265d59480

Files

537008dd6210d3316e01fd0f609ae52566a76e782fe6782d3b4d943265d59480
.exe windows:6 windows x86 arch:x86

d8abac21303abbd9e82b427a0d2287a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Games\4Vision Testserver\TClient.pdb

Imports

d3d9

Direct3DCreate9

d3dx9_43

D3DXSphereBoundProbe
D3DXSaveSurfaceToFileA
D3DXPlaneIntersectLine
D3DXMatrixRotationQuaternion
D3DXIntersectTri
D3DXPlaneNormalize
D3DXPlaneFromPoints
D3DXPlaneFromPointNormal
D3DXMatrixTranslation
D3DXVec3TransformCoord
D3DXVec3Normalize
D3DXVec2Normalize
D3DXMatrixRotationZ
D3DXMatrixRotationY
D3DXMatrixRotationX
D3DXMatrixTranspose
D3DXMatrixMultiply
D3DXMatrixScaling
D3DXCreateLine
D3DXCreateFontA
D3DXMatrixTransformation2D
D3DXSaveTextureToFileA
D3DXCreateTexture
D3DXCreateTextureFromFileInMemoryEx
D3DXQuaternionRotationAxis
D3DXQuaternionMultiply
D3DXCreateTextureFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromSurface
D3DXMatrixDecompose
D3DXMatrixTransformation
D3DXMatrixOrthoLH
D3DXMatrixPerspectiveFovLH
D3DXMatrixLookAtLH
D3DXMatrixRotationYawPitchRoll
D3DXQuaternionInverse
D3DXQuaternionNormalize
D3DXMatrixInverse
D3DXQuaternionSlerp

advapi32

RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextA
GetUserNameA
StartServiceA
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
ControlService
CloseServiceHandle
ChangeServiceConfigA

imm32

ImmSetConversionStatus
ImmGetCompositionStringA
ImmNotifyIME
ImmGetCandidateListA
ImmGetOpenStatus
ImmGetConversionStatus
ImmGetContext
ImmReleaseContext

dsound

ord11

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dbghelp

GetTimestampForLoadedLibrary
EnumerateLoadedModules
MiniDumpWriteDump
StackWalk

kernel32

CopyFileA
GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
InitializeCriticalSectionAndSpinCount
EncodePointer
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
FindClose
FindFirstFileA
SearchPathA
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
FileTimeToLocalFileTime
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetACP
lstrcpyA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GlobalSize
GetCurrentDirectoryA
SetErrorMode
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
GetTempPathA
GetProfileIntA
GetTempFileNameA
GetUserDefaultLCID
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
CreateFileMappingA
GlobalFree
GlobalAlloc
UnmapViewOfFile
MapViewOfFile
QueryPerformanceFrequency
GetFileSize
MulDiv
GetConsoleWindow
GetSystemFirmwareTable
lstrlenA
IsBadReadPtr
GetThreadContext
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
Sleep
SetUnhandledExceptionFilter
LocalFree
LocalUnlock
LocalLock
LocalAlloc
GetSystemTime
lstrcmpA
GlobalLock
GlobalUnlock
GetModuleFileNameA
GetLocalTime
SetFilePointer
CreateDirectoryA
SetLastError
GetCPInfo
MultiByteToWideChar
WriteFile
CreateFileW
Process32NextW
Process32FirstW
SetThreadLocale
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetVersionExA
GetSystemInfo
CreateProcessA
ResumeThread
SetThreadPriority
VirtualProtect
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReadFile
DeleteFileA
CreateFileA
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
K32GetModuleBaseNameA
K32EnumProcessModules
K32EnumProcesses
Module32Next
Module32First
CreateToolhelp32Snapshot
ReadProcessMemory
OpenProcess
GetLastError
CloseHandle
IsDBCSLeadByte
FindResourceA
GetTickCount
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
OutputDebugStringW
QueryPerformanceCounter
FormatMessageA
OutputDebugStringA
ResetEvent
IsDebuggerPresent
GetStringTypeW
SwitchToThread
CompareStringW
LCMapStringW
RtlUnwind
VirtualQuery
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
WriteConsoleW
VirtualAlloc
GetDriveTypeW
GetFullPathNameW
CreateProcessW
SetStdHandle
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
SetFilePointerEx
GetCurrentDirectoryW
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlushFileBuffers

user32

MapVirtualKeyExA
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
WindowFromPoint
RegisterClipboardFormatA
GetMenuItemInfoA
DestroyMenu
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
SystemParametersInfoA
CopyImage
GetSysColorBrush
InvalidateRgn
CopyAcceleratorTableA
MessageBeep
GetNextDlgGroupItem
CharNextA
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
KillTimer
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
GetMessageA
GetWindowThreadProcessId
GetKeyNameTextA
GetDesktopWindow
GetNextDlgTabItem
CreateDialogIndirectParamA
IsDialogMessageA
IsWindowEnabled
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetLastActivePopup
GetTopWindow
IsCharLowerA
GetClassLongA
GetSysColor
EnumDisplayMonitors
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
GetWindow
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetWindowLongA
ValidateRect
IsRectEmpty
InvalidateRect
GetFocus
IsChild
CallWindowProcA
GetKeyboardLayout
EnumChildWindows
GetClientRect
SetCapture
IsWindowVisible
DeleteMenu
GetSystemMenu
DrawMenuBar
ClipCursor
ReleaseCapture
ShowCursor
SetWindowLongA
AdjustWindowRect
GetSystemMetrics
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxParamA
CopyRect
EnumDisplaySettingsA
DestroyCursor
LoadCursorA
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
PostThreadMessageA
DrawIcon
FrameRect
CopyIcon
BringWindowToTop
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
SetWindowRgn
GetClassNameA
GetClipboardData
CloseClipboard
OpenClipboard
IsIconic
PostMessageA
ActivateKeyboardLayout
SetClassLongA
MapWindowPoints
SetParent
GetParent
SetLayeredWindowAttributes
SetForegroundWindow
SetWindowPos
SetRectEmpty
EqualRect
IntersectRect
InflateRect
GetKeyState
ScreenToClient
GetCursorPos
GetActiveWindow
ShowWindow
OffsetRect
ClientToScreen
SetCursor
SetCursorPos
ReleaseDC
GetDC
FlashWindowEx
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
MessageBoxA
GetForegroundWindow
UpdateWindow
TranslateAcceleratorA
LoadAcceleratorsA
MapVirtualKeyA
PostQuitMessage
WaitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
PtInRect
UnregisterClassA
GetWindowRect
SetTimer
SendMessageA
EnableWindow
GetAsyncKeyState
SetRect
DefWindowProcA

gdi32

GetTextColor
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
SetMapMode
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
GetBkColor
ExtTextOutA
TextOutA
MoveToEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetViewportExtEx
ScaleViewportExtEx
SetDIBColorTable
CreateEllipticRgn
SetTextAlign
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExA
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetBkMode
SetROP2
SetPolyFillMode
GetLayout
CreateCompatibleDC
BitBlt
RealizePalette
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
PatBlt
CreateRectRgnIndirect
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateFontIndirectA
CreateFontA
SetDeviceGammaRamp
GetDeviceGammaRamp
GetObjectW
CreateDIBSection
SelectObject
GetCurrentObject
DeleteObject
DeleteDC
SetLayout

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

shell32

SHGetFileInfoA
SHAddToRecentDocs
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA

shlwapi

PathFindFileNameA
PathFileExistsA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA

uxtheme

IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
GetThemeSysColor
GetThemePartSize
DrawThemeText
DrawThemeBackground
CloseThemeData
OpenThemeData
GetWindowTheme
DrawThemeParentBackground

ole32

CoLockObjectExternal
RegisterDragDrop
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoInitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
RevokeDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleGetClipboard

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oledlg

ord8

ws2_32

WSASocketA
WSAAsyncSelect
WSAGetLastError
inet_addr
ioctlsocket
getsockname
WSAStartup
gethostbyname
socket
recv
connect
closesocket
htons
inet_ntoa
WSACleanup
WSASetLastError
setsockopt
send

iphlpapi

GetAdaptersInfo

gdiplus

GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateSolidFill
GdipSetStringFormatLineAlign
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipSetStringFormatAlign

rpcrt4

UuidCreateSequential

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winmm

mmioAdvance
mmioDescend
mmioAscend
PlaySoundA
mmioGetInfo
mmioSeek
mmioClose
mmioSetInfo
mmioOpenA
timeGetTime
mmioRead

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8abac21303abbd9e82b427a0d2287a3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

d3dx9_43

advapi32

imm32

dsound

version

dbghelp

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

iphlpapi

gdiplus

rpcrt4

oleacc

winmm

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 88KB - Virtual size: 201KB

_RDATA Size: 2KB - Virtual size: 2KB

.rsrc Size: 182KB - Virtual size: 181KB

.reloc Size: 355KB - Virtual size: 355KB

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 88KB - Virtual size: 201KB

_RDATA
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 182KB - Virtual size: 181KB

.reloc
Size: 355KB - Virtual size: 355KB