b58d871548675b546424d0f5ba0988d56e6fc2ce09bd3211063a1a3cce37a960

Sharing

Copy URL

Twitter E-mail

General

Target

b58d871548675b546424d0f5ba0988d56e6fc2ce09bd3211063a1a3cce37a960
Size

7.2MB
MD5

bf7da9ada5518b35feb10b86f01aa1cf
SHA1

62db7c29fa805034e622b4703bc50ed47b061bfe
SHA256

b58d871548675b546424d0f5ba0988d56e6fc2ce09bd3211063a1a3cce37a960
SHA512

a624e6da67e3d864090ea6b96e32daadd322a3f435051347fac90c77422a643fac95ee6d402ae5f23e1746769473dd3fa2a6e8999b111c8ed053e0c696b2a746
SSDEEP

98304:omMnh7WaEN1Uh+VFn/Ob1vjjejE6iPeX+0k9vB5ihYODKJadQD3nwl:Isa/h+rmb1rjW7+P1adQD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b58d871548675b546424d0f5ba0988d56e6fc2ce09bd3211063a1a3cce37a960

Files

b58d871548675b546424d0f5ba0988d56e6fc2ce09bd3211063a1a3cce37a960
.exe windows:6 windows x86 arch:x86

e3c56fe6829854b7c6248e1b49bd2196

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Games\4Vision Testserver\TClient.pdb

Imports

d3d9

Direct3DCreate9

d3dx9_43

D3DXSphereBoundProbe
D3DXSaveSurfaceToFileA
D3DXPlaneIntersectLine
D3DXMatrixRotationQuaternion
D3DXIntersectTri
D3DXPlaneNormalize
D3DXPlaneFromPoints
D3DXPlaneFromPointNormal
D3DXMatrixTranslation
D3DXVec3TransformCoord
D3DXVec3Normalize
D3DXVec2Normalize
D3DXMatrixRotationZ
D3DXMatrixRotationY
D3DXMatrixRotationX
D3DXMatrixTranspose
D3DXMatrixMultiply
D3DXMatrixScaling
D3DXCreateLine
D3DXCreateFontA
D3DXMatrixTransformation2D
D3DXSaveTextureToFileA
D3DXCreateTexture
D3DXCreateTextureFromFileInMemoryEx
D3DXQuaternionRotationAxis
D3DXQuaternionMultiply
D3DXCreateTextureFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromSurface
D3DXMatrixDecompose
D3DXMatrixTransformation
D3DXMatrixOrthoLH
D3DXMatrixPerspectiveFovLH
D3DXMatrixLookAtLH
D3DXMatrixRotationYawPitchRoll
D3DXQuaternionInverse
D3DXQuaternionNormalize
D3DXMatrixInverse
D3DXQuaternionSlerp

advapi32

RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
RegCloseKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextA
GetUserNameA
StartServiceA
QueryServiceConfigA
OpenServiceA
OpenSCManagerA
ControlService
CloseServiceHandle
ChangeServiceConfigA

imm32

ImmSetConversionStatus
ImmGetCompositionStringA
ImmNotifyIME
ImmGetCandidateListA
ImmGetOpenStatus
ImmGetConversionStatus
ImmGetContext
ImmReleaseContext

dsound

ord11

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

dbghelp

GetTimestampForLoadedLibrary
EnumerateLoadedModules
MiniDumpWriteDump
StackWalk

kernel32

GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
InitializeCriticalSectionAndSpinCount
EncodePointer
GetSystemDirectoryW
FreeLibrary
FreeResource
GetModuleFileNameW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CompareStringA
GetVersionExA
FindClose
FindFirstFileA
OutputDebugStringA
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
DuplicateHandle
lstrcmpiA
GetVolumeInformationA
GetThreadLocale
GetStringTypeExA
FileTimeToLocalFileTime
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GetACP
lstrcpyA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
CopyFileA
GetCurrentDirectoryA
SetErrorMode
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
GetTempPathA
GetProfileIntA
GetTempFileNameA
GetUserDefaultLCID
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
GlobalFree
GlobalAlloc
ResetEvent
GetFileSize
GlobalSize
GetProcAddress
UnmapViewOfFile
MapViewOfFile
IsDebuggerPresent
SearchPathA
MulDiv
lstrlenA
GetConsoleWindow
GetSystemFirmwareTable
IsBadReadPtr
GetModuleHandleA
GetThreadContext
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
Sleep
SetUnhandledExceptionFilter
LocalFree
LocalUnlock
LocalLock
LocalAlloc
GetSystemTime
lstrcmpA
GetModuleFileNameA
GlobalUnlock
GetCPInfo
GetLocalTime
SetFilePointer
CreateDirectoryA
MultiByteToWideChar
WriteFile
CreateFileW
Process32NextW
Process32FirstW
SetThreadLocale
LoadLibraryA
GetSystemInfo
CreateProcessA
ResumeThread
SetThreadPriority
SetLastError
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReadFile
DeleteFileA
CreateFileA
DeleteCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
RaiseException
DecodePointer
K32GetModuleBaseNameA
K32EnumProcessModules
K32EnumProcesses
Module32Next
Module32First
CreateToolhelp32Snapshot
ReadProcessMemory
OpenProcess
GetLastError
CloseHandle
IsDBCSLeadByte
FindResourceA
GetTickCount
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
QueryPerformanceCounter
OutputDebugStringW
GlobalLock
QueryPerformanceFrequency
VirtualProtect
FormatMessageA
CreateFileMappingA
GetStringTypeW
SwitchToThread
CompareStringW
LCMapStringW
RtlUnwind
VirtualQuery
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
WriteConsoleW
VirtualAlloc
GetDriveTypeW
GetFullPathNameW
CreateProcessW
SetStdHandle
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
GetCurrentDirectoryW
GetExitCodeProcess
GetFileAttributesExW
CreatePipe
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
FlushFileBuffers

user32

GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
IsClipboardFormatAvailable
GetUpdateRect
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
SubtractRect
CreateMenu
GetWindowRgn
SetClassLongA
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
WindowFromPoint
RegisterClipboardFormatA
GetMenuItemInfoA
DestroyMenu
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
SystemParametersInfoA
CopyImage
GetSysColorBrush
InvalidateRgn
CopyAcceleratorTableA
MessageBeep
GetNextDlgGroupItem
CharNextA
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
KillTimer
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
GetKeyNameTextA
GetDesktopWindow
GetNextDlgTabItem
CreateDialogIndirectParamA
IsDialogMessageA
IsWindowEnabled
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
MapVirtualKeyExA
GetLastActivePopup
GetTopWindow
OpenClipboard
GetClassLongA
GetSysColor
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsMenu
IsWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
GetWindow
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetWindowLongA
ValidateRect
IsRectEmpty
InvalidateRect
GetFocus
IsChild
CallWindowProcA
GetKeyboardLayout
EnumChildWindows
GetClientRect
SetCapture
IsWindowVisible
DeleteMenu
GetSystemMenu
DrawMenuBar
ClipCursor
ReleaseCapture
ShowCursor
SetWindowLongA
AdjustWindowRect
GetSystemMetrics
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxParamA
CopyRect
IsCharLowerA
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
PostThreadMessageA
DrawIcon
FrameRect
CopyIcon
BringWindowToTop
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
DrawStateA
EmptyClipboard
SetClipboardData
LoadIconA
EnumDisplaySettingsA
DestroyCursor
LoadCursorA
IsIconic
PostMessageA
ActivateKeyboardLayout
CloseClipboard
GetClassNameA
SetParent
GetParent
SetWindowRgn
SetForegroundWindow
SetWindowPos
SetRectEmpty
EqualRect
IntersectRect
InflateRect
GetKeyState
ScreenToClient
GetCursorPos
GetActiveWindow
ShowWindow
OffsetRect
ClientToScreen
SetCursor
SetCursorPos
ReleaseDC
GetDC
FlashWindowEx
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
MessageBoxA
GetForegroundWindow
UpdateWindow
TranslateAcceleratorA
LoadAcceleratorsA
MapVirtualKeyA
PostQuitMessage
WaitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
PtInRect
UnregisterClassA
GetWindowRect
SetTimer
SendMessageA
EnableWindow
GetAsyncKeyState
SetRect
GetClassInfoA

gdi32

GetTextColor
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
GetBkColor
ExtTextOutA
TextOutA
MoveToEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetViewportExtEx
ScaleViewportExtEx
SetDIBColorTable
CreateEllipticRgn
SetTextAlign
Ellipse
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExA
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceA
SetBkMode
SetROP2
SetPolyFillMode
GetLayout
CreateCompatibleDC
BitBlt
SetMapMode
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
PatBlt
CreateRectRgnIndirect
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateFontIndirectA
CreateFontA
SetDeviceGammaRamp
GetDeviceGammaRamp
GetObjectW
CreateDIBSection
SelectObject
GetCurrentObject
DeleteObject
DeleteDC
SetLayout

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

shell32

SHGetFileInfoA
SHAddToRecentDocs
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA

shlwapi

PathFindFileNameA
PathFileExistsA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA

uxtheme

IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetCurrentThemeName
GetThemeColor
GetThemeSysColor
GetThemePartSize
DrawThemeText
DrawThemeBackground
CloseThemeData
OpenThemeData
GetWindowTheme
DrawThemeParentBackground

ole32

CoLockObjectExternal
RegisterDragDrop
CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoInitialize
CoCreateGuid
CLSIDFromString
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
CreateStreamOnHGlobal
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
RevokeDragDrop
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleGetClipboard

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oledlg

ord8

ws2_32

WSASocketA
WSAAsyncSelect
WSAGetLastError
inet_addr
ioctlsocket
getsockname
WSAStartup
gethostbyname
socket
recv
connect
closesocket
htons
inet_ntoa
WSACleanup
WSASetLastError
setsockopt
send

iphlpapi

GetAdaptersInfo

gdiplus

GdipAlloc
GdipFree
GdipCloneBrush
GdipDeleteBrush
GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateSolidFill
GdipSetStringFormatLineAlign
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI
GdipSetStringFormatAlign

rpcrt4

UuidCreateSequential

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

winmm

mmioAdvance
mmioDescend
mmioAscend
PlaySoundA
mmioGetInfo
mmioSeek
mmioClose
mmioSetInfo
mmioOpenA
timeGetTime
mmioRead

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1018KB - Virtual size: 1018KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3c56fe6829854b7c6248e1b49bd2196

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

d3dx9_43

advapi32

imm32

dsound

version

dbghelp

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

iphlpapi

gdiplus

rpcrt4

oleacc

winmm

Exports

Exports

Sections

.text Size: 5.6MB - Virtual size: 5.6MB

.rdata Size: 1018KB - Virtual size: 1018KB

.data Size: 88KB - Virtual size: 200KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 184KB - Virtual size: 184KB

.reloc Size: 347KB - Virtual size: 346KB

.text
Size: 5.6MB - Virtual size: 5.6MB

.rdata
Size: 1018KB - Virtual size: 1018KB

.data
Size: 88KB - Virtual size: 200KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 184KB - Virtual size: 184KB

.reloc
Size: 347KB - Virtual size: 346KB