88b740a0881f08ac0958f9ded6f791f0408a3d8521ab925c571d2521bd371e72

Sharing

Copy URL

Twitter E-mail

General

Target

88b740a0881f08ac0958f9ded6f791f0408a3d8521ab925c571d2521bd371e72
Size

2.2MB
MD5

6df5f38cf5598efe452f6fe040e22a75
SHA1

f7787770ea5c3e05d6f77727697ccc2bbbb0a792
SHA256

88b740a0881f08ac0958f9ded6f791f0408a3d8521ab925c571d2521bd371e72
SHA512

02f9cc52dabbaad1ce823cc57470973374b15bb78f61bd1dd3faa2226b74c6ce697b16551988dee492c2c23d4707f3639aba4b79f967f24319ef2400a8627eeb
SSDEEP

49152:q0kclHpSSUjRF7nS3T7n3bPxNd/VUFPT8el:bpQNF7Sjb3bPxNZVUFFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88b740a0881f08ac0958f9ded6f791f0408a3d8521ab925c571d2521bd371e72

Files

88b740a0881f08ac0958f9ded6f791f0408a3d8521ab925c571d2521bd371e72
.exe windows:6 windows x86 arch:x86

e8cd5c4c60ada69a314fcc4acc4ca6d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Works\mycard-ygopro\bin\release\AI.Server.pdb

Imports

ws2_32

select
connect
getsockopt
accept
listen
WSAGetOverlappedResult
WSASend
WSARecv
ioctlsocket
WSASetLastError
WSAGetLastError
send
recv
WSAIoctl
setsockopt
bind
closesocket
getsockname
socket
ntohs
recvfrom
htonl
htons
sendto
WSAStartup

kernel32

DecodePointer
WriteConsoleW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileW
FindNextFileW
FindClose
GetModuleFileNameW
SetCurrentDirectoryW
CreateDirectoryW
WriteFile
CreateFileW
GetFileAttributesW
DeleteFileW
CloseHandle
SetStdHandle
GetFileSizeEx
GetConsoleOutputCP
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCommandLineW
GetCommandLineA
GetStdHandle
GetCurrentDirectoryW
SetEnvironmentVariableW
FindFirstFileExW
SetConsoleCtrlHandler
ExitProcess
FileTimeToSystemTime
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
CreateEventW
SetEvent
ResetEvent
ReleaseSemaphore
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateSemaphoreW
CreateIoCompletionPort
QueryPerformanceFrequency
InitializeCriticalSectionEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetFilePointerEx
GetTimeZoneInformation
GetConsoleMode
ReadConsoleW
GetFileType
GetDriveTypeW
SystemTimeToTzSpecificLocalTime

Exports

Exports

create_duel
end_duel
get_log_message
get_message
new_card
new_tag_card
preload_script
process
query_card
query_field_card
query_field_count
query_field_info
set_card_reader
set_message_handler
set_player_info
set_responseb
set_responsei
set_script_reader
start_duel

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8cd5c4c60ada69a314fcc4acc4ca6d1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 188KB - Virtual size: 187KB

.data Size: 10KB - Virtual size: 292KB

.rsrc Size: 19KB - Virtual size: 18KB

.reloc Size: 57KB - Virtual size: 57KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 188KB - Virtual size: 187KB

.data
Size: 10KB - Virtual size: 292KB

.rsrc
Size: 19KB - Virtual size: 18KB

.reloc
Size: 57KB - Virtual size: 57KB