C:\Users\Home\Desktop\AphelionClientSrc\Bin Output\Nksp_vc100.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4994e342385c5e605bbdc93b1d1b00f6125b2ea98690d649ce936a2f79cf7f2f.exe
Resource
win7-20231129-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral2
Sample
4994e342385c5e605bbdc93b1d1b00f6125b2ea98690d649ce936a2f79cf7f2f.exe
Resource
win10v2004-20240419-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
4994e342385c5e605bbdc93b1d1b00f6125b2ea98690d649ce936a2f79cf7f2f
-
Size
637KB
-
MD5
505891e2fdbb360a2042a8f1bfb45f1a
-
SHA1
92e93354ee9be957178b4bc0600a13b79d000a22
-
SHA256
4994e342385c5e605bbdc93b1d1b00f6125b2ea98690d649ce936a2f79cf7f2f
-
SHA512
7524880cb30047410e5266d951395e18a04cb20f6c6af697d3b5c47cbd4abdab486008bba4cd96c13ab95ba28347c35d3972a8b1eee16e9711ebdf5bd5bd76de
-
SSDEEP
12288:fpbVrm8UBSD3ttRJc8tcFCw7EjWKIrWtgimACYEkADXkg:frmahtRJc8tcUw7VKIrRimADck
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4994e342385c5e605bbdc93b1d1b00f6125b2ea98690d649ce936a2f79cf7f2f
Files
-
4994e342385c5e605bbdc93b1d1b00f6125b2ea98690d649ce936a2f79cf7f2f.exe .vbs windows:5 windows x86 arch:x86 polyglot
3596a88467cbda13d2ad45f52fb4a285
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
entitiesmp
?CheckEntityVersion@@YAXXZ
?CheckMPVersion@@YAXXZ
kernel32
SetCurrentDirectoryA
GetFullPathNameA
OpenEventA
CreateEventA
SetEvent
WaitForSingleObject
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetStartupInfoW
HeapSetInformation
InterlockedCompareExchange
FindFirstFileA
DecodePointer
EncodePointer
Process32Next
Sleep
GetCurrentProcessId
CreateFileA
GetLastError
LoadLibraryA
GetProcAddress
IsProcessorFeaturePresent
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCurrentDirectoryA
DeleteFileA
MoveFileA
GetSystemDefaultLangID
GetModuleHandleA
FindClose
FindNextFileA
CloseHandle
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
InterlockedExchange
FreeLibrary
user32
GetSystemMetrics
EndPaint
GetClientRect
FillRect
DefWindowProcA
ShowWindow
UpdateWindow
SetFocus
LoadIconA
RegisterClassExA
LoadBitmapA
DestroyWindow
GetDC
GetDesktopWindow
ReleaseDC
ChangeDisplaySettingsA
GetWindowRect
MessageBoxA
SetWindowPos
CreateWindowExA
SetWindowLongA
CreateDialogParamA
LoadCursorA
IsIconic
SetClassLongA
PeekMessageA
ShowCursor
SendMessageA
TranslateMessage
DispatchMessageA
GetMessageA
UnregisterClassA
BeginPaint
gdi32
BitBlt
SelectObject
CreateCompatibleDC
GetDeviceCaps
DeleteObject
GetObjectA
GetStockObject
DeleteDC
msvcp100
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?good@ios_base@std@@QBE_NXZ
?rdstate@ios_base@std@@QBEHXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_BADOFF@std@@3_JB
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flags@ios_base@std@@QBEHXZ
?uncaught_exception@std@@YA_NXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Incref@facet@locale@std@@QAEXXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
engine
?Length@CTString@@QBEJXZ
?g_iCountry@@3JA
?ThrowF_t@@YAXPADZZ
?Clear@CTString@@QAEXXZ
?SetValue@CShell@@QAEXABVCTString@@0@Z
?GetValue@CShell@@QAE?AVCTString@@ABV2@@Z
?TranslateConst@@YAPBDPBDJ@Z
?TrimSpacesRight@CTString@@QAEJXZ
?RemovePrefix@CTString@@QAEHABV1@@Z
?GetLine_t@CTStream@@QAEXAAVCTString@@D@Z
?AddReference@CEntity@@QAEXXZ
?RemReference@CEntity@@QAEXXZ
?g_bNoPlaySnd@@3HA
?g_fFramePerSecond@@3MA
?GetMouseCursor@CUIManager@@QAEPAVCUIMouseCursor@@XZ
?SetDesktopSize@CUIOption@@QAEXJJ@Z
?getSingleton@?$CSingletonBase@VStageMgr@@@@SAPAVStageMgr@@XZ
?FileDir@CTFileName@@QBE?AV1@XZ
?SetTitleName@CUIManager@@QAEXJHH@Z
?AdjustUIPos@CUIManager@@QAEXPAVCDAWPTF@@@Z
?InitPos@CUIBase@@QAEXHHHH@Z
?InitRenderTarget@CUIManager@@QAEXHH@Z
?DestroyRenderTarget@CUIManager@@QAEXXZ
?IsCurrentModeAccelerated@CGfxLibrary@@QAEHXZ
?CreateWindowCanvas@CGfxLibrary@@QAEXPAXPAPAVCViewPort@@PAPAVCDAWPTF@@@Z
?ResetDisplayMode@CGfxLibrary@@QAEHW4GfxAPIType@@@Z
?ClearStreamHandling@CTStream@@SAXXZ
?DisableStreamHandling@CTStream@@SAXXZ
?ExceptionFatalError@CTStream@@SAXXZ
?ExceptionFilter@CTStream@@SAHKPAU_EXCEPTION_POINTERS@@@Z
?EnableStreamHandling@CTStream@@SAXXZ
?InitSEEDEncrypt@CNonDegage@@SAXXZ
?FileName@CTFileName@@QBE?AV1@XZ
?MsgProc@CUIManager@@QAEXPAUtagMSG@@PAH@Z
?g_szExitError@@3PADA
?setVersion@CUILoginNew@@QAEXPBD@Z
?UpdateSounds@CSoundLibrary@@QAEXXZ
?SetVolume@CSoundObject@@QAEXMH@Z
??0CTFileName@@QAE@PBDH@Z
??1CSoundObject@@QAE@XZ
??0CSoundObject@@QAE@XZ
?MakeWideScreen@CDAWPTF@@QAEXPAV1@@Z
??0CDAWPTF@@QAE@XZ
??1CDAWPTF@@QAE@XZ
??0CDAWPTF@@QAE@PAV0@J@Z
?LerpColor@@YAKKKM@Z
?GREEEGHH@CDAWPTF@@QBEXPAVZZZZZZZF@@ABV?$AABBox@J$01@@1KK@Z
?GetWidth@CTextureData@@QBEJXZ
??1ZZZZZZZF@@QAE@XZ
??0ZZZZZZZF@@QAE@XZ
?SwapBuffers@CViewPort@@QAEXH@Z
?Fill@CDAWPTF@@QBEXK@Z
?Unlock@CDAWPTF@@QAEXXZ
?Lock@CDAWPTF@@QAEHXZ
?GameInactive@CNetworkLibrari@@QAEXXZ
?Run@StageMgr@@QAEXXZ
?GetGameMode@CGameState@@QAEAAJXZ
?PutText@CDAWPTF@@QBEXABVCTString@@JJK@Z
?SetTextAspect@CDAWPTF@@QAEXM@Z
?SetTextShadow@CDAWPTF@@QAEXM@Z
?SetTextScaling@CDAWPTF@@QAEXM@Z
?_pfdDisplayFont@@3PAVCFontData@@A
?SetFont@CDAWPTF@@QAEXPAVCFontData@@@Z
?IsWideScreen@CDisplayMode@@QAEHXZ
?IsTripleHead@CDisplayMode@@QAEHXZ
?IsDualHead@CDisplayMode@@QAEHXZ
?DepthString@CDisplayMode@@QBE?AVCTString@@XZ
??0CDisplayMode@@QAE@XZ
?IsTripleHead@CDAWPTF@@QAEHXZ
?IsDualHead@CDAWPTF@@QAEHXZ
?GetHeight@CDAWPTF@@QBEJXZ
?GetWidth@CDAWPTF@@QBEJXZ
?GetRealTimeTick@CTimer@@QBEMXZ
?SE_EndEngine@@YAXXZ
?_pdpNormalMain@@3PAVCDAWPTF@@A
?DestroyWindowCanvas@CGfxLibrary@@QAEXPAVCViewPort@@@Z
?Release@CStock_CEntityClass@@QAEXPAVCEntityClass@@@Z
?End@cWeb@@QAEHXZ
?SE_Destroy_WebAddressPtr@@YAXXZ
?CheckEngineVersion@@YAXXZ
?Begin@cWeb@@QAEHXZ
?SE_Get_WebAddressPtr@@YAPAVCWebAddress@@XZ
?Initialeme@CWebAddress@@QAEXXZ
?ResetUIPos@CUIManager@@QAEXPAVCDAWPTF@@@Z
?SetGameHandle@CUIManager@@QAEXPAVCGame@@@Z
?Create@CUIManager@@QAEXXZ
?SE_Get_UIManagerPtr@@YAPAVCUIManager@@XZ
?SetNextStage@StageMgr@@QAEXW4eSTAGE@@0@Z
?Create@StageMgr@@QAEXXZ
?Create@GameDataManager@@QAEXXZ
?SE_Get_GameDataManagerPtr@@YAPAVGameDataManager@@XZ
?sam_iScreenSizeI@@3JA
?sam_iScreenSizeJ@@3JA
?_pSound@@3PAVCSoundLibrary@@A
?SetFormat@CSoundLibrary@@QAEXW4SoundFormat@1@H@Z
?snd_iFormat@@3JA
?_pNetwork@@3PAVCNetworkLibrari@@A
?_bClientApp@@3HA
?_pEntityClassStock@@3PAVCStock_CEntityClass@@A
?Obtain_t@CStock_CEntityClass@@QAEPAVCEntityClass@@ABVCTFileName@@@Z
?sam_bWideScreen@@3JA
?sam_iGfxAPI@@3JA
?sam_iDisplayAdapter@@3JA
?sam_iDisplayDepth@@3JA
?FinishTranslationTable@@YAXXZ
?AddTranslationTablesDir_t@@YAXABVCTFileName@@0@Z
?InitTranslation@@YAXXZ
?SE_LoadDefaultFonts@@YAXXZ
?g_bNasTrans@@3HA
?SE_InitEngine@@YAXVCTString@@@Z
?SE_InitDiscord@@YA_NXZ
?SE_CheckEngine@@YA_NXZ
?IsEqualCaseSensitive@CTString@@QBEHABV1@@Z
?GetWindowsError@@YA?BVCTString@@K@Z
?DeleteChars@CTString@@QAEXJJ@Z
?_strModExt@@3VCTString@@A
?ExpandFilePath@@YAJKABVCTFileName@@AAV1@@Z
?Force@CTextureData@@QAEXK@Z
?SetData_t@ZZZZZZZF@@QAEXABVCTFileName@@@Z
?_pTimer@@3PAVCTimer@@A
?GetHighPrecisionTimer@CTimer@@QAE?AVCTimtrVolue@@XZ
?SE_GetEngineDllRefCnt@@YA?BHXZ
?_fnmApplicationPath@@3VCTFileName@@A
?_pvpViewPortMain@@3PAVCViewPort@@A
?_pdpMain@@3PAVCDAWPTF@@A
?Benchmark@CGfxLibrary@@QAEXPAVCViewPort@@PAVCDAWPTF@@@Z
??0CTString@@QAE@PBD@Z
??1CTString@@QAE@XZ
??0CTString@@QAE@XZ
?TrimSpacesLeft@CTString@@QAEJXZ
??8CTString@@QBEHPBD@Z
??BCTString@@QBEPBDXZ
??YCTString@@QAEAAV0@ABV0@@Z
??0CTString@@QAA@JPBDZZ
?Translate@@YAPADPADJ@Z
??4CTString@@QAEAAV0@PBD@Z
?Split@CTString@@QAEXJAAV1@0@Z
?DeleteChar@CTString@@QAEXJ@Z
??4CTString@@QAEAAV0@ABV0@@Z
??0CTString@@QAE@ABV0@@Z
??9CTString@@QBEHPBD@Z
??4CTFileName@@QAEXABVCTString@@@Z
?_fnmMod@@3VCTFileName@@A
??HCTString@@QBE?AV0@ABV0@@Z
??H@YA?AVCTString@@PBDABV0@@Z
?_fnmCDPath@@3VCTFileName@@A
?ScanF@CTString@@QAAJPBDZZ
?cmd_iWindowLeft@@3JA
?cmd_iWindowTop@@3JA
?_strLogFile@@3VCTString@@A
??0CListHead@@QAE@XZ
?Matches@CTString@@QBEHABV1@@Z
??0CTFileStream@@QAE@XZ
??1CTFileStream@@UAE@XZ
?Open_t@CTFileStream@@QAEXABVCTFileName@@W4OpenMode@CTStream@@@Z
??0CTFileName@@QAE@ABVCTString@@@Z
??1CTFileName@@QAE@XZ
?GetLine_t@CTStream@@QAEXPADJD@Z
?AddTail@CListHead@@QAEXAAVCListNode@@@Z
?AtEOF@CTStream@@QAEHXZ
?WarningMessage@@YAXPBDZZ
?DeclareSymbol@CShell@@QAEXABVCTString@@PAX@Z
?_pShell@@3PAVCShell@@A
??0CListNode@@QAE@XZ
??1CListNode@@QAE@XZ
??0CTFileName@@QAE@XZ
?CPrintF@@YAXPBDZZ
?_pGfx@@3PAVCGfxLibrary@@A
??8CTString@@QBEHABV0@@Z
?PrintF@CTString@@QAAJPBDZZ
?Execute@CShell@@QAEXABVCTString@@@Z
?IterationHead@CListHead@@QBEAAVCListNode@@XZ
?IterationSucc@CListNode@@QBEAAV1@XZ
?IsTailMarker@CListNode@@QBEHXZ
?Running@CGameState@@QAEAAHXZ
?_pGameState@@3PAVCGameState@@A
?QuitScreen@CGameState@@QAEAAHXZ
?g_web@@3VcWeb@@A
?CloseWebPage@cWeb@@QAEHPAUHWND__@@@Z
?UpdatePos@cWeb@@QAEXXZ
?sam_bFullScreenActive@@3JA
?OpenWebPage@cWeb@@QAEHPAUHWND__@@@Z
?_bWindowChanging@@3HA
?_hInstanceMain@@3PAUHINSTANCE__@@A
?_hDlgWeb@@3PAUHWND__@@A
?_hwndMain@@3PAUHWND__@@A
?FatalError@@YAXPBDZZ
?SE_UpdateWindowHandle@@YAXPAUHWND__@@0@Z
?SetWebDlgCallBack@cWeb@@QAEXP6GHPAUHWND__@@IIJ@Z@Z
?GetWebHandle@cWeb@@QAEPAUHWND__@@XZ
?SetWebDlgID@cWeb@@QAEXJ@Z
?SetWebHandle@cWeb@@QAEXPAUHWND__@@@Z
?IsWebHandle@cWeb@@QAEHXZ
?GetPixWidth@CTextureData@@QBEJXZ
?FindSubstr@CTString@@QAEJABV1@@Z
?TrimRight@CTString@@QAEJJ@Z
?g_nmVER@@3VCTString@@A
?g_nmCID@@3VCTString@@A
?g_nmID@@3VCTString@@A
?g_nmPW@@3VCTString@@A
?g_bAutoLogin@@3HA
msvcr100
_configthreadlocale
strchr
strlen
isspace
_stricmp
??3@YAXPAX@Z
??_V@YAXPAX@Z
sscanf
??2@YAPAXI@Z
memset
fgetc
fputc
ungetc
fclose
fopen
fflush
strcpy
memcpy
_controlfp
strncpy
_execv
strcat
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
memmove
??0bad_cast@std@@QAE@ABV01@@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
_lock_file
_unlock_file
fwrite
memcpy_s
_fseeki64
fgetpos
fsetpos
setvbuf
__CxxFrameHandler3
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
?what@exception@std@@UBEPBDXZ
__setusermatherr
_commode
_fmode
__set_app_type
_crt_debugger_hook
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_invoke_watson
_controlfp_s
_strdup
free
_strnicmp
version
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
shlwapi
PathFileExistsA
PathAppendA
advapi32
LookupPrivilegeValueA
SetFileSecurityA
AdjustTokenPrivileges
OpenProcessToken
Exports
Exports
AmdPowerXpressRequestHighPerformance
NvOptimusEnablement
Sections
.text Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 564KB - Virtual size: 563KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ