3a6ac0ccbd9127048fc141747063f41d02117814aa754b4cebb2c14458420600

Sharing

Copy URL

Twitter E-mail

General

Target

3a6ac0ccbd9127048fc141747063f41d02117814aa754b4cebb2c14458420600
Size

3.2MB
MD5

1a3db143f01f7c79eb604288cda4adb3
SHA1

4362e06b0ab4fd19a7e6281f607cd9183e74a244
SHA256

3a6ac0ccbd9127048fc141747063f41d02117814aa754b4cebb2c14458420600
SHA512

6e193a0a971ba52069f2079a29d8ebbbcebec5a5508539b15ed6f7dc167904b4796e3dc1fc3cdcbeacafad284531bfa91a292a8e47343addf287de094661ca2d
SSDEEP

49152:vNHGvkSpsY1snA3t+s8eAa2XrFf6GiUnLJ/o4QPy9xYFEn/0BrH8jTED:1HGvtsLsT6e8dQ6x/0J08

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6ac0ccbd9127048fc141747063f41d02117814aa754b4cebb2c14458420600

Files

3a6ac0ccbd9127048fc141747063f41d02117814aa754b4cebb2c14458420600
.exe windows:6 windows x86 arch:x86

72ce726a9e3978d7840f4dfbf7dd7e04

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Jenkins\.jenkins\workspace\MGame\AIChat\AIChat_Main\bin\Release\SmartWriter.pdb

Imports

kernel32

GetOverlappedResult
SetNamedPipeHandleState
ReleaseMutex
ResetEvent
GetStartupInfoW
CreateProcessW
CreateMutexW
GetCommandLineW
WritePrivateProfileStringW
GetPrivateProfileIntW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetPrivateProfileStringW
GlobalLock
GlobalUnlock
GlobalSize
GetSystemDirectoryW
GetCurrentThread
OutputDebugStringW
WriteFile
SetEndOfFile
ReadFile
GetFileSize
GetFileAttributesW
DeleteFileW
CreateFileW
lstrlenW
lstrcpynW
GetCurrentProcess
IsBadReadPtr
GetModuleHandleW
GetModuleFileNameW
VirtualProtect
GetCurrentThreadId
GetCurrentProcessId
SetUnhandledExceptionFilter
VerifyVersionInfoW
FormatMessageA
LocalFree
GetModuleHandleA
FreeLibrary
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
QueueUserAPC
CreateWaitableTimerW
WaitForMultipleObjects
Sleep
SetWaitableTimer
CreateEventW
SleepEx
WaitForSingleObject
SetEvent
InitializeCriticalSectionAndSpinCount
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
SetLastError
CloseHandle
VerSetConditionMask
LoadLibraryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
GetDateFormatW
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
ExitThread
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
GetSystemWindowsDirectoryW
lstrcmpiA
lstrcmpA
DeviceIoControl
DeleteCriticalSection
InitializeCriticalSectionEx
TerminateProcess
UnhandledExceptionFilter
AreFileApisANSI
HeapCreate
GetFullPathNameW
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
UnlockFileEx
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
FlushViewOfFile
CreateFileA
LoadLibraryA
GetVersionExA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
GetLocalTime
ResumeThread
GetTempFileNameW
GlobalFree
GlobalAlloc
GetVersion
SystemTimeToFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapSize
GetSystemTime
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
lstrcmpW
FreeResource
WriteConsoleW
DecodePointer
IsDebuggerPresent
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
GetStringTypeW
FormatMessageW
TryEnterCriticalSection
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
LoadLibraryExW
GetVersionExW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetFileSizeEx
SetFilePointer
InterlockedIncrement
InterlockedDecrement
FindClose
FindNextFileW
GetTempPathW
FlushFileBuffers
GetACP
MulDiv
ExitProcess

user32

RegisterWindowMessageW
PtInRect
IntersectRect
CopyRect
MapWindowPoints
GetClientRect
SetForegroundWindow
GetClipboardData
CloseClipboard
GetParent
GetWindowLongW
SystemParametersInfoW
MonitorFromWindow
GetMonitorInfoW
OpenClipboard
SetWindowPos
MoveWindow
ShowWindow
PostMessageW
GetWindow
GetWindowRect
GetCursorPos
MapVirtualKeyW
GetKeyNameTextW
ClientToScreen
FindWindowW
SendMessageTimeoutW
ChangeWindowMessageFilter
SetWindowTextW
KillTimer
SetTimer
GetActiveWindow
IsIconic
IsWindowVisible
PostQuitMessage
SetWindowLongW
wsprintfW
wvsprintfW
SetCursor
InflateRect
UnionRect
LoadCursorW
GetDC
ReleaseDC
MonitorFromPoint
GetMessageW
TranslateMessage
DispatchMessageW
IsChild
UpdateLayeredWindow
IsZoomed
CharNextW
GetKeyState
SetCapture
ReleaseCapture
GetUpdateRect
CreateCaret
GetCaretBlinkTime
ScreenToClient
IsRectEmpty
GetClassNameW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
SetPropW
GetPropW
LoadImageW
SetWindowRgn
MessageBoxW
RemovePropW
CharPrevW
SetRect
DestroyIcon
DrawIconEx
GetIconInfo
HideCaret
ShowCaret
GetSysColor
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
FindWindowExW
IsWindowEnabled
OffsetRect
FrameRect
FillRect
GetCaretPos
SetCaretPos
InvalidateRect
EndPaint
BeginPaint
GetWindowDC
DrawTextW
GetFocus
SetFocus
DestroyWindow
IsWindow
CreateWindowExW
CallWindowProcW
DefWindowProcW
SendMessageW

gdi32

CreateFontIndirectW
RestoreDC
SaveDC
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
CreateDIBSection
CombineRgn
CreateRectRgnIndirect
GetCharABCWidthsW
GetClipBox
CreateCompatibleDC
SelectClipRgn
ExtSelectClipRgn
StretchBlt
SetStretchBltMode
SetDIBColorTable
TextOutW
CreateDCW
GetDIBits
SetDIBitsToDevice
SetTextColor
ExtTextOutW
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
SetBkMode
SetBkColor
CreateSolidBrush
DeleteDC
DeleteObject
GetStockObject
Rectangle
GetTextExtentPoint32W
SelectObject
CreatePen

advapi32

RegCreateKeyW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegGetValueW
GetTokenInformation
OpenProcessToken
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA

shell32

ord165
SHGetFolderPathW
ShellExecuteW
SHGetSpecialFolderPathW
ShellExecuteExW

ole32

CoUninitialize
CoInitialize
OleInitialize
OleUninitialize
CoTaskMemFree
CoCreateInstance
CoCreateGuid
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal

oleaut32

VariantInit
SafeArrayPutElement
SafeArrayCreate
VariantClear
SysAllocString

shlwapi

StrTrimA
StrCmpNIW
SHSetValueA
SHGetValueA
SHAutoComplete
SHGetValueW
StrStrIW
PathAppendW
StrStrIA
PathFileExistsW
PathCombineW
PathRemoveFileSpecW
wnsprintfW
PathIsDirectoryW
PathFindFileNameW
StrCmpIW

urlmon

URLDownloadToCacheFileW
URLDownloadToFileW

gdiplus

GdipDrawEllipseI
GdipLoadImageFromFile
GdipGetImagePixelFormat
GdipDrawImageRectI
GdipLoadImageFromStreamICM
GdiplusStartup
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipAddPathArc
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDrawImageRectRectI
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipDeletePath
GdipDrawImagePointsI
GdipFillPath
GdipGraphicsClear
GdipAlloc
GdipFree
GdipCreatePath
GdipSetInterpolationMode
GdipAddPathLineI
GdipAddPathArcI
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipCreatePen1
GdipDeletePen
GdipSetPenMode
GdipSetPenDashStyle
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetSmoothingMode
GdipDrawLineI
GdipDrawRectangleI
GdipDrawPath
GdipFillEllipseI
GdipClosePathFigure
GdipCreateTexture
GdipCloneImage
GdipDisposeImage
GdipSaveImageToFile
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetPropertyItemSize

imm32

ImmAssociateContext

ws2_32

freeaddrinfo
__WSAFDIsSet
accept
bind
closesocket
connect
ioctlsocket
getpeername
getsockname
getsockopt
htonl
htons
listen
ntohl
ntohs
select
setsockopt
shutdown
WSAStartup
WSASetLastError
getaddrinfo
WSAAddressToStringW
WSASocketW
WSASend
WSARecv
WSAIoctl
WSAGetLastError
WSACleanup

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

comctl32

_TrackMouseEvent
ImageList_DrawEx
InitCommonControlsEx
ord17

msimg32

GradientFill
AlphaBlend

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

wininet

InternetGetConnectedState
DeleteUrlCacheEntryW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 62KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72ce726a9e3978d7840f4dfbf7dd7e04

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

gdiplus

imm32

ws2_32

version

comctl32

msimg32

crypt32

wintrust

wininet

iphlpapi

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 379KB - Virtual size: 379KB

.data Size: 62KB - Virtual size: 86KB

.rsrc Size: 410KB - Virtual size: 410KB

.reloc Size: 174KB - Virtual size: 176KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 379KB - Virtual size: 379KB

.data
Size: 62KB - Virtual size: 86KB

.rsrc
Size: 410KB - Virtual size: 410KB

.reloc
Size: 174KB - Virtual size: 176KB