game_mp_x86[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

game_mp_x86.dll
Size

492KB
MD5

d396f23231a113f292c171443c403074
SHA1

95d29bd413d6cb62900d1a7905f822d1375f20fa
SHA256

b86c24695080007fdb5b595760a2d298bfa17ea0c6fe3e05874c0f19562544f7
SHA512

fcd3efb2058d17d7e6c96870af6c7a8fa9ffecb8740abb9df663f837d5fd7b026b6ccc60ff874a4e70943ed5eafa82c803b532363b803393d5cddd577e8ccce7
SSDEEP

6144:w9Pjyfd66gKXmYPesrWyh71IMbqvx8tkjm5DVDFEQfHOUAOpy68z:w9PN6gKmKWE7O2tTFEmDL6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
game_mp_x86.dll

Files

game_mp_x86.dll
.dll windows:4 windows x86 arch:x86

0e7e36e79712962204670638ae2f1ed2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\trees\mk\game\main\game_mp_x86.pdb

Imports

kernel32

CompareStringW
CompareStringA
CloseHandle
SetConsoleCtrlHandler
FlushFileBuffers
HeapSize
ReadFile
GetTimeZoneInformation
GetLocaleInfoW
GetCurrentThreadId
TlsSetValue
GetCommandLineA
GetVersionExA
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
TlsAlloc
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetCPInfo
FatalAppExitA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
RtlUnwind
UnhandledExceptionFilter
GetACP
GetOEMCP
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RaiseException
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
LoadLibraryA
SetStdHandle
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetEnvironmentVariableA

user32

GetDC
GetWindowTextA
SetWindowLongA
GetWindowLongA
ReleaseDC
GetDesktopWindow
ChangeDisplaySettingsA
EnumThreadWindows

gdi32

SetDeviceGammaRamp

Exports

Exports

dllEntry
vmMain

Sections

.text
Size: 340KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e7e36e79712962204670638ae2f1ed2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 340KB - Virtual size: 337KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 40KB - Virtual size: 2.4MB

.reloc Size: 36KB - Virtual size: 32KB

.text
Size: 340KB - Virtual size: 337KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 40KB - Virtual size: 2.4MB

.reloc
Size: 36KB - Virtual size: 32KB