90cb63e5ecc27dc06fbc2062941cb325f47011f85c98a1a8c3690195c76c5672

Sharing

Copy URL Twitter E-mail

General

Target

90cb63e5ecc27dc06fbc2062941cb325f47011f85c98a1a8c3690195c76c5672
Size

295KB
MD5

440fcf4a5b7cbc7c262216adcf140ce4
SHA1

380d02fb019573c632d6279b3964feb2e8ea0c42
SHA256

90cb63e5ecc27dc06fbc2062941cb325f47011f85c98a1a8c3690195c76c5672
SHA512

2d9eb75c5181bac42d9200c4a2dadbf6e2ab53945878c67d9cf8f2e47661bd4581a4353d1300c029bfd0457081d05f3805d280d0d6a986acc10ac1df2fe9b1f8
SSDEEP

6144:wuC1f0TNoG89UuUsKBk6N34WYRPtskskA7zOx:fLTNm9UNsCroW+szOx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90cb63e5ecc27dc06fbc2062941cb325f47011f85c98a1a8c3690195c76c5672

Files

90cb63e5ecc27dc06fbc2062941cb325f47011f85c98a1a8c3690195c76c5672
.dll windows:5 windows x86 arch:x86

c46f66ce3990b0a678c86c288ffbdc7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\wk\MSG\fifa2007\branches\EASEO_NewRender_Temp\Build2008\Release\ssconnector.pdb

Imports

ws2_32

connect
WSARecv
WSASend
WSARecvFrom
WSAGetOverlappedResult
WSACreateEvent
WSAResetEvent
listen
WSAWaitForMultipleEvents
WSASendTo
WSACleanup
htons
getsockname
setsockopt
bind
closesocket
gethostbyname
WSASocketA
WSAStartup
ntohl
inet_addr
htonl
WSAGetLastError
inet_ntoa
ntohs
WSAIoctl

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

kernel32

GetModuleHandleW
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetQueuedCompletionStatus
CreateIoCompletionPort
CloseHandle
QueryPerformanceCounter
Sleep
QueryPerformanceFrequency
WaitForSingleObject
SetEvent
CreateEventA
GetSystemInfo
ResetEvent
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WideCharToMultiByte
GetTimeZoneInformation
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
HeapSize
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
GetTickCount
GetCurrentProcessId
VirtualAlloc
HeapReAlloc

Exports

Exports

?AddPeer@SSConnector@@YAHPAXHPADIH_N@Z
?Chat@SSConnector@@YAHPAX_NHPAD2@Z
?Create@SSConnector@@YAHPAPAXUSSCONNECTOR_CONFIG@1@_N@Z
?Create@SSHolepunching@@YAHPAPAXUSSCONNECTOR_SERVER_CONFIG@1@@Z
?Create@SSRelayServer@@YAHPAPAXUSSRELAY_SERVER_CONFIG@1@@Z
?CreateSync@SSConnector@@YAHPAXHH@Z
?Destroy@SSConnector@@YAHPAX_N@Z
?Destroy@SSHolepunching@@YAHPAX@Z
?Destroy@SSRelayServer@@YAHPAX@Z
?DestroyUnusedChannels@SSRelayServer@@YAHPAXH@Z
?FinishLocalLoading@SSConnector@@YAHPAX@Z
?GetGapBetweenLocalAndSync@SSConnector@@YAHPAX@Z
?GetLocalSyncDataId@SSConnector@@YAHPAX@Z
?GetRepeatCount@SSConnector@@YAHPAX@Z
?GetSessionInitialNetworkInfo@SSConnector@@YA?AUSSCONNECTOR_SSSESSION_NETWORK_INFO@1@PAXH@Z
?GetSessionNetworkInfo@SSConnector@@YA?AUSSCONNECTOR_SSSESSION_NETWORK_INFO@1@PAXH@Z
?GetSessionNetworkInfoByName@SSConnector@@YA?AUSSCONNECTOR_SSSESSION_NETWORK_INFO@1@PAXPBD@Z
?GetSessionState@SSConnector@@YA?AW4SSCONNECTOR_SESSION_STATE@1@PAXH@Z
?GetSessionStateByName@SSConnector@@YA?AW4SSCONNECTOR_SESSION_STATE@1@PAXPBD@Z
?GetSyncBufferSize@SSConnector@@YAHPAX@Z
?GetSyncDataCount@SSConnector@@YAHPAX@Z
?GetSyncDataId@SSConnector@@YAHPAX@Z
?InputSyncData@SSConnector@@YAHPAXPAE@Z
?InputSyncInfo@SSConnector@@YAHPAXIH@Z
?NextSyncData@SSConnector@@YAHPAXPAEAAH@Z
?PauseSync@SSConnector@@YAHPAX@Z
?Process@SSConnector@@YA?AW4SSCONNECTOR_STATE@1@PAX@Z
?ProcessDesync@SSConnector@@YAXPAX@Z
?RemoveAllPeers@SSConnector@@YAHPAX@Z
?RemovePeer@SSConnector@@YAHPAXH@Z
?RemovePeerByName@SSConnector@@YAHPAXPBD@Z
?ReportStatsByQuery@SSConnector@@YAHPAXPBD@Z
?SetCallbackFunc@SSConnector@@YAHPAXP6AH0W4SSCONNECTOR_CALLBACK_COMMAND@1@0@Z@Z
?SetRelayServerAddr@SSConnector@@YAHPAXPADH_N@Z
?SetSessionNetworkInfoExitState@SSConnector@@YAXPAXHW4SSCONNECTOR_SESSION_EXIT_STATE@1@@Z
?SetSyncBufferSize@SSConnector@@YAHPAXH@Z
?StartGetInitialNetworkInfo@SSConnector@@YAHPAX@Z
?StartLoading@SSConnector@@YAHPAX@Z
?StartSync@SSConnector@@YAHPAX@Z
?SyncProcess@SSConnector@@YA?AW4SSCONNECTOR_SYNC_PROCESS_RESULT@1@PAX@Z
?UpdateChannel@SSConnector@@YAHPAPAXI@Z
?WaitForSyncData@SSConnector@@YAHPAXAAHH@Z
?WriteLog@SSConnector@@YAHPAX_NPBDZZ

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c46f66ce3990b0a678c86c288ffbdc7e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

winmm

kernel32

Exports

Exports

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 10KB - Virtual size: 9KB