2f33798503b07ce964e65547bf11cd8666d2a9e59320697db910c0d6ae46bdd9

Sharing

Copy URL Twitter E-mail

General

Target

2f33798503b07ce964e65547bf11cd8666d2a9e59320697db910c0d6ae46bdd9
Size

4.5MB
MD5

5dc5b93abc0db31923c96907a416339c
SHA1

66fc1a78a10150e406dec10c7882934e9ffb340a
SHA256

2f33798503b07ce964e65547bf11cd8666d2a9e59320697db910c0d6ae46bdd9
SHA512

ee824c0ba7b6b7869be74a435fcffa353d1f153824557cb87ff699da73f393c1fe33a1683047ead9cd40a4c74095a24203944db180cf9467a9694d0c6ab242ab
SSDEEP

98304:ljXGhUDorzoiBjW9Hq531Xo6UZBkeP3uczE/rXGTNwSZx:lbDorzVW9Hq51XDUZBkePBzE/rUd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f33798503b07ce964e65547bf11cd8666d2a9e59320697db910c0d6ae46bdd9

Files

2f33798503b07ce964e65547bf11cd8666d2a9e59320697db910c0d6ae46bdd9
.exe windows:5 windows x86 arch:x86

c223c74f438a88b8f5d9dbf11cf0657f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Works\ygopro\bin\release\ygopro.pdb

Imports

opengl32

glTexEnvf
glEnd
glLineWidth
glLineStipple
glVertex3fv
glBegin
glDisable
glMaterialfv
glTexGeni
glPointSize
glMaterialf
glPopMatrix
glViewport
glEnableClientState
glStencilOp
glClear
glPolygonOffset
glEnable
glStencilMask
glPopAttrib
glGetFloatv
glGetIntegerv
glTexSubImage2D
glGetTexImage
glTexImage2D
glDeleteTextures
glCopyTexSubImage2D
glGenTextures
glPushAttrib
glLightf
glGetError
glDrawBuffer
glLightModeli
glGetString
glDepthFunc
glPixelStorei
glShadeModel
glNormalPointer
wglMakeCurrent
glPushMatrix
glLightfv
glMultMatrixf
glClearDepth
glRectf
glDrawElements
glTexEnvi
glColorMaterial
glColorPointer
glColor4ub
glFlush
glFogi
glIsEnabled
glVertex2f
glTranslatef
glTexParameterf
wglDeleteContext
glDrawArrays
glVertex2i
glLightModelfv
glClearColor
glClipPlane
glTexCoordPointer
glAlphaFunc
glReadBuffer
glHint
glTexParameteri
wglGetProcAddress
glLoadIdentity
glColorMask
wglCreateContext
glReadPixels
glBlendFunc
glStencilFunc
glFrontFace
glMatrixMode
glDisableClientState
glTexCoord2f
glFogfv
glFogf
glScissor
glLoadMatrixf
glDepthMask
glCullFace
glVertex3f
glVertexPointer
glBindTexture
glPolygonMode

ws2_32

getaddrinfo
getsockname
setsockopt
sendto
htons
htonl
recvfrom
gethostname
socket
gethostbyname
closesocket
bind
WSAStartup
WSACleanup
inet_addr
ntohs
connect
getservbyname
getsockopt
freeaddrinfo
WSASend
WSARecv
ioctlsocket
send
recv
WSASetLastError
WSAGetLastError
getprotobynumber
listen
ntohl
accept
WSAGetOverlappedResult
select
WSAIoctl

kernel32

FindFirstFileW
FindNextFileW
FindClose
Sleep
GetModuleHandleW
GetModuleFileNameW
InitializeCriticalSection
CreateEventW
MultiByteToWideChar
CreateThread
SetCurrentDirectoryW
DeleteCriticalSection
WriteFile
CreateFileW
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
ResetEvent
WaitForSingleObject
DeleteFileW
SetEvent
CloseHandle
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultLCID
GetTimeFormatW
GetDateFormatW
GetStringTypeW
GetACP
GetCommandLineW
GetCommandLineA
GetFileType
ReadConsoleW
GetTimeZoneInformation
SetFilePointerEx
CreateProcessA
DuplicateHandle
FreeLibraryAndExitThread
ResumeThread
ExitThread
GetModuleHandleExW
GetCurrentDirectoryW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetDriveTypeW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
RtlUnwind
SetLastError
EnumSystemLocalesW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
EncodePointer
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateIoCompletionPort
CreateSemaphoreW
PostQueuedCompletionStatus
GetQueuedCompletionStatus
ReleaseSemaphore
InitializeCriticalSectionAndSpinCount
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
CreateFileMappingA
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
HeapReAlloc
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
GetCurrentThreadId
GetFileAttributesW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
GetDiskFreeSpaceW
GetFullPathNameW
HeapFree
HeapCreate
TryEnterCriticalSection
GetConsoleCP
DecodePointer
GetCPInfo
GetExitCodeProcess
MoveFileExW
CreatePipe
SetStdHandle
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
SetThreadAffinityMask
OutputDebugStringA
GetCurrentThread
QueryPerformanceFrequency
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetVersionExW
FormatMessageW
GetLastError
GetProcAddress
LocalFree
SetConsoleCtrlHandler
SetConsoleDisplayMode
SetConsoleScreenBufferSize
GetStdHandle
SetConsoleMode
GetConsoleMode
ReadConsoleInputW
GetNumberOfConsoleInputEvents
SetConsoleCursorPosition
SetConsoleTitleW
GlobalAlloc
GlobalLock
GlobalMemoryStatus
GlobalUnlock
LoadLibraryW
ExitProcess
AreFileApisANSI
ReadFile

user32

LoadCursorW
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
DefWindowProcW
GetMessagePos
MapVirtualKeyW
GetWindowRect
SendMessageTimeoutW
GetFocus
DestroyWindow
SendMessageW
FlashWindowEx
LoadImageW
GetDC
SetWindowPos
SetActiveWindow
CreateWindowExW
ToAsciiEx
GetSystemMetrics
UnregisterClassW
RegisterClassExW
GetWindowPlacement
DestroyCursor
GetKeyboardState
GetActiveWindow
ShowWindow
ChangeDisplaySettingsW
GetCapture
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
SetCursorPos
ShowCursor
SetForegroundWindow
ReleaseCapture
UpdateWindow
EnumDisplaySettingsW
PostQuitMessage
GetClientRect
SetWindowLongW
SetCursor
SetCapture
DispatchMessageW
TranslateMessage
AdjustWindowRect
MoveWindow
GetKeyboardLayout
GetDoubleClickTime
SetWindowPlacement
PeekMessageW
ClientToScreen
CreateIconIndirect
GetCursorInfo
OpenClipboard

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmAssociateContextEx
ImmNotifyIME
ImmGetContext

dinput8

DirectInput8Create

gdi32

SwapBuffers
GetPixelFormat
SetPixelFormat
ChoosePixelFormat
SelectObject
SetDeviceGammaRamp
CreateCompatibleDC
SetPixel
StretchDIBits
GetDeviceGammaRamp
DeleteDC
DeleteObject
DescribePixelFormat
CreateCompatibleBitmap

advapi32

SystemFunction036
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

Exports

Exports

create_duel
end_duel
get_log_message
get_message
new_card
new_tag_card
preload_script
process
query_card
query_field_card
query_field_count
query_field_info
set_card_reader
set_message_handler
set_player_info
set_responseb
set_responsei
set_script_reader
start_duel

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 459KB - Virtual size: 459KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c223c74f438a88b8f5d9dbf11cf0657f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

ws2_32

kernel32

user32

imm32

dinput8

gdi32

advapi32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 459KB - Virtual size: 459KB

.data Size: 22KB - Virtual size: 397KB

.gfids Size: 512B - Virtual size: 372B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 140KB - Virtual size: 139KB

.reloc Size: 120KB - Virtual size: 119KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 459KB - Virtual size: 459KB

.data
Size: 22KB - Virtual size: 397KB

.gfids
Size: 512B - Virtual size: 372B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 140KB - Virtual size: 139KB

.reloc
Size: 120KB - Virtual size: 119KB