d2e77b0116f3db00902c3687d4d2234262906e3b924c6a6b77b81f868ea7bbfd

Sharing

Copy URL Twitter E-mail

General

Target

d2e77b0116f3db00902c3687d4d2234262906e3b924c6a6b77b81f868ea7bbfd
Size

12.0MB
MD5

b0c43361b7b5edebc267d00f442fba7a
SHA1

d083ef7dddd395a921db31a236b4ba9b6bbc2d03
SHA256

d2e77b0116f3db00902c3687d4d2234262906e3b924c6a6b77b81f868ea7bbfd
SHA512

e1b0be1af9954306e506ace2b7b12139fe196e5b210dcb424aa5b0e20ad3248189301557e1fbcd5a709613282a131c049c16b25ca78fe8e6802ab025cd89cb81
SSDEEP

196608:mNLTxkGvSOVL9bMHknRHQQAmi0xSLVgcmqfPLr7rVm11R/rBOU+Ik0Ag4vk1mmma:mNLQr1CTfdZmZgPRsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2e77b0116f3db00902c3687d4d2234262906e3b924c6a6b77b81f868ea7bbfd

Files

d2e77b0116f3db00902c3687d4d2234262906e3b924c6a6b77b81f868ea7bbfd
.exe windows:6 windows x86 arch:x86

9b80f283a877726add0a03f8590e4237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\DragonBall Online 2.0 Lokal\DBO-2.0-stable-v2\DBO-Client-2.0\DragonBall\DboClient.pdb

Imports

d3dx9_27

D3DXMatrixTranspose
D3DXVec3Normalize
D3DXQuaternionSlerp
D3DXVec3TransformNormal
D3DXPlaneFromPoints
D3DXCreateEffectFromFileA
D3DXCreateEffect
D3DXVec4Transform
D3DXPlaneNormalize
D3DXAssembleShader
D3DXMatrixPerspectiveFovLH
D3DXMatrixMultiplyTranspose
D3DXVec3TransformCoord
D3DXVec3Transform
D3DXMatrixTranslation
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixMultiply
D3DXVec3CatmullRom

ddraw

DirectDrawCreateEx

ws2_32

getservbyport
htonl
socket
accept
gethostbyaddr
WSASetLastError
getservbyname
recv
send
connect
setsockopt
ioctlsocket
listen
bind
WSASocketA
WSACreateEvent
WSAEnumNetworkEvents
closesocket
shutdown
WSAAsyncSelect
WSACleanup
WSAStartup
WSAGetLastError
inet_ntoa
htons
ntohs
inet_addr
gethostbyname
sendto
recvfrom
gethostname
ntohl
WSAWaitForMultipleEvents
WSAEventSelect
WSACloseEvent

winmm

timeGetTime

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmAssociateContextEx
ImmSetCompositionWindow
ImmGetContext

d3dx9_43

D3DXLoadSurfaceFromSurface
D3DXCompileShader
D3DXLoadSurfaceFromMemory

devil

ilShutDown
ilSaveImage
ilLoadImage
ilInit

gdi32

SetTextColor
CreateSolidBrush
GetTextMetricsW
CreateFontIndirectW
DPtoLP
GetDeviceCaps
SetWindowOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
GetTextExtentPoint32W
RemoveFontResourceExW
AddFontResourceExW
DeleteDC
DeleteObject
SetMapMode
SetTextAlign
SetBkMode
SelectObject
CreateDIBSection
CreateCompatibleDC
SetDeviceGammaRamp
GetDeviceGammaRamp
TextOutW

dinput8

DirectInput8Create

msvcp140

?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
_Wcscoll
_Wcsxfrm
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?id@?$collate@_W@std@@2V0locale@2@A
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Xlength_error@std@@YAXPBD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?flags@ios_base@std@@QBEHXZ
?uncaught_exception@std@@YA_NXZ
?good@ios_base@std@@QBE_NXZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?_Xbad_alloc@std@@YAXXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBUtm@@PBD3@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?tie@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_ostream@_WU?$char_traits@_W@std@@@2@XZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?pbase@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z

fmod

?addGroup@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAV12@_NPAPAVDSPConnection@2@@Z
?createChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDPAPAVChannelGroup@2@@Z
?get3DAttributes@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAUFMOD_VECTOR@@00@Z
?stop@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@I@Z
?setVolume@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getMode@Sound@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?isPlaying@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?getMode@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
?getMasterChannelGroup@System@FMOD@@QAG?AW4FMOD_RESULT@@PAPAVChannelGroup@2@@Z
?setPitch@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@M@Z
?getMute@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PA_N@Z
?set3DSettings@System@FMOD@@QAG?AW4FMOD_RESULT@@MMM@Z
?setStreamBufferSize@System@FMOD@@QAG?AW4FMOD_RESULT@@II@Z
?getPosition@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAII@Z
?init@System@FMOD@@QAG?AW4FMOD_RESULT@@HIPAX@Z
?getVersion@System@FMOD@@QAG?AW4FMOD_RESULT@@PAI@Z
FMOD_System_Create
?createSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?createStream@System@FMOD@@QAG?AW4FMOD_RESULT@@PBDIPAUFMOD_CREATESOUNDEXINFO@@PAPAVSound@2@@Z
?get3DMinMaxDistance@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PAM0@Z
?set3DMinMaxDistance@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@MM@Z
?close@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?createDSPByType@System@FMOD@@QAG?AW4FMOD_RESULT@@W4FMOD_DSP_TYPE@@PAPAVDSP@2@@Z
?getNumChannels@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PAH@Z
?setChannelGroup@Channel@FMOD@@QAG?AW4FMOD_RESULT@@PAVChannelGroup@2@@Z
?release@DSP@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?release@Sound@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?getName@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@PADH@Z
?setMute@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z
?addDSP@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@HPAVDSP@2@@Z
?release@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?update@System@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?set3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPBUFMOD_VECTOR@@000@Z
?playSound@System@FMOD@@QAG?AW4FMOD_RESULT@@PAVSound@2@PAVChannelGroup@2@_NPAPAVChannel@2@@Z
?get3DListenerAttributes@System@FMOD@@QAG?AW4FMOD_RESULT@@HPAUFMOD_VECTOR@@000@Z
?set3DAttributes@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@PBUFMOD_VECTOR@@00@Z
?getChannelsPlaying@System@FMOD@@QAG?AW4FMOD_RESULT@@PAH0@Z
?release@ChannelGroup@FMOD@@QAG?AW4FMOD_RESULT@@XZ
?setPaused@ChannelControl@FMOD@@QAG?AW4FMOD_RESULT@@_N@Z

kernel32

GetFullPathNameA
InitializeSListHead
GetCurrentProcessId
OutputDebugStringW
lstrcmpiA
lstrlenA
GetCPInfo
LoadLibraryExA
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetStartupInfoW
IsBadReadPtr
UnhandledExceptionFilter
GetSystemDirectoryA
GetTimeZoneInformation
SetThreadAffinityMask
SetThreadPriority
ReleaseMutex
SetEvent
ResetEvent
InterlockedExchange
GetCurrentThreadId
InterlockedCompareExchange
InterlockedExchangeAdd
GetOverlappedResult
SetFilePointer
WriteFile
CreateEventA
ReadFile
SetErrorMode
GetDiskFreeSpaceA
K32GetProcessMemoryInfo
LocalFree
lstrcpyW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetLocaleInfoW
HeapFree
GetProcessHeap
HeapAlloc
CompareStringA
LoadLibraryW
GetSystemDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetDriveTypeA
GetLogicalDrives
FreeConsole
GetConsoleTitleA
WriteConsoleA
SetConsoleTextAttribute
SetConsoleTitleA
SetConsoleMode
AllocConsole
GlobalMemoryStatus
GetFileSize
CreateFileA
SetFileAttributesA
GetFileAttributesA
GetLocalTime
InitializeCriticalSectionAndSpinCount
ResumeThread
SuspendThread
Sleep
InitializeCriticalSection
FindNextFileA
SetCurrentDirectoryA
CloseHandle
WaitForSingleObject
CreateSemaphoreA
CreateMutexA
GetCurrentThread
IsBadWritePtr
FormatMessageA
GetCurrentProcess
OutputDebugStringA
GetModuleFileNameA
SetUnhandledExceptionFilter
ReleaseSemaphore
OpenSemaphoreA
GetCurrentDirectoryA
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleA
lstrlenW
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
FindClose
CreateDirectoryA
FindFirstFileA
MultiByteToWideChar
GetTickCount
GetACP
WideCharToMultiByte
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA

user32

AdjustWindowRectEx
GetMenu
IsWindowVisible
SetWindowLongW
SetDoubleClickTime
GetDoubleClickTime
FillRect
GetKeyState
GetFocus
PostMessageW
GetAsyncKeyState
GetKeyboardLayoutList
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
SendMessageW
GetKeyboardLayout
ScreenToClient
ReleaseDC
GetDC
DestroyAcceleratorTable
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
PeekMessageA
DefWindowProcA
EndPaint
BeginPaint
ToAscii
PostQuitMessage
DestroyWindow
CharUpperA
SetWindowLongA
UpdateWindow
SystemParametersInfoA
SetWindowPos
GetWindowLongW
GetClientRect
CreateWindowExA
AdjustWindowRect
DrawMenuBar
DeleteMenu
GetSystemMenu
ShowWindow
PostMessageA
OpenClipboard
RegisterWindowMessageA
IsIconic
LoadCursorA
LoadCursorFromFileA
SetClassLongA
SetCursor
ShowCursor
SetCursorPos
GetCursorPos
GetWindowRect
ClipCursor
LoadAcceleratorsA
MessageBoxA
ReleaseCapture
MapVirtualKeyA
SetCapture
LoadIconA
RegisterClassA
GetSystemMetrics
wvsprintfA
FindWindowA
GetKeyboardState

ole32

CoCreateInstance
CoInitialize
CoUninitialize

shell32

ShellExecuteA
DragAcceptFiles
ShellExecuteExA

oleaut32

VariantInit
VariantClear
SysFreeString
SysAllocString

bugtrap

BT_SetAppName
BT_SetSupportEMail
BT_UninstallSehFilter
BT_InstallSehFilter
BT_SetPreErrHandler
BT_SetDialogMessage
BT_SetAppVersion
BT_SetFlags
BT_SetSupportURL
BT_SetSupportServer
BT_AddLogFile

netapi32

NetWkstaTransportEnum
NetApiBufferFree

vcruntime140

__CxxFrameHandler3
__RTDynamicCast
__std_terminate
memcpy
__std_exception_copy
__std_exception_destroy
memmove
_purecall
memset
memcmp
wcschr
wcsstr
memchr
strchr
strstr
_set_purecall_handler
_CxxThrowException
_setjmp3
longjmp
strrchr
__current_exception
__current_exception_context
_except_handler4_common

api-ms-win-crt-string-l1-1-0

islower
isalpha
_memicmp
wcslen
wcsncpy_s
isdigit
isspace
wcscpy_s
strtok_s
iswdigit
_wcsicmp
towlower
_strnicmp
tolower
_stricmp
_wcsicoll
wcscoll
wcscmp
strspn
strcspn
strncat
strtok
strcat
toupper
strncpy
_wcsupr
_strlwr
ispunct
isxdigit
iscntrl
isupper
strcpy
isgraph
strcmp
strncpy_s
strncmp
strlen
wcsncmp
isalnum
strpbrk
_strlwr_s
strcpy_s
wcscat_s
strcat_s
strcoll

api-ms-win-crt-runtime-l1-1-0

_get_narrow_winmain_command_line
_initterm
abort
_invalid_parameter_noinfo
_set_app_type
system
_initterm_e
terminate
_cexit
_invalid_parameter_noinfo_noreturn
_crt_atexit
exit
_controlfp_s
_register_onexit_function
_initialize_onexit_table
_endthreadex
_initialize_narrow_environment
_configure_narrow_argv
_exit
_c_exit
_register_thread_local_exe_atexit_callback
_set_new_handler
_set_invalid_parameter_handler
_wassert
_beginthreadex
_seh_filter_exe
strerror
_errno

api-ms-win-crt-stdio-l1-1-0

ftell
fseek
__stdio_common_vfscanf
_popen
__p__commode
fopen_s
_ftelli64
fopen
fclose
__stdio_common_vfprintf
_get_stream_buffer_pointers
__stdio_common_vfprintf_s
fgets
_pclose
clearerr
fread
fwrite
fgetpos
_set_fmode
_fseeki64
fsetpos
setvbuf
fflush
ferror
_wfopen_s
rewind
feof
ungetc
__stdio_common_vswscanf
fputc
__stdio_common_vsprintf_s
__stdio_common_vsnprintf_s
__stdio_common_vswprintf_s
fgetc
tmpfile
tmpnam
__stdio_common_vfwprintf
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vswprintf
freopen
__stdio_common_vsprintf
getc
_getcwd

api-ms-win-crt-convert-l1-1-0

atof
wcstol
_itow_s
strtod
wcstombs
_wtoi
atoi
_itoa_s
_wtof
atol
atoll
_atoi64
strtoul
strtol
_wtoi64
_strtoui64

api-ms-win-crt-math-l1-1-0

_CIasin
ldexp
_CIatan
__setusermatherr
frexp
_CIpow
_CIexp
ceil
_CIacos
_libm_sse2_acos_precise
_CItan
_CIfmod
_CIlog
_libm_sse2_tan_precise
floor
sin
log
pow
_libm_sse2_sqrt_precise
_CIsqrt
_CIatan2
_libm_sse2_sin_precise
_libm_sse2_pow_precise
_libm_sse2_log_precise
_libm_sse2_log10_precise
_libm_sse2_exp_precise
_libm_sse2_cos_precise
_CIcos
_libm_sse2_asin_precise
tan
acos
fabs
_CIsin
sqrt

api-ms-win-crt-utility-l1-1-0

labs
abs
qsort
rand
srand

api-ms-win-crt-time-l1-1-0

_mktime64
_localtime64_s
strftime
_localtime64
_localtime32_s
_difftime64
_gmtime64
_time64
clock
_ftime64

api-ms-win-crt-heap-l1-1-0

calloc
realloc
_set_new_mode
_callnewh
free
malloc

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_findclose
_splitpath_s
_unlock_file
rename
_chdir
_rmdir
_access
_wstat64
_findfirst64i32
_makepath
_splitpath
remove

api-ms-win-crt-multibyte-l1-1-0

_mbsrchr

api-ms-win-crt-locale-l1-1-0

setlocale
localeconv
_configthreadlocale

api-ms-win-crt-environment-l1-1-0

getenv

d3d9

Direct3DCreate9

Sections

.text
Size: 9.3MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 745KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_hdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

|�c�uV
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b80f283a877726add0a03f8590e4237

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3dx9_27

ddraw

ws2_32

winmm

imm32

d3dx9_43

devil

gdi32

dinput8

msvcp140

fmod

kernel32

user32

ole32

shell32

oleaut32

bugtrap

netapi32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-environment-l1-1-0

d3d9

Sections

.text Size: 9.3MB - Virtual size: 9.3MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 207KB - Virtual size: 745KB

_hdata Size: 512B - Virtual size: 4B

.rsrc Size: 421KB - Virtual size: 420KB

.reloc Size: 508KB - Virtual size: 508KB

|�c�uV Size: 16KB - Virtual size: 20KB

.text
Size: 9.3MB - Virtual size: 9.3MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 207KB - Virtual size: 745KB

_hdata
Size: 512B - Virtual size: 4B

.rsrc
Size: 421KB - Virtual size: 420KB

.reloc
Size: 508KB - Virtual size: 508KB

|�c�uV
Size: 16KB - Virtual size: 20KB