78b2bbde28e84cdfde4e6ec94785c4c0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

78b2bbde28e84cdfde4e6ec94785c4c0N.exe
Size

123KB
MD5

78b2bbde28e84cdfde4e6ec94785c4c0
SHA1

6271450ab5fd6718b134c544c236de00f27f567d
SHA256

ebff5cdbdcf9fe0dc275832f51b11796c7fe3217350381e929a1a265f7c2c1b3
SHA512

0ede0d922ab336e88b8ff25c57419a0943092848794f5ac05fb6b14bb9d9042a423d3eb50826015480f2cd0a768021d7fd26958c2d063507bb3e76fe08fba254
SSDEEP

3072:OyvjH8iT6kb8BK92lQBV+UdE+rECWp7hK4:RD8iey8BKhBV+UdvrEFp7hK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78b2bbde28e84cdfde4e6ec94785c4c0N.exe

Files

78b2bbde28e84cdfde4e6ec94785c4c0N.exe
.dll windows:5 windows x86 arch:x86

71fbed847e799b62545b8d2b7c87e750

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\1.심의\4.불새외전\3.확률\확률\Release\fdrbLib.pdb

Imports

kernel32

GetLocalTime
CreateFileW
ReadFile
CloseHandle
CreateDirectoryW
WriteFile
CopyFileW
GetTickCount
GetPrivateProfileStringA
SetLocalTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
LocalFree
GetSystemTimeAsFileTime
IsDebuggerPresent
DecodePointer
EncodePointer
GetCurrentThreadId

oleaut32

VariantClear

msvcp120

?_Xlength_error@std@@YAXPBD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z

msvcr120

rand
memmove
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
free
srand
vsprintf_s
fputs
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_except_handler4_common
__clean_type_info_names_internal
sprintf
fopen
_lock
__CxxFrameHandler3
_CxxThrowException
_purecall
memcpy

Exports

Exports

??0CPOKERLIB@@QAE@XZ
??4CPOKERLIB@@QAEAAV0@ABV0@@Z
?fnDLL_AddProb@@YAHHH@Z
?fnDLL_DeleteProb@@YAHH@Z
?fnDLL_DllInit@@YAHAAUGAME_DLL_INFO@@H@Z
?fnDLL_GenerateProb@@YAHXZ
?fnDLL_GetBetPoint@@YAHAAH@Z
?fnDLL_GetCreditBank@@YAHAAH0@Z
?fnDLL_GetFinalCard@@YAHAAUFINAL_GAME_INFO@@@Z
?fnDLL_GetInitCard@@YAHAAUSTART_GAME_INFO@@@Z
?fnDLL_GetNowPos@@YAHAAH@Z
?fnDLL_GetSeedNumer@@YAHAAH@Z
?fnDLL_GetSystemInfo@@YA?AUDLL_SYSTEM_INFO@@XZ
?fnDLL_GetSystemProbInfo@@YA?AUDLL_SYSTEM_PROB@@XZ
?fnDLL_InsertCoin@@YAHH@Z
?fnDLL_LogOnOff@@YAH_N@Z
?fnDLL_Run@@YAHAAH000@Z
?fnDLL_SetBetPoint@@YAHH@Z
?fnDLL_SetCloseGame@@YAHXZ
?fnDLL_SetCreditBank@@YAHHH@Z
?fnDLL_SetGameEnd@@YAHXZ
?fnDLL_SetLocalTime@@YAHHHH@Z
?fnDLL_SetNowPos@@YAHH@Z
?fnDLL_SetSeedNumer@@YAHHH@Z
?fnDLL_SetTimeFrom@@YAHH@Z

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71fbed847e799b62545b8d2b7c87e750

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

oleaut32

msvcp120

msvcr120

Exports

Exports

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB