KaranoSyoujo[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

KaranoSyoujo.exe
Size

1.1MB
MD5

97f7163568034c5ba42a183cf57d10e6
SHA1

635335f3e12914b628b7cfb2c9a3c11d42b9f35f
SHA256

b5d60e9ec0d9582306d2f42438a2889a5a8be7fe0d75e1e3c01af88e0761be87
SHA512

f9ff7809702579fcde90136135159c702d9ed785f6d4842c565ee23cefd6f58c7f28b56989592a86bf3238aeafe3ad14db31a590e9aa4ce0d206ff39c1257fec
SSDEEP

24576:FKu8avHdKOJps2Xu7yCqqMgTam7/nea+EjGz3bmimf:FKHm6nfhneBEKzKimf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
KaranoSyoujo.exe

Files

KaranoSyoujo.exe
.exe windows:6 windows x86 arch:x86

196dc69e31c10366c48a63e955ccddc1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

H:\projects\retouchLite\project\_work\exe\release\game.pdb

Imports

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd

kernel32

LoadLibraryA
FreeLibrary
UnmapViewOfFile
VirtualFreeEx
MapViewOfFile
ReadProcessMemory
VirtualAllocEx
OpenProcess
Sleep
CreateEventA
WaitForSingleObject
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
CloseHandle
ExitProcess
OutputDebugStringW
LocalFree
LocalFlags
LocalUnlock
LocalLock
DeleteCriticalSection
InitializeCriticalSection
lstrlenA
lstrcpyA
GetModuleHandleA
lstrcmpA
CreateFileMappingA
GetPrivateProfileStringA
VirtualQuery
LockResource
LoadResource
FindNextFileA
FindFirstFileA
FindClose
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
WritePrivateProfileStringA
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalMemoryStatus
GetLocalTime
GetVersionExA
PulseEvent
GetSystemInfo
WaitForMultipleObjects
LoadLibraryExA
ResumeThread
GetExitCodeThread
TerminateThread
RemoveDirectoryA
DeleteFileA
IsDBCSLeadByte
FindResourceA
VirtualProtect
lstrcatA
OutputDebugStringA
GetTickCount
FileTimeToSystemTime
WriteFile
SetFilePointer
SetFileAttributesA
SetEndOfFile
ReadFile
GetFileTime
GetFileSize
GetFileAttributesA
FileTimeToLocalFileTime
CreateFileA
CreateDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetLogicalDrives
GetDriveTypeA
GetCurrentDirectoryA
GetSystemDefaultLCID
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount

user32

GetDlgItem
SetDlgItemInt
SendDlgItemMessageA
IsClipboardFormatAvailable
GetActiveWindow
EnableWindow
IsWindowEnabled
GetSystemMetrics
DrawMenuBar
GetSystemMenu
DestroyMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemCount
AppendMenuA
TrackPopupMenu
GetMenuItemInfoA
SetForegroundWindow
AllowSetForegroundWindow
GetClientRect
AdjustWindowRectEx
ClientToScreen
SetWindowLongA
GetDesktopWindow
CreateDialogParamA
FindWindowA
FindWindowExA
EnumWindows
GetWindowRect
DeleteMenu
GetFocus
PostThreadMessageA
PeekMessageA
GetWindowDC
ShowCaret
HideCaret
GetCaretPos
SetCaretPos
DestroyCaret
GetClassNameA
GetWindowThreadProcessId
GetWindow
EnumDisplayMonitors
WaitMessage
IsDialogMessageA
RegisterClipboardFormatA
GetClipboardData
SetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
InsertMenuItemA
CreatePopupMenu
CreateMenu
DialogBoxParamA
GetMonitorInfoA
MonitorFromRect
GetDlgItemTextA
SetDlgItemTextA
GetAncestor
WindowFromPoint
ShowCursor
ReleaseCapture
IsZoomed
IsIconic
IsWindowVisible
GetWindowPlacement
SetWindowPos
MoveWindow
GetDoubleClickTime
ScreenToClient
GetCursorPos
GetWindowTextA
KillTimer
SetTimer
GetAsyncKeyState
SetRectEmpty
MessageBoxA
SetWindowTextA
InvalidateRect
UpdateWindow
LoadMenuA
SetFocus
ShowWindow
DestroyWindow
IsWindow
CreateWindowExA
PostQuitMessage
PostMessageA
DispatchMessageA
TranslateMessage
GetMessageA
OffsetRect
SendMessageA
SetCapture
GetCapture
EndDialog
GetParent
RegisterClassExA
SetCaretBlinkTime
GetWindowLongA
WINNLSEnableIME
SystemParametersInfoA
EnumDisplaySettingsA
ChangeDisplaySettingsExA
LoadImageA
wvsprintfA
CharNextA
CharPrevA
DefWindowProcA
CallWindowProcA
DrawTextA
GetSysColor
FillRect
GetDC
ReleaseDC
IntersectRect
UnionRect
LoadCursorA
LoadCursorFromFileA
DestroyCursor
RegisterClassA
GetCaretBlinkTime
BeginPaint
EndPaint
GetUpdateRect
SetCursor
LoadIconA
CreateCaret

gdi32

BitBlt
SelectPalette
RealizePalette
StretchBlt
CreateCompatibleDC
Polyline
SetROP2
MoveToEx
SetTextColor
SetBkMode
SelectObject
LineTo
CreateSolidBrush
CreateRectRgn
CreatePen
CreateFontIndirectA
CreateICA
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GdiFlush
AddFontResourceExA
GetSystemPaletteEntries
EnableEUDC
GetOutlineTextMetricsA
CreatePalette
GetDCOrgEx
GetClipBox
GetTextExtentExPointA
GetGlyphOutlineA
TextOutA
GetTextExtentPoint32A
SetDIBColorTable
CreateDIBSection
SetStretchBltMode
StretchDIBits

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHAppBarMessage
DragQueryFileA
DragQueryPoint
DragFinish
SHGetMalloc
ShellExecuteExA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z

winmm

midiOutUnprepareHeader
timeGetTime
waveOutClose
waveOutOpen
midiOutPrepareHeader
midiOutShortMsg
midiOutLongMsg
waveOutGetErrorTextA
midiOutReset
midiOutClose
waveOutGetDevCapsA
timeSetEvent
waveOutGetNumDevs
timeEndPeriod
timeBeginPeriod
timeGetDevCaps
waveOutUnprepareHeader
timeKillEvent
waveOutWrite
waveOutReset
midiOutOpen
mciSendCommandA
midiOutGetDevCapsA
waveOutPrepareHeader

comctl32

InitCommonControlsEx
ImageList_Destroy

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

libogg

ogg_stream_init
ogg_sync_init
ogg_sync_pageout
ogg_sync_clear
ogg_sync_buffer
ogg_stream_pagein
ogg_page_serialno
ogg_page_eos
ogg_stream_clear
ogg_stream_packetout
ogg_sync_wrote

libvorbis

vorbis_block_clear
vorbis_synthesis_blockin
vorbis_synthesis_headerin
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_init
vorbis_info_init
vorbis_info_clear
vorbis_comment_init
vorbis_block_init
vorbis_synthesis
vorbis_dsp_clear

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memcpy
memset
__current_exception
__current_exception_context
_except_handler4_common
memmove
_purecall
longjmp
_setjmp3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate
_invalid_parameter_noinfo_noreturn
_register_thread_local_exe_atexit_callback
_c_exit
_controlfp_s
_exit
exit
_initterm_e
_initterm
_get_narrow_winmain_command_line
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_beginthreadex

api-ms-win-crt-heap-l1-1-0

_aligned_malloc
_callnewh
malloc
_aligned_free
free
_set_new_mode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_setmbcp
_getmbcp

api-ms-win-crt-math-l1-1-0

_libm_sse2_log10_precise
_libm_sse2_pow_precise
_libm_sse2_atan_precise
_libm_sse2_cos_precise
_libm_sse2_tan_precise
__setusermatherr
_libm_sse2_sqrt_precise
floor
_libm_sse2_sin_precise
_libm_sse2_log_precise

api-ms-win-crt-stdio-l1-1-0

__p__commode
__acrt_iob_func
__stdio_common_vsscanf
fread
_set_fmode
__stdio_common_vsprintf
__stdio_common_vfprintf

api-ms-win-crt-string-l1-1-0

isdigit
strncpy
strncpy_s

api-ms-win-crt-convert-l1-1-0

atoi
_ultoa
_ltoa
strtoul

api-ms-win-crt-multibyte-l1-1-0

_mbspbrk
_ismbbtrail
_ismbblead
_mbccpy
_mbsupr
_mbsstr
_mbsspnp
_mbschr
_mbsnbcpy
_mbslwr

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

dwmapi

DwmIsCompositionEnabled
DwmGetWindowAttribute

msvfw32

MCIWndCreateA

api-ms-win-crt-environment-l1-1-0

getenv

Sections

.text
Size: 774KB - Virtual size: 774KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

196dc69e31c10366c48a63e955ccddc1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

imm32

kernel32

user32

gdi32

shell32

ole32

msvcp140

winmm

comctl32

version

libogg

libvorbis

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

comdlg32

advapi32

dwmapi

msvfw32

api-ms-win-crt-environment-l1-1-0

Sections

.text Size: 774KB - Virtual size: 774KB

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 181KB - Virtual size: 180KB

.reloc Size: 40KB - Virtual size: 39KB

.text
Size: 774KB - Virtual size: 774KB

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 181KB - Virtual size: 180KB

.reloc
Size: 40KB - Virtual size: 39KB