3b921b3b1f68c419c67c2d45db78a5d682bac051ef306574f64a093896baecd6

Sharing

Copy URL

Twitter E-mail

General

Target

3b921b3b1f68c419c67c2d45db78a5d682bac051ef306574f64a093896baecd6
Size

5.6MB
MD5

1bf27507badb63486d19a469b8403a44
SHA1

c0d9a4456cfdc01c485dbba217cbe856fe3a434f
SHA256

3b921b3b1f68c419c67c2d45db78a5d682bac051ef306574f64a093896baecd6
SHA512

0382b9d5d1de2561f2ff6ac28baaec71946d095a1f14c74d4a6a2950d1b4047bfc1eeb5a6c5e8d2ec0b4fea2747788bc809d9361799ed6c87378ed5c8ddaf61f
SSDEEP

98304:vAgeIGcvtaXJ/fv/Gx+Rx4l7so0K5HJum+ze+Kj:n0vux+Rx4l7ROe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b921b3b1f68c419c67c2d45db78a5d682bac051ef306574f64a093896baecd6

Files

3b921b3b1f68c419c67c2d45db78a5d682bac051ef306574f64a093896baecd6
.exe windows:6 windows x86 arch:x86

d585e33422898e574ad92fdf469870e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\images\builds\nvYJyXaZ\0\nanahira\ygopro\bin\release\YGOPro.pdb

Imports

opengl32

glMaterialfv
glVertex3fv
glDisable
glEnable
glLineStipple
glLineWidth
glEnd
glTexGeni
glPointSize
glMaterialf
glPopMatrix
glViewport
glEnableClientState
glStencilOp
glClear
glPolygonOffset
glTexEnvf
glStencilMask
glPopAttrib
glPolygonMode
glGetFloatv
glGetIntegerv
glTexSubImage2D
glGetTexImage
glTexImage2D
glDeleteTextures
glCopyTexSubImage2D
glGenTextures
glPushAttrib
glLightf
glGetError
glDrawBuffer
glLightModeli
glGetString
glDepthFunc
glPixelStorei
glShadeModel
glNormalPointer
wglMakeCurrent
glPushMatrix
glLightfv
glMultMatrixf
glClearDepth
glRectf
glDrawElements
glTexEnvi
glColorMaterial
glColorPointer
glColor4ub
glFlush
glFogi
glIsEnabled
glVertex2f
glTranslatef
glTexParameterf
wglDeleteContext
glDrawArrays
glVertex2i
glLightModelfv
glClearColor
glClipPlane
glTexCoordPointer
glAlphaFunc
glReadBuffer
glHint
glTexParameteri
wglGetProcAddress
glLoadIdentity
glColorMask
wglCreateContext
glReadPixels
glBlendFunc
glStencilFunc
glFrontFace
glMatrixMode
glDisableClientState
glTexCoord2f
glFogfv
glFogf
glScissor
glLoadMatrixf
glDepthMask
glCullFace
glVertex3f
glVertexPointer
glBindTexture
glBegin

ws2_32

bind
closesocket
WSACleanup
WSASend
gethostbyname
inet_addr
socket
gethostname
recvfrom
htonl
WSAStartup
WSARecv
htons
accept
ntohl
listen
WSAIoctl
getprotobynumber
getaddrinfo
getsockname
connect
getsockopt
freeaddrinfo
ioctlsocket
send
recv
sendto
setsockopt
WSASetLastError
WSAGetOverlappedResult
select
WSAGetLastError

winmm

waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveOutReset

kernel32

FindClose
GetFileAttributesW
MoveFileW
CreateDirectoryW
DeleteFileW
GetSystemDefaultLangID
GetModuleHandleW
GetCommandLineW
GetModuleFileNameW
SetCurrentDirectoryW
LocalFree
CreateProcessW
WriteFile
CreateFileW
CloseHandle
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetTickCount
GetModuleHandleA
GetProcAddress
LoadLibraryA
SetEvent
SetThreadPriority
ResumeThread
GetVersionExA
InitializeCriticalSection
FindNextFileW
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
ReadConsoleW
GetTimeZoneInformation
WriteConsoleW
GetFileType
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileExW
GetCurrentDirectoryW
SetEnvironmentVariableW
GetDriveTypeW
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
RaiseException
FindFirstFileW
SetFilePointerEx
EnterCriticalSection
GetCommandLineA
LCMapStringW
GetLocaleInfoW
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsValidLocale
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
EncodePointer
GetStringTypeW
SleepConditionVariableSRW
SleepConditionVariableCS
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
InitializeCriticalSectionEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
CreateIoCompletionPort
CreateSemaphoreW
PostQueuedCompletionStatus
GetQueuedCompletionStatus
ReleaseSemaphore
ResetEvent
CreateEventW
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
ExitProcess
GlobalUnlock
GlobalMemoryStatusEx
GlobalLock
GlobalAlloc
SetConsoleTitleW
SetConsoleCursorPosition
GetNumberOfConsoleInputEvents
ReadConsoleInputW
GetConsoleMode
SetConsoleMode
GetStdHandle
SetConsoleScreenBufferSize
SetConsoleDisplayMode
SetConsoleCtrlHandler
VerifyVersionInfoW
VerSetConditionMask
GetVersionExW
GetCurrentThread
SetThreadAffinityMask
FlushFileBuffers
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleOutputCP
SetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExA
DuplicateHandle
GetExitCodeProcess
MoveFileExW
UnhandledExceptionFilter
GetFullPathNameA
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
LockFile
SetFilePointer
CreatePipe
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
HeapReAlloc

user32

GetClipboardData
SetClipboardData
DefWindowProcW
GetMessagePos
MapVirtualKeyW
CloseClipboard
GetFocus
GetDC
SetWindowPos
SetActiveWindow
CreateWindowExW
EmptyClipboard
OpenClipboard
SendMessageTimeoutW
ToAsciiEx
DestroyWindow
CreateWindowExA
RegisterClassA
DefWindowProcA
MessageBoxA
GetWindowRect
SendMessageW
GetWindowPlacement
ShowWindow
MoveWindow
FlashWindowEx
GetClientRect
LoadImageW
GetSystemMetrics
UnregisterClassW
RegisterClassExW
DestroyCursor
GetKeyboardState
GetActiveWindow
ChangeDisplaySettingsW
GetCapture
DispatchMessageW
GetCursorInfo
CreateIconIndirect
ClientToScreen
PeekMessageW
SetWindowPlacement
GetDoubleClickTime
GetKeyboardLayout
AdjustWindowRect
TranslateMessage
LoadCursorW
SetCapture
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
SetCursorPos
ShowCursor
SetForegroundWindow
ReleaseCapture
UpdateWindow
EnumDisplaySettingsW
PostQuitMessage
SetWindowLongW
SetCursor

dnsapi

DnsFree
DnsQuery_UTF8

shell32

CommandLineToArgvW
SHFileOperationW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmAssociateContextEx
ImmNotifyIME
ImmGetContext

dinput8

DirectInput8Create

gdi32

CreateCompatibleBitmap
SetPixelFormat
SetDeviceGammaRamp
CreateCompatibleDC
SetPixel
StretchDIBits
GetDeviceGammaRamp
DeleteDC
DeleteObject
GetPixelFormat
SwapBuffers
ChoosePixelFormat
SelectObject
DescribePixelFormat

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

Exports

Exports

create_duel
end_duel
get_log_message
get_message
ikpMP3Init
new_card
new_tag_card
preload_script
process
query_card
query_field_card
query_field_count
query_field_info
set_card_reader
set_message_handler
set_player_info
set_responseb
set_responsei
set_script_reader
start_duel

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 596KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d585e33422898e574ad92fdf469870e8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

ws2_32

winmm

kernel32

user32

dnsapi

shell32

ole32

imm32

dinput8

gdi32

advapi32

Exports

Exports

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rdata Size: 596KB - Virtual size: 596KB

.data Size: 41KB - Virtual size: 510KB

.rsrc Size: 161KB - Virtual size: 160KB

.reloc Size: 155KB - Virtual size: 154KB

.text
Size: 4.7MB - Virtual size: 4.7MB

.rdata
Size: 596KB - Virtual size: 596KB

.data
Size: 41KB - Virtual size: 510KB

.rsrc
Size: 161KB - Virtual size: 160KB

.reloc
Size: 155KB - Virtual size: 154KB