VoyaNuiOnlineGame[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

VoyaNuiOnlineGame.exe
Size

11.5MB
MD5

3f59085cf68e47b1b09581fe98ca5842
SHA1

d709bf7b5b82758221a6aeed887861940cedfe62
SHA256

bbd5ffaf11969d927fb91752d858a5ee2307430ae8547e6c3b660b715502878e
SHA512

b4c2ed197f5058e6cdf8c4e8bed13bc167201f00ca3c2043d302ddc8f2a909c949553cf58ec6faa618228d187405fe9f7aecdaf8d07719250243f90ccfcb05a2
SSDEEP

196608:unfGV+xvm2w3jH4vKKlrTLmuJhvTfC3sGKMwH:ufg+xvm2G4vVlrfmuJlTK3sj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
VoyaNuiOnlineGame.exe

Files

VoyaNuiOnlineGame.exe
.exe windows:5 windows x64 arch:x64

f615770f52bfb07a29c219f613852ca7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Jenkins\workspace\FlashPlayer\FlashPlayerWin\code\build\win\results\standalone\Release\x64\FlashPlayer.pdb

Imports

kernel32

CreateEventA
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
GetVersionExA
GetVersion
VerifyVersionInfoA
GetNumberFormatW
GetCurrencyFormatW
GetDriveTypeW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FreeLibraryAndExitThread
CopyFileW
FindFirstFileW
DeleteFileW
GetFileAttributesA
CreateFileW
CreateFileA
RemoveDirectoryW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
GetSystemDirectoryW
GetCommandLineW
GetCommandLineA
GetStartupInfoW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
HeapCreate
HeapDestroy
HeapAlloc
HeapFree
HeapSize
HeapLock
HeapUnlock
HeapWalk
DebugBreak
CreateThread
OpenThread
SetThreadPriority
QueueUserAPC
TlsAlloc
TlsFree
SleepEx
VirtualAlloc
VirtualFree
GetModuleFileNameA
VirtualQuery
GetCurrentProcessId
FreeLibrary
GetProcessTimes
GetCurrentProcess
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
LoadLibraryA
GetModuleHandleExW
SetCurrentDirectoryW
GetCurrentDirectoryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetACP
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
FindNextFileW
GetCPInfo
IsDBCSLeadByte
VerSetConditionMask
LockResource
GlobalFree
ExitThread
LoadResource
CreateProcessA
FindResourceExA
FindResourceExW
GetSystemDirectoryA
GetFileAttributesW
MoveFileExW
GetVersionExW
VerifyVersionInfoW
GetUserDefaultUILanguage
GetUserDefaultLangID
GetLongPathNameW
GetFileInformationByHandle
GetFileSizeEx
DeviceIoControl
SetFilePointerEx
lstrlenW
CreateMutexA
CreateProcessW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
OutputDebugStringA
GetTempPathA
GetTempFileNameA
GetSystemWow64DirectoryW
CreateDirectoryA
GetFullPathNameW
GetFileAttributesExW
DeleteFileA
GetVolumeInformationW
SetLastError
SetEvent
ResetEvent
WaitForMultipleObjects
GetTickCount
CreateEventW
GetSystemTime
GetTimeZoneInformation
SystemTimeToFileTime
GetCurrentThread
GetExitCodeThread
DuplicateHandle
LCMapStringW
GetLocaleInfoW
TerminateThread
CreateWaitableTimerW
ReleaseSemaphore
CreateSemaphoreW
SetThreadAffinityMask
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
CompareFileTime
IsDebuggerPresent
OutputDebugStringW
EncodePointer
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwindEx
RtlPcToFileHeader
LoadLibraryExW
GetStdHandle
GetStringTypeW
GetFileType
GetDateFormatW
GetTimeFormatW
CompareStringW
GetUserDefaultLCID
EnumSystemLocalesW
SetConsoleCtrlHandler
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapReAlloc
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW
ReadConsoleW
FormatMessageW
SwitchToFiber
DeleteFiber
CreateFiber
ConvertFiberToThread
ConvertThreadToFiber
GetEnvironmentVariableW
ReadConsoleA
SetConsoleMode
LoadLibraryW
TlsSetValue
TlsGetValue
GetSystemInfo
CloseHandle
FindClose
SetFilePointer
SetEndOfFile
ReadFile
WriteFile
GetFileSize
Sleep
WaitForSingleObject
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
GetCurrentThreadId
SwitchToThread
RaiseException
GetExitCodeProcess
ExitProcess
GetProcAddress
VirtualProtect
DecodePointer
GetProcessAffinityMask

user32

ReleaseCapture
SetTimer
KillTimer
CheckMenuItem
SetCursorPos
GetCursorPos
CopyRect
GetWindowLongW
EnumWindows
LoadCursorW
GetWindowInfo
WaitForInputIdle
RegisterClassExW
GetClassInfoExW
CreateWindowExW
IsWindow
ShowWindowAsync
FlashWindowEx
MoveWindow
GetWindowPlacement
SetWindowPlacement
IsWindowVisible
IsIconic
IsZoomed
GetActiveWindow
LoadMenuW
SetMenu
GetSystemMenu
DeleteMenu
BeginPaint
EndPaint
GetWindowTextW
MapWindowPoints
SetWindowLongW
GetWindowLongPtrW
EnumDisplaySettingsW
UpdateLayeredWindow
EnumDisplayDevicesA
DrawMenuBar
CreateMenu
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
ActivateKeyboardLayout
GetKeyboardLayout
CreatePopupMenu
DestroyMenu
TrackPopupMenu
SetMenuInfo
CloseWindow
RegisterClipboardFormatA
GetClipboardFormatNameA
CreateCaret
DestroyCaret
ShowCaret
SetCaretPos
OffsetRect
CharUpperW
CharLowerW
GetKeyboardState
ToAscii
MapVirtualKeyW
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
GetMessageTime
SetCapture
DdeFreeStringHandle
GetWindowThreadProcessId
EnumDisplayDevicesW
PostThreadMessageW
GetProcessWindowStation
GetUserObjectInformationW
SetRectEmpty
SetRect
ScreenToClient
ClientToScreen
GetCursor
SetCursor
MessageBoxA
GetClientRect
SetWindowTextW
GetPropW
SetPropW
RedrawWindow
GetSystemMetrics
SendInput
GetKeyState
DialogBoxIndirectParamW
PostMessageW
SendMessageTimeoutW
SendMessageW
GetDoubleClickTime
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
InflateRect
PostMessageA
RegisterWindowMessageA
PostQuitMessage
UnregisterClassA
UnregisterClassW
DestroyWindow
ShowWindow
SetWindowPos
DialogBoxParamW
EndDialog
GetDlgItem
SetDlgItemTextA
SetDlgItemTextW
GetDlgItemTextA
GetDlgItemTextW
SetFocus
EnableWindow
LoadAcceleratorsW
PeekMessageW
TrackMouseEvent
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
CreateIconIndirect
DestroyIcon
LoadIconW
TranslateAcceleratorW
GetMenu
GetMenuStringA
GetCapture
GetQueueStatus
GetFocus
DdeCreateStringHandleA
CallWindowProcW
GetMenuStringW
EnableMenuItem
GetSubMenu
InsertMenuA
InsertMenuW
RemoveMenu
GetParent
GetDesktopWindow
SetWindowLongPtrW
PtInRect
DdeClientTransaction
LoadStringW
LoadStringA
GetWindow
MessageBoxW
GetWindowRect
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
InvalidateRect
ReleaseDC
GetDC
GetForegroundWindow
UpdateWindow

gdi32

GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
IntersectClipRect
LineTo
SelectClipRgn
SetBkMode
SetGraphicsMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
GetTextMetricsW
GetTextAlign
GetTextCharacterExtra
GetFontData
EnumFontFamiliesExW
GetCurrentObject
SetWorldTransform
MoveToEx
ExtTextOutA
DPtoLP
CreateSolidBrush
Rectangle
RestoreDC
SaveDC
SetPolyFillMode
StretchDIBits
StartDocW
EndDoc
StartPage
EndPage
BeginPath
GetClipRgn
GetBkMode
GetBkColor
EnumFontFamiliesA
CreateRectRgn
CreateBitmap
CreatePen
CreateFontIndirectA
EnumFontFamiliesW
GdiFlush
ExtTextOutW
GdiAlphaBlend
SetStretchBltMode
StretchBlt
SetBkColor
GetStretchBltMode
CreateCompatibleBitmap
GetClipBox
CreatePalette
SelectPalette
RealizePalette
GetICMProfileA
GetObjectW
CreateDIBSection
GetDeviceCaps
GetSystemPaletteEntries
SetPixel
SelectObject
GetStockObject
DeleteObject
DeleteDC
CreateFontIndirectW
CreateDCA
CreateCompatibleDC
GetWorldTransform
BitBlt
PolyBezierTo
LPtoDP
ExtCreatePen
StrokePath
SelectClipPath
FillPath
EndPath

comdlg32

CommDlgExtendedError
PrintDlgW
GetSaveFileNameW
GetOpenFileNameW

shell32

DragQueryFileW
DragAcceptFiles
CommandLineToArgvW
SHGetPathFromIDListW
SHGetFolderPathA
SHGetFolderLocation
SHBrowseForFolderW
SHGetSettings
SHAppBarMessage
SHGetFolderPathW
SHGetDiskFreeSpaceExW
SHGetSpecialFolderPathW
DragQueryFileA

ole32

CreateBindCtx
MkParseDisplayName
CoInitializeEx
ReleaseStgMedium
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleSetClipboard
OleUninitialize
OleInitialize
CoSetProxyBlanket
PropVariantClear
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CoCreateGuid
CoTaskMemAlloc
StringFromGUID2

ws2_32

gethostname
getpeername
WSASocketW
WSAStartup
WSACleanup
__WSAFDIsSet
bind
closesocket
connect
ioctlsocket
getsockname
htonl
htons
inet_addr
inet_ntoa
ntohs
recv
WSAIoctl
WSAAddressToStringA
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAAsyncSelect
WSAGetLastError
WSASetLastError
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
ntohl
setsockopt
sendto
shutdown
getsockopt
getaddrinfo
freeaddrinfo
getnameinfo
recvfrom
select
send

shlwapi

StrRStrIW
StrStrIW

advapi32

CryptGenRandom
RegOpenKeyA
RegCloseKey
RegCreateKeyExW
CryptEnumProvidersW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
CryptAcquireContextW
CryptReleaseContext
CryptAcquireContextA
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW

Sections

.text
Size: 7.9MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shockd
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 721KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f615770f52bfb07a29c219f613852ca7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

ws2_32

shlwapi

advapi32

Sections

.text Size: 7.9MB - Virtual size: 7.9MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 123KB - Virtual size: 1.0MB

.pdata Size: 398KB - Virtual size: 398KB

.gfids Size: 512B - Virtual size: 240B

_RDATA Size: 512B - Virtual size: 8B

.shockd Size: 512B - Virtual size: 48B

.rsrc Size: 721KB - Virtual size: 721KB

.reloc Size: 132KB - Virtual size: 131KB

.text
Size: 7.9MB - Virtual size: 7.9MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 123KB - Virtual size: 1.0MB

.pdata
Size: 398KB - Virtual size: 398KB

.gfids
Size: 512B - Virtual size: 240B

_RDATA
Size: 512B - Virtual size: 8B

.shockd
Size: 512B - Virtual size: 48B

.rsrc
Size: 721KB - Virtual size: 721KB

.reloc
Size: 132KB - Virtual size: 131KB