0c9cfbdedc7f870e83a3c807035f682f5e0796a593b6587ab5a5ba4f7bc3ac96

Sharing

Copy URL Twitter E-mail

General

Target

0c9cfbdedc7f870e83a3c807035f682f5e0796a593b6587ab5a5ba4f7bc3ac96
Size

1.4MB
MD5

01326d50e860da809e2a8c1f3bcfab2d
SHA1

e3676e074eb8997d934980a4e9a23b6d6adf70d4
SHA256

0c9cfbdedc7f870e83a3c807035f682f5e0796a593b6587ab5a5ba4f7bc3ac96
SHA512

fb139e2c6ea6937446d3300d07c7a8ed92dc408b7b0d26e46d068a53b6fa79025e71c5507fdd282ccbf1ac4e7f2b7902faaad5b616794ebc9449f6e1f4ffcffe
SSDEEP

24576:VYoaDqdKN55xpOcijiup3kEhvvqhDLOHOQpAz+N9OI7L6WO0lV+mjoM9gt/NM54p:VnaDWKvr3dul5vJAz8V7L6VTmcldy54p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c9cfbdedc7f870e83a3c807035f682f5e0796a593b6587ab5a5ba4f7bc3ac96

Files

0c9cfbdedc7f870e83a3c807035f682f5e0796a593b6587ab5a5ba4f7bc3ac96
.dll windows:5 windows x86 arch:x86

5d5cc221f64ea14d035a07b54a73d05a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\桌面\`````\购买的登陆器源码\中国龙反作弊系统1.8正版CS\Release\MAE_Protect.pdb

Imports

winmm

timeGetTime

imm32

ImmGetCompositionStringA

opengl32

glFlush

kernel32

TlsSetValue

user32

BeginPaint

gdi32

SetBkColor

advapi32

SystemFunction036

shell32

SHGetSpecialFolderPathA

ws2_32

sendto

version

GetFileVersionInfoA

gdiplus

GdiplusStartup

wintrust

WinVerifyTrust

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

_DllMain@12

Sections

.text
Size: 506KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 943KB - Virtual size: 944KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d5cc221f64ea14d035a07b54a73d05a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

imm32

opengl32

kernel32

user32

gdi32

advapi32

shell32

ws2_32

version

gdiplus

wintrust

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 506KB - Virtual size: 4.3MB

.sedata Size: 943KB - Virtual size: 944KB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 506KB - Virtual size: 4.3MB

.sedata
Size: 943KB - Virtual size: 944KB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB