d5ca366342ad47b7f8b075defdb3ba7dfa85e7c591db64f12910d264a001f9fc

Sharing

Copy URL Twitter E-mail

General

Target

d5ca366342ad47b7f8b075defdb3ba7dfa85e7c591db64f12910d264a001f9fc
Size

5.0MB
MD5

f4f2f86fd94e07ac915d520018ed51c9
SHA1

7450d7de192451963b4816fa20cd12a48669cf10
SHA256

d5ca366342ad47b7f8b075defdb3ba7dfa85e7c591db64f12910d264a001f9fc
SHA512

2e9a1869c9b876f488afc3629269c42e95546a3f2d66f908feaa86d8dcccb06410f66bad5aca6d908aca03e9cd4368fc27224aa8e7bb817981aac2f2ef1dbf01
SSDEEP

98304:8XLiv66gbTPhqkU0iuDvGB6fUV5Hs7N4mVM:si4fPhqk5DuBU4qM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ca366342ad47b7f8b075defdb3ba7dfa85e7c591db64f12910d264a001f9fc

Files

d5ca366342ad47b7f8b075defdb3ba7dfa85e7c591db64f12910d264a001f9fc
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Victoryas\Desktop\Metin2Programlar\Filesler\EYÜB\SOURCELER\ClientSource\Client\bin\metin2client.pdb

Exports

Exports

??0Config@libconfig@@QAE@XZ
??0ConfigException@libconfig@@QAE@$$QAV01@@Z
??0ConfigException@libconfig@@QAE@ABV01@@Z
??0ConfigException@libconfig@@QAE@XZ
??0FileIOException@libconfig@@QAE@$$QAV01@@Z
??0FileIOException@libconfig@@QAE@ABV01@@Z
??0FileIOException@libconfig@@QAE@XZ
??0ParseException@libconfig@@AAE@PBDH0@Z
??0ParseException@libconfig@@QAE@ABV01@@Z
??0Setting@libconfig@@AAE@PAUconfig_setting_t@@@Z
??0SettingException@libconfig@@IAE@ABVSetting@1@@Z
??0SettingException@libconfig@@IAE@ABVSetting@1@H@Z
??0SettingException@libconfig@@IAE@ABVSetting@1@PBD@Z
??0SettingException@libconfig@@IAE@PBD@Z
??0SettingException@libconfig@@QAE@ABV01@@Z
??0SettingNameException@libconfig@@AAE@ABVSetting@1@PBD@Z
??0SettingNameException@libconfig@@QAE@$$QAV01@@Z
??0SettingNameException@libconfig@@QAE@ABV01@@Z
??0SettingNotFoundException@libconfig@@AAE@ABVSetting@1@H@Z
??0SettingNotFoundException@libconfig@@AAE@ABVSetting@1@PBD@Z
??0SettingNotFoundException@libconfig@@AAE@PBD@Z
??0SettingNotFoundException@libconfig@@QAE@$$QAV01@@Z
??0SettingNotFoundException@libconfig@@QAE@ABV01@@Z
??0SettingTypeException@libconfig@@AAE@ABVSetting@1@@Z
??0SettingTypeException@libconfig@@AAE@ABVSetting@1@H@Z
??0SettingTypeException@libconfig@@AAE@ABVSetting@1@PBD@Z
??0SettingTypeException@libconfig@@QAE@$$QAV01@@Z
??0SettingTypeException@libconfig@@QAE@ABV01@@Z
??1Config@libconfig@@UAE@XZ
??1ConfigException@libconfig@@UAE@XZ
??1FileIOException@libconfig@@UAE@XZ
??1ParseException@libconfig@@UAE@XZ
??1Setting@libconfig@@UAE@XZ
??1SettingException@libconfig@@UAE@XZ
??1SettingNameException@libconfig@@UAE@XZ
??1SettingNotFoundException@libconfig@@UAE@XZ
??1SettingTypeException@libconfig@@UAE@XZ
??4ConfigException@libconfig@@QAEAAV01@$$QAV01@@Z
??4ConfigException@libconfig@@QAEAAV01@ABV01@@Z
??4FileIOException@libconfig@@QAEAAV01@$$QAV01@@Z
??4FileIOException@libconfig@@QAEAAV01@ABV01@@Z
??4ParseException@libconfig@@QAEAAV01@ABV01@@Z
??4Setting@libconfig@@QAEAAV01@ABN@Z
??4Setting@libconfig@@QAEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??4Setting@libconfig@@QAEAAV01@AB_J@Z
??4Setting@libconfig@@QAEAAV01@H@Z
??4Setting@libconfig@@QAEAAV01@J@Z
??4Setting@libconfig@@QAEAAV01@M@Z
??4Setting@libconfig@@QAEAAV01@PBD@Z
??4Setting@libconfig@@QAEAAV01@_N@Z
??4SettingException@libconfig@@QAEAAV01@ABV01@@Z
??4SettingNameException@libconfig@@QAEAAV01@$$QAV01@@Z
??4SettingNameException@libconfig@@QAEAAV01@ABV01@@Z
??4SettingNotFoundException@libconfig@@QAEAAV01@$$QAV01@@Z
??4SettingNotFoundException@libconfig@@QAEAAV01@ABV01@@Z
??4SettingTypeException@libconfig@@QAEAAV01@$$QAV01@@Z
??4SettingTypeException@libconfig@@QAEAAV01@ABV01@@Z
??ASetting@libconfig@@QBEAAV01@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??ASetting@libconfig@@QBEAAV01@H@Z
??ASetting@libconfig@@QBEAAV01@PBD@Z
??BSetting@libconfig@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??BSetting@libconfig@@QBEHXZ
??BSetting@libconfig@@QBEIXZ
??BSetting@libconfig@@QBEJXZ
??BSetting@libconfig@@QBEKXZ
??BSetting@libconfig@@QBEMXZ
??BSetting@libconfig@@QBENXZ
??BSetting@libconfig@@QBEPBDXZ
??BSetting@libconfig@@QBE_JXZ
??BSetting@libconfig@@QBE_KXZ
??BSetting@libconfig@@QBE_NXZ
??_7Config@libconfig@@6B@
??_7ConfigException@libconfig@@6B@
??_7FileIOException@libconfig@@6B@
??_7ParseException@libconfig@@6B@
??_7Setting@libconfig@@6B@
??_7SettingException@libconfig@@6B@
??_7SettingNameException@libconfig@@6B@
??_7SettingNotFoundException@libconfig@@6B@
??_7SettingTypeException@libconfig@@6B@
?ConfigDestructor@Config@libconfig@@CAXPAX@Z
?add@Setting@libconfig@@QAEAAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4Type@12@@Z
?add@Setting@libconfig@@QAEAAV12@PBDW4Type@12@@Z
?add@Setting@libconfig@@QAEAAV12@W4Type@12@@Z
?assertType@Setting@libconfig@@ABEXW4Type@12@@Z
?c_str@Setting@libconfig@@QBEPBDXZ
?exists@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?exists@Config@libconfig@@QBE_NPBD@Z
?exists@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?exists@Setting@libconfig@@QBE_NPBD@Z
?getAutoConvert@Config@libconfig@@QBE_NXZ
?getDefaultFormat@Config@libconfig@@QBE?AW4Format@Setting@2@XZ
?getError@ParseException@libconfig@@QBEPBDXZ
?getFile@ParseException@libconfig@@QBEPBDXZ
?getFormat@Setting@libconfig@@QBE?AW4Format@12@XZ
?getIncludeDir@Config@libconfig@@QBEPBDXZ
?getIndex@Setting@libconfig@@QBEHXZ
?getLength@Setting@libconfig@@QBEHXZ
?getLine@ParseException@libconfig@@QBEHXZ
?getName@Setting@libconfig@@QBEPBDXZ
?getParent@Setting@libconfig@@QAEAAV12@XZ
?getParent@Setting@libconfig@@QBEABV12@XZ
?getPath@Setting@libconfig@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?getPath@SettingException@libconfig@@QBEPBDXZ
?getRoot@Config@libconfig@@QBEAAVSetting@2@XZ
?getSourceFile@Setting@libconfig@@QBEPBDXZ
?getSourceLine@Setting@libconfig@@QBEIXZ
?getTabWidth@Config@libconfig@@QBEGXZ
?getType@Setting@libconfig@@QBE?AW4Type@12@XZ
?handleError@Config@libconfig@@ABEXXZ
?isAggregate@Setting@libconfig@@QBE_NXZ
?isArray@Setting@libconfig@@QBE_NXZ
?isGroup@Setting@libconfig@@QBE_NXZ
?isList@Setting@libconfig@@QBE_NXZ
?isNumber@Setting@libconfig@@QBE_NXZ
?isRoot@Setting@libconfig@@QBE_NXZ
?isScalar@Setting@libconfig@@QBE_NXZ
?lookup@Config@libconfig@@QBEAAVSetting@2@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?lookup@Config@libconfig@@QBEAAVSetting@2@PBD@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAI@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAM@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPBD@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_J@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_K@Z
?lookupValue@Config@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_N@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAH@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAI@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAM@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAN@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAPBD@Z
?lookupValue@Config@libconfig@@QBE_NPBDAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?lookupValue@Config@libconfig@@QBE_NPBDAA_J@Z
?lookupValue@Config@libconfig@@QBE_NPBDAA_K@Z
?lookupValue@Config@libconfig@@QBE_NPBDAA_N@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAH@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAI@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAM@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAN@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAPBD@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_J@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_K@Z
?lookupValue@Setting@libconfig@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_N@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAH@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAI@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAM@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAN@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAPBD@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAA_J@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAA_K@Z
?lookupValue@Setting@libconfig@@QBE_NPBDAA_N@Z
?read@Config@libconfig@@QAEXPAU_iobuf@@@Z
?readFile@Config@libconfig@@QAEXPBD@Z
?readString@Config@libconfig@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?readString@Config@libconfig@@QAEXPBD@Z
?remove@Setting@libconfig@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?remove@Setting@libconfig@@QAEXI@Z
?remove@Setting@libconfig@@QAEXPBD@Z
?setAutoConvert@Config@libconfig@@QAEX_N@Z
?setDefaultFormat@Config@libconfig@@QAEXW4Format@Setting@2@@Z
?setFormat@Setting@libconfig@@QAEXW4Format@12@@Z
?setIncludeDir@Config@libconfig@@QAEXPBD@Z
?setTabWidth@Config@libconfig@@QAEXG@Z
?what@FileIOException@libconfig@@UBEPBDXZ
?what@ParseException@libconfig@@UBEPBDXZ
?what@SettingException@libconfig@@UBEPBDXZ
?what@SettingNameException@libconfig@@UBEPBDXZ
?what@SettingNotFoundException@libconfig@@UBEPBDXZ
?what@SettingTypeException@libconfig@@UBEPBDXZ
?wrapSetting@Setting@libconfig@@CAAAV12@PAUconfig_setting_t@@@Z
?write@Config@libconfig@@QBEXPAU_iobuf@@@Z
?writeFile@Config@libconfig@@QAEXPBD@Z

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 705KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 191KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.newimp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 705KB - Virtual size: 705KB

.data Size: 191KB - Virtual size: 683KB

.data1 Size: 2KB - Virtual size: 2KB

.rsrc Size: 45KB - Virtual size: 45KB

.reloc Size: 191KB - Virtual size: 191KB

.newimp Size: 4KB - Virtual size: 4KB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 705KB - Virtual size: 705KB

.data
Size: 191KB - Virtual size: 683KB

.data1
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 45KB - Virtual size: 45KB

.reloc
Size: 191KB - Virtual size: 191KB

.newimp
Size: 4KB - Virtual size: 4KB