Resubmissions
03-09-2022 16:57
220903-vf811sceh9 1Static task
static1
General
-
Target
QuantV.asi
-
Size
2.1MB
-
MD5
5386b45f3c8b05d581bc983c6450aa41
-
SHA1
5f729e99615f3aa2dc63463b2cd44b9c6e33e4d3
-
SHA256
bd059eb2990a75f70f637d15c2339d97963ea4c381dc1d2c81ce16f882bbb234
-
SHA512
5ac6b8b31482bd48aa5ece12c71ed1728e915840e1d4cdea0f448127545c1d60fb56a5f219a835c51ac59f38bc3b0b37974464a4286ff213fce79e71ebaf68cd
-
SSDEEP
49152:1lfaOOmWlNFxJ7yA0cyYp3rlbcACs/dwPi:1omA0BYxrlIACsiPi
Malware Config
Signatures
Files
-
QuantV.asi.dll windows x64
ba304d6e2bf6ee1690938eae9209be8f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
HeapFree
EnterCriticalSection
GetCurrentProcess
LeaveCriticalSection
InitializeCriticalSectionEx
GetModuleHandleA
HeapSize
MultiByteToWideChar
GetLastError
LockResource
HeapReAlloc
RaiseException
K32GetModuleInformation
WritePrivateProfileStringA
FindResourceExW
LoadResource
FindResourceW
VirtualProtect
GetLocalTime
HeapDestroy
GetProcAddress
DeleteCriticalSection
GetProcessHeap
K32EnumProcessModules
GetPrivateProfileIntA
GetPrivateProfileStringA
WriteConsoleW
CreateFileW
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SizeofResource
DisableThreadLibraryCalls
HeapAlloc
GetTickCount64
SetStdHandle
SetFilePointerEx
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetStdHandle
CloseHandle
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetSystemInfo
VirtualAlloc
VirtualQuery
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
user32
GetDesktopWindow
GetClipboardData
CloseClipboard
OpenClipboard
keybd_event
gdi32
DeleteObject
GetObjectA
scripthookv
?nativeInit@@YAX_K@Z
?nativeCall@@YAPEA_KXZ
?scriptRegister@@YAXPEAUHINSTANCE__@@P6AXXZ@Z
?getGlobalPtr@@YAPEA_KH@Z
?scriptWait@@YAXK@Z
?getGameVersion@@YA?AW4eGameVersion@@XZ
?keyboardHandlerRegister@@YAXP6AXKGEHHHH@Z@Z
?worldGetAllVehicles@@YAHPEAHH@Z
?nativePush64@@YAX_K@Z
shlwapi
PathFindExtensionW
PathFindExtensionA
gdiplus
GdipGetImageEncoders
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdiplusStartup
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 669KB - Virtual size: 669KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 71KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ