96b29fe9ea12af712864905a54da3c20dfc03f673ddf378a659a9b959c6355a5

Sharing

Copy URL Twitter E-mail

General

Target

96b29fe9ea12af712864905a54da3c20dfc03f673ddf378a659a9b959c6355a5
Size

1.1MB
MD5

6b344cfc98d8f2b3d9f7f4cf6d002f90
SHA1

35250cc981e38843e571ee51c6bd3327a474dad9
SHA256

96b29fe9ea12af712864905a54da3c20dfc03f673ddf378a659a9b959c6355a5
SHA512

9d0c791c4bd2166ffafb9b3c529082b995753ede60d707ba1db5a527cc2e2d91a058761d0e42ac2d757be11892bbe7fdfaad75b617c97a9b048d6b7ac0d372a2
SSDEEP

24576:4NwY9kjEHdtqg8kCO3mkzRs++20WNEdkpBUHpb:4NB6jMdtbPeN

Score

N/A

Malware Config

Signatures

Files

96b29fe9ea12af712864905a54da3c20dfc03f673ddf378a659a9b959c6355a5
.dll windows x86

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8thk

OsThunkDdQueryDirectDrawObject
OsThunkDdBlt
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdGetDC
OsThunkDdDeleteDirectDrawObject
OsThunkDdGetDriverInfo
OsThunkDdGetAvailDriverMemory
OsThunkDdFlipToGDISurface
OsThunkDdSetExclusiveMode
OsThunkDdGetScanLine
OsThunkDdWaitForVerticalBlank
OsThunkDdGetFlipStatus
OsThunkDdGetBltStatus
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdDestroyD3DBuffer
OsThunkDdLockD3D
OsThunkDdResetVisrgn
OsThunkDdFlip
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkD3dContextDestroyAll
OsThunkD3dContextDestroy
OsThunkD3dContextCreate
OsThunkDdCreateSurfaceEx
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdCreateSurfaceObject
OsThunkDdAttachSurface
OsThunkDdCreateD3DBuffer
OsThunkDdCreateSurface
OsThunkDdSetGammaRamp
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroySurface
OsThunkDdLock

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_adjust_fdiv
_initterm
realloc
_CIpow
_CxxThrowException
free
malloc
_ftol
sscanf
sprintf
_vsnprintf
__CxxFrameHandler
_purecall
_strlwr
wcsrchr
atoi
_stricmp
_snprintf
pow
memmove
fflush
fwrite
fprintf
fclose
fopen
_errno
exp
floor

user32

IntersectRect
GetCursor
SetRect
GetClientRect
ClientToScreen
OffsetRect
EnumDisplaySettingsA
GetSystemMetrics
GetMonitorInfoA
GetDC
ReleaseDC
LoadStringA
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
GetThreadDesktop
IsWindow
GetWindowThreadProcessId
CallWindowProcA
SendMessageA
IsIconic
PostMessageA
GetWindowLongA
GetKeyState
DefWindowProcA
SetWindowPos
GetForegroundWindow
IsWindowVisible
ShowWindow
IsZoomed
ChangeDisplaySettingsA
SystemParametersInfoA
CreateIconIndirect
GetWindowDC
GetDesktopWindow
GetIconInfo
SetCursorPos
GetCursorPos
SetForegroundWindow
DestroyIcon
SetCursor
SetWindowLongA
wsprintfA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
AddAccessAllowedAce
InitializeAcl
GetLengthSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

GetDeviceCaps
CreateDCA
GdiEntry13
GetRegionData
DeleteObject
GetRandomRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
GdiEntry1
GetDeviceGammaRamp
StretchBlt
SetStretchBltMode
BitBlt
DeleteDC
GetNearestColor
GetSystemPaletteEntries
CreateCompatibleDC
CreateDIBitmap
GetObjectA

kernel32

GetCurrentProcess
DebugBreak
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA
GetVersionExA
GetSystemInfo
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
InterlockedDecrement
lstrcpyA
OpenMutexA
CreateMutexA
DisableThreadLibraryCalls
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
lstrcmpA
GetCurrentThreadId
ReleaseMutex
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
InterlockedCompareExchange
VerifyVersionInfoA
VerSetConditionMask
Sleep
GetTickCount
GetProcAddress
LocalAlloc
LocalFree
CreateFileA
SetFilePointer
ReadFile
MoveFileA
DeleteFileA
WriteFile
GetFileSize
WideCharToMultiByte
FreeLibrary
LoadLibraryA
lstrcpynA
OutputDebugStringA
MultiByteToWideChar
lstrlenA
HeapAlloc
GetProcessHeap
ConnectNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
FlushFileBuffers
PeekNamedPipe
InterlockedIncrement
lstrcatA
GetSystemDirectoryA
GetModuleHandleA

Exports

Exports

CheckFullscreen
DebugSetMute
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.code9
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

Imports

d3d8thk

msvcrt

user32

advapi32

version

gdi32

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 11KB - Virtual size: 32KB

.data1 Size: 21KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 30KB - Virtual size: 32KB

.code9 Size: 512B - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 11KB - Virtual size: 32KB

.data1
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 30KB - Virtual size: 32KB

.code9
Size: 512B - Virtual size: 4KB