e8b913a01bbbaa5f6ac805802458e55d085b8b2dbd66d07e418451fdd27a02c7

Sharing

Copy URL Twitter E-mail

General

Target

e8b913a01bbbaa5f6ac805802458e55d085b8b2dbd66d07e418451fdd27a02c7
Size

1.1MB
MD5

5070a39e53a849093ba753a23f973b2e
SHA1

6ce16e80bdba00889cac5e84ec88a58a91071530
SHA256

e8b913a01bbbaa5f6ac805802458e55d085b8b2dbd66d07e418451fdd27a02c7
SHA512

3c32e262d3ff91051508f0a6a96533160023329269ccda9770dd7d6bf477217b4d680f9cc70879bf4e5a8610e8d9e8a644904e60ccdaa2f030e4f4c5f204dbb2
SSDEEP

24576:yNwY9kjEHdtqg8kCO3mkzRs++20WNEdkpBUHpb:yNB6jMdtbPeN

Score

N/A

Malware Config

Signatures

Files

e8b913a01bbbaa5f6ac805802458e55d085b8b2dbd66d07e418451fdd27a02c7
.dll windows x86

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8thk

OsThunkDdQueryDirectDrawObject
OsThunkDdBlt
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdGetDC
OsThunkDdDeleteDirectDrawObject
OsThunkDdGetDriverInfo
OsThunkDdGetAvailDriverMemory
OsThunkDdFlipToGDISurface
OsThunkDdSetExclusiveMode
OsThunkDdGetScanLine
OsThunkDdWaitForVerticalBlank
OsThunkDdGetFlipStatus
OsThunkDdGetBltStatus
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdDestroyD3DBuffer
OsThunkDdLockD3D
OsThunkDdResetVisrgn
OsThunkDdFlip
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkD3dContextDestroyAll
OsThunkD3dContextDestroy
OsThunkD3dContextCreate
OsThunkDdCreateSurfaceEx
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdCreateSurfaceObject
OsThunkDdAttachSurface
OsThunkDdCreateD3DBuffer
OsThunkDdCreateSurface
OsThunkDdSetGammaRamp
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroySurface
OsThunkDdLock

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_adjust_fdiv
_initterm
realloc
_CIpow
_CxxThrowException
free
malloc
_ftol
sscanf
sprintf
_vsnprintf
__CxxFrameHandler
_purecall
_strlwr
wcsrchr
atoi
_stricmp
_snprintf
pow
memmove
fflush
fwrite
fprintf
fclose
fopen
_errno
exp
floor

user32

IntersectRect
GetCursor
SetRect
GetClientRect
ClientToScreen
OffsetRect
EnumDisplaySettingsA
GetSystemMetrics
GetMonitorInfoA
GetDC
ReleaseDC
LoadStringA
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
GetThreadDesktop
IsWindow
GetWindowThreadProcessId
CallWindowProcA
SendMessageA
IsIconic
PostMessageA
GetWindowLongA
GetKeyState
DefWindowProcA
SetWindowPos
GetForegroundWindow
IsWindowVisible
ShowWindow
IsZoomed
ChangeDisplaySettingsA
SystemParametersInfoA
CreateIconIndirect
GetWindowDC
GetDesktopWindow
GetIconInfo
SetCursorPos
GetCursorPos
SetForegroundWindow
DestroyIcon
SetCursor
SetWindowLongA
wsprintfA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
AddAccessAllowedAce
InitializeAcl
GetLengthSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

GetDeviceCaps
CreateDCA
GdiEntry13
GetRegionData
DeleteObject
GetRandomRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
GdiEntry1
GetDeviceGammaRamp
StretchBlt
SetStretchBltMode
BitBlt
DeleteDC
GetNearestColor
GetSystemPaletteEntries
CreateCompatibleDC
CreateDIBitmap
GetObjectA

kernel32

GetCurrentProcess
DebugBreak
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA
GetVersionExA
GetSystemInfo
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
InterlockedDecrement
lstrcpyA
OpenMutexA
CreateMutexA
DisableThreadLibraryCalls
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
lstrcmpA
GetCurrentThreadId
ReleaseMutex
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
InterlockedCompareExchange
VerifyVersionInfoA
VerSetConditionMask
Sleep
GetTickCount
GetProcAddress
LocalAlloc
LocalFree
CreateFileA
SetFilePointer
ReadFile
MoveFileA
DeleteFileA
WriteFile
GetFileSize
WideCharToMultiByte
FreeLibrary
LoadLibraryA
lstrcpynA
OutputDebugStringA
MultiByteToWideChar
lstrlenA
HeapAlloc
GetProcessHeap
ConnectNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
FlushFileBuffers
PeekNamedPipe
InterlockedIncrement
lstrcatA
GetSystemDirectoryA
GetModuleHandleA

Exports

Exports

CheckFullscreen
DebugSetMute
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.code9
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

Imports

d3d8thk

msvcrt

user32

advapi32

version

gdi32

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 11KB - Virtual size: 32KB

.data1 Size: 21KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 30KB - Virtual size: 32KB

.code9 Size: 1024B - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 11KB - Virtual size: 32KB

.data1
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 30KB - Virtual size: 32KB

.code9
Size: 1024B - Virtual size: 4KB