70d4170876c517847517cc5ead1a24b182def9192a0b6c96a7a4291cde381867

General

Target

70d4170876c517847517cc5ead1a24b182def9192a0b6c96a7a4291cde381867
Size

513KB
MD5

81093a065c5eb50c6196fefec1955831
SHA1

72f820463e3742a7dd8350946c1416158926b122
SHA256

70d4170876c517847517cc5ead1a24b182def9192a0b6c96a7a4291cde381867
SHA512

b27b2cf8a3fc3fea9b2aecdd350db97618bb74dc13673b630863086f29a9063566f0ec94a668b84fef7f996cec51e66e8c101bfefb45d53069cddfa436b10efa
SSDEEP

12288:bSTKrNiu22fAdK004qUG/OuEyyZe/CtPMREc8B+XLEqIeX6gAy/OB:2jfU004qauEyyzoVXMeBAGq

Score

N/A

Malware Config

Signatures

Files

70d4170876c517847517cc5ead1a24b182def9192a0b6c96a7a4291cde381867
.dll windows x86

9c06e822f012ddd7f8c1d22f5ad529f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
HeapDestroy
InterlockedExchange
HeapCreate
DisableThreadLibraryCalls
DeviceIoControl
CreateFileA
HeapFree
GetProcAddress
lstrcmpA
MapSL
ExitProcess
GetStringTypeA
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
LCMapStringA
LoadLibraryA
HeapAlloc
GetCurrentProcess
GetStdHandle
WriteFile
GetLastError
FlushFileBuffers
SetStdHandle
SetFilePointer
CloseHandle
GetPriorityClass
SetPriorityClass
QueryPerformanceCounter
GetModuleFileNameA
LCMapStringW
RtlUnwind

advapi32

RegOpenKeyExA
RegQueryValueExA

ddraw

DDHAL32_VidMemFree
DDHAL32_VidMemAlloc

Exports

Exports

DriverInit

Sections

.text
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c06e822f012ddd7f8c1d22f5ad529f7

Headers

File Characteristics

Imports

kernel32

advapi32

ddraw

Exports

Exports

Sections

.text Size: 289KB - Virtual size: 289KB

.data Size: 13KB - Virtual size: 13KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 69B

.rsrc Size: 1024B - Virtual size: 940B

.reloc Size: 11KB - Virtual size: 11KB

.text Size: 195KB - Virtual size: 196KB

.text
Size: 289KB - Virtual size: 289KB

.data
Size: 13KB - Virtual size: 13KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 69B

.rsrc
Size: 1024B - Virtual size: 940B

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 195KB - Virtual size: 196KB