83c9eb0d0c63bd9ee638f4eedd642c67bdc4d42de8104f34b185f9c23d900a98

Sharing

Copy URL Twitter E-mail

General

Target

83c9eb0d0c63bd9ee638f4eedd642c67bdc4d42de8104f34b185f9c23d900a98
Size

1.1MB
MD5

0ba2fe131078261343ce04407dcc3afc
SHA1

a595ab2b11c71901cf0d77053b1b87b51a9bcff4
SHA256

83c9eb0d0c63bd9ee638f4eedd642c67bdc4d42de8104f34b185f9c23d900a98
SHA512

b09d73a0956d21b32b34f17e847f848fc2332fb925b38ba265d743148a687b3f926326407d22acf670bd741b6d8d16bbb405ba396755b5f0a783b17611eb26e4
SSDEEP

12288:Y87mZtyvLwiE+ZQVPkQGZ1cxCFPXNy1vSpkGG04:nmZiL9E+ZUMQG/yQpBG0

Score

N/A

Malware Config

Signatures

Files

83c9eb0d0c63bd9ee638f4eedd642c67bdc4d42de8104f34b185f9c23d900a98
.dll windows x86

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8thk

OsThunkDdQueryDirectDrawObject
OsThunkDdBlt
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdGetDC
OsThunkDdDeleteDirectDrawObject
OsThunkDdGetDriverInfo
OsThunkDdGetAvailDriverMemory
OsThunkDdFlipToGDISurface
OsThunkDdSetExclusiveMode
OsThunkDdGetScanLine
OsThunkDdWaitForVerticalBlank
OsThunkDdGetFlipStatus
OsThunkDdGetBltStatus
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdDestroyD3DBuffer
OsThunkDdLockD3D
OsThunkDdResetVisrgn
OsThunkDdFlip
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkD3dContextDestroyAll
OsThunkD3dContextDestroy
OsThunkD3dContextCreate
OsThunkDdCreateSurfaceEx
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdCreateSurfaceObject
OsThunkDdAttachSurface
OsThunkDdCreateD3DBuffer
OsThunkDdCreateSurface
OsThunkDdSetGammaRamp
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroySurface
OsThunkDdLock

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_adjust_fdiv
_initterm
realloc
_CIpow
_CxxThrowException
free
malloc
_ftol
sscanf
sprintf
_vsnprintf
__CxxFrameHandler
_purecall
_strlwr
wcsrchr
atoi
_stricmp
_snprintf
pow
memmove
fflush
fwrite
fprintf
fclose
fopen
_errno
exp
floor

user32

IntersectRect
GetCursor
SetRect
GetClientRect
ClientToScreen
OffsetRect
EnumDisplaySettingsA
GetSystemMetrics
GetMonitorInfoA
GetDC
ReleaseDC
LoadStringA
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
GetThreadDesktop
IsWindow
GetWindowThreadProcessId
CallWindowProcA
SendMessageA
IsIconic
PostMessageA
GetWindowLongA
GetKeyState
DefWindowProcA
SetWindowPos
GetForegroundWindow
IsWindowVisible
ShowWindow
IsZoomed
ChangeDisplaySettingsA
SystemParametersInfoA
CreateIconIndirect
GetWindowDC
GetDesktopWindow
GetIconInfo
SetCursorPos
GetCursorPos
SetForegroundWindow
DestroyIcon
SetCursor
SetWindowLongA
wsprintfA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
AddAccessAllowedAce
InitializeAcl
GetLengthSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

GetDeviceCaps
CreateDCA
GdiEntry13
GetRegionData
DeleteObject
GetRandomRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
GdiEntry1
GetDeviceGammaRamp
StretchBlt
SetStretchBltMode
BitBlt
DeleteDC
GetNearestColor
GetSystemPaletteEntries
CreateCompatibleDC
CreateDIBitmap
GetObjectA

kernel32

GetCurrentProcess
DebugBreak
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA
GetVersionExA
GetSystemInfo
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
InterlockedDecrement
lstrcpyA
OpenMutexA
CreateMutexA
DisableThreadLibraryCalls
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
lstrcmpA
GetCurrentThreadId
ReleaseMutex
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
InterlockedCompareExchange
VerifyVersionInfoA
VerSetConditionMask
Sleep
GetTickCount
GetProcAddress
LocalAlloc
LocalFree
CreateFileA
SetFilePointer
ReadFile
MoveFileA
DeleteFileA
WriteFile
GetFileSize
WideCharToMultiByte
FreeLibrary
LoadLibraryA
lstrcpynA
OutputDebugStringA
MultiByteToWideChar
lstrlenA
HeapAlloc
GetProcessHeap
ConnectNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
FlushFileBuffers
PeekNamedPipe
InterlockedIncrement
lstrcatA
GetSystemDirectoryA
GetModuleHandleA

Exports

Exports

CheckFullscreen
DebugSetMute
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.code9
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

Imports

d3d8thk

msvcrt

user32

advapi32

version

gdi32

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 11KB - Virtual size: 32KB

.data1 Size: 21KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 30KB - Virtual size: 32KB

.code9 Size: 512B - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 11KB - Virtual size: 32KB

.data1
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 30KB - Virtual size: 32KB

.code9
Size: 512B - Virtual size: 4KB