742dd4e4e6c45410a6761895b55292b8a99649c67b88c6aee430c16ef12044c6

Sharing

Copy URL

Twitter E-mail

General

Target

742dd4e4e6c45410a6761895b55292b8a99649c67b88c6aee430c16ef12044c6
Size

1.5MB
MD5

317772e4dd7862193d99a46880afa830
SHA1

8b0210e48decc193c59dd1333de596551a2d4670
SHA256

742dd4e4e6c45410a6761895b55292b8a99649c67b88c6aee430c16ef12044c6
SHA512

6700646d8414cf91ba3d1559732a52baf6a5e9c45244963ffdd6b6811a06967aa9b91a47ad1ed4573bea5a7c375f80ad179f2febe0703296443fb3d79794b999
SSDEEP

24576:Qd859hVMo0eBybooYXT3pFYsJ+W9cWYO/+:y8DhVMo0pboH3pFY+QWM

Score

N/A

Malware Config

Signatures

Files

742dd4e4e6c45410a6761895b55292b8a99649c67b88c6aee430c16ef12044c6
.exe windows x86

9c8891dc068dd5cbf4f25747ddcea65e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9
Direct3DCreate9Ex

winmm

timeBeginPeriod
timeEndPeriod

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

DeleteCriticalSection
GetLastError
GetModuleHandleA
lstrlenA
lstrcmpiA
WaitForSingleObject
GetModuleFileNameA
GetModuleHandleW
GetCurrentThreadId
CreateThread
IsDBCSLeadByte
InterlockedIncrement
InterlockedDecrement
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetCommandLineA
LockResource
FindResourceExA
EnterCriticalSection
LeaveCriticalSection
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
DeleteFileA
FindFirstFileA
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
GetExitCodeThread
CreateDirectoryA
OpenProcess
GetTempPathW
CreateDirectoryW
SetWaitableTimer
SleepEx
SetPriorityClass
GetCurrentProcess
CreateWaitableTimerA
CancelWaitableTimer
GetLocalTime
GetVersionExA
GetFileSizeEx
CreateFileA
GetEnvironmentVariableA
CreateFileW
GetTempFileNameW
DeleteFileW
WriteFile
SetFilePointer
ReadFile
GetFileSize
FlushFileBuffers
SystemTimeToFileTime
GetSystemTime
GetCurrentThread
QueryPerformanceCounter
QueryPerformanceFrequency
FindClose
OutputDebugStringA
InterlockedExchange
LocalAlloc
InitializeCriticalSection
lstrcmpA
OutputDebugStringW
SetLastError
LoadLibraryExW
SetEnvironmentVariableA
ResetEvent
GetTickCount
GetVersion
CompareStringA
CompareStringW
lstrcmpiW
GetEnvironmentVariableW
GetStringTypeExA
GetStringTypeExW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringA
GetLocaleInfoA
GetLocaleInfoW
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryW
SetConsoleCtrlHandler
GetConsoleMode
GetConsoleCP
SetHandleCount
GetTimeZoneInformation
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ExitThread
CreateEventA
SetEvent
SetThreadPriority
WaitForMultipleObjects
FreeLibrary
GetSystemDirectoryW
GetProcAddress
Sleep
GetDiskFreeSpaceExW
SetStdHandle
GetCPInfo
ExitProcess
HeapCreate
VirtualFree
FatalAppExitA
IsDebuggerPresent
TerminateProcess
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetModuleFileNameW
GetSystemTimeAsFileTime
WriteConsoleW
WriteConsoleA
GetConsoleOutputCP
SetEndOfFile
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
LocalFree
GetFileType
GetStdHandle
LoadLibraryA

user32

UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
RegisterDeviceNotificationA
CreateWindowExA
RegisterClassExA
DefWindowProcA
UnregisterDeviceNotification
DispatchMessageA
GetMonitorInfoA
PeekMessageA
CharLowerA
CharLowerW
CharUpperW
UnregisterClassA
DestroyWindow
PostThreadMessageA
GetWindowLongA
GetMessageA
CharNextW
CharUpperA
SetWindowLongA
TranslateMessage
CharNextA

advapi32

RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegDeleteKeyExA
RegOpenKeyExW
RegQueryValueExW
EventWrite
EventRegister
EventUnregister
RegDeleteKeyA

shell32

SHGetKnownFolderPath
SHGetFolderPathA
SHGetFolderPathW

ole32

CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
StringFromGUID2
CoInitializeEx
CoInitialize
CoTaskMemAlloc
CoCreateInstance

oleaut32

SysAllocStringLen
LoadRegTypeLi
SafeArrayDestroy
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysStringLen
SysFreeString
CreateErrorInfo
VariantClear
GetErrorInfo
VariantChangeType
VariantInit
SetErrorInfo

psapi

GetModuleFileNameExW

crypt32

CryptQueryObject
CryptMsgGetParam
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CryptMsgClose
CryptDecodeObject
CertGetNameStringA

nvaudcap32v

NvAudCapAPICreateInstance

gamecaster32

ord3
ord2
ord5
ord6
ord7
ord1
ord4

cudart32_55

cudaGraphicsUnregisterResource
cudaGraphicsD3D9RegisterResource
cudaDeviceReset
cudaHostGetDevicePointer
cudaHostAlloc
cudaMalloc
cudaDriverGetVersion
cudaSetDeviceFlags
cudaGetDeviceProperties
cudaFreeHost
cudaFree
cudaGraphicsUnmapResources
cudaGraphicsMapResources
cudaGraphicsSubResourceGetMappedArray
cudaMemcpyToArray

d3dx9_43

D3DXLoadSurfaceFromMemory

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c8891dc068dd5cbf4f25747ddcea65e

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

winmm

version

kernel32

user32

advapi32

shell32

ole32

oleaut32

psapi

crypt32

nvaudcap32v

gamecaster32

cudart32_55

d3dx9_43

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 116KB - Virtual size: 114KB

.data Size: 16KB - Virtual size: 63KB

.idata Size: 12KB - Virtual size: 9KB

.rsrc Size: 188KB - Virtual size: 187KB

.reloc Size: 148KB - Virtual size: 148KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 116KB - Virtual size: 114KB

.data
Size: 16KB - Virtual size: 63KB

.idata
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 188KB - Virtual size: 187KB

.reloc
Size: 148KB - Virtual size: 148KB