9f6420914773f1cb7c4f4238cd35187c5576d8f3c1c3f25f5e44f4e8f82d9296

Sharing

Copy URL Twitter E-mail

General

Target

9f6420914773f1cb7c4f4238cd35187c5576d8f3c1c3f25f5e44f4e8f82d9296
Size

956KB
MD5

11b9bebc090f4544f46fa5d065a3b880
SHA1

74d8933a9b561f6a5d9a2b1be2e53c29a382d678
SHA256

9f6420914773f1cb7c4f4238cd35187c5576d8f3c1c3f25f5e44f4e8f82d9296
SHA512

898a8f9c2294be0c9c55836447448ad7f5302ece413d642889d70f3fe7b06f6e1a6600f3ff7e3bbe387e482519ad552686bebd2ff4668ded10f2de3afca409d3
SSDEEP

12288:rWWyeHHMcxk0nbDuQqCPuPXP0DAy1l+AHCgJQ8lTrYt5xGXIwUNdxjogDh:NvDVqCPuUDAyz+AignlTrYt5xGXed9o

Score

N/A

Malware Config

Signatures

Files

9f6420914773f1cb7c4f4238cd35187c5576d8f3c1c3f25f5e44f4e8f82d9296
.dll windows x86

00641ec2278b59207d6c5443af48a9c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

physx3common_x86

??1ReadWriteLock@shdfnd@physx@@QAE@XZ
?lockWriter@ReadWriteLock@shdfnd@physx@@QAEXXZ
?unlockWriter@ReadWriteLock@shdfnd@physx@@QAEXXZ
?trylock@MutexImpl@shdfnd@physx@@QAE_NXZ
?createFastXml@shdfnd@physx@@YAPAVFastXml@12@PAVCallback@312@@Z
??0PsModuleUpdateLoader@shdfnd@physx@@QAE@PBD@Z
?LoadModule@PsModuleUpdateLoader@shdfnd@physx@@QAEPAUHINSTANCE__@@PBD0@Z
??1PsModuleUpdateLoader@shdfnd@physx@@QAE@XZ
?atomicDecrement@shdfnd@physx@@YAHPCH@Z
?atomicIncrement@shdfnd@physx@@YAHPCH@Z
?destroyInstance@Foundation@shdfnd@physx@@SAXXZ
?reportError@ErrorHandler@shdfnd@physx@@QAEXW4Enum@PxErrorCode@3@PBD1H@Z
?getInstance@Foundation@shdfnd@physx@@SAAAV123@XZ
?getBootCounterFrequency@Time@shdfnd@physx@@SAABUCounterFrequencyToTensOfNanos@23@XZ
??0ReadWriteLock@shdfnd@physx@@QAE@XZ
?getSize@SyncImpl@shdfnd@physx@@SAABIXZ
??0SyncImpl@shdfnd@physx@@QAE@XZ
?getSize@MutexImpl@shdfnd@physx@@SAABIXZ
??0MutexImpl@shdfnd@physx@@QAE@XZ
?lockReader@ReadWriteLock@shdfnd@physx@@QAEXXZ
?unlockReader@ReadWriteLock@shdfnd@physx@@QAEXXZ
??1SyncImpl@shdfnd@physx@@QAE@XZ
??1MutexImpl@shdfnd@physx@@QAE@XZ
?reset@SyncImpl@shdfnd@physx@@QAEXXZ
?set@SyncImpl@shdfnd@physx@@QAEXXZ
?wait@SyncImpl@shdfnd@physx@@QAE_NI@Z
?getCurrentCounterValue@Time@shdfnd@physx@@SA_KXZ
?unlock@MutexImpl@shdfnd@physx@@QAEXXZ
?lock@MutexImpl@shdfnd@physx@@QAEXXZ
?allocate@TempAllocator@shdfnd@physx@@QAEPAXIPBDH@Z
?allocate@Allocator@shdfnd@physx@@QAEPAXIPBDH@Z
?deallocate@TempAllocator@shdfnd@physx@@QAEXPAX@Z
?getAllocator@shdfnd@physx@@YAAAVPxAllocatorCallback@2@XZ
PxGetFoundation
?deallocate@Allocator@shdfnd@physx@@QAEXPAX@Z

kernel32

InterlockedDecrement
LocalAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
SetEndOfFile
GetTimeZoneInformation
InterlockedExchange
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
CreateFileA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetLocaleInfoW
SetConsoleCtrlHandler
RaiseException
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
MapViewOfFile
GetLastError
CreateFileMappingA
CloseHandle
UnmapViewOfFile
GetCurrentProcessId
GetVersionExA
GetModuleHandleA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
ExitProcess
Sleep
LoadLibraryA
FreeLibrary
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
LocalFree
GetCurrentThread
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
FatalAppExitA
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
ReadFile
VirtualFree
VirtualAlloc
HeapCreate
HeapDestroy

Exports

Exports

NiGetApexSDK
NxCreateApexSDK
NxGetApexSDK

Sections

.text
Size: 735KB - Virtual size: 734KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

00641ec2278b59207d6c5443af48a9c4

Headers

DLL Characteristics

File Characteristics

Imports

physx3common_x86

kernel32

Exports

Exports

Sections

.text Size: 735KB - Virtual size: 734KB

.rdata Size: 111KB - Virtual size: 111KB

.data Size: 11KB - Virtual size: 25KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 42KB - Virtual size: 41KB

.rmnet Size: 54KB - Virtual size: 56KB

.text
Size: 735KB - Virtual size: 734KB

.rdata
Size: 111KB - Virtual size: 111KB

.data
Size: 11KB - Virtual size: 25KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 42KB - Virtual size: 41KB

.rmnet
Size: 54KB - Virtual size: 56KB