a8c71dc5a0a0ff9c0a538832b0ba943ddf67d5ba294e6537f1c1716bd3fd812c

Sharing

Copy URL Twitter E-mail

General

Target

a8c71dc5a0a0ff9c0a538832b0ba943ddf67d5ba294e6537f1c1716bd3fd812c
Size

1.1MB
MD5

e2d9026d0fbdba2f2cd4524d4bf2adb2
SHA1

68cfce73f02f4ac76df90be4eb616e39cbafffac
SHA256

a8c71dc5a0a0ff9c0a538832b0ba943ddf67d5ba294e6537f1c1716bd3fd812c
SHA512

e4d562731d21c77bdb78a310efd94877848ec12a6436bd7b71e283c22f9448fd8fa82a67f84a685de7aa8ce90b7c38364a93ad0948069ee28444692d5576e13e
SSDEEP

24576:PNFLr4E7FHdtDg8kCO3mkzRs++20WNEdkpBUkpd:PNBrt7pdtIPeY

Score

N/A

Malware Config

Signatures

Files

a8c71dc5a0a0ff9c0a538832b0ba943ddf67d5ba294e6537f1c1716bd3fd812c
.dll windows x86

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

d3d8thk

OsThunkDdQueryDirectDrawObject
OsThunkDdBlt
OsThunkDdReenableDirectDrawObject
OsThunkDdReleaseDC
OsThunkDdGetDC
OsThunkDdDeleteDirectDrawObject
OsThunkDdGetDriverInfo
OsThunkDdGetAvailDriverMemory
OsThunkDdFlipToGDISurface
OsThunkDdSetExclusiveMode
OsThunkDdGetScanLine
OsThunkDdWaitForVerticalBlank
OsThunkDdGetFlipStatus
OsThunkDdGetBltStatus
OsThunkDdUnlock
OsThunkDdUnlockD3D
OsThunkDdDestroyD3DBuffer
OsThunkDdLockD3D
OsThunkDdResetVisrgn
OsThunkDdFlip
OsThunkD3dDrawPrimitives2
OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkD3dContextDestroyAll
OsThunkD3dContextDestroy
OsThunkD3dContextCreate
OsThunkDdCreateSurfaceEx
OsThunkDdCanCreateD3DBuffer
OsThunkDdCanCreateSurface
OsThunkDdCreateSurfaceObject
OsThunkDdAttachSurface
OsThunkDdCreateD3DBuffer
OsThunkDdCreateSurface
OsThunkDdSetGammaRamp
OsThunkDdDeleteSurfaceObject
OsThunkDdDestroySurface
OsThunkDdLock

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_adjust_fdiv
_initterm
realloc
_CIpow
_CxxThrowException
free
malloc
_ftol
sscanf
sprintf
_vsnprintf
__CxxFrameHandler
_purecall
_strlwr
wcsrchr
atoi
_stricmp
_snprintf
pow
memmove
fflush
fwrite
fprintf
fclose
fopen
_errno
exp
floor

user32

IntersectRect
GetCursor
SetRect
GetClientRect
ClientToScreen
OffsetRect
EnumDisplaySettingsA
GetSystemMetrics
GetMonitorInfoA
GetDC
ReleaseDC
LoadStringA
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
GetThreadDesktop
IsWindow
GetWindowThreadProcessId
CallWindowProcA
SendMessageA
IsIconic
PostMessageA
GetWindowLongA
GetKeyState
DefWindowProcA
SetWindowPos
GetForegroundWindow
IsWindowVisible
ShowWindow
IsZoomed
ChangeDisplaySettingsA
SystemParametersInfoA
CreateIconIndirect
GetWindowDC
GetDesktopWindow
GetIconInfo
SetCursorPos
GetCursorPos
SetForegroundWindow
DestroyIcon
SetCursor
SetWindowLongA
wsprintfA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegCloseKey
AddAccessAllowedAce
InitializeAcl
GetLengthSid
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

gdi32

GetDeviceCaps
CreateDCA
GdiEntry13
GetRegionData
DeleteObject
GetRandomRgn
CreateRectRgn
GetDIBits
CreateCompatibleBitmap
GdiEntry1
GetDeviceGammaRamp
StretchBlt
SetStretchBltMode
BitBlt
DeleteDC
GetNearestColor
GetSystemPaletteEntries
CreateCompatibleDC
CreateDIBitmap
GetObjectA

kernel32

GetCurrentProcess
DebugBreak
VirtualFree
VirtualProtect
VirtualAlloc
GetModuleFileNameA
GetVersionExA
GetSystemInfo
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
InterlockedDecrement
lstrcpyA
OpenMutexA
CreateMutexA
DisableThreadLibraryCalls
GetLastError
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
lstrcmpA
GetCurrentThreadId
ReleaseMutex
CreateSemaphoreA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
InterlockedCompareExchange
VerifyVersionInfoA
VerSetConditionMask
Sleep
GetTickCount
GetProcAddress
LocalAlloc
LocalFree
CreateFileA
SetFilePointer
ReadFile
MoveFileA
DeleteFileA
WriteFile
GetFileSize
WideCharToMultiByte
FreeLibrary
LoadLibraryA
lstrcpynA
OutputDebugStringA
MultiByteToWideChar
lstrlenA
HeapAlloc
GetProcessHeap
ConnectNamedPipe
SetNamedPipeHandleState
DisconnectNamedPipe
FlushFileBuffers
PeekNamedPipe
InterlockedIncrement
lstrcatA
GetSystemDirectoryA
GetModuleHandleA

Exports

Exports

CheckFullscreen
DebugSetMute
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.texc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

212b48b1c423973628d4826323e82a98

Headers

File Characteristics

Imports

d3d8thk

msvcrt

user32

advapi32

version

gdi32

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.data Size: 11KB - Virtual size: 32KB

.data1 Size: 21KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 30KB - Virtual size: 32KB

.texc Size: 2KB - Virtual size: 4KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 11KB - Virtual size: 32KB

.data1
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 30KB - Virtual size: 32KB

.texc
Size: 2KB - Virtual size: 4KB