GRIDAutosport[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

GRIDAutosport.exe
Size

16.7MB
MD5

8f5313c40a8056debc3b982a150f7814
SHA1

881eae479f15d6687c87bdf5a20901f03ae1dcb4
SHA256

23d863f970a454ba52d66f7c22a296428bd0047781ecede1baa9f0d9211616f9
SHA512

15056b4e43dc6cbced43772a1e473ae511897e8760dde972b36efe0ac4f8c2f1d90cd2d76d4edea67141024ce232ef2937f30a07a165aaeb3caa43957743748b
SSDEEP

393216:aKsRuNx/DZIEcVj4tEUl26DpqFiHzWag0z5hkZU6jE5Mpw4joXV5gBe:aKsRuNx/DR5hkZfY5M6b

Score

1^/10

Malware Config

Signatures

Files

GRIDAutosport.exe
.exe windows x86

e3d9da03ac0840948e5558c196c2bf60

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

d3d11

D3D11CreateDevice

shlwapi

PathRemoveFileSpecA
StrStrIA

ws2_32

WSAStartup
WSACleanup
recv
__WSAFDIsSet
select
accept
connect
htons
send
listen
bind
socket
gethostbyname
inet_addr
WSAGetLastError
sendto
ntohs
recvfrom
setsockopt
ioctlsocket
closesocket
getsockname
getaddrinfo
freeaddrinfo
htonl

iphlpapi

CancelIPChangeNotify
GetAdaptersAddresses
NotifyAddrChange

xinput1_3

ord3
ord2
ord4

steam_api

SteamNetworking
SteamMatchmaking
SteamUserStats
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RunCallbacks
SteamAPI_UnregisterCallback
SteamAPI_RestartAppIfNecessary
SteamAPI_Init
SteamUtils
SteamAPI_SetMiniDumpComment
SteamAPI_WriteMiniDump
SteamAPI_Shutdown
SteamUser
SteamRemoteStorage
SteamApps
SteamFriends

winhttp

WinHttpAddRequestHeaders
WinHttpOpen
WinHttpQueryOption
WinHttpSetOption
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpWriteData
WinHttpSendRequest
WinHttpSetStatusCallback
WinHttpOpenRequest
WinHttpConnect
WinHttpReadData
WinHttpReceiveResponse

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

gdiplus

GdipDrawImageRectI
GdiplusShutdown
GdipCloneImage
GdipDeleteGraphics
GdipDisposeImage
GdipGetImageWidth
GdipAlloc
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipGraphicsClear
GdipCreateFromHDC
GdipGetImageHeight
GdipFree

imagehlp

ImageEnumerateCertificates
ImageGetCertificateHeader
ImageGetCertificateData
ImageDirectoryEntryToData

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
CertGetNameStringA
PFXImportCertStore
CryptVerifyMessageSignature
CertAddEncodedCertificateToStore
CertGetIssuerCertificateFromStore
CertCloseStore
CertOpenStore

kernel32

GetComputerNameExA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
OpenEventA
GetModuleHandleExA
SetLastError
GetStartupInfoW
GetEnvironmentStringsW
GetCurrentDirectoryW
GetConsoleWindow
FindResourceW
GetModuleFileNameW
HeapSize
SetThreadExecutionState
GetProcessHeap
HeapAlloc
IsDebuggerPresent
GetSystemDirectoryW
GetWindowsDirectoryW
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetSystemTime
GetComputerNameA
GetTimeZoneInformation
InterlockedDecrement
InterlockedIncrement
GetTickCount
GetFullPathNameW
lstrcmpiW
SetErrorMode
CreateWaitableTimerW
VirtualQuery
VirtualProtect
lstrlenW
OutputDebugStringW
SleepEx
UnhandledExceptionFilter
DecodePointer
EncodePointer
MultiByteToWideChar
lstrlenA
GetFileInformationByHandle
GetFileInformationByHandleEx
HeapFree
OpenFileById
GetDiskFreeSpaceA
CreateFileMappingA
QueryPerformanceCounter
QueryPerformanceFrequency
TlsGetValue
TlsSetValue
Process32Next
CloseHandle
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
Sleep
DeleteFileA
GetLastError
InterlockedCompareExchange
DebugBreak
OutputDebugStringA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
CreateDirectoryA
ReadFile
CreateFileA
FindClose
FindNextFileA
FindFirstFileA
SetThreadIdealProcessor
GetSystemInfo
GetCurrentThread
WriteFile
CreateDirectoryW
ExitProcess
TlsAlloc
TlsFree
CreateMutexA
WideCharToMultiByte
GetCommandLineW
SetProcessAffinityMask
GetCurrentProcess
GetLocalTime
HeapSetInformation
SetUnhandledExceptionFilter
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
RemoveVectoredExceptionHandler
GetVersionExA
CreateEventA
WaitForSingleObject
CreateSemaphoreA
RaiseException
GetCurrentThreadId
ResumeThread
SuspendThread
GetProcAddress
ReleaseMutex
ResetEvent
WaitForMultipleObjects
SetEvent
ReleaseSemaphore
SetThreadPriority
GetThreadPriority
CreateThread
FormatMessageA
AddVectoredExceptionHandler
SetThreadAffinityMask
GetProcessAffinityMask
GetLocaleInfoA
VirtualFree
VirtualAlloc
InitializeSRWLock
FreeLibrary
CancelIo
GetOverlappedResult
SetEndOfFile
SetFilePointerEx
ReadFileEx
WaitForSingleObjectEx
WaitForMultipleObjectsEx
GetFileAttributesA
GetFileAttributesExA
RemoveDirectoryA
GetFileSizeEx
LoadLibraryA
GetModuleFileNameA
GetFullPathNameA
GetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
GetDiskFreeSpaceExA
GetSystemPowerStatus
LocalFree
DeleteFileW
GetTempFileNameW
GetTempPathW
FindFirstFileW
CreateFileW
FindNextFileW
RemoveDirectoryW
MoveFileExW
GetFileAttributesW
CopyFileW
IsWow64Process
GlobalMemoryStatusEx
lstrcmpiA
IsProcessorFeaturePresent
InterlockedExchangeAdd
GetConsoleMode
GetStdHandle
GetCurrentProcessId
CreateSemaphoreW
CreateMutexW
CreateEventW
DeviceIoControl
DisableThreadLibraryCalls
LoadLibraryW
FormatMessageW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA

user32

GetDC
RegisterDeviceNotificationW
UnregisterDeviceNotification
GetWindowLongW
SetWindowLongW
CallWindowProcW
GetForegroundWindow
wsprintfA
RegisterClassExW
PeekMessageW
DispatchMessageW
GetWindowLongA
ClipCursor
ReleaseCapture
DefWindowProcW
SetRect
AdjustWindowRect
CreateWindowExW
SetWindowLongA
ShowCursor
GetFocus
UnregisterClassW
GetSystemMetrics
ToUnicode
MessageBoxW
DefWindowProcA
PostQuitMessage
GetActiveWindow
GetMonitorInfoW
EnumDisplayMonitors
EnumDisplayDevicesW
GetWindowRect
InvalidateRect
EnumDisplaySettingsA
RegisterRawInputDevices
GetKeyboardLayoutNameA
GetRawInputData
MapWindowPoints
GetClientRect
GetRawInputDeviceList
GetRawInputDeviceInfoA
MapVirtualKeyA
SystemParametersInfoA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PostMessageA
MessageBoxA
GetAsyncKeyState
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
SetFocus
GetRawInputDeviceInfoW
SendInput
DestroyWindow
ReleaseDC
UnregisterClassA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
UpdateLayeredWindow

gdi32

GetDIBits
GetStockObject
CreateDCA
DeleteObject
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
SwapBuffers
GetObjectA
ExtEscape

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenCurrentUser
RegOpenKeyExA
GetUserNameA
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
ReportEventA
DeregisterEventSource
RegisterEventSourceA
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptAcquireContextA
CryptDestroyHash
CryptReleaseContext

shell32

SHGetFolderPathA
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteA

ole32

CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
CoInitialize
PropVariantClear
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2
CoInitializeSecurity

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit

msvcr100

__pctype_func
isupper
___lc_codepage_func
___lc_handle_func
_calloc_crt
setlocale
strerror
islower
_free_locale
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
_except_handler4_common
?terminate@@YAXXZ
__crtLCMapStringA
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
__libm_sse2_tan
strncpy_s
_localtime64_s
_wfopen_s
rewind
_errno
wcsncpy_s
_itoa_s
_vsnprintf_s
calloc
wcscpy_s
wcstok_s
_endthreadex
_CIsqrt
_CIatan2
_CIsin
_CIcos
__iob_func
strtoul
fputs
__CxxFrameHandler3
__libm_sse2_log
memmove_s
memchr
localeconv
_itoa
_finite
strcspn
_controlfp_s
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
strtol
div
toupper
_beginthreadex
vsprintf
isalpha
isalnum
strtok
modf
__libm_sse2_cos
strncpy
__libm_sse2_logf
strtod
__libm_sse2_log10f
__libm_sse2_sin
strpbrk
_snprintf
ftell
fseek
fread
strcpy_s
_vsnwprintf
fwrite
fflush
abort
longjmp
_setjmp3
atol
__CxxFrameHandler
strcat_s
_aligned_msize
_except_handler3
_atoflt
realloc
_time64
_mktime64
_localtime64
wcsstr
free
_CIacos
_stricmp
memcpy
memset
memmove
_purecall
__libm_sse2_acosf
__libm_sse2_cosf
__libm_sse2_sinf
_isnan
strstr
_difftime64
rand
ceil
floor
strtok_s
sscanf
_vsnprintf
strncmp
tolower
_strnicmp
strchr
atoi
ldiv
__libm_sse2_atanf
__libm_sse2_tanf
_CIpow
__libm_sse2_pow
atof
isdigit
_invoke_watson
strrchr
isspace
_aligned_malloc
_aligned_free
qsort
_strtoui64
srand
exit
printf
__libm_sse2_expf
sprintf
_CIasin
fclose
fprintf
fopen
__libm_sse2_powf
__libm_sse2_asinf
_chdir
__libm_sse2_atan2
__libm_sse2_exp
_CIfmod
sprintf_s
malloc

d3dcompiler_43

D3DCompile
D3DReflect

bink2w32

_BinkGetTrackID@8
_BinkGetTrackData@8
_BinkOpenTrack@8
_BinkPause@8
_BinkSetVolume@12
_BinkSetWillLoop@8
_BinkNextFrame@4
_BinkClose@4
_BinkSetSpeakerVolumes@20
_BinkDoFrameAsync@12
_BinkShouldSkip@4
_BinkWait@4
_BinkRegisterFrameBuffers@8
_BinkGetFrameBuffersInfo@8
_BinkSetSoundTrack@8
_BinkSetFileOffset@8
_BinkOpen@8
_BinkGetRealtime@12
_BinkRequestStopAsyncThread@4
_BinkWaitStopAsyncThread@4
_BinkSetMemory@8
_BinkStartAsyncThread@8
_BinkDoFrameAsyncWait@8
_BinkFreeGlobals@0

d3dx11_43

D3DX11SaveTextureToFileA

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

wintrust

WinVerifyTrust

Sections

.text
Size: 12.0MB - Virtual size: 12.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 235KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.version
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.drmfree
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3d9da03ac0840948e5558c196c2bf60

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

d3d11

shlwapi

ws2_32

iphlpapi

xinput1_3

steam_api

winhttp

winmm

gdiplus

imagehlp

crypt32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcr100

d3dcompiler_43

bink2w32

d3dx11_43

wtsapi32

wintrust

Sections

.text Size: 12.0MB - Virtual size: 12.0MB

.rdata Size: 3.3MB - Virtual size: 3.3MB

.data Size: 235KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 13B

.version Size: 512B - Virtual size: 4B

.rsrc Size: 346KB - Virtual size: 345KB

.reloc Size: 865KB - Virtual size: 864KB

.drmfree Size: 8KB - Virtual size: 7KB

.text
Size: 12.0MB - Virtual size: 12.0MB

.rdata
Size: 3.3MB - Virtual size: 3.3MB

.data
Size: 235KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 13B

.version
Size: 512B - Virtual size: 4B

.rsrc
Size: 346KB - Virtual size: 345KB

.reloc
Size: 865KB - Virtual size: 864KB

.drmfree
Size: 8KB - Virtual size: 7KB