d3d10[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3d10.dll
Size

726KB
MD5

1edcdb7fb2564112e4d3c274acc43b57
SHA1

a82572af9de5f6c2a5ba4c81e42ceb1e9f991f14
SHA256

fc114654b427f9e4f9d10245fa43647a011901a431a2df4856827fc1ed96999d
SHA512

c57a7a9f4895a9248c1d728a177a0a610acd2e6a0f5fce02fcff5737888bcbb4919f609567a9e850ed1a71ee1e95b517b8b8065ffed3cef7dff97ea6ded26299
SSDEEP

12288:ZQbS/A7vfy/p+5xxdVxiRa98EveUxCj2AqeMQmzFTSpkP2EWmned0:ZQbS/yVDx5YaKEveuGKFzFTSpkPFWmnY

Score

1^/10

Malware Config

Signatures

Files

d3d10.dll
.dll windows x64

3cc9044fe02a13c5861e23b63fbe72cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?_Incref@facet@locale@std@@UEAAXXZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Strxfrm
_Strcoll
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exceptions@std@@YAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xbad_alloc@std@@YAXXZ
_Thrd_sleep
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?_Xlength_error@std@@YAXPEBD@Z
?id@?$collate@D@std@@2V0locale@2@A

user32

LoadCursorA
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
IsChild
TrackMouseEvent
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
CreateWindowExA
DefWindowProcA
GetWindowRect
GetSystemMetrics
mouse_event
CallWindowProcA

kernel32

OpenThread
GetCurrentProcessId
GetCurrentProcess
Sleep
HeapFree
HeapReAlloc
HeapAlloc
HeapCreate
GetLastError
CloseHandle
VirtualQuery
VirtualFree
VirtualAlloc
GetSystemInfo
LoadLibraryA
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
SuspendThread
GlobalUnlock
GlobalAlloc
GetModuleHandleA
DisableThreadLibraryCalls
GetTickCount64
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetSystemTimeAsFileTime
InitializeSListHead
ResumeThread
GetThreadContext
SetThreadContext
VirtualProtect
GetModuleHandleW
FlushInstructionCache
CreateToolhelp32Snapshot
Thread32First
GetCurrentThreadId
GlobalLock
Thread32Next

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

d3dcompiler_47

D3DCompile

vcruntime140

__std_type_info_destroy_list
__current_exception_context
__current_exception
__C_specific_handler
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memchr
memcpy
memmove
memset
strchr
memcmp
strstr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_execute_onexit_table
_crt_atexit
_wassert
_initterm_e
_initterm
terminate
_cexit
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
_callnewh
malloc

api-ms-win-crt-math-l1-1-0

logf
pow
log
powf
acosf
sinf
cosf
ceilf
fmodf
sqrtf

api-ms-win-crt-convert-l1-1-0

atof
strtoul

api-ms-win-crt-stdio-l1-1-0

fwrite
ftell
fseek
__stdio_common_vsscanf
fread
fflush
fclose
_wfopen
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strcmp
strcpy_s
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cc9044fe02a13c5861e23b63fbe72cf

Headers

DLL Characteristics

File Characteristics

Imports

msvcp140

user32

kernel32

imm32

d3dcompiler_47

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: 344KB - Virtual size: 344KB

.rdata Size: 358KB - Virtual size: 357KB

.data Size: 3KB - Virtual size: 6KB

.pdata Size: 17KB - Virtual size: 17KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 344KB - Virtual size: 344KB

.rdata
Size: 358KB - Virtual size: 357KB

.data
Size: 3KB - Virtual size: 6KB

.pdata
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1KB - Virtual size: 1KB