Loader[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Loader.rar
Size

1.8MB
MD5

defd00318625a7b161f5428e930b8f29
SHA1

8159e45d63ea27fb90fa243cec693d1e8061524a
SHA256

2919e8f90781b1e2c1f6d7fe3e39bb5903d2aef9f0e702f5a6bba8085179158b
SHA512

fbe3f67d8062dbd06fa9a38074ac018a0455da9db95241a293101a590d4e856e76116b1edb0264f1880e1a062029d29796c01aabb7becd110c67fa52b34dd8c4
SSDEEP

49152:xetwgC+HyP3u8Xxf0nVhznSOoW8KTcWbfmGEEWN:xwwgLSG8XCfLUumvEA

Score

1^/10

Malware Config

Signatures

Files

Loader.rar
.rar

Password: 91563
Accessible.tlb
Bin/DebugPPF.tmp
Bin/DebugPPT.tmp
Bin/Management.log
Cracker.dll
Data/Language.pimx
Data/Main.ini
.xml
Data/Packaged/Main.ini
.xml
Data/Packaged/Resource.dll
.zip

Password: 91563
placeholder.txt
Data/Packaged/Utils.dll
.xml
Loader.exe
.exe windows x86

Password: 91563

748856617c99ed4a3fc59c5565f7792f

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

24:d9:61:57:83:bc:82:52:59:71:59:92:7f:6e:84:0a:7b:10:cf:74:28:cf:0d:a3:02:1e:97:5a:00:0c:9f:35
Signer

Actual PE Digest

24:d9:61:57:83:bc:82:52:59:71:59:92:7f:6e:84:0a:7b:10:cf:74:28:cf:0d:a3:02:1e:97:5a:00:0c:9f:35

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

21/11/2022, 07:18
Valid: true

Chain 1

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Chain 2

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
MultiByteToWideChar
FreeConsole
RtlUnwind
RaiseException
GetCommandLineA
GetLastError
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
LoadLibraryA
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
README.txt
libGLESv2.dll
.dll windows x64

Password: 91563

94c7fb29a0a5d69da0d7bfab13142024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mozglue

_aligned_free
_aligned_malloc
_strdup
calloc
free
malloc
moz_xmalloc
realloc

dxgi

CreateDXGIFactory
CreateDXGIFactory1

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
Direct3DCreate9

kernel32

AcquireSRWLockExclusive
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
FreeLibrary
GetCurrentDirectoryA
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesExA
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadId
InitOnceExecuteOnce
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSRWLockExclusive
RtlLookupFunctionEntry
RtlRestoreContext
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEnvironmentVariableA
Sleep
SleepConditionVariableSRW
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte

user32

CreateWindowExW
DestroyWindow
GetClientRect
InvalidateRect
IsIconic
IsWindow
WindowFromDC

api-ms-win-crt-convert-l1-1-0

_strtod_l
_strtoi64_l
_strtoui64_l
atoi
mbrtowc
mbsrtowcs
strtod
strtol
strtoul
wcrtomb
wcrtomb_s
wcstod
wcstol
wcstombs
wcstoul

api-ms-win-crt-math-l1-1-0

__setusermatherr
cosh
sinh
tan
tanh

api-ms-win-crt-private-l1-1-0

memchr
memcmp
memcpy
memmove
strrchr
strstr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__sys_nerr
_assert
_beginthreadex
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_errno
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
_register_thread_local_exe_atexit_callback
abort
exit
strerror
strerror_s

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
_close
_lseek
_open
_read
_wopen
_write
fclose
fflush
fopen
fputc
fputs
fread
fseek
ftell
fwrite
getc
ungetc

api-ms-win-crt-string-l1-1-0

_isctype_l
_iswalpha_l
_iswcntrl_l
_iswdigit_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_strcoll_l
_strnicmp
_strxfrm_l
_tolower_l
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsxfrm_l
islower
isspace
isupper
iswctype
isxdigit
mbrlen
memset
strcmp
strlen
strncmp
tolower
toupper
wcslen

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
__pctype_func
_configthreadlocale
_create_locale
_free_locale
localeconv
setlocale

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_strftime_l
_tzset

api-ms-win-crt-multibyte-l1-1-0

_mbtowc_l

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
getenv

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Exports

Exports

ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
EGL_BindAPI
EGL_BindTexImage
EGL_ChooseConfig
EGL_ClientWaitSync
EGL_ClientWaitSyncKHR
EGL_CopyBuffers
EGL_CreateContext
EGL_CreateDeviceANGLE
EGL_CreateImage
EGL_CreateImageKHR
EGL_CreateNativeClientBufferANDROID
EGL_CreatePbufferFromClientBuffer
EGL_CreatePbufferSurface
EGL_CreatePixmapSurface
EGL_CreatePlatformPixmapSurface
EGL_CreatePlatformPixmapSurfaceEXT
EGL_CreatePlatformWindowSurface
EGL_CreatePlatformWindowSurfaceEXT
EGL_CreateStreamKHR
EGL_CreateStreamProducerD3DTextureANGLE
EGL_CreateSync
EGL_CreateSyncKHR
EGL_CreateWindowSurface
EGL_DebugMessageControlKHR
EGL_DestroyContext
EGL_DestroyImage
EGL_DestroyImageKHR
EGL_DestroyStreamKHR
EGL_DestroySurface
EGL_DestroySync
EGL_DestroySyncKHR
EGL_DupNativeFenceFDANDROID
EGL_GetCompositorTimingANDROID
EGL_GetCompositorTimingSupportedANDROID
EGL_GetConfigAttrib
EGL_GetConfigs
EGL_GetCurrentContext
EGL_GetCurrentDisplay
EGL_GetCurrentSurface
EGL_GetDisplay
EGL_GetError
EGL_GetFrameTimestampSupportedANDROID
EGL_GetFrameTimestampsANDROID
EGL_GetMscRateANGLE
EGL_GetNativeClientBufferANDROID
EGL_GetNextFrameIdANDROID
EGL_GetPlatformDisplay
EGL_GetPlatformDisplayEXT
EGL_GetProcAddress
EGL_GetSyncAttrib
EGL_GetSyncAttribKHR
EGL_GetSyncValuesCHROMIUM
EGL_HandleGPUSwitchANGLE
EGL_Initialize
EGL_LabelObjectKHR
EGL_MakeCurrent
EGL_PostSubBufferNV
EGL_PresentationTimeANDROID
EGL_ProgramCacheGetAttribANGLE
EGL_ProgramCachePopulateANGLE
EGL_ProgramCacheQueryANGLE
EGL_ProgramCacheResizeANGLE
EGL_QueryAPI
EGL_QueryContext
EGL_QueryDebugKHR
EGL_QueryDeviceAttribEXT
EGL_QueryDeviceStringEXT
EGL_QueryDisplayAttribANGLE
EGL_QueryDisplayAttribEXT
EGL_QueryStreamKHR
EGL_QueryStreamu64KHR
EGL_QueryString
EGL_QueryStringiANGLE
EGL_QuerySurface
EGL_QuerySurfacePointerANGLE
EGL_ReacquireHighPowerGPUANGLE
EGL_ReleaseDeviceANGLE
EGL_ReleaseHighPowerGPUANGLE
EGL_ReleaseTexImage
EGL_ReleaseThread
EGL_SetBlobCacheFuncsANDROID
EGL_SignalSyncKHR
EGL_StreamAttribKHR
EGL_StreamConsumerAcquireKHR
EGL_StreamConsumerGLTextureExternalAttribsNV
EGL_StreamConsumerGLTextureExternalKHR
EGL_StreamConsumerReleaseKHR
EGL_StreamPostD3DTextureANGLE
EGL_SurfaceAttrib
EGL_SwapBuffers
EGL_SwapBuffersWithDamageKHR
EGL_SwapBuffersWithFrameTokenANGLE
EGL_SwapInterval
EGL_Terminate
EGL_WaitClient
EGL_WaitGL
EGL_WaitNative
EGL_WaitSync
EGL_WaitSyncKHR
_ZN2gl10AlphaFuncxEji
_ZN2gl10BeginQueryEjj
_ZN2gl10BindBufferEjj
_ZN2gl10BlendColorEffff
_ZN2gl10BlendFunciEjjj
_ZN2gl10BufferDataEjxPKvj
_ZN2gl10ClearColorEffff
_ZN2gl10ClipPlanefEjPKf
_ZN2gl10ClipPlanexEjPKi
_ZN2gl10ColorMaskiEjhhhh
_ZN2gl10DeleteSyncEP8__GLsync
_ZN2gl10DrawArraysEjii
_ZN2gl10EnableiEXTEjj
_ZN2gl10EnableiOESEjj
_ZN2gl10GenBuffersEiPj
_ZN2gl10GenQueriesEiPj
_ZN2gl10GetLightfvEjjPf
_ZN2gl10GetLightxvEjjPi
_ZN2gl10GetQueryivEjjPi
_ZN2gl10GetStringiEjj
_ZN2gl10IsEnablediEjj
_ZN2gl10IsQueryEXTEj
_ZN2gl10LineWidthxEi
_ZN2gl10MaterialfvEjjPKf
_ZN2gl10MaterialxvEjjPKi
_ZN2gl10MatrixModeEj
_ZN2gl10PointSizexEi
_ZN2gl10PushMatrixEv
_ZN2gl10ReadBufferEj
_ZN2gl10ReadPixelsEiiiijjPv
_ZN2gl10SetFenceNVEjj
_ZN2gl10ShadeModelEj
_ZN2gl10TexGenfOESEjjf
_ZN2gl10TexGeniOESEjji
_ZN2gl10TexGenxOESEjji
_ZN2gl10TexImage2DEjiiiiijjPKv
_ZN2gl10TexImage3DEjiiiiiijjPKv
_ZN2gl10TranslatefEfff
_ZN2gl10TranslatexEiii
_ZN2gl10Uniform1fvEiiPKf
_ZN2gl10Uniform1ivEiiPKi
_ZN2gl10Uniform1uiEij
_ZN2gl10Uniform2fvEiiPKf
_ZN2gl10Uniform2ivEiiPKi
_ZN2gl10Uniform2uiEijj
_ZN2gl10Uniform3fvEiiPKf
_ZN2gl10Uniform3ivEiiPKi
_ZN2gl10Uniform3uiEijjj
_ZN2gl10Uniform4fvEiiPKf
_ZN2gl10Uniform4ivEiiPKi
_ZN2gl10Uniform4uiEijjjj
_ZN2gl10UseProgramEj
_ZN2gl11BindSamplerEjj
_ZN2gl11BindTextureEjj
_ZN2gl11ClearColorxEiiii
_ZN2gl11ClearDepthfEf
_ZN2gl11ClearDepthxEi
_ZN2gl11DepthRangefEff
_ZN2gl11DepthRangexEii
_ZN2gl11DisableiEXTEjj
_ZN2gl11DisableiOESEjj
_ZN2gl11DrawBuffersEiPKj
_ZN2gl11DrawTexfOESEfffff
_ZN2gl11DrawTexiOESEiiiii
_ZN2gl11DrawTexsOESEsssss
_ZN2gl11DrawTexxOESEiiiii
_ZN2gl11EndQueryEXTEj
_ZN2gl11GenFencesNVEiPj
_ZN2gl11GenSamplersEiPj
_ZN2gl11GenTexturesEiPj
_ZN2gl11GetBooleanvEjPh
_ZN2gl11GetIntegervEjPi
_ZN2gl11GetPointervEjPPv
_ZN2gl11GetShaderivEjjPi
_ZN2gl11GetTexEnvfvEjjPf
_ZN2gl11GetTexEnvivEjjPi
_ZN2gl11GetTexEnvxvEjjPi
_ZN2gl11LightModelfEjf
_ZN2gl11LightModelxEji
_ZN2gl11LinkProgramEj
_ZN2gl11LoadMatrixfEPKf
_ZN2gl11LoadMatrixxEPKi
_ZN2gl11MultMatrixfEPKf
_ZN2gl11MultMatrixxEPKi
_ZN2gl11ObjectLabelEjjiPKc
_ZN2gl11PixelStoreiEji
_ZN2gl11ReadnPixelsEiiiijjiPv
_ZN2gl11SampleMaskiEjj
_ZN2gl11StencilFuncEjij
_ZN2gl11StencilMaskEj
_ZN2gl11TestFenceNVEj
_ZN2gl11TexGenfvOESEjjPKf
_ZN2gl11TexGenivOESEjjPKi
_ZN2gl11TexGenxvOESEjjPKi
_ZN2gl11Uniform1uivEiiPKj
_ZN2gl11Uniform2uivEiiPKj
_ZN2gl11Uniform3uivEiiPKj
_ZN2gl11Uniform4uivEiiPKj
_ZN2gl11UnmapBufferEj
_ZN2gl12AttachShaderEjj
_ZN2gl12BlendBarrierEv
_ZN2gl12ClearStencilEi
_ZN2gl12ColorPointerEijiPKv
_ZN2gl12CreateShaderEj
_ZN2gl12DeleteShaderEj
_ZN2gl12DetachShaderEjj
_ZN2gl12DrawElementsEjijPKv
_ZN2gl12DrawTexfvOESEPKf
_ZN2gl12DrawTexivOESEPKi
_ZN2gl12DrawTexsvOESEPKs
_ZN2gl12DrawTexxvOESEPKi
_ZN2gl12GetFenceivNVEjjPi
_ZN2gl12GetProgramivEjjPi
_ZN2gl12GetUniformfvEjiPf
_ZN2gl12GetUniformivEjiPi
_ZN2gl12LightModelfvEjPKf
_ZN2gl12LightModelxvEjPKi
_ZN2gl12LoadIdentityEv
_ZN2gl12MapBufferOESEjj
_ZN2gl12ShaderBinaryEiPKjjPKvi
_ZN2gl12ShaderSourceEjiPKPKcPKi
_ZN2gl12TexBufferEXTEjjj
_ZN2gl12TexBufferOESEjjj
_ZN2gl12TexStorage2DEjijii
_ZN2gl12TexStorage3DEjijiii
_ZN2gl13ActiveTextureEj
_ZN2gl13BeginQueryEXTEjj
_ZN2gl13BlendEquationEj
_ZN2gl13BlendFunciEXTEjjj
_ZN2gl13BlendFunciOESEjjj
_ZN2gl13BufferSubDataEjxxPKv
_ZN2gl13ClearBufferfiEjifi
_ZN2gl13ClearBufferfvEjiPKf
_ZN2gl13ClearBufferivEjiPKi
_ZN2gl13ColorMaskiEXTEjhhhh
_ZN2gl13ColorMaskiOESEjhhhh
_ZN2gl13CompileShaderEj
_ZN2gl13CreateProgramEv
_ZN2gl13DeleteBuffersEiPKj
_ZN2gl13DeleteProgramEj
_ZN2gl13DeleteQueriesEiPKj
_ZN2gl13FinishFenceNVEj
_ZN2gl13GenQueriesEXTEiPj
_ZN2gl13GetBooleani_vEjjPh
_ZN2gl13GetClipPlanefEjPf
_ZN2gl13GetClipPlanexEjPi
_ZN2gl13GetInteger64vEjPx
_ZN2gl13GetIntegeri_vEjjPi
_ZN2gl13GetMaterialfvEjjPf
_ZN2gl13GetMaterialxvEjjPi
_ZN2gl13GetQueryivEXTEjjPi
_ZN2gl13GetUniformuivEjiPj
_ZN2gl13GetnUniformfvEjiiPf
_ZN2gl13GetnUniformivEjiiPi
_ZN2gl13IsEnablediEXTEjj
_ZN2gl13IsEnablediOESEjj
_ZN2gl13IsFramebufferEj
_ZN2gl13IsVertexArrayEj
_ZN2gl13MemoryBarrierEj
_ZN2gl13NormalPointerEjiPKv
_ZN2gl13PolygonOffsetEff
_ZN2gl13PopDebugGroupEv
_ZN2gl13ProgramBinaryEjjPKvi
_ZN2gl13TexImage3DOESEjijiiiijjPKv
_ZN2gl13TexParameterfEjjf
_ZN2gl13TexParameteriEjji
_ZN2gl13TexParameterxEjji
_ZN2gl13TexSubImage2DEjiiiiijjPKv
_ZN2gl13TexSubImage3DEjiiiiiiijjPKv
_ZN2gl13VertexPointerEijiPKv
_ZN2gl14BindBufferBaseEjjj
_ZN2gl14BlendEquationiEjj
_ZN2gl14ClearBufferuivEjiPKj
_ZN2gl14ClientWaitSyncEP8__GLsyncjy
_ZN2gl14CopyTexImage2DEjijiiiii
_ZN2gl14DeleteFencesNVEiPKj
_ZN2gl14DeleteSamplersEiPKj
_ZN2gl14DeleteTexturesEiPKj
_ZN2gl14DrawBuffersEXTEiPKj
_ZN2gl14GenerateMipmapEj
_ZN2gl14GetObjectLabelEjjiPiPc
_ZN2gl14GetPointervKHREjPPv
_ZN2gl14GetTexGenfvOESEjjPf
_ZN2gl14GetTexGenivOESEjjPi
_ZN2gl14GetTexGenxvOESEjjPi
_ZN2gl14GetnUniformuivEjiiPj
_ZN2gl14IsRenderbufferEj
_ZN2gl14IsSemaphoreEXTEj
_ZN2gl14MapBufferRangeEjxxj
_ZN2gl14ObjectLabelKHREjjiPKc
_ZN2gl14ObjectPtrLabelEPKviPKc
_ZN2gl14PolygonOffsetxEii
_ZN2gl14PushDebugGroupEjjiPKc
_ZN2gl14ReadnPixelsEXTEiiiijjiPv
_ZN2gl14SampleCoverageEfh
_ZN2gl14TexBufferRangeEjjjxx
_ZN2gl14TexParameterfvEjjPKf
_ZN2gl14TexParameterivEjjPKi
_ZN2gl14TexParameterxvEjjPKi
_ZN2gl14UnmapBufferOESEj
_ZN2gl14VertexAttrib1fEjf
_ZN2gl14VertexAttrib2fEjff
_ZN2gl14VertexAttrib3fEjfff
_ZN2gl14VertexAttrib4fEjffff
_ZN2gl15BindBufferRangeEjjjxx
_ZN2gl15BindFramebufferEjj
_ZN2gl15BindVertexArrayEj
_ZN2gl15BlitFramebufferEiiiiiiiijj
_ZN2gl15DispatchComputeEjjj
_ZN2gl15GenFramebuffersEiPj
_ZN2gl15GenVertexArraysEiPj
_ZN2gl15GetActiveAttribEjjiPiS0_PjPc
_ZN2gl15GetInteger64i_vEjjPx
_ZN2gl15GetShaderSourceEjiPiPc
_ZN2gl15MultiTexCoord4fEjffff
_ZN2gl15MultiTexCoord4xEjiiii
_ZN2gl15PatchParameteriEji
_ZN2gl15PointParameterfEjf
_ZN2gl15PointParameterxEji
_ZN2gl15QueryCounterEXTEjj
_ZN2gl15QueryMatrixxOESEPiS0_
_ZN2gl15SampleCoveragexEih
_ZN2gl15TexCoordPointerEijiPKv
_ZN2gl15TexParameterIivEjjPKi
_ZN2gl15TexStorage1DEXTEjiji
_ZN2gl15TexStorage2DEXTEjijii
_ZN2gl15TexStorage3DEXTEjijiii
_ZN2gl15ValidateProgramEj
_ZN2gl15VertexAttrib1fvEjPKf
_ZN2gl15VertexAttrib2fvEjPKf
_ZN2gl15VertexAttrib3fvEjPKf
_ZN2gl15VertexAttrib4fvEjPKf
_ZN2gl15VertexAttribI4iEjiiii
_ZN2gl16BindImageTextureEjjihijj
_ZN2gl16BindRenderbufferEjj
_ZN2gl16BindVertexBufferEjjxi
_ZN2gl16BufferStorageEXTEjxPKvj
_ZN2gl16CopyImageSubDataEjjiiiijjiiiiiii
_ZN2gl16DeleteQueriesEXTEiPKj
_ZN2gl16FogfContextANGLEEPvjf
_ZN2gl16FogxContextANGLEEPvji
_ZN2gl16GenRenderbuffersEiPj
_ZN2gl16GenSemaphoresEXTEiPj
_ZN2gl16GetActiveUniformEjjiPiS0_PjPc
_ZN2gl16GetInteger64vEXTEjPx
_ZN2gl16GetMultisamplefvEjjPf
_ZN2gl16GetProgramBinaryEjiPiPjPv
_ZN2gl16GetShaderInfoLogEjiPiPc
_ZN2gl16GetTexImageANGLEEjijjPv
_ZN2gl16GetnUniformfvEXTEjiiPf
_ZN2gl16GetnUniformivEXTEjiiPi
_ZN2gl16HintContextANGLEEPvjj
_ZN2gl16IsFramebufferOESEj
_ZN2gl16IsVertexArrayOESEj
_ZN2gl16MinSampleShadingEf
_ZN2gl16PointParameterfvEjPKf
_ZN2gl16PointParameterxvEjPKi
_ZN2gl16PopDebugGroupKHREv
_ZN2gl16ProgramBinaryOESEjjPKvi
_ZN2gl16ProgramUniform1fEjif
_ZN2gl16ProgramUniform1iEjii
_ZN2gl16ProgramUniform2fEjiff
_ZN2gl16ProgramUniform2iEjiii
_ZN2gl16ProgramUniform3fEjifff
_ZN2gl16ProgramUniform3iEjiiii
_ZN2gl16ProgramUniform4fEjiffff
_ZN2gl16ProgramUniform4iEjiiiii
_ZN2gl16SampleMaskiANGLEEjj
_ZN2gl16TexParameterIuivEjjPKj
_ZN2gl16TexSubImage3DOESEjiiiiiiijjPKv
_ZN2gl16UniformMatrix2fvEiihPKf
_ZN2gl16UniformMatrix3fvEiihPKf
_ZN2gl16UniformMatrix4fvEiihPKf
_ZN2gl16UseProgramStagesEjjj
_ZN2gl16VertexAttribI4ivEjPKi
_ZN2gl16VertexAttribI4uiEjjjjj
_ZN2gl16WaitSemaphoreEXTEjjPKjjS1_S1_
_ZN2gl16WeightPointerOESEijiPKv
_ZN2gl17BlendEquationiEXTEjj
_ZN2gl17BlendEquationiOESEjj
_ZN2gl17BlendFuncSeparateEjjjj
_ZN2gl17ClearContextANGLEEPvj
_ZN2gl17CopyBufferSubDataEjjxxx
_ZN2gl17CopyTexSubImage2DEjiiiiiii
_ZN2gl17CopyTexSubImage3DEjiiiiiiii
_ZN2gl17DrawRangeElementsEjjjijPKv
_ZN2gl17EnableClientStateEj
_ZN2gl17FlushContextANGLEEPv
_ZN2gl17FogfvContextANGLEEPvjPKf
_ZN2gl17FogxvContextANGLEEPvjPKi
_ZN2gl17GenerateMipmapOESEj
_ZN2gl17GetAttribLocationEjPKc
_ZN2gl17GetBufferPointervEjjPPv
_ZN2gl17GetObjectLabelKHREjjiPiPc
_ZN2gl17GetObjectPtrLabelEPKviPiPc
_ZN2gl17GetProgramInfoLogEjiPiPc
_ZN2gl17GetQueryObjectuivEjjPj
_ZN2gl17GetTexParameterfvEjjPf
_ZN2gl17GetTexParameterivEjjPi
_ZN2gl17GetTexParameterxvEjjPi
_ZN2gl17GetUniformIndicesEjiPKPKcPj
_ZN2gl17GetVertexAttribfvEjjPf
_ZN2gl17GetVertexAttribivEjjPi
_ZN2gl17ImportMemoryFdEXTEjyji
_ZN2gl17IsMemoryObjectEXTEj
_ZN2gl17IsProgramPipelineEj
_ZN2gl17IsRenderbufferOESEj
_ZN2gl17MapBufferRangeEXTEjxxj
_ZN2gl17ObjectPtrLabelKHREPKviPKc
_ZN2gl17PopGroupMarkerEXTEv
_ZN2gl17ProgramParameteriEjji
_ZN2gl17ProgramUniform1fvEjiiPKf
_ZN2gl17ProgramUniform1ivEjiiPKi
_ZN2gl17ProgramUniform1uiEjij
_ZN2gl17ProgramUniform2fvEjiiPKf
_ZN2gl17ProgramUniform2ivEjiiPKi
_ZN2gl17ProgramUniform2uiEjijj
_ZN2gl17ProgramUniform3fvEjiiPKf
_ZN2gl17ProgramUniform3ivEjiiPKi
_ZN2gl17ProgramUniform3uiEjijjj
_ZN2gl17ProgramUniform4fvEjiiPKf
_ZN2gl17ProgramUniform4ivEjiiPKi
_ZN2gl17ProgramUniform4uiEjijjjj
_ZN2gl17PushDebugGroupKHREjjiPKc
_ZN2gl17SamplerParameterfEjjf
_ZN2gl17SamplerParameteriEjji
_ZN2gl17StencilOpSeparateEjjjj
_ZN2gl17TexBufferRangeEXTEjjjxx
_ZN2gl17TexBufferRangeOESEjjjxx
_ZN2gl17VertexAttribI4uivEjPKj
_ZN2gl18BindAttribLocationEjjPKc
_ZN2gl18BindFramebufferOESEjj
_ZN2gl18BindVertexArrayOESEj
_ZN2gl18BlendFuncSeparateiEjjjjj
_ZN2gl18CopyTexture3DANGLEEjijjiijhhh
_ZN2gl18DebugMessageInsertEjjjjiPKc
_ZN2gl18DeleteFramebuffersEiPKj
_ZN2gl18DeleteVertexArraysEiPKj
_ZN2gl18DisableClientStateEj
_ZN2gl18DrawArraysIndirectEjPKv
_ZN2gl18EnableContextANGLEEPvj
_ZN2gl18FinishContextANGLEEPv
_ZN2gl18FramebufferTextureEjjji
_ZN2gl18GenFramebuffersOESEiPj
_ZN2gl18GenVertexArraysOESEiPj
_ZN2gl18GetAttachedShadersEjiPiPj
_ZN2gl18GetDebugMessageLogEjiPjS0_S0_S0_PiPc
_ZN2gl18GetTexParameterIivEjjPi
_ZN2gl18GetUniformLocationEjPKc
_ZN2gl18GetVertexAttribIivEjjPi
_ZN2gl18IsSyncContextANGLEEPvP8__GLsync
_ZN2gl18LightfContextANGLEEPvjjf
_ZN2gl18LightxContextANGLEEPvjji
_ZN2gl18OrthofContextANGLEEPvffffff
_ZN2gl18OrthoxContextANGLEEPviiiiii
_ZN2gl18ProgramUniform1uivEjiiPKj
_ZN2gl18ProgramUniform2uivEjiiPKj
_ZN2gl18ProgramUniform3uivEjiiPKj
_ZN2gl18ProgramUniform4uivEjiiPKj
_ZN2gl18PushGroupMarkerEXTEiPKc
_ZN2gl18SamplerParameterfvEjjPKf
_ZN2gl18SamplerParameterivEjjPKi
_ZN2gl18ScalefContextANGLEEPvfff
_ZN2gl18ScalexContextANGLEEPviii
_ZN2gl18SignalSemaphoreEXTEjjPKjjS1_S1_
_ZN2gl18TexParameterIivOESEjjPKi
_ZN2gl18TexStorageMem2DEXTEjijiijy
_ZN2gl18TexStorageMem3DEXTEjijiiijy
_ZN2gl18UniformMatrix2x3fvEiihPKf
_ZN2gl18UniformMatrix2x4fvEiihPKf
_ZN2gl18UniformMatrix3x2fvEiihPKf
_ZN2gl18UniformMatrix3x4fvEiihPKf
_ZN2gl18UniformMatrix4x2fvEiihPKf
_ZN2gl18UniformMatrix4x3fvEiihPKf
_ZN2gl18VertexAttribFormatEjijhj
_ZN2gl19ActiveShaderProgramEjj
_ZN2gl19BindProgramPipelineEj
_ZN2gl19BindRenderbufferOESEjj
_ZN2gl19BufferStorageMemEXTEjxjy
_ZN2gl19ClientActiveTextureEj
_ZN2gl19Color4fContextANGLEEPvffff
_ZN2gl19Color4xContextANGLEEPviiii
_ZN2gl19CopyImageSubDataEXTEjjiiiijjiiiiiii
_ZN2gl19CopyImageSubDataOESEjjiiiijjiiiiiii
_ZN2gl19CopyTextureCHROMIUMEjijjiijhhh
_ZN2gl19DebugMessageControlEjjjiPKjh
_ZN2gl19DeleteRenderbuffersEiPKj
_ZN2gl19DeleteSemaphoresEXTEiPKj
_ZN2gl19DisableContextANGLEEPvj
_ZN2gl19DrawArraysInstancedEjiii
_ZN2gl19EnableiContextANGLEEPvjj
_ZN2gl19GenProgramPipelinesEiPj
_ZN2gl19GenRenderbuffersOESEiPj
_ZN2gl19GetActiveUniformsivEjiPKjjPi
_ZN2gl19GetFragDataIndexEXTEjPKc
_ZN2gl19GetFragDataLocationEjPKc
_ZN2gl19GetInternalformativEjjjiPi
_ZN2gl19GetProgramBinaryOESEjiPiPjPv
_ZN2gl19GetQueryObjectivEXTEjjPi

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
update-settings.ini
update.ini

Sharing

General

Malware Config

Signatures

Files

Password: 91563

Password: 91563

Password: 91563

748856617c99ed4a3fc59c5565f7792f

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:eaCertificate

Extended Key Usages

Key Usages

24:d9:61:57:83:bc:82:52:59:71:59:92:7f:6e:84:0a:7b:10:cf:74:28:cf:0d:a3:02:1e:97:5a:00:0c:9f:35Signer

Signature Validations

Verification

21/11/2022, 07:18 Valid: true

Chain 1

Chain 2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 347KB - Virtual size: 350KB

.rsrc Size: 1KB - Virtual size: 1KB

Password: 91563

94c7fb29a0a5d69da0d7bfab13142024

Headers

DLL Characteristics

File Characteristics

Imports

mozglue

dxgi

d3d9

kernel32

user32

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

advapi32

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.buildid Size: 512B - Virtual size: 140B

.data Size: 144KB - Virtual size: 172KB

.pdata Size: 126KB - Virtual size: 126KB

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 56KB - Virtual size: 55KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

24:d9:61:57:83:bc:82:52:59:71:59:92:7f:6e:84:0a:7b:10:cf:74:28:cf:0d:a3:02:1e:97:5a:00:0c:9f:35
Signer

21/11/2022, 07:18
Valid: true

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 347KB - Virtual size: 350KB

.rsrc
Size: 1KB - Virtual size: 1KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.buildid
Size: 512B - Virtual size: 140B

.data
Size: 144KB - Virtual size: 172KB

.pdata
Size: 126KB - Virtual size: 126KB

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 56KB - Virtual size: 55KB