d8adb8def67e5ec16befcd8c73d0700e4e0b3de12cdf99f7f1af18c8c335d46e

Sharing

Copy URL Twitter E-mail

General

Target

d8adb8def67e5ec16befcd8c73d0700e4e0b3de12cdf99f7f1af18c8c335d46e
Size

2.2MB
MD5

99be1ab866ad125609db12677ed84983
SHA1

71c2cb8ecd6338d7c5a4c54a71954f5c01481648
SHA256

d8adb8def67e5ec16befcd8c73d0700e4e0b3de12cdf99f7f1af18c8c335d46e
SHA512

0ae8838a120ed6dad77a4b752431cd71a52f7cd0e2659014742d088c0de70e8f666d611429f46de11102f82bddc99136c29909e9d552306f1fe1dbd2e4a22f36
SSDEEP

49152:zXWYRxzon0GaBxlsh6hpb/PtpAhOytPlS/9WcosFY1revusd6JI:zXvLGaFscoOmUusd6J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8adb8def67e5ec16befcd8c73d0700e4e0b3de12cdf99f7f1af18c8c335d46e

Files

d8adb8def67e5ec16befcd8c73d0700e4e0b3de12cdf99f7f1af18c8c335d46e
.exe windows x86

d705cca9ef4e122ce752fa4d9ca9952b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

d3d9

Direct3DCreate9

d3dx9_43

D3DXMatrixTranspose
D3DXMatrixRotationAxis
D3DXVec3TransformCoord
D3DXMatrixMultiply
D3DXMatrixScaling
D3DXMatrixTranslation
D3DXMatrixRotationY
D3DXCreateTextureFromFileInMemoryEx
D3DXComputeNormals
D3DXLoadMeshFromXW
D3DXGetFVFVertexSize
D3DXLoadMeshFromXInMemory
D3DXCreateTextureFromFileExW
D3DXLoadSurfaceFromSurface
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXComputeNormalMap
D3DXMatrixInverse
D3DXCreateTexture
D3DXMatrixPerspectiveFovLH
D3DXMatrixLookAtLH
D3DXCreateEffect
D3DXVec4Transform
D3DXCreateMeshFVF
D3DXMatrixRotationX
D3DXVec3TransformNormal
D3DXVec3Normalize
D3DXMatrixRotationZ
D3DXComputeBoundingSphere

winmm

mmioOpenW
mmioRead
mmioSeek
mmioDescend
timeGetTime
mmioStringToFOURCCW

dsound

ord11

comctl32

ord17

kernel32

GetCurrentDirectoryW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetStdHandle
IsValidCodePage
InitializeCriticalSectionEx
GetTempPathW
LoadLibraryW
WriteFile
DeleteFileW
CopyFileW
LoadResource
LockResource
SizeofResource
FindResourceW
GetCommandLineW
Sleep
GetCurrentThread
SetThreadPriority
GetVersionExW
FreeLibrary
GetProcAddress
lstrcpyW
lstrcatW
DecodePointer
RaiseException
GetLastError
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
DeleteCriticalSection
CreateProcessW
GetModuleFileNameW
CreateFileW
GetOEMCP
OutputDebugStringW
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
WideCharToMultiByte
TlsSetValue
TlsGetValue
LoadLibraryExW
TlsAlloc
TlsFree
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleHandleW
GetSystemTimeAsFileTime
CreateEventW
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetLastError
EncodePointer
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
GetStdHandle
GetModuleFileNameA
GetACP
GetTimeZoneInformation
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetCommandLineA
FindClose
FindFirstFileExA
FindNextFileA
WriteConsoleW
ReadConsoleW
SetEndOfFile
GetFullPathNameW

user32

EnumDisplaySettingsW
EnumDisplayDevicesW
SystemParametersInfoW
UnionRect
SetRectEmpty
SetRect
FrameRect
FillRect
MonitorFromRect
MonitorFromWindow
GetMonitorInfoW
LoadIconW
ScreenToClient
MessageBoxW
AdjustWindowRect
GetClientRect
GetWindowTextW
SetWindowTextW
InvalidateRect
EndPaint
BeginPaint
UpdateWindow
DrawTextW
EnableWindow
KillTimer
SetTimer
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetDlgItem
EndDialog
SetWindowPos
ShowWindow
CreateWindowExW
RegisterClassW
PostQuitMessage
DefWindowProcW
PostMessageW
SendMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfW
LoadStringW
LoadCursorW
SetCursor
DialogBoxParamW

gdi32

ExcludeClipRect
GetStockObject

advapi32

SystemFunction036
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CLSIDFromString
CoCreateGuid
StringFromGUID2

oleaut32

SysFreeString
SysAllocString

shlwapi

PathFindFileNameW
PathFileExistsW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d705cca9ef4e122ce752fa4d9ca9952b

Headers

DLL Characteristics

File Characteristics

Imports

d3d9

d3dx9_43

winmm

dsound

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 308KB - Virtual size: 308KB

.data Size: 45KB - Virtual size: 56KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 456KB - Virtual size: 455KB

.reloc Size: 89KB - Virtual size: 88KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 308KB - Virtual size: 308KB

.data
Size: 45KB - Virtual size: 56KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 456KB - Virtual size: 455KB

.reloc
Size: 89KB - Virtual size: 88KB