66e7eb20ff4a374a558a917aafb982b1

Sharing

Copy URL Twitter E-mail

General

Target

66e7eb20ff4a374a558a917aafb982b1
Size

283KB
MD5

66e7eb20ff4a374a558a917aafb982b1
SHA1

f51d815b9da2ddf7a7e42e0775988d76ffd592ca
SHA256

63be4d79534f7db14a9a394fd6839138f53f350508eebec70fce14316c249e9f
SHA512

8c8b5272c47d51db54672b667ae8bb0096e52a695b597985aad03df85b13ec7f8fe74bbe8308f8f6c98647b0be5bb63ddc343d5e0d7438161cf30d58f62f227b
SSDEEP

6144:7SG9WMDGjV+As6uVvln0u05iaaceprK37/VdOCRm9G4hjiYt:ODMDgYNnr0kpcZ3ZdOCXSiYt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e7eb20ff4a374a558a917aafb982b1

Files

66e7eb20ff4a374a558a917aafb982b1
.dll windows:4 windows x86 arch:x86

e6b58d7dbb7175465f5fcd99bc700ea1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ddraw

DDInternalUnlock
DDGetAttachedSurfaceLcl
DSoundHelp

user32

GetClassInfoExA
GetActiveWindow
FillRect
EndPaint
DragObject
DestroyWindow
DefWindowProcA
BeginPaint
CreateAcceleratorTableA
GetClassNameA
GetCursorPos
SetWindowTextA
SetWindowPos
SetWindowLongA
SetWindowContextHelpId
SetFocus
SetCursor
SetCapture
SendMessageA
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RedrawWindow
PtInRect
MessageBoxA
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextLengthA
GetWindowRect
GetWindow
GetSysColor
GetParent
GetMenuBarInfo
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
CharNextA
GetDC

comctl32

ord17

shell32

DuplicateIcon
SHBindToParent
SHFreeNameMappings
SHGetInstanceExplorer
SHGetMalloc
SHGetSpecialFolderLocation
SHUpdateRecycleBinIcon
DragAcceptFiles

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA

kernel32

lstrcmpA
WideCharToMultiByte
VirtualProtect
VirtualFree
VirtualAlloc
SetLastError
ReadProcessMemory
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
IsProcessorFeaturePresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
lstrcmpiA

Exports

Exports

CheckTextureRequirements
CreateEffectFromResourceW
DocStopFeedLoad
FillVolumeTextureTX
LoadPRTBufferFromFileA
MatrixTranspose
RectPatchSize
StopFeedLoad

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6b58d7dbb7175465f5fcd99bc700ea1

Headers

File Characteristics

Imports

ddraw

user32

comctl32

shell32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 119KB - Virtual size: 118KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 52KB - Virtual size: 52KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 119KB - Virtual size: 118KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 52KB - Virtual size: 52KB

.reloc
Size: 4KB - Virtual size: 3KB