793be5349e79dd5d109ae13fe9532c4e

Sharing

Copy URL

Twitter E-mail

General

Target

793be5349e79dd5d109ae13fe9532c4e
Size

893KB
MD5

793be5349e79dd5d109ae13fe9532c4e
SHA1

1d23a416ff6f0ebbd7855bb575f7015cecdc543b
SHA256

b332bda0f132d11c7e8ada1042126c48ec9353db0379024ccee9d8406df6b13f
SHA512

d0ee6a404840d578bce5dbccbffa87174aafd11684621da9b756ebbb61af6b4243b1e7043466bb511ae26afdd2f70ea2b7f599a38693d9b0740a2c302030a6d6
SSDEEP

24576:jiJerMTLN2Sn6xxSj+hR2+qf6ES5hJczbnPQIv3puIqZ:jiJXvN2S6xxzR23yESPJU7QI5a

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/dgvoodooCpl.exe	upx

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3Dfx/Glide.dll
unpack001/3Dfx/Glide2x.dll
unpack001/3Dfx/Glide3x.dll
unpack001/3Dfx/Napalm/Glide3x.dll
unpack001/MS/D3D8.dll
unpack001/MS/D3DImm.dll
unpack001/MS/DDraw.dll
unpack001/dgvoodooCpl.exe
unpack002/out.upx

Files

793be5349e79dd5d109ae13fe9532c4e
.zip
3Dfx/Glide.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_ConvertAndDownloadRLE@64
_ConvertAndDownloadRle@64
_grAADrawLine@8
_grAADrawPoint@4
_grAADrawPolygon@12
_grAADrawPolygonVertexList@8
_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaCombine@20
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grBufferClear@12
_grBufferNumPending@0
_grBufferSwap@4
_grCheckForRoom@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorMask@8
_grConstantColorValue4@16
_grConstantColorValue@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPlanarPolygon@12
_grDrawPlanarPolygonVertexList@8
_grDrawPoint@4
_grDrawPolygon@12
_grDrawPolygonVertexList@8
_grDrawTriangle@12
_grErrorSetCallback@4
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGammaCorrectionValue@4
_grGlideGetState@4
_grGlideGetVersion@4
_grGlideInit@0
_grGlideSetState@4
_grGlideShamelessPlug@4
_grGlideShutdown@0
_grHints@8
_grLfbBegin@0
_grLfbBypassMode@4
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbEnd@0
_grLfbGetReadPtr@4
_grLfbGetWritePtr@4
_grLfbOrigin@4
_grLfbReadRegion@28
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteMode@4
_grLfbWriteRegion@32
_grRenderBuffer@4
_grResetTriStats@0
_grSplash@20
_grSstConfigPipeLine@12
_grSstConfigPipeline@12
_grSstDetectResources@0
_grSstIdle@0
_grSstIsBusy@0
_grSstOpen@24
_grSstOrigin@4
_grSstPassthruMode@4
_grSstPerfStats@4
_grSstQueryBoards@4
_grSstQueryHardware@4
_grSstResetPerfStats@0
_grSstScreenHeight@0
_grSstScreenWidth@0
_grSstSelect@4
_grSstStatus@0
_grSstVRetraceOn@0
_grSstVidMode@8
_grSstVideoLine@0
_grTexCalcMemRequired@16
_grTexClampMode@12
_grTexCombine@28
_grTexCombineFunction@8
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@12
_grTexDownloadTablePartial@20
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@8
_grTexSource@16
_grTexTextureMemRequired@8
_grTriStats@8
_gu3dfGetInfo@8
_gu3dfLoad@8
_guAADrawTriangleWithClip@12
_guAlphaSource@4
_guColorCombineFunction@4
_guDrawPolygonVertexListWithClip@8
_guDrawTriangleWithClip@12
_guEncodeRLE16@16
_guEndianSwapBytes@4
_guEndianSwapWords@4
_guFbReadRegion@24
_guFbWriteRegion@24
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guMPDrawTriangle@12
_guMPInit@0
_guMPTexCombineFunction@4
_guMPTexSource@8
_guMovieSetName@4
_guMovieStart@0
_guMovieStop@0
_guTexAllocateMemory@60
_guTexChangeAttributes@48
_guTexCombineFunction@8
_guTexCreateColorMipMap@0
_guTexDownloadMipMap@12
_guTexDownloadMipMapLevel@12
_guTexGetCurrentMipMap@4
_guTexGetMipMapInfo@4
_guTexMemQueryAvail@4
_guTexMemReset@0
_guTexSource@4
_pciClose@0
_pciDeviceExists@4
_pciFindCard@12
_pciFindCardMulti@16
_pciFindFreeMTRR@4
_pciFindFreeMTRRMatch@16
_pciFindMTRRMatch@16
_pciGetConfigData@20
_pciGetErrorCode@0
_pciGetErrorString@0
_pciMapCard@20
_pciMapCardMulti@24
_pciMapPhysicalToLinear@12
_pciOpen@0
_pciOpenEx@0
_pciSetConfigData@20
_pciSetMTRR@16
_pciUnmapPhysical@8
_pioInByte@4
_pioInLong@4
_pioInWord@4
_pioOutByte@8
_pioOutLong@8
_pioOutWord@8

Sections

.MPRESS1
Size: 84KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3Dfx/Glide2x.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_ConvertAndDownLoadRLE@64
_ConvertAndDownloadRle@64
_grAADrawLine@8
_grAADrawPoint@4
_grAADrawPolygon@12
_grAADrawPolygonVertexList@8
_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaCombine@20
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grBufferClear@12
_grBufferNumPending@0
_grBufferSwap@4
_grCheckForRoom@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorMask@8
_grConstantColorValue4@16
_grConstantColorValue@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPlanarPolygon@12
_grDrawPlanarPolygonVertexList@8
_grDrawPoint@4
_grDrawPolygon@12
_grDrawPolygonVertexList@8
_grDrawTriangle@12
_grErrorSetCallback@4
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGammaCorrectionValue@4
_grGlideGetState@4
_grGlideGetVersion@4
_grGlideInit@0
_grGlideSetState@4
_grGlideShamelessPlug@4
_grGlideShutdown@0
_grHints@8
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbLock@24
_grLfbReadRegion@28
_grLfbUnlock@8
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteRegion@32
_grRenderBuffer@4
_grResetTriStats@0
_grSplash@20
_grSstConfigPipeLine@12
_grSstConfigPipeline@12
_grSstControl@4
_grSstDetectResources@0
_grSstIdle@0
_grSstIsBusy@0
_grSstOrigin@4
_grSstPerfStats@4
_grSstQueryBoards@4
_grSstQueryHardware@4
_grSstResetPerfStats@0
_grSstScreenHeight@0
_grSstScreenWidth@0
_grSstSelect@4
_grSstStatus@0
_grSstVRetraceOn@0
_grSstVidMode@8
_grSstVideoLine@0
_grSstWinClose@0
_grSstWinOpen@28
_grTexCalcMemRequired@16
_grTexClampMode@12
_grTexCombine@28
_grTexCombineFunction@8
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@12
_grTexDownloadTablePartial@20
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@8
_grTexSource@16
_grTexTextureMemRequired@8
_grTriStats@8
_gu3dfGetInfo@8
_gu3dfLoad@8
_guAADrawTriangleWithClip@12
_guAlphaSource@4
_guColorCombineFunction@4
_guDrawPolygonVertexListWithClip@8
_guDrawTriangleWithClip@12
_guEncodeRLE16@16
_guEndianSwapBytes@4
_guEndianSwapWords@4
_guFbReadRegion@24
_guFbWriteRegion@24
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guMPDrawTriangle@12
_guMPInit@0
_guMPTexCombineFunction@4
_guMPTexSource@8
_guMovieSetName@4
_guMovieStart@0
_guMovieStop@0
_guTexAllocateMemory@60
_guTexChangeAttributes@48
_guTexCombineFunction@8
_guTexCreateColorMipMap@0
_guTexDownloadMipMap@12
_guTexDownloadMipMapLevel@12
_guTexGetCurrentMipMap@4
_guTexGetMipMapInfo@4
_guTexMemQueryAvail@4
_guTexMemReset@0
_guTexSource@4
_pciClose@0
_pciDeviceExists@4
_pciFindCard@12
_pciFindCardMulti@16
_pciFindFreeMTRR@4
_pciFindFreeMTRRMatch@16
_pciFindMTRRMatch@16
_pciGetConfigData@20
_pciGetErrorCode@0
_pciGetErrorString@0
_pciMapCard@20
_pciMapCardMulti@24
_pciMapPhysicalToLinear@12
_pciOpen@0
_pciOpenEx@0
_pciSetConfigData@20
_pciSetMTRR@16
_pciUnmapPhysical@8
_pioInByte@4
_pioInLong@4
_pioInWord@4
_pioOutByte@8
_pioOutLong@8
_pioOutWord@8

Sections

.MPRESS1
Size: 84KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3Dfx/Glide3x.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaCombine@20
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grAuxBufferExt@4
_grBufferClear@12
_grBufferSwap@4
_grChromaRangeExt@12
_grChromaRangeModeExt@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorMask@8
_grConstantColorValue@4
_grCoordinateSpace@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDepthRange@8
_grDisable@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPoint@4
_grDrawTriangle@12
_grDrawVertexArray@12
_grDrawVertexArrayContiguous@16
_grEnable@4
_grErrorSetCallback@4
_grFinish@0
_grFlush@0
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGet@12
_grGetGammaTableExt@16
_grGetProcAddress@4
_grGetString@4
_grGlideGetState@4
_grGlideGetVertexLayout@4
_grGlideInit@0
_grGlideSetState@4
_grGlideSetVertexLayout@4
_grGlideShutdown@0
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbLock@24
_grLfbReadRegion@28
_grLfbUnlock@8
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteRegion@36
_grLoadGammaTable@16
_grQueryResolutions@8
_grRenderBuffer@4
_grReset@4
_grSelectContext@4
_grSetNumPendingBuffers@4
_grSplash@20
_grSstOrigin@4
_grSstSelect@4
_grSstWinClose@4
_grSstWinOpen@28
_grTexCalcMemRequired@16
_grTexChromaModeExt@8
_grTexChromaRangeExt@16
_grTexClampMode@12
_grTexCombine@28
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@8
_grTexDownloadTablePartial@16
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@4
_grTexSource@16
_grTexTextureMemRequired@8
_grTextureAuxBufferExt@28
_grTextureBufferExt@28
_grVertexLayout@12
_grViewport@16
_gu3dfGetInfo@8
_gu3dfLoad@8
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guGammaCorrectionRGB@12

Sections

.MPRESS1
Size: 88KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3Dfx/Napalm/Glide3x.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaBlendFunctionExt@24
_grAlphaCombine@20
_grAlphaCombineExt@40
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grAuxBufferExt@4
_grBufferClear@12
_grBufferClearExt@16
_grBufferSwap@4
_grChromaRangeExt@12
_grChromaRangeModeExt@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorCombineExt@40
_grColorMask@8
_grColorMaskExt@16
_grConstantColorValue@4
_grConstantColorValueExt@8
_grCoordinateSpace@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDepthRange@8
_grDeviceQueryExt@8
_grDisable@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPoint@4
_grDrawTriangle@12
_grDrawVertexArray@12
_grDrawVertexArrayContiguous@16
_grEnable@4
_grErrorSetCallback@4
_grFinish@0
_grFlush@0
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGet@12
_grGetGammaTableExt@16
_grGetProcAddress@4
_grGetRegistryOrEnvironmentStringExt@4
_grGetString@4
_grGlideGetState@4
_grGlideGetVertexLayout@4
_grGlideInit@0
_grGlideSetState@4
_grGlideSetVertexLayout@4
_grGlideShutdown@0
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbConstantStencilExt@4
_grLfbLock@24
_grLfbReadRegion@28
_grLfbUnlock@8
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteRegion@36
_grLoadGammaTable@16
_grQueryResolutions@8
_grRenderBuffer@4
_grReset@4
_grSelectContext@4
_grSetNumPendingBuffers@4
_grSplash@20
_grSstOrigin@4
_grSstSelect@4
_grSstWinClose@4
_grSstWinOpen@28
_grSstWinOpenExt@32
_grStencilFuncExt@12
_grStencilMaskExt@4
_grStencilOpExt@12
_grSurfaceCalcTextureWHDExt@16
_grSurfaceCreateContextExt@4
_grSurfaceReleaseContextExt@4
_grSurfaceSetAuxSurfaceExt@4
_grSurfaceSetRenderingSurfaceExt@8
_grSurfaceSetTextureSurfaceExt@8
_grTBufferWriteMaskExt@4
_grTexAlphaCombineExt@44
_grTexCalcMemRequired@16
_grTexChromaModeExt@8
_grTexChromaRangeExt@16
_grTexClampMode@12
_grTexColorCombineExt@44
_grTexCombine@28
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@8
_grTexDownloadTablePartial@16
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@4
_grTexSource@16
_grTexTextureMemRequired@8
_grTextureAuxBufferExt@28
_grTextureBufferExt@28
_grVertexLayout@12
_grViewport@16
_gu3dfGetInfo@8
_gu3dfLoad@8
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guGammaCorrectionRGB@12

Sections

.MPRESS1
Size: 94KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MS/D3D8.dll
.dll windows:5 windows x86 arch:x86

3e56d94401710fe7637afbbea64453c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

PathAppendW

user32

GetDC

gdi32

BitBlt

shell32

SHGetFolderPathW

ole32

CoTaskMemFree

Exports

Exports

DebugSetMute
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.MPRESS1
Size: 153KB - Virtual size: 692KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MS/D3DImm.dll
.dll windows:5 windows x86 arch:x86

b99d81b541198f555fad8b8af0f2770c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

wvsprintfA

Exports

Exports

GetD3DInterface
GetD3DVersion

Sections

.MPRESS1
Size: 83KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MS/DDraw.dll
.dll windows:5 windows x86 arch:x86

3e56d94401710fe7637afbbea64453c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

PathAppendW

user32

GetDC

gdi32

BitBlt

shell32

SHGetFolderPathW

ole32

CoTaskMemFree

Exports

Exports

AcquireDDThreadLock
CompleteCreateSysmemSurface
D3DParseUnknownCommand
DDInternalLock
DDInternalUnlock
DirectDrawCreate
DirectDrawCreateClipper
DirectDrawCreateEx
DirectDrawEnumerateA
DirectDrawEnumerateExA
DirectDrawEnumerateExW
DirectDrawEnumerateW
DllCanUnloadNow
DllGetClassObject
ReleaseDDThreadLock

Sections

.MPRESS1
Size: 101KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Readme.txt
dgvoodooCpl.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 200KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 84KB - Virtual size: 360KB

.MPRESS2 Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 3KB

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 84KB - Virtual size: 360KB

.MPRESS2 Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 88KB - Virtual size: 376KB

.MPRESS2 Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 94KB - Virtual size: 432KB

.MPRESS2 Size: 7KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 4KB

3e56d94401710fe7637afbbea64453c4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

user32

gdi32

shell32

ole32

.MPRESS1
Size: 84KB - Virtual size: 360KB

.MPRESS2
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 3KB

.MPRESS1
Size: 84KB - Virtual size: 360KB

.MPRESS2
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.MPRESS1
Size: 88KB - Virtual size: 376KB

.MPRESS2
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.MPRESS1
Size: 94KB - Virtual size: 432KB

.MPRESS2
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 4KB

.MPRESS1
Size: 153KB - Virtual size: 692KB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 5KB

.MPRESS1
Size: 83KB - Virtual size: 556KB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 2KB

.MPRESS1
Size: 101KB - Virtual size: 332KB

.MPRESS2
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

UPX0
Size: - Virtual size: 200KB

UPX1
Size: 103KB - Virtual size: 104KB

.rsrc
Size: 66KB - Virtual size: 68KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 219KB - Virtual size: 219KB

.reloc
Size: 3KB - Virtual size: 3KB