7daa6ea85530dd6c10011ab5bf743786

Sharing

Copy URL Twitter E-mail

General

Target

7daa6ea85530dd6c10011ab5bf743786
Size

373KB
MD5

7daa6ea85530dd6c10011ab5bf743786
SHA1

49062ba386cd9eb4a6e3b45d65ea22bf5344089b
SHA256

a68b95181c41f6a1de916005b6907403f1806cd1716423255edb9194b7954466
SHA512

709c94d200beca13b9477db16c8cfd4d2e59af25252517b51c8df109a477106543a4f81e1302a40859eedb901c1c53fe229abb520745255d1589540dccd7fd3b
SSDEEP

6144:788zgLP8oidoRX3X2UOArsrCxviTIfMCrtlQBqacRzuoeQ6OtO9qOd3SBy4SdIvq:IZyoRnCArsrCxqXeQBrsW3knEIvUDn

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3Dfx/Glide.dll
unpack001/3Dfx/Glide2x.dll
unpack001/3Dfx/Glide3x.dll
unpack001/3Dfx/Napalm/Glide3x.dll
unpack001/MS/DDraw.dll
unpack001/dgVoodooSetup.exe

Files

7daa6ea85530dd6c10011ab5bf743786
.zip
3Dfx/Glide.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_ConvertAndDownLoadRLE@64
_ConvertAndDownloadRle@64
_grAADrawLine@8
_grAADrawPoint@4
_grAADrawPolygon@12
_grAADrawPolygonVertexList@8
_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaCombine@20
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grBufferClear@12
_grBufferNumPending@0
_grBufferSwap@4
_grCheckForRoom@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorMask@8
_grConstantColorValue4@16
_grConstantColorValue@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPlanarPolygon@12
_grDrawPlanarPolygonVertexList@8
_grDrawPoint@4
_grDrawPolygon@12
_grDrawPolygonVertexList@8
_grDrawTriangle@12
_grErrorSetCallback@4
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGammaCorrectionValue@4
_grGlideGetState@4
_grGlideGetVersion@4
_grGlideInit@0
_grGlideSetState@4
_grGlideShamelessPlug@4
_grGlideShutdown@0
_grHints@8
_grLfbBegin@0
_grLfbBypassMode@4
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbEnd@0
_grLfbGetReadPtr@4
_grLfbGetWritePtr@4
_grLfbOrigin@4
_grLfbReadRegion@28
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteMode@4
_grLfbWriteRegion@32
_grRenderBuffer@4
_grResetTriStats@0
_grSplash@20
_grSstConfigPipeLine@12
_grSstConfigPipeline@12
_grSstDetectResources@0
_grSstIdle@0
_grSstIsBusy@0
_grSstOpen@24
_grSstOrigin@4
_grSstPassthruMode@4
_grSstPerfStats@4
_grSstQueryBoards@4
_grSstQueryHardware@4
_grSstResetPerfStats@0
_grSstScreenHeight@0
_grSstScreenWidth@0
_grSstSelect@4
_grSstStatus@0
_grSstVRetraceOn@0
_grSstVidMode@8
_grSstVideoLine@0
_grTexCalcMemRequired@16
_grTexClampMode@12
_grTexCombine@28
_grTexCombineFunction@8
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@12
_grTexDownloadTablePartial@20
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@8
_grTexSource@16
_grTexTextureMemRequired@8
_grTriStats@8
_gu3dfGetInfo@8
_gu3dfLoad@8
_guAADrawTriangleWithClip@12
_guAlphaSource@4
_guColorCombineFunction@4
_guDrawPolygonVertexListWithClip@8
_guDrawTriangleWithClip@12
_guEncodeRLE16@16
_guEndianSwapBytes@4
_guEndianSwapWords@4
_guFbReadRegion@24
_guFbWriteRegion@24
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guMPDrawTriangle@12
_guMPInit@0
_guMPTexCombineFunction@4
_guMPTexSource@8
_guMovieSetName@4
_guMovieStart@0
_guMovieStop@0
_guTexAllocateMemory@60
_guTexChangeAttributes@48
_guTexCombineFunction@8
_guTexCreateColorMipMap@0
_guTexDownloadMipMap@12
_guTexDownloadMipMapLevel@12
_guTexGetCurrentMipMap@4
_guTexGetMipMapInfo@4
_guTexMemQueryAvail@4
_guTexMemReset@0
_guTexSource@4
_pciClose@0
_pciDeviceExists@4
_pciFindCard@12
_pciFindCardMulti@16
_pciFindFreeMTRR@4
_pciFindFreeMTRRMatch@16
_pciFindMTRRMatch@16
_pciGetConfigData@20
_pciGetErrorCode@0
_pciGetErrorString@0
_pciMapCard@20
_pciMapCardMulti@24
_pciMapPhysicalToLinear@12
_pciOpen@0
_pciOpenEx@0
_pciSetConfigData@20
_pciSetMTRR@16
_pciUnmapPhysical@8
_pioInByte@4
_pioInLong@4
_pioInWord@4
_pioOutByte@8
_pioOutLong@8
_pioOutWord@8

Sections

.MPRESS1
Size: 50KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3Dfx/Glide2x.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_ConvertAndDownLoadRLE@64
_ConvertAndDownloadRle@64
_grAADrawLine@8
_grAADrawPoint@4
_grAADrawPolygon@12
_grAADrawPolygonVertexList@8
_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaCombine@20
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grBufferClear@12
_grBufferNumPending@0
_grBufferSwap@4
_grCheckForRoom@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorMask@8
_grConstantColorValue4@16
_grConstantColorValue@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPlanarPolygon@12
_grDrawPlanarPolygonVertexList@8
_grDrawPoint@4
_grDrawPolygon@12
_grDrawPolygonVertexList@8
_grDrawTriangle@12
_grErrorSetCallback@4
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGammaCorrectionValue@4
_grGlideGetState@4
_grGlideGetVersion@4
_grGlideInit@0
_grGlideSetState@4
_grGlideShamelessPlug@4
_grGlideShutdown@0
_grHints@8
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbLock@24
_grLfbReadRegion@28
_grLfbUnlock@8
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteRegion@32
_grRenderBuffer@4
_grResetTriStats@0
_grSplash@20
_grSstConfigPipeLine@12
_grSstConfigPipeline@12
_grSstControl@4
_grSstDetectResources@0
_grSstIdle@0
_grSstIsBusy@0
_grSstOrigin@4
_grSstPerfStats@4
_grSstQueryBoards@4
_grSstQueryHardware@4
_grSstResetPerfStats@0
_grSstScreenHeight@0
_grSstScreenWidth@0
_grSstSelect@4
_grSstStatus@0
_grSstVRetraceOn@0
_grSstVidMode@8
_grSstVideoLine@0
_grSstWinClose@0
_grSstWinOpen@28
_grTexCalcMemRequired@16
_grTexClampMode@12
_grTexCombine@28
_grTexCombineFunction@8
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@12
_grTexDownloadTablePartial@20
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@8
_grTexSource@16
_grTexTextureMemRequired@8
_grTriStats@8
_gu3dfGetInfo@8
_gu3dfLoad@8
_guAADrawTriangleWithClip@12
_guAlphaSource@4
_guColorCombineFunction@4
_guDrawPolygonVertexListWithClip@8
_guDrawTriangleWithClip@12
_guEncodeRLE16@16
_guEndianSwapBytes@4
_guEndianSwapWords@4
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guMPDrawTriangle@12
_guMPInit@0
_guMPTexCombineFunction@4
_guMPTexSource@8
_guMovieSetName@4
_guMovieStart@0
_guMovieStop@0
_guTexAllocateMemory@60
_guTexChangeAttributes@48
_guTexCombineFunction@8
_guTexCreateColorMipMap@0
_guTexDownloadMipMap@12
_guTexDownloadMipMapLevel@12
_guTexGetCurrentMipMap@4
_guTexGetMipMapInfo@4
_guTexMemQueryAvail@4
_guTexMemReset@0
_guTexSource@4
_pciClose@0
_pciDeviceExists@4
_pciFindCard@12
_pciFindCardMulti@16
_pciFindFreeMTRR@4
_pciFindFreeMTRRMatch@16
_pciFindMTRRMatch@16
_pciGetConfigData@20
_pciGetErrorCode@0
_pciGetErrorString@0
_pciMapCard@20
_pciMapCardMulti@24
_pciMapPhysicalToLinear@12
_pciOpen@0
_pciOpenEx@0
_pciSetConfigData@20
_pciSetMTRR@16
_pciUnmapPhysical@8
_pioInByte@4
_pioInLong@4
_pioInWord@4
_pioOutByte@8
_pioOutLong@8
_pioOutWord@8

Sections

.MPRESS1
Size: 49KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3Dfx/Glide3x.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaCombine@20
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grAuxBufferExt@4
_grBufferClear@12
_grBufferSwap@4
_grChromaRangeExt@12
_grChromaRangeModeExt@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorMask@8
_grConstantColorValue@4
_grCoordinateSpace@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDepthRange@8
_grDisable@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPoint@4
_grDrawTriangle@12
_grDrawVertexArray@12
_grDrawVertexArrayContiguous@16
_grEnable@4
_grErrorSetCallback@4
_grFinish@0
_grFlush@0
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGet@12
_grGetGammaTableExt@16
_grGetProcAddress@4
_grGetString@4
_grGlideGetState@4
_grGlideGetVertexLayout@4
_grGlideInit@0
_grGlideSetState@4
_grGlideSetVertexLayout@4
_grGlideShutdown@0
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbLock@24
_grLfbReadRegion@28
_grLfbUnlock@8
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteRegion@36
_grLoadGammaTable@16
_grQueryResolutions@8
_grRenderBuffer@4
_grReset@4
_grSelectContext@4
_grSetNumPendingBuffers@4
_grSplash@20
_grSstOrigin@4
_grSstSelect@4
_grSstWinClose@4
_grSstWinOpen@28
_grTexCalcMemRequired@16
_grTexChromaModeExt@8
_grTexChromaRangeExt@16
_grTexClampMode@12
_grTexCombine@28
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@8
_grTexDownloadTablePartial@16
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@4
_grTexSource@16
_grTexTextureMemRequired@8
_grTextureAuxBufferExt@28
_grTextureBufferExt@28
_grVertexLayout@12
_grViewport@16
_gu3dfGetInfo@8
_gu3dfLoad@8
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guGammaCorrectionRGB@12

Sections

.MPRESS1
Size: 54KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
3Dfx/Napalm/Glide3x.dll
.dll windows:5 windows x86 arch:x86

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

SetRect

gdi32

GetStockObject

shell32

SHGetFolderPathW

shlwapi

PathAppendW

Exports

Exports

_grAADrawTriangle@24
_grAlphaBlendFunction@16
_grAlphaBlendFunctionExt@24
_grAlphaCombine@20
_grAlphaCombineExt@40
_grAlphaControlsITRGBLighting@4
_grAlphaTestFunction@4
_grAlphaTestReferenceValue@4
_grAuxBufferExt@4
_grBufferClear@12
_grBufferClearExt@16
_grBufferSwap@4
_grChromaRangeExt@12
_grChromaRangeModeExt@4
_grChromakeyMode@4
_grChromakeyValue@4
_grClipWindow@16
_grColorCombine@20
_grColorCombineExt@40
_grColorMask@8
_grColorMaskExt@16
_grConstantColorValue@4
_grConstantColorValueExt@8
_grCoordinateSpace@4
_grCullMode@4
_grDepthBiasLevel@4
_grDepthBufferFunction@4
_grDepthBufferMode@4
_grDepthMask@4
_grDepthRange@8
_grDeviceQueryExt@8
_grDisable@4
_grDisableAllEffects@0
_grDitherMode@4
_grDrawLine@8
_grDrawPoint@4
_grDrawTriangle@12
_grDrawVertexArray@12
_grDrawVertexArrayContiguous@16
_grEnable@4
_grErrorSetCallback@4
_grFinish@0
_grFlush@0
_grFogColorValue@4
_grFogMode@4
_grFogTable@4
_grGet@12
_grGetGammaTableExt@16
_grGetProcAddress@4
_grGetRegistryOrEnvironmentStringExt@4
_grGetString@4
_grGlideGetState@4
_grGlideGetVertexLayout@4
_grGlideInit@0
_grGlideSetState@4
_grGlideSetVertexLayout@4
_grGlideShutdown@0
_grLfbConstantAlpha@4
_grLfbConstantDepth@4
_grLfbConstantStencilExt@4
_grLfbLock@24
_grLfbReadRegion@28
_grLfbUnlock@8
_grLfbWriteColorFormat@4
_grLfbWriteColorSwizzle@8
_grLfbWriteRegion@36
_grLoadGammaTable@16
_grQueryResolutions@8
_grRenderBuffer@4
_grReset@4
_grSelectContext@4
_grSetNumPendingBuffers@4
_grSplash@20
_grSstOrigin@4
_grSstSelect@4
_grSstWinClose@4
_grSstWinOpen@28
_grSstWinOpenExt@32
_grStencilFuncExt@12
_grStencilMaskExt@4
_grStencilOpExt@12
_grSurfaceCalcTextureWHDExt@16
_grSurfaceCreateContextExt@4
_grSurfaceReleaseContextExt@4
_grSurfaceSetAuxSurfaceExt@4
_grSurfaceSetRenderingSurfaceExt@8
_grSurfaceSetTextureSurfaceExt@8
_grTBufferWriteMaskExt@4
_grTexAlphaCombineExt@44
_grTexCalcMemRequired@16
_grTexChromaModeExt@8
_grTexChromaRangeExt@16
_grTexClampMode@12
_grTexColorCombineExt@44
_grTexCombine@28
_grTexDetailControl@16
_grTexDownloadMipMap@16
_grTexDownloadMipMapLevel@32
_grTexDownloadMipMapLevelPartial@40
_grTexDownloadTable@8
_grTexDownloadTablePartial@16
_grTexFilterMode@12
_grTexLodBiasValue@8
_grTexMaxAddress@4
_grTexMinAddress@4
_grTexMipMapMode@12
_grTexMultibase@8
_grTexMultibaseAddress@20
_grTexNCCTable@4
_grTexSource@16
_grTexTextureMemRequired@8
_grTextureAuxBufferExt@28
_grTextureBufferExt@28
_grVertexLayout@12
_grViewport@16
_gu3dfGetInfo@8
_gu3dfLoad@8
_guFogGenerateExp2@8
_guFogGenerateExp@8
_guFogGenerateLinear@12
_guFogTableIndexToW@4
_guGammaCorrectionRGB@12

Sections

.MPRESS1
Size: 58KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MS/DDraw.dll
.dll windows:5 windows x86 arch:x86

3e56d94401710fe7637afbbea64453c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

PathAppendW

user32

GetDC

gdi32

BitBlt

shell32

SHGetFolderPathW

ole32

CoTaskMemFree

Exports

Exports

DirectDrawCreate
DirectDrawCreateClipper
DirectDrawCreateEx
DirectDrawEnumerateA
DirectDrawEnumerateExA
DirectDrawEnumerateExW
DirectDrawEnumerateW

Sections

.MPRESS1
Size: 36KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dgVoodooSetup.exe
.exe windows:5 windows x86 arch:x86

86ed52b737de96a052fc64aecd66bec2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

gdi32

GetStockObject

user32

FillRect

shlwapi

PathAppendW

ole32

CoTaskMemFree

shell32

SHGetFolderPathW

Sections

.MPRESS1
Size: 24KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
readme.txt
.vbs

Sharing

General

Malware Config

Signatures

Files

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 50KB - Virtual size: 196KB

.MPRESS2 Size: 8KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 2KB

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 49KB - Virtual size: 196KB

.MPRESS2 Size: 8KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 2KB

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 54KB - Virtual size: 204KB

.MPRESS2 Size: 6KB - Virtual size: 6KB

.rsrc Size: 3KB - Virtual size: 2KB

c7efb525cb2bc094bca9c3f5fa9c7715

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.MPRESS1 Size: 58KB - Virtual size: 240KB

.MPRESS2 Size: 7KB - Virtual size: 6KB

.rsrc Size: 3KB - Virtual size: 2KB

3e56d94401710fe7637afbbea64453c4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

user32

gdi32

shell32

ole32

.MPRESS1
Size: 50KB - Virtual size: 196KB

.MPRESS2
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 2KB

.MPRESS1
Size: 49KB - Virtual size: 196KB

.MPRESS2
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 2KB

.MPRESS1
Size: 54KB - Virtual size: 204KB

.MPRESS2
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 3KB - Virtual size: 2KB

.MPRESS1
Size: 58KB - Virtual size: 240KB

.MPRESS2
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 3KB - Virtual size: 2KB

.MPRESS1
Size: 36KB - Virtual size: 100KB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.MPRESS1
Size: 24KB - Virtual size: 136KB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 62KB - Virtual size: 61KB