572cccde8d5a4a5117eaf91a832dadf8b784d4f9f8cee384c5052b5954124a55

Sharing

Copy URL Twitter E-mail

General

Target

572cccde8d5a4a5117eaf91a832dadf8b784d4f9f8cee384c5052b5954124a55
Size

76.7MB
MD5

b0d222cd7fab45ce05025295ee7d9269
SHA1

814772ef707a5591eeb1ecc2fc7a6c0f3702b3d4
SHA256

572cccde8d5a4a5117eaf91a832dadf8b784d4f9f8cee384c5052b5954124a55
SHA512

ec27a4695ee0ca44df6d4fe5ce78755c235b75dfe5d8dbc8ba5e024053c4af24258e1900721f62592301298861fe256c1dfc3bfd64604595eb0491858a756d44
SSDEEP

786432:CybiYZeqcETbnzUXTAuvywBzFraNfL3NY6P:CyzZeETHEvPra1LdT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
572cccde8d5a4a5117eaf91a832dadf8b784d4f9f8cee384c5052b5954124a55

Files

572cccde8d5a4a5117eaf91a832dadf8b784d4f9f8cee384c5052b5954124a55
.dll windows:6 windows x64 arch:x64

dc83aa6870a247aa7803aa656b461ff9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Hero-B13\source\repos\VelocityX\NVpower_wrapper\bin\x64\Debug\NVpower_wrapper.pdb

Imports

kernel32

Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetProcAddress
FreeLibrary
LocalAlloc
GetSystemDirectoryW
GetFileAttributesW
CreateFileW
lstrcmpA
LocalFree
FileTimeToSystemTime
GetModuleFileNameW
GetModuleHandleW
SetLastError
GetLastError
LoadLibraryExW
GetModuleFileNameA
VerifyVersionInfoW
VerSetConditionMask
GetFullPathNameW
OutputDebugStringW
CloseHandle
CreateProcessW
CreateProcessA
ReadConsoleW
GetCurrentThreadId
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RtlPcToFileHeader
RtlUnwind
ExitProcess
GetModuleHandleExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetCurrentThread
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetConsoleCtrlHandler
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetStringTypeW
HeapSize
HeapReAlloc
ReadFile
WriteConsoleW

Exports

Exports

Nvpower_EnumPhysicalGPUs
Nvpower_GPU_ClientFanCoolersGetInfo
Nvpower_GPU_ClientFanCoolersGetStatus
Nvpower_GPU_ClientGetLastOcScannerResults
Nvpower_GPU_ClientIllumZonesGetControl
Nvpower_GPU_ClientIllumZonesSetControl
Nvpower_GPU_ClientPowerPoliciesGetInfo
Nvpower_GPU_ClientPowerPoliciesGetInfoStatus
Nvpower_GPU_ClientPowerTopologyGetStatus
Nvpower_GPU_ClientRevertOc
Nvpower_GPU_ClientStartOcScanner
Nvpower_GPU_ClientStopOcScanner
Nvpower_GPU_ClientThermalPoliciesGetInfoStatus
Nvpower_GPU_ClientVoltRailsGetStatus
Nvpower_GPU_GetAllClockFrequencies
Nvpower_GPU_GetAllOcConfig
Nvpower_GPU_GetBusId
Nvpower_GPU_GetCoreClock
Nvpower_GPU_GetCurrentPCIEDownstreamWidth
Nvpower_GPU_GetDynamicPstatesInfoEx
Nvpower_GPU_GetFullName
Nvpower_GPU_GetGpuCoreCount
Nvpower_GPU_GetMemoryClock
Nvpower_GPU_GetMemoryInfo
Nvpower_GPU_GetPCIIdentifiers
Nvpower_GPU_GetRamType
Nvpower_GPU_GetSetFRL
Nvpower_GPU_GetThermalSettings
Nvpower_GPU_GetVbiosVersionString
Nvpower_GPU_OCscanStatusUpdate
Nvpower_GPU_SetCoolerLevels
Nvpower_GPU_SetCoreClock
Nvpower_GPU_SetMemoryClock
Nvpower_GPU_SetPowerCap
Nvpower_GPU_SetThermalCap
Nvpower_GPU_SubscribeToOcScannerStatusCallback
Nvpower_GPU_UnsubscribeToOcScannerStatusCallback
Nvpower_I2CReadEx
Nvpower_I2CWriteEx
Nvpower_Initialize
Nvpower_SYS_GetDisplayDriverInfo
Nvpower_SetTargetDevicebyIndex
Nvpower_Unload
Nvpower_getFanCoolerControl
Nvpower_lockVoltage
Nvpower_restoreCoolerSettings

Sections

.textbss
Size: - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 739KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 617B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc83aa6870a247aa7803aa656b461ff9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 335KB

.text Size: 739KB - Virtual size: 739KB

.rdata Size: 157KB - Virtual size: 156KB

.data Size: 5KB - Virtual size: 45KB

.pdata Size: 62KB - Virtual size: 61KB

.idata Size: 4KB - Virtual size: 4KB

.msvcjmc Size: 1024B - Virtual size: 617B

.00cfg Size: 512B - Virtual size: 373B

_RDATA Size: 1024B - Virtual size: 671B

.rsrc Size: 1024B - Virtual size: 806B

.reloc Size: 6KB - Virtual size: 6KB

.textbss
Size: - Virtual size: 335KB

.text
Size: 739KB - Virtual size: 739KB

.rdata
Size: 157KB - Virtual size: 156KB

.data
Size: 5KB - Virtual size: 45KB

.pdata
Size: 62KB - Virtual size: 61KB

.idata
Size: 4KB - Virtual size: 4KB

.msvcjmc
Size: 1024B - Virtual size: 617B

.00cfg
Size: 512B - Virtual size: 373B

_RDATA
Size: 1024B - Virtual size: 671B

.rsrc
Size: 1024B - Virtual size: 806B

.reloc
Size: 6KB - Virtual size: 6KB