d3d9[.]dll | Triage

General

Target

d3d9.dll
Size

52KB
MD5

a0b39a6702b9211efb109826c22d2bb4
SHA1

bfba718bfe0cf8b66b7e7636115fa6bb7991676a
SHA256

add606aed192fefaf9b3932d4d650c5ecc5bbe4bce547c6e075ae8d7d7200a31
SHA512

d105cec2d960f1b46dd8e13a66df1443905f9a7f9cb1d634417192ac4f3237fd166807f0f11437a39b9ccb7d970af3874eb7d4566fc9330da57a26bcef35bfe3
SSDEEP

768:z9gkr+iy0BMPRIk4owU3JLaB19t+S0H/fVEJfvBxHFMDfh9L:Bgkr325I5zeq9IS0fy2Df7L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3d9.dll

Files

d3d9.dll
.dll windows:4 windows x86 arch:x86

99f86522f30e1b414c5ce12ed24e4da7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\trix_d3d9\Release\D3D9Hook.pdb

Imports

kernel32

VirtualProtect
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
FlushFileBuffers
GetSystemInfo
GetLocaleInfoA
HeapSize
SetStdHandle
LCMapStringW
LCMapStringA
ExitProcess
GetCommandLineA
GetVersionExA
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
CloseHandle

user32

GetClientRect
GetWindowRect
SetWindowLongA
SetWindowPos
ShowWindow
GetWindowLongA

Exports

Exports

DebugSetLevel
DebugSetMute
Direct3DCreate9
Direct3DShaderValidatorCreate9
PSGPError
PSGPSampleTexture

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99f86522f30e1b414c5ce12ed24e4da7

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 2KB