d3dref9[.]dll | Triage

Resubmissions

20/02/2024, 11:14

240220-nb5dpsfd2t 3

Sharing

Copy URL Twitter E-mail

General

Target

d3dref9.dll
Size

8.1MB
MD5

83e1abf3859bec1a6a120bc02a1c1f4f
SHA1

85d26f4829aebb1219b814cca4b8aef7e1a6c482
SHA256

533be9ba00bb1b5684e67dbb419db8d6820b2b15b65fba0f64a471904883b504
SHA512

52d86396cc4b2b3ddd331c36ce29270af074b7246a3966767df184d5233b8c1ceb40a422ee92c8a6e1278d63985dccf389f4115e09aede4067c781d02e64c82f
SSDEEP

196608:ZaCcOYjTh/5+5AaFf+riqEB6EA1Ot781MSOK7iQiOzQ11nC:ZujTeFFGriN6ZNOS1PMjn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3dref9.dll

Files

d3dref9.dll
.dll windows:6 windows x86 arch:x86

4fbb54fbd979bc8146fee3fc15fd6d9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Module32First
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

ReleaseDC

gdi32

DeleteObject

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

wintrust

WinVerifyTrust

urlmon

URLDownloadToFileA

iphlpapi

GetAdaptersInfo

ntdll

RtlImageNtHeader

shlwapi

ord12

ws2_32

gethostname

gdiplus

GdiplusStartup

d3d9

Direct3DCreate9

bcrypt

BCryptGenRandom

crypt32

CryptDecodeObjectEx

Sections

^USYnw=`
Size: - Virtual size: 918KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NYij=>mp
Size: - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bO,*&/Th
Size: - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Iv2*Gj:J
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

?^_vH<wz
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x6(/vXgQ
Size: - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

tnn`V-aF
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GKM61>m>
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Un%>k>2d
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

4fbb54fbd979bc8146fee3fc15fd6d9f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wintrust

urlmon

iphlpapi

ntdll

shlwapi

ws2_32

gdiplus

d3d9

bcrypt

crypt32

Sections

^USYnw=` Size: - Virtual size: 918KB

NYij=>mp Size: - Virtual size: 158KB

bO,*&/Th Size: - Virtual size: 230KB

Iv2*Gj:J Size: - Virtual size: 4KB

?^_vH<wz Size: - Virtual size: 12B

x6(/vXgQ Size: - Virtual size: 4.6MB

tnn`V-aF Size: 2KB - Virtual size: 1KB

GKM61>m> Size: 8.1MB - Virtual size: 8.1MB

Un%>k>2d Size: 2KB - Virtual size: 1KB

^USYnw=`
Size: - Virtual size: 918KB

NYij=>mp
Size: - Virtual size: 158KB

bO,*&/Th
Size: - Virtual size: 230KB

Iv2*Gj:J
Size: - Virtual size: 4KB

?^_vH<wz
Size: - Virtual size: 12B

x6(/vXgQ
Size: - Virtual size: 4.6MB

tnn`V-aF
Size: 2KB - Virtual size: 1KB

GKM61>m>
Size: 8.1MB - Virtual size: 8.1MB

Un%>k>2d
Size: 2KB - Virtual size: 1KB