06-03-2024_qQQSMeMf00cl2ru[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

06-03-2024_qQQSMeMf00cl2ru.rar
Size

353KB
MD5

5d10c77d2742e2142c18885be6fed9f3
SHA1

dffee967717f21b6243f8b9d076581dc23d2ebd8
SHA256

38c618c3ed42672b910cc7b918b3cd161f51aa38324d643278f3e1fe1dd7e782
SHA512

5648869729d3d4ff3dcfbab047d8a8d3c4d0aed1a49b453c7243a08f0e484b064cf9907c524cca80ae5c8930c0b9a1d2d47cd4f00968b1343bd074560dab4e18
SSDEEP

6144:UdZ12kwoWe2o4GMDbjPP4+7V/9QiF8QG43mZiql2HTpO0XtOPT96vXAd9DwvgNL4:Eb9//M3jnVLJrR3mZitHTpO0sAId9DAn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d3d10.dll

Files

06-03-2024_qQQSMeMf00cl2ru.rar
.rar
d3d10.dll
.dll windows:6 windows x64 arch:x64

1805e30253a7a01f3abdf8f3c54d3869

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\apps\GTAV\d3d10.pdb

Imports

msvcp140

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exceptions@std@@YAHXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Thrd_sleep
_Query_perf_frequency
_Query_perf_counter
_Xtime_get_ticks
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z

user32

LoadCursorA
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetClientRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
IsChild
TrackMouseEvent
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
CreateWindowExA
DefWindowProcA
GetWindowRect
GetSystemMetrics
mouse_event
CallWindowProcA

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
Sleep
HeapFree
HeapReAlloc
HeapAlloc
HeapCreate
GetLastError
CloseHandle
VirtualQuery
VirtualFree
VirtualAlloc
GetSystemInfo
LoadLibraryA
SuspendThread
QueryPerformanceFrequency
QueryPerformanceCounter
WideCharToMultiByte
MultiByteToWideChar
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
GetModuleHandleA
DisableThreadLibraryCalls
GetTickCount64
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
OpenThread
Thread32First
GetProcAddress
CreateToolhelp32Snapshot
DeleteCriticalSection
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
Thread32Next

imm32

ImmSetCompositionWindow
ImmGetContext
ImmReleaseContext

d3dcompiler_47

D3DCompile

vcruntime140

__std_type_info_destroy_list
__current_exception_context
__current_exception
__C_specific_handler
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcmp
memcpy
memmove
memset
strstr
memchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
terminate
_initterm
_cexit
_execute_onexit_table
system
_invalid_parameter_noinfo_noreturn
_crt_atexit
_register_onexit_function
_wassert

api-ms-win-crt-heap-l1-1-0

malloc
free
calloc
_callnewh

api-ms-win-crt-math-l1-1-0

pow
log
logf
ceilf
acosf
sinf
cosf
fmodf
sqrtf
powf

api-ms-win-crt-convert-l1-1-0

strtoul
atof

api-ms-win-crt-string-l1-1-0

strcpy_s
strncpy
strcmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fflush
fread
fseek
fclose
_wfopen
ftell
fwrite
__stdio_common_vsscanf

api-ms-win-crt-utility-l1-1-0

qsort

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1805e30253a7a01f3abdf8f3c54d3869

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp140

user32

kernel32

imm32

d3dcompiler_47

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 343KB - Virtual size: 343KB

.data Size: 3KB - Virtual size: 4KB

.pdata Size: 14KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 708B

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 343KB - Virtual size: 343KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 708B