e19ef4e4949114164358c81b2804d839a3bbea2c39a6d65e649390c838fe78f1

Sharing

Copy URL Twitter E-mail

General

Target

e19ef4e4949114164358c81b2804d839a3bbea2c39a6d65e649390c838fe78f1
Size

127KB
MD5

fda882091c965580474858e3d5e3b3e4
SHA1

fe833d3e20438861a4b51dd531a340a9840f10bc
SHA256

e19ef4e4949114164358c81b2804d839a3bbea2c39a6d65e649390c838fe78f1
SHA512

89918b6641cb530be62019b78b616830a764b81e003b1584a9f93d458ccbbfab736140ca7d574b3bc57e8561fc52719a1d20476bae5b6b175e6cd78641d4e9fb
SSDEEP

1536:hN8cTSIsnHhjeEjF+XjAQ+cxFSMPHa41mPK6j59L2dUiHPGNvfTlh7MrASSAr:hN80snHleU7Qr/jvHPgvfA4Ar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e19ef4e4949114164358c81b2804d839a3bbea2c39a6d65e649390c838fe78f1

Files

e19ef4e4949114164358c81b2804d839a3bbea2c39a6d65e649390c838fe78f1
.dll windows:6 windows x64 arch:x64

475cc24040192f67e0c4c53231cdc37d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\artse\Desktop\WORK\Lossless Scaling\Actual\Core\x64\Release\Lossless.pdb

Imports

dxgi

CreateDXGIFactory1

dwmapi

DwmSetWindowAttribute
DwmGetWindowAttribute

d2d1

ord7

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_destroy
__C_specific_handler
__std_type_info_destroy_list
memcpy
memset
wcsrchr
wcsstr
_CxxThrowException
memmove
__std_exception_copy
__std_terminate

kernel32

InitializeSListHead
FormatMessageW
WaitForSingleObject
CreateThread
VerSetConditionMask
VerifyVersionInfoW
GetModuleFileNameW
GetCurrentProcess
CloseHandle
LoadLibraryW
GetProcAddress
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FreeLibrary
LocalAlloc
GetCurrentThreadId
GetFileAttributesW
SetLastError
LocalFree
GetModuleHandleW
GetLastError
LoadLibraryExW
GetModuleFileNameA
GetFullPathNameW
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
HeapAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
InterlockedPushEntrySList
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemDirectoryW
HeapFree
MultiByteToWideChar
GetProcessHeap

user32

GetMonitorInfoW
ShowWindow
GetWindowPlacement
RegisterClassExW
GetSystemMetrics
CreateWindowExW
CopyIcon
MonitorFromWindow
EqualRect
SetWindowPos
DestroyWindow
GetWindowRect
DefWindowProcW
GetForegroundWindow
GetCursorPos
EnableWindow
GetWindowTextW
GetDC
DrawIcon
GetWindowDC
ReleaseDC
ScreenToClient
DispatchMessageW
GetWindowInfo
PeekMessageW
TranslateMessage
GetClientRect
GetIconInfo
MoveWindow
LoadCursorW
GetClipCursor
ClipCursor
GetClassNameW
SetWindowLongW
UnhookWinEvent
SetWinEventHook
SetForegroundWindow
SetSystemCursor
GetCursorInfo
SystemParametersInfoW

gdi32

CreateCompatibleDC
GetDIBits
DeleteDC
GetStockObject
BitBlt
DeleteObject
GetObjectW

advapi32

AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW

oleaut32

SysFreeString
SysAllocString
SysAllocStringLen
GetErrorInfo
SysStringLen
SetErrorInfo

d3dcompiler_47

D3DReadFileToBlob

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-crt-runtime-l1-1-0

_errno
abort
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo

api-ms-win-crt-string-l1-1-0

strncmp
_wcsnicmp
_wcsicmp
isdigit
isalpha
iswspace

api-ms-win-crt-math-l1-1-0

ceilf
roundf
exp2f
floorf

api-ms-win-crt-stdio-l1-1-0

_wfopen_s
fclose
__stdio_common_vfwprintf

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

ole32

CoUninitialize
CoInitializeEx
CoCreateFreeThreadedMarshaler

Exports

Exports

Activate
ApplySettings
GetDXGIAdapters
Init
SetDriverSettings
UnInit

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

475cc24040192f67e0c4c53231cdc37d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dxgi

dwmapi

d2d1

vcruntime140_1

vcruntime140

kernel32

user32

gdi32

advapi32

oleaut32

d3dcompiler_47

msvcp140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

ole32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 35KB - Virtual size: 35KB

.data Size: 3KB - Virtual size: 11KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 296B

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 35KB - Virtual size: 35KB

.data
Size: 3KB - Virtual size: 11KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 296B