809c51f2761cd20e2de0ffdc27fefb03304f44a15c1d6c7fb91e0e31caa24f6c

Sharing

Copy URL Twitter E-mail

General

Target

809c51f2761cd20e2de0ffdc27fefb03304f44a15c1d6c7fb91e0e31caa24f6c
Size

95KB
MD5

bb578fba9fc34af2f6cff9577215c5f4
SHA1

7e3b827d2c795a01e97d2e591f1fc954e5605635
SHA256

809c51f2761cd20e2de0ffdc27fefb03304f44a15c1d6c7fb91e0e31caa24f6c
SHA512

ad1fb6d0d537462e50641cee4588d93e45455589223925933b6ec4b936c323edd54b450c377c88a87ddd19d99ef1132507aca65a0bf8b65d6f2f624ceeaf78b4
SSDEEP

1536:cqu19v58r/n09iN1p2cukhU4xckSLbx7Ln46l7affFZHV:cqcver/n0ab2cM4xu3fl7aLV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
809c51f2761cd20e2de0ffdc27fefb03304f44a15c1d6c7fb91e0e31caa24f6c

Files

809c51f2761cd20e2de0ffdc27fefb03304f44a15c1d6c7fb91e0e31caa24f6c
.dll windows:5 windows x86 arch:x86

5be50315f69323ffecc47c0bae0b5c6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Lavish\Inner Space\Release\IS-D3D9Engine.pdb

Imports

kernel32

GetTickCount
MultiByteToWideChar
TerminateProcess
GetCurrentProcess
EnterCriticalSection
GetProcAddress
LeaveCriticalSection
GetModuleFileNameA
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
DeleteCriticalSection
GetModuleHandleA
InitializeCriticalSection
GetConsoleCP
SetFilePointer
GetStringTypeW
DecodePointer
EncodePointer
HeapAlloc
GetLastError
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
GetCurrentThreadId
GetCommandLineA
WriteFile
GetStdHandle
GetModuleFileNameW
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryW
LCMapStringW
FlushFileBuffers

user32

GetCursorInfo
GetWindowInfo
SetCursor
ShowCursor

gdi32

GetTextExtentPoint32A
GetCharABCWidthsFloatA

d3d9

Direct3DCreate9

d3dx9_37

D3DXCreateTextureFromFileExA
D3DXFillTexture
D3DXCreateTexture
D3DXCreateFontA

Exports

Exports

F1

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5be50315f69323ffecc47c0bae0b5c6d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

d3d9

d3dx9_37

Exports

Exports

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 5KB - Virtual size: 14KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 5KB - Virtual size: 14KB

.reloc
Size: 7KB - Virtual size: 7KB