86069f17eaf39c904e8c6e63cc458e3b043f48bed058ee3a1c06808a7186dfff

Sharing

Copy URL Twitter E-mail

General

Target

86069f17eaf39c904e8c6e63cc458e3b043f48bed058ee3a1c06808a7186dfff
Size

8.0MB
MD5

a1b4c29e81bd88ade345bafdc28d3f24
SHA1

eea25e43b831dab2195eccef47355aa4f8d5619b
SHA256

86069f17eaf39c904e8c6e63cc458e3b043f48bed058ee3a1c06808a7186dfff
SHA512

88bc8bb664d8fc7bbd7b848b1a575f2a11e81a416186e87506e8e31a019ab2ccc92a49cb9fc7f20a8146d8c91acf1f46137ca71dc2aeb2eaa7a175442899ff0d
SSDEEP

98304:MV4NTsUpzuZYVxOWrHZ2+Lge5esYB3DQF+p:pAXErPLtO38Qp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86069f17eaf39c904e8c6e63cc458e3b043f48bed058ee3a1c06808a7186dfff

Files

86069f17eaf39c904e8c6e63cc458e3b043f48bed058ee3a1c06808a7186dfff
.exe windows:6 windows x64 arch:x64

08239f5bb5e1fbf6fbfc284ace4f46a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Games\4Vision Testserver\TClient_DX12.pdb

Imports

winmm

mmioAscend
mmioSetInfo
mmioGetInfo
PlaySoundA
mmioClose
mmioAdvance
mmioDescend
mmioSeek
mmioRead
timeGetTime
mmioOpenA

d3d12

ord101

dxgi

CreateDXGIFactory2

d3dx9_43

D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixScaling
D3DXMatrixMultiply
D3DXVec2Normalize
D3DXVec3Normalize
D3DXVec3TransformCoord
D3DXMatrixTranslation
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXMatrixRotationZ
D3DXPlaneNormalize
D3DXIntersectTri
D3DXMatrixTranspose
D3DXMatrixRotationQuaternion
D3DXPlaneIntersectLine
D3DXSphereBoundProbe
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileInMemory
D3DXLoadSurfaceFromFileInMemory
D3DXCreateTexture
D3DXQuaternionRotationAxis
D3DXQuaternionMultiply
D3DXMatrixDecompose
D3DXQuaternionSlerp
D3DXLoadSurfaceFromSurface
D3DXMatrixInverse
D3DXQuaternionNormalize
D3DXQuaternionInverse
D3DXMatrixRotationYawPitchRoll
D3DXMatrixLookAtLH
D3DXMatrixPerspectiveFovLH
D3DXMatrixOrthoLH

advapi32

GetUserNameA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegQueryValueA
RegEnumValueA
RegEnumKeyExA
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptEncrypt
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextA
RegCloseKey
CloseServiceHandle

imm32

ImmSetConversionStatus
ImmGetCompositionStringA
ImmNotifyIME
ImmGetCandidateListA
ImmGetConversionStatus
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

dsound

ord11

dbghelp

StackWalk64
GetTimestampForLoadedLibrary
EnumerateLoadedModules64
MiniDumpWriteDump

kernel32

SetFilePointerEx
GetFileInformationByHandleEx
DeleteFileW
InitOnceExecuteOnce
SwitchToThread
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
OutputDebugStringA
FormatMessageA
VirtualProtect
SetLastError
GlobalSize
GlobalUnlock
GlobalLock
CopyFileA
GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
EncodePointer
GetSystemDirectoryW
FreeLibrary
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
LoadLibraryW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CompareStringA
FindClose
FindFirstFileA
FlushFileBuffers
GetFullPathNameA
LockFile
SetEndOfFile
UnlockFile
GetVolumeInformationA
DuplicateHandle
lstrlenA
GetThreadLocale
GetStringTypeExA
FileTimeToLocalFileTime
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
InitializeCriticalSectionAndSpinCount
GlobalFlags
GetACP
lstrcpyA
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
SetErrorMode
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
GetTempPathA
GetProfileIntA
GetTempFileNameA
GetUserDefaultLCID
WaitForSingleObjectEx
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
GlobalFree
ResetEvent
GetVersionExA
WaitForMultipleObjects
IsBadReadPtr
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
Sleep
SetUnhandledExceptionFilter
LocalFree
LocalAlloc
GetSystemTime
lstrcmpA
GetModuleFileNameA
GetLocalTime
SetFilePointer
CreateDirectoryA
WriteFile
CreateFileW
Process32NextW
Process32FirstW
SetThreadLocale
GetProcAddress
GetModuleHandleA
GetSystemInfo
CreateProcessA
ResumeThread
SetThreadPriority
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ReadFile
DeleteFileA
CreateFileA
MultiByteToWideChar
GetSystemFirmwareTable
CreateToolhelp32Snapshot
GetFileSize
OutputDebugStringW
GetStringTypeW
QueryPerformanceFrequency
RtlPcToFileHeader
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetNativeSystemInfo
LCMapStringEx
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseHandle
IsDBCSLeadByte
FindResourceA
GetTickCount
WideCharToMultiByte
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
SetFileInformationByHandle
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
GetThreadTimes
FreeLibraryAndExitThread
InterlockedPopEntrySList
GlobalAlloc
CreateFileMappingA
UnmapViewOfFile
MapViewOfFile
IsDebuggerPresent
SearchPathA
MulDiv
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
ReleaseSemaphore
UnregisterWaitEx
RegisterWaitForSingleObject
CreateTimerQueue
GetVersionExW
VirtualAlloc
VirtualFree
GetProcessAffinityMask
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
SetThreadAffinityMask
UnregisterWait
RtlUnwindEx
ExitProcess
GetStdHandle
GetFileType
WriteConsoleW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
VirtualQuery
GetFullPathNameW
SetStdHandle
ExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetCurrentDirectoryW
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
lstrcmpiA
RtlUnwind
CloseThreadpoolTimer

user32

IsCharLowerA
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
LoadMenuA
MonitorFromPoint
UpdateLayeredWindow
UnionRect
PostThreadMessageA
DrawIcon
FrameRect
CopyIcon
BringWindowToTop
LoadMenuW
IsZoomed
DrawFrameControl
DrawEdge
SetWindowRgn
SetClassLongPtrA
DrawStateA
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
EnumDisplayMonitors
SetLayeredWindowAttributes
GetMenuDefaultItem
CreatePopupMenu
NotifyWinEvent
LoadCursorW
InvertRect
HideCaret
EnableScrollBar
GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
WindowFromPoint
RegisterClipboardFormatA
GetMenuItemInfoA
DestroyMenu
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
CopyImage
GetSysColorBrush
IsRectEmpty
InvalidateRgn
CopyAcceleratorTableA
MessageBeep
GetNextDlgGroupItem
CharNextA
FillRect
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
CharUpperA
KillTimer
MapDialogRect
SetWindowContextHelpId
GetWindowThreadProcessId
ShowOwnedPopups
GetMessageA
GetKeyNameTextA
GetDesktopWindow
GetNextDlgTabItem
MapVirtualKeyExA
IsDialogMessageA
IsWindowEnabled
CheckDlgButton
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongPtrA
GetClassLongA
GetUpdateRect
GetSysColor
MapWindowPoints
AdjustWindowRectEx
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
SetActiveWindow
TrackPopupMenu
SetMenu
GetMenu
GetCapture
GetDlgCtrlID
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
DestroyWindow
IsWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
DefWindowProcA
GetMessageTime
GetMessagePos
RegisterWindowMessageA
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
GetWindow
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
SetFocus
RemoveMenu
GetKeyboardState
ToAsciiEx
LoadAcceleratorsW
CreateAcceleratorTableA
DestroyAcceleratorTable
LockWindowUpdate
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuA
CharUpperBuffA
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
CreateDialogIndirectParamA
AppendMenuA
InsertMenuA
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenuState
GetMenuStringA
GetWindowLongPtrA
ValidateRect
InvalidateRect
GetFocus
IsChild
CallWindowProcA
GetKeyboardLayout
EnumChildWindows
GetClientRect
SetCapture
IsWindowVisible
wsprintfW
DeleteMenu
GetSystemMenu
DrawMenuBar
SystemParametersInfoA
MessageBoxW
GetWindowPlacement
ClipCursor
ReleaseCapture
ShowCursor
SetWindowLongA
AdjustWindowRect
GetSystemMetrics
SetWindowTextA
GetDlgItem
EndDialog
DialogBoxParamA
CopyRect
EnumDisplaySettingsA
DestroyCursor
LoadCursorA
IsIconic
PostMessageA
ActivateKeyboardLayout
SetParent
GetParent
DefFrameProcA
SetWindowLongPtrA
IsClipboardFormatAvailable
SetForegroundWindow
SetWindowPos
SetRectEmpty
EqualRect
IntersectRect
InflateRect
GetKeyState
ScreenToClient
GetCursorPos
GetActiveWindow
ShowWindow
OffsetRect
ClientToScreen
SetCursor
SetCursorPos
ReleaseDC
GetDC
FlashWindowEx
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
MessageBoxA
GetForegroundWindow
UpdateWindow
TranslateAcceleratorA
LoadAcceleratorsA
MapVirtualKeyA
PostQuitMessage
WaitMessage
PeekMessageA
DispatchMessageA
TranslateMessage
PtInRect
GetWindowRect
SetTimer
SendMessageA
EnableWindow
GetAsyncKeyState
SetRect
UnregisterClassA
IsMenu

gdi32

GetTextColor
CombineRgn
GetMapMode
SetRectRgn
DPtoLP
GetRgnBox
GetTextExtentPoint32A
GetTextMetricsA
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateCompatibleBitmap
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreateEllipticRgn
Ellipse
CreatePolygonRgn
GetBkColor
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutA
TextOutA
MoveToEx
ScaleWindowExtEx
Polyline
CreateRoundRectRgn
LPtoDP
EnumFontFamiliesExA
Rectangle
OffsetRgn
Polygon
ScaleViewportExtEx
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
SetMapMode
GetTextFaceA
SetBkMode
SetTextAlign
SetROP2
SetPolyFillMode
DeleteDC
CreateCompatibleDC
BitBlt
SetLayout
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
ExcludeClipRect
Escape
CreateSolidBrush
CreateRectRgn
CreatePatternBrush
CreatePen
CreateHatchBrush
PatBlt
CreateRectRgnIndirect
GetObjectA
SetTextColor
SetBkColor
CreateBitmap
GetDeviceCaps
CreateDCA
CopyMetaFileA
CreateFontIndirectA
CreateFontA
GetClipBox
GetObjectW
CreateDIBSection
SelectObject
GetCurrentObject
DeleteObject
GetLayout

msimg32

TransparentBlt
AlphaBlend

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

SHGetFileInfoA
SHAddToRecentDocs
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder
DragQueryFileA
DragFinish
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA

shlwapi

PathFindFileNameA
PathFileExistsA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathIsUNCA
PathFindExtensionA

uxtheme

DrawThemeText
DrawThemeParentBackground
CloseThemeData
GetThemePartSize
GetThemeSysColor
IsThemeBackgroundPartiallyTransparent
IsAppThemed
GetWindowTheme
GetCurrentThemeName
GetThemeColor
DrawThemeBackground
OpenThemeData

ole32

CoLockObjectExternal
RevokeDragDrop
OleDestroyMenuDescriptor
OleInitialize
IsAccelerator
CoUninitialize
CoInitializeEx
CoCreateInstance
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
ReleaseStgMedium
CoInitialize
CoCreateGuid
OleGetClipboard
CLSIDFromProgID
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleTranslateAccelerator
CoFreeUnusedLibraries
RegisterDragDrop
OleCreateMenuDescriptor
CoRevokeClassObject
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
PropVariantClear
CLSIDFromString
OleLockRunning
CreateStreamOnHGlobal

oleaut32

LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocStringByteLen
SysAllocStringLen
SysStringLen
VariantChangeType
VariantClear
VariantInit
SysAllocString
SysFreeString

oledlg

ord8

ws2_32

WSASetLastError
WSACleanup
inet_ntoa
htons
closesocket
connect
recv
send
gethostbyname
WSAStartup
getsockname
ioctlsocket
inet_addr
setsockopt
WSAGetLastError
WSAAsyncSelect
WSASocketA

rpcrt4

UuidCreateSequential

vcomp140

_vcomp_for_static_simple_init
_vcomp_fork
_vcomp_for_static_end

gdiplus

GdiplusStartup
GdiplusShutdown
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateSolidFill
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetTextRenderingHint
GdipCreateFontFromDC
GdipDeleteFont
GdipDrawString
GdipMeasureString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipDrawImageRectI

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

Exports

Exports

D3D12SDKPath
D3D12SDKVersion

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 235KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08239f5bb5e1fbf6fbfc284ace4f46a6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

d3d12

dxgi

d3dx9_43

advapi32

imm32

dsound

dbghelp

kernel32

user32

gdi32

msimg32

winspool.drv

shell32

shlwapi

uxtheme

ole32

oleaut32

oledlg

ws2_32

rpcrt4

vcomp140

gdiplus

oleacc

Exports

Exports

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 120KB - Virtual size: 226KB

.pdata Size: 235KB - Virtual size: 234KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 184KB - Virtual size: 183KB

.reloc Size: 96KB - Virtual size: 96KB

.text
Size: 6.0MB - Virtual size: 6.0MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 120KB - Virtual size: 226KB

.pdata
Size: 235KB - Virtual size: 234KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 184KB - Virtual size: 183KB

.reloc
Size: 96KB - Virtual size: 96KB