C:\Users\jnerf\Desktop\ETHRAL_LAUNCHER_V2\examples\example_win32_directx9\Release\example_win32_directx9.pdb
Static task
static1
1 signatures
General
-
Target
example_win32_directx9.exe
-
Size
1.6MB
-
MD5
70b79f9beacb720904c10bf86018e52e
-
SHA1
6a764f228cef90ad2e4ca26ec98d14e18afafe8a
-
SHA256
76338410203a0517e4395eb582fab5b2432f3e48958e5a3070bc5a51a4113058
-
SHA512
276fd5e46eb28b311feaf90f647a8db226893101a266415221b755d3e35ae02846b6f2f0809569f9a2fc4af3bb8770bfb099aca5fe695a3f32dc453e54c6679f
-
SSDEEP
49152:xIpbWpej0ErvxnzuKxouIOrpLCga7KxjIf:zel/CjZ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource example_win32_directx9.exe
Files
-
example_win32_directx9.exe.exe windows:6 windows x64 arch:x64
d723ce68e4f6286ae76a4373b4521c62
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
d3d9
Direct3DCreate9
winmm
PlaySoundA
kernel32
Sleep
FormatMessageW
GetLastError
SetEvent
GetCurrentThread
TerminateThread
CloseHandle
FreeConsole
QueueUserAPC
Beep
LocalFree
DeleteCriticalSection
SleepEx
FormatMessageA
CreateIoCompletionPort
GetFirmwareEnvironmentVariableW
GetExitCodeProcess
CreateEventW
CreateFileW
GetLocaleInfoEx
TerminateProcess
PostQueuedCompletionStatus
GetCurrentThreadId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCurrentProcessId
DeviceIoControl
CreateFileA
LoadLibraryExA
VirtualAlloc
VirtualFree
K32GetModuleFileNameExW
LoadLibraryW
GetModuleHandleW
GetSystemTimeAsFileTime
RaiseException
GetFileAttributesW
GetEnvironmentVariableW
GetTempPathW
AreFileApisANSI
WaitForSingleObject
GetQueuedCompletionStatus
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetThreadPriority
WaitForMultipleObjects
GetCurrentProcess
EnterCriticalSection
SetLastError
SetWaitableTimer
QueryPerformanceCounter
FreeLibrary
VerSetConditionMask
GetProcAddress
QueryPerformanceFrequency
LoadLibraryA
GetModuleHandleA
GetFileInformationByHandleEx
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
GetFullPathNameW
GetProcessHeap
HeapFree
InterlockedPushEntrySList
SetFileInformationByHandle
InitializeSListHead
HeapAlloc
user32
SetWindowRgn
CreateWindowExW
UnregisterClassW
RegisterClassExW
ShowWindow
MessageBoxA
EnumDisplaySettingsA
MoveWindow
DefWindowProcA
TranslateMessage
SendMessageA
PeekMessageA
PostQuitMessage
UpdateWindow
GetKeyState
LoadCursorA
ScreenToClient
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
DispatchMessageA
SetWindowPos
SetCapture
SetCursor
LoadImageA
GetForegroundWindow
GetWindowRect
DestroyWindow
GetCapture
GetClientRect
SetProcessDPIAware
IsWindowUnicode
ReleaseCapture
SetCursorPos
GetCursorPos
TrackMouseEvent
ClientToScreen
gdi32
CreateRoundRectRgn
DeleteObject
advapi32
GetUserNameA
GetTokenInformation
RegCreateKeyA
LookupPrivilegeValueW
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
ConvertSidToStringSidW
AdjustTokenPrivileges
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
shell32
ShellExecuteExA
libcrypto-3-x64
EVP_DecryptUpdate
EVP_aes_256_cbc
EVP_DecryptInit_ex
EVP_CIPHER_CTX_free
EVP_CIPHER_CTX_new
EVP_DecryptFinal_ex
libcurl
curl_easy_perform
curl_global_init
curl_global_cleanup
curl_easy_setopt
curl_easy_init
curl_easy_strerror
curl_easy_cleanup
imm32
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmGetContext
msvcp140
_Thrd_join
_Thrd_id
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?uncaught_exceptions@std@@YAHXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?good@ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
dwmapi
DwmExtendFrameIntoClientArea
ws2_32
WSACleanup
closesocket
WSASend
select
ntohl
WSASetLastError
WSAStringToAddressW
WSASocketW
WSAStartup
WSAGetLastError
connect
WSARecv
getsockopt
htonl
htons
ioctlsocket
setsockopt
d3dx9_43
D3DXCreateTextureFromFileInMemory
ntdll
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlInitUnicodeString
RtlInitAnsiString
NtQuerySystemInformation
RtlCaptureContext
RtlAnsiStringToUnicodeString
dbghelp
ImageRvaToVa
ImageDirectoryEntryToData
ImageNtHeader
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memmove
memset
__current_exception
__current_exception_context
_CxxThrowException
_purecall
__std_type_info_compare
__C_specific_handler
__std_exception_copy
__std_exception_destroy
strstr
__std_terminate
memcpy
memchr
memcmp
api-ms-win-crt-stdio-l1-1-0
fputc
fgetpos
setvbuf
fgetc
_wfopen
fsetpos
_fseeki64
ftell
_get_stream_buffer_pointers
__acrt_iob_func
fflush
fclose
__p__commode
_set_fmode
__stdio_common_vsscanf
fread
ungetc
__stdio_common_vsprintf
fseek
fwrite
__stdio_common_vfprintf
__stdio_common_vsnwprintf_s
api-ms-win-crt-utility-l1-1-0
qsort
rand
api-ms-win-crt-string-l1-1-0
strncmp
strncpy
iswspace
_stricmp
wcscat_s
isalpha
strcmp
api-ms-win-crt-heap-l1-1-0
_callnewh
_set_new_mode
malloc
free
api-ms-win-crt-runtime-l1-1-0
_seh_filter_exe
_get_initial_narrow_environment
_initterm
_cexit
_exit
_wassert
__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_crt_atexit
_register_onexit_function
abort
_initialize_onexit_table
_invalid_parameter_noinfo
_initialize_narrow_environment
_errno
_invalid_parameter_noinfo_noreturn
_set_app_type
_configure_narrow_argv
exit
terminate
_initterm_e
_beginthreadex
api-ms-win-crt-convert-l1-1-0
wcstol
api-ms-win-crt-math-l1-1-0
fmodf
cosf
ceilf
acosf
sqrtf
_dsign
sinf
__setusermatherr
api-ms-win-crt-filesystem-l1-1-0
_lock_file
_unlock_file
_mkdir
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
_configthreadlocale
localeconv
api-ms-win-crt-environment-l1-1-0
getenv
ole32
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
PropVariantClear
CoTaskMemAlloc
oleaut32
SysStringLen
SysAllocString
GetErrorInfo
SysFreeString
SetErrorInfo
Sections
.text Size: 471KB - Virtual size: 470KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 383KB - Virtual size: 382KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 18KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 723KB - Virtual size: 722KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ