dea554942f7b4eae3ecd3af4a8d61d8ce00e302a45634ce2286eaa0f70ba3271

Sharing

Copy URL Twitter E-mail

General

Target

dea554942f7b4eae3ecd3af4a8d61d8ce00e302a45634ce2286eaa0f70ba3271
Size

1.2MB
MD5

a8b17886041a7c7a2ac4dba3c4dea3a0
SHA1

5c083fa59033442938c7142135cd07f9671fd39e
SHA256

dea554942f7b4eae3ecd3af4a8d61d8ce00e302a45634ce2286eaa0f70ba3271
SHA512

e7b3bad23b15647524d4de856eb2eb2b243b1f4141cf4023044de5168b70b42a3fa7ca77b238d270ec00c8128a93849b1e02f994a45352ac47cef000430f14ad
SSDEEP

12288:rfb2XNXoCNx2Lnm8jJJVecG5H0H+xu+jcMxMBmSWTA0Rx107t2xbgOLNhqxe6C3D:m2UcKd/blFXV6Dsnci8NZ85

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dea554942f7b4eae3ecd3af4a8d61d8ce00e302a45634ce2286eaa0f70ba3271

Files

dea554942f7b4eae3ecd3af4a8d61d8ce00e302a45634ce2286eaa0f70ba3271
.dll windows:5 windows x86 arch:x86

83f3f5b82aadd07034f73dee3f424a22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\windows渲染库\branches\SuperRender_V2.3.1\bin\win32\Private_PDB32\SuperRender.pdb

Imports

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

psapi

GetProcessMemoryInfo

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetCurrentProcess
LCMapStringW
SetEnvironmentVariableA
CompareStringW
CreateFileA
WriteConsoleW
FlushFileBuffers
SetStdHandle
InterlockedExchange
LoadLibraryW
SetConsoleCtrlHandler
SetFilePointer
GetCurrentThreadId
OutputDebugStringA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
GetVersionExA
Sleep
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
LoadLibraryA
GetProcAddress
CreateFileW
SetEndOfFile
GetStringTypeW
RtlUnwind
DecodePointer
EncodePointer
HeapAlloc
GetLastError
HeapFree
RaiseException
GetCommandLineA
HeapReAlloc
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
GetCurrentThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
IsProcessorFeaturePresent
HeapSize
ExitProcess
HeapCreate
HeapDestroy
HeapQueryInformation
CloseHandle
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetSystemTimeAsFileTime
FatalAppExitA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
ReadFile
GetProcessHeap

user32

ClientToScreen
GetSystemMetrics
GetDC
ReleaseDC
GetMonitorInfoA
GetDesktopWindow
OffsetRect
GetClientRect
OpenDesktopA
SwitchDesktop
CloseDesktop
IsWindow
IsWindowVisible
GetWindowRect
DrawTextW

gdi32

StretchDIBits
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette
GetNearestPaletteIndex
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
GetBitmapBits
DeleteDC
SetBkMode
SetTextColor
CreateFontA
DeleteObject
CreatePen
SelectObject
MoveToEx
LineTo

Exports

Exports

FT_Activate_Size
FT_Add_Default_Modules
FT_Add_Module
FT_Angle_Diff
FT_Atan2
FT_Attach_File
FT_Attach_Stream
FT_Bitmap_Blend
FT_Bitmap_Convert
FT_Bitmap_Copy
FT_Bitmap_Done
FT_Bitmap_Embolden
FT_Bitmap_Init
FT_Bitmap_New
FT_CeilFix
FT_Cos
FT_DivFix
FT_Done_Face
FT_Done_FreeType
FT_Done_Library
FT_Done_Size
FT_Error_String
FT_Face_GetCharVariantIndex
FT_Face_GetCharVariantIsDefault
FT_Face_GetCharsOfVariant
FT_Face_GetVariantSelectors
FT_Face_GetVariantsOfChar
FT_Face_Properties
FT_FloorFix
FT_Get_Advance
FT_Get_Advances
FT_Get_CMap_Format
FT_Get_CMap_Language_ID
FT_Get_Char_Index
FT_Get_Charmap_Index
FT_Get_Color_Glyph_Layer
FT_Get_First_Char
FT_Get_Font_Format
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Get_Module
FT_Get_Name_Index
FT_Get_Next_Char
FT_Get_Postscript_Name
FT_Get_Renderer
FT_Get_Sfnt_LangTag
FT_Get_Sfnt_Name
FT_Get_Sfnt_Name_Count
FT_Get_Sfnt_Table
FT_Get_SubGlyph_Info
FT_Get_Track_Kerning
FT_Get_TrueType_Engine_Type
FT_Get_X11_Font_Format
FT_GlyphSlot_Own_Bitmap
FT_Gzip_Uncompress
FT_Init_FreeType
FT_Library_SetLcdFilter
FT_Library_SetLcdFilterWeights
FT_Library_SetLcdGeometry
FT_Library_Version
FT_List_Add
FT_List_Finalize
FT_List_Find
FT_List_Insert
FT_List_Iterate
FT_List_Remove
FT_List_Up
FT_Load_Char
FT_Load_Glyph
FT_Load_Sfnt_Table
FT_Matrix_Invert
FT_Matrix_Multiply
FT_MulDiv
FT_MulFix
FT_New_Face
FT_New_Library
FT_New_Memory_Face
FT_New_Size
FT_Open_Face
FT_Outline_Check
FT_Outline_Copy
FT_Outline_Decompose
FT_Outline_Done
FT_Outline_Embolden
FT_Outline_EmboldenXY
FT_Outline_Get_Bitmap
FT_Outline_Get_CBox
FT_Outline_Get_Orientation
FT_Outline_New
FT_Outline_Render
FT_Outline_Reverse
FT_Outline_Transform
FT_Outline_Translate
FT_Palette_Data_Get
FT_Palette_Select
FT_Palette_Set_Foreground_Color
FT_Property_Get
FT_Property_Set
FT_Reference_Face
FT_Reference_Library
FT_Remove_Module
FT_Render_Glyph
FT_Request_Size
FT_RoundFix
FT_Select_Charmap
FT_Select_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Debug_Hook
FT_Set_Default_Properties
FT_Set_Pixel_Sizes
FT_Set_Renderer
FT_Set_Transform
FT_Sfnt_Table_Info
FT_Sin
FT_Stream_OpenGzip
FT_Stream_OpenLZW
FT_Tan
FT_Vector_From_Polar
FT_Vector_Length
FT_Vector_Polarize
FT_Vector_Rotate
FT_Vector_Transform
FT_Vector_Unit
SR_AddSubPort
SR_CaptureScreen
SR_CreateHandle
SR_DelSubPort
SR_DestroyHandle
SR_Display
SR_DrawFont
SR_DrawFontEx
SR_DrawImage
SR_DrawLines
SR_DrawLinesEx
SR_DrawMosaic
SR_DrawMosaicEx
SR_Get3DModelParam
SR_GetCaptureSize
SR_GetEngineSupport
SR_GetFishParam
SR_GetImagePostProcess
SR_GetPTZColor
SR_GetPTZPort
SR_GetSDKVersion
SR_GetSpecialViewParam
SR_GetViewParam
SR_HWDReset
SR_HWDUpdateSurfaceData
SR_Init
SR_Set3DModelParam
SR_SetAnimation
SR_SetCallBack
SR_SetDeviceIndex
SR_SetDisplayRect
SR_SetEagleEyeParam
SR_SetFishParam
SR_SetFontPath
SR_SetImagePostProcess
SR_SetPTZColor
SR_SetPTZDisplayMode
SR_SetPTZPort
SR_SetRenderState
SR_SetVerticalSync
SR_SetViewParam
SR_UpdateFrameData
TT_New_Context
TT_RunIns

Sections

.text
Size: 903KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83f3f5b82aadd07034f73dee3f424a22

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ddraw

psapi

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 903KB - Virtual size: 902KB

.rodata Size: 512B - Virtual size: 312B

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 17KB - Virtual size: 55KB

_RDATA Size: 512B - Virtual size: 496B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 903KB - Virtual size: 902KB

.rodata
Size: 512B - Virtual size: 312B

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 17KB - Virtual size: 55KB

_RDATA
Size: 512B - Virtual size: 496B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 25KB - Virtual size: 24KB