d3d10[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3d10.dll
Size

1017KB
MD5

150adacc20b2d013ce7aaf6ba0abd05c
SHA1

7b096a1056a56cebd620ee5d23a6bb7865f32eaa
SHA256

3fb2a9fb0a89735adc717ca4256a4197aa679335bf6fbbf32730678f7eb06892
SHA512

66c907b084f07840343205b8101744ae2a42d686da7ea896e6ce603c63103fea70f35ce7ef49ca01e6027d84c31dfc3dccb3c40710254842d789efa67549e008
SSDEEP

24576:2rER5Hx1dLcnuucYa2pvTJOqggyfND3NV:pnlQuNotSgeNZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3d10.dll

Files

d3d10.dll
.dll windows:10 windows x86 arch:x86

bf17303866baf24e463e4d049300293c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3d10.pdb

Imports

d3d10core

D3D10CoreGetVersion
D3D10CoreRegisterLayers

msvcrt

_except_handler4_common
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
strstr
__CxxFrameHandler3
malloc
modf
_purecall
isalnum
isxdigit
atof
free
setlocale
_strdup
_strnicmp
_fpclass
_isnan
_stricmp
isalpha
atoi
memset
tolower
_finite
strchr
_clearfp
_controlfp
_vsnprintf
isdigit
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_ftol2
_ftol2_sse
ceil
floor
memcmp
memcpy
memmove

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
LoadLibraryExW
GetModuleHandleExW
FreeLibrary
DisableThreadLibraryCalls
GetProcAddress

api-ms-win-core-debug-l1-1-0

OutputDebugStringA

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegGetValueW

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
OpenSemaphoreW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-file-l1-1-0

GetFullPathNameA
GetFileSize
CreateFileA

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
TerminateProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount

d3d11

D3D11CreateDeviceAndSwapChain

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
VirtualFree
VirtualAlloc

gdi32

DeleteObject

Exports

Exports

D3D10CompileEffectFromMemory
D3D10CompileShader
D3D10CreateBlob
D3D10CreateDevice
D3D10CreateDeviceAndSwapChain
D3D10CreateEffectFromMemory
D3D10CreateEffectPoolFromMemory
D3D10CreateStateBlock
D3D10DisassembleEffect
D3D10DisassembleShader
D3D10GetGeometryShaderProfile
D3D10GetInputAndOutputSignatureBlob
D3D10GetInputSignatureBlob
D3D10GetOutputSignatureBlob
D3D10GetPixelShaderProfile
D3D10GetShaderDebugInfo
D3D10GetVersion
D3D10GetVertexShaderProfile
D3D10PreprocessShader
D3D10ReflectShader
D3D10RegisterLayers
D3D10StateBlockMaskDifference
D3D10StateBlockMaskDisableAll
D3D10StateBlockMaskDisableCapture
D3D10StateBlockMaskEnableAll
D3D10StateBlockMaskEnableCapture
D3D10StateBlockMaskGetSetting
D3D10StateBlockMaskIntersect
D3D10StateBlockMaskUnion

Sections

.text
Size: 981KB - Virtual size: 980KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf17303866baf24e463e4d049300293c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d10core

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

d3d11

api-ms-win-core-memory-l1-1-0

gdi32

Exports

Exports

Sections

.text Size: 981KB - Virtual size: 980KB

.data Size: 3KB - Virtual size: 20KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 27KB - Virtual size: 27KB

.text
Size: 981KB - Virtual size: 980KB

.data
Size: 3KB - Virtual size: 20KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 27KB - Virtual size: 27KB