dxva2[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dxva2.dll
Size

86KB
MD5

1f27643c4c626457fce8f047ae1cd7e1
SHA1

fa488ec7d2cf7ed9da7a82520b8522c50898f41c
SHA256

68e2367b9aa21c1bde7fea566d5f0dbdf1e246cb53e949622f8edc810aa95956
SHA512

21bc87813c794d52cf3fa40c419077a438545b89b68e0ebc8c60a025ffd6743dfd1ce57c4612a420468d77e03882b7f15ac61cfef2ca47ec46b09e027d0e151b
SSDEEP

1536:IA7dGTZgpFx4qdJuQKcxAfoQTs6lgr6/:xET6pbfdJ+tfoMnlgrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dxva2.dll

Files

dxva2.dll
.dll windows:6 windows x86 arch:x86

4e685b4f5924545a52175568e717ae24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dxva2.pdb

Imports

msvcrt

??3@YAXPAX@Z
_amsg_exit
_initterm
free
malloc
_XcptFilter
memcpy
memset
??2@YAPAXI@Z

ntdll

RtlInitUnicodeString
RtlUnwind
RtlNtStatusToDosError

kernel32

LeaveCriticalSection
CreateEventW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetVersion
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
GetLastError
SetLastError
DisableThreadLibraryCalls
GetVersionExW
GetProcAddress
GetModuleHandleW
InterlockedDecrement
FreeLibrary
InterlockedIncrement
Sleep
CloseHandle
WaitForSingleObject
SetEvent
GetTickCount
MultiByteToWideChar

gdi32

GetStockObject

user32

IsRectEmpty
SetRect
IntersectRect
SetRectEmpty
EqualRect
GetMonitorInfoW

ole32

CoTaskMemAlloc
CoTaskMemFree

Exports

Exports

CapabilitiesRequestAndCapabilitiesReply
DXVA2CreateDirect3DDeviceManager9
DXVA2CreateVideoService
DXVAHD_CreateDevice
DegaussMonitor
DestroyPhysicalMonitor
DestroyPhysicalMonitors
GetCapabilitiesStringLength
GetMonitorBrightness
GetMonitorCapabilities
GetMonitorColorTemperature
GetMonitorContrast
GetMonitorDisplayAreaPosition
GetMonitorDisplayAreaSize
GetMonitorRedGreenOrBlueDrive
GetMonitorRedGreenOrBlueGain
GetMonitorTechnologyType
GetNumberOfPhysicalMonitorsFromHMONITOR
GetNumberOfPhysicalMonitorsFromIDirect3DDevice9
GetPhysicalMonitorsFromHMONITOR
GetPhysicalMonitorsFromIDirect3DDevice9
GetTimingReport
GetVCPFeatureAndVCPFeatureReply
OPMGetVideoOutputsFromHMONITOR
OPMGetVideoOutputsFromIDirect3DDevice9Object
RestoreMonitorFactoryColorDefaults
RestoreMonitorFactoryDefaults
SaveCurrentMonitorSettings
SaveCurrentSettings
SetMonitorBrightness
SetMonitorColorTemperature
SetMonitorContrast
SetMonitorDisplayAreaPosition
SetMonitorDisplayAreaSize
SetMonitorRedGreenOrBlueDrive
SetMonitorRedGreenOrBlueGain
SetVCPFeature

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e685b4f5924545a52175568e717ae24

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

kernel32

gdi32

user32

ole32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB