7005bc78d3863986ae81c15f161894898d9bbb31b712305bd010e1eb7991c539[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

7005bc78d3863986ae81c15f161894898d9bbb31b712305bd010e1eb7991c539.exe
Size

19KB
MD5

ac2be32fa9b5bca1a6e0af15a1d493e0
SHA1

a6ea8d9d421c9a05616bf15a46bf49ace630afde
SHA256

7005bc78d3863986ae81c15f161894898d9bbb31b712305bd010e1eb7991c539
SHA512

00d139f70f6b2b2ee2bc81f61aa3b2d579236eb04a6e2d6287526bbb9a2e33c0ff2b7b33ec1c2cc5cdd5a3ca9ec9d9866d42e2b2fa6e36a84c3a377d9cdd954f
SSDEEP

384:/GUYuiXJAKTeIqihvWOVAUbCgxBqIBFrjGOFv3LDV1wV4MrivIMqOBYRFB7urzZ:/GUYuiXJA8qihvWOVpqwvIMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7005bc78d3863986ae81c15f161894898d9bbb31b712305bd010e1eb7991c539.exe

Files

7005bc78d3863986ae81c15f161894898d9bbb31b712305bd010e1eb7991c539.exe
.dll windows:5 windows x86 arch:x86

c87a7478061483fba1e44bb02abb5801

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\vxiiduu\Documents\Visual Studio 2010\Projects\VxKex\Release\KxDx.pdb

Imports

dxgi

CreateDXGIFactory1

oleaut32

SysFreeString

ole32

StringFromIID

ntdll

LdrDisableThreadCalloutsForDll

kexdll

KexDataInitialize
VxlWriteLogEx

kernel32

FormatMessageW

Exports

Exports

CheckETWTLS
CompatString
CompatValue
CopyPropVariant
CreateDXGIFactory
CreateDXGIFactory1
CreateDXGIFactory2
CreatePropVariant
CreatePropertyStore
D3D12CreateDevice
D3D12CreateRootSignatureDeserializer
D3D12CreateVersionedRootSignatureDeserializer
D3D12EnableExperimentalFeatures
D3D12GetDebugInterface
D3D12GetInterface
D3D12SerializeRootSignature
D3D12SerializeVersionedRootSignature
D3DKMTCloseAdapter
D3DKMTCreateAllocation
D3DKMTCreateContext
D3DKMTCreateDevice
D3DKMTCreateSynchronizationObject
D3DKMTDestroyAllocation
D3DKMTDestroyContext
D3DKMTDestroyDevice
D3DKMTDestroySynchronizationObject
D3DKMTEscape
D3DKMTGetContextSchedulingPriority
D3DKMTGetDeviceState
D3DKMTGetDisplayModeList
D3DKMTGetMultisampleMethodList
D3DKMTGetRuntimeData
D3DKMTGetSharedPrimaryHandle
D3DKMTLock
D3DKMTOpenAdapterFromHdc
D3DKMTOpenResource
D3DKMTPresent
D3DKMTQueryAdapterInfo
D3DKMTQueryAllocationResidency
D3DKMTQueryResourceInfo
D3DKMTRender
D3DKMTSetAllocationPriority
D3DKMTSetContextSchedulingPriority
D3DKMTSetDisplayMode
D3DKMTSetDisplayPrivateDriverFormat
D3DKMTSetGammaRamp
D3DKMTSetVidPnSourceOwner
D3DKMTSignalSynchronizationObject
D3DKMTUnlock
D3DKMTWaitForSynchronizationObject
D3DKMTWaitForVerticalBlankEvent
DCompositionCreateDevice
DCompositionCreateDevice2
DCompositionCreateDevice3
DXGID3D10CreateDevice
DXGID3D10CreateLayeredDevice
DXGID3D10ETWRundown
DXGID3D10GetLayeredDeviceSize
DXGID3D10RegisterLayers
DXGIDumpJournal
DXGIReportAdapterConfiguration
DXGIRevertToSxS
DestroyPropVariant
FormatTagFromWfx
GetAMSubtypeFromD3DFormat
GetD3DFormatFromMFSubtype
LFGetGlobalPool
MFAddPeriodicCallback
MFAllocateWorkQueue
MFAllocateWorkQueueEx
MFAppendCollection
MFAverageTimePerFrameToFrameRate
MFBeginCreateFile
MFBeginGetHostByName
MFBeginRegisterWorkQueueWithMMCSS
MFBeginUnregisterWorkQueueWithMMCSS
MFBlockThread
MFCalculateBitmapImageSize
MFCalculateImageSize
MFCancelCreateFile
MFCancelWorkItem
MFCompareFullToPartialMediaType
MFCompareSockaddrAddresses
MFConvertColorInfoFromDXVA
MFConvertColorInfoToDXVA
MFConvertFromFP16Array
MFConvertToFP16Array
MFCopyImage
MFCreateAMMediaTypeFromMFMediaType
MFCreateAlignedMemoryBuffer
MFCreateAsyncResult
MFCreateAttributes
MFCreateAudioMediaType
MFCreateCollection
MFCreateDXGIDeviceManager
MFCreateEventQueue
MFCreateFile
MFCreateGuid
MFCreateLegacyMediaBufferOnMFMediaBuffer
MFCreateMFByteStreamOnStream
MFCreateMFByteStreamOnStreamEx
MFCreateMFVideoFormatFromMFMediaType
MFCreateMediaBufferWrapper
MFCreateMediaEvent
MFCreateMediaType
MFCreateMediaTypeFromRepresentation
MFCreateMemoryBuffer
MFCreateMemoryStream
MFCreatePathFromURL
MFCreatePresentationDescriptor
MFCreateSample
MFCreateSocket
MFCreateSocketListener
MFCreateSourceResolver
MFCreateStreamDescriptor
MFCreateSystemTimeSource
MFCreateSystemUnderlyingClock
MFCreateTempFile
MFCreateTransformActivate
MFCreateURLFromPath
MFCreateUdpSockets
MFCreateVideoMediaType
MFCreateVideoMediaTypeFromBitMapInfoHeader
MFCreateVideoMediaTypeFromBitMapInfoHeaderEx
MFCreateVideoMediaTypeFromSubtype
MFCreateVideoMediaTypeFromVideoInfoHeader
MFCreateVideoMediaTypeFromVideoInfoHeader2
MFCreateWaveFormatExFromMFMediaType
MFDeserializeAttributesFromStream
MFDeserializeEvent
MFDeserializeMediaTypeFromStream
MFDeserializePresentationDescriptor
MFEndCreateFile
MFEndGetHostByName
MFEndRegisterWorkQueueWithMMCSS
MFEndUnregisterWorkQueueWithMMCSS
MFFrameRateToAverageTimePerFrame
MFFreeAdaptersAddresses
MFGetAdaptersAddresses
MFGetAttributesAsBlob
MFGetAttributesAsBlobSize
MFGetConfigurationDWORD
MFGetConfigurationPolicy
MFGetConfigurationStore
MFGetConfigurationString
MFGetIoPortHandle
MFGetMFTMerit
MFGetNumericNameFromSockaddr
MFGetPlaneSize
MFGetPlatform
MFGetPlatformVersion
MFGetPluginControl
MFGetPrivateWorkqueues
MFGetRandomNumber
MFGetSockaddrFromNumericName
MFGetStrideForBitmapInfoHeader
MFGetSystemTime
MFGetTimerPeriodicity
MFGetUncompressedVideoFormat
MFGetWorkQueueMMCSSClass
MFGetWorkQueueMMCSSTaskId
MFHeapAlloc
MFHeapFree
MFInitAMMediaTypeFromMFMediaType
MFInitAttributesFromBlob
MFInitMediaTypeFromAMMediaType
MFInitMediaTypeFromMFVideoFormat
MFInitMediaTypeFromMPEG1VideoInfo
MFInitMediaTypeFromMPEG2VideoInfo
MFInitMediaTypeFromVideoInfoHeader
MFInitMediaTypeFromVideoInfoHeader2
MFInitMediaTypeFromWaveFormatEx
MFInitVideoFormat
MFInitVideoFormat_RGB
MFInvokeCallback
MFIsFeatureEnabled
MFIsQueueThread
MFJoinIoPort
MFLockDXGIDeviceManager
MFLockPlatform
MFLockWorkQueue
MFPlatformBigEndian
MFPlatformLittleEndian
MFPutWorkItem
MFPutWorkItemEx
MFRecordError
MFRemovePeriodicCallback
MFScheduleWorkItem
MFScheduleWorkItemEx
MFSerializeAttributesToStream
MFSerializeEvent
MFSerializeMediaTypeToStream
MFSerializePresentationDescriptor
MFSetSockaddrAny
MFShutdown
MFStartup
MFStreamDescriptorProtectMediaType
MFTEnum
MFTEnumEx
MFTGetInfo
MFTRegister
MFTRegisterLocal
MFTRegisterLocalByCLSID
MFTUnregister
MFTUnregisterLocal
MFTUnregisterLocalByCLSID
MFTraceError
MFTraceFuncEnter
MFUnblockThread
MFUnlockDXGIDeviceManager
MFUnlockPlatform
MFUnlockWorkQueue
MFUnwrapMediaType
MFValidateMediaTypeSize
MFWrapMediaType
MFllMulDiv
OpenAdapter10
OpenAdapter10_2
PropVariantFromStream
PropVariantToStream
SetAppCompatStringPointer
ValidateWaveFormat

Sections

.text
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c87a7478061483fba1e44bb02abb5801

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dxgi

oleaut32

ole32

ntdll

kexdll

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 582B

.rdata Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 516B

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 166B

.text
Size: 1024B - Virtual size: 582B

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 516B

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 166B