02b04ba6604d69b2ee477c9b288cac4fca942129799503d66e961da291f3d062

Sharing

Copy URL Twitter E-mail

General

Target

02b04ba6604d69b2ee477c9b288cac4fca942129799503d66e961da291f3d062
Size

72KB
MD5

202819fe9851509263f3625bd7892433
SHA1

db0b82a0fe4245786460876427645ec4288f503b
SHA256

02b04ba6604d69b2ee477c9b288cac4fca942129799503d66e961da291f3d062
SHA512

f68b5f40670e9a3109e79b0466974f8e87f0cb0c3538f4454c7f0a167fe4e2fc0533025ba060561c040b8c7853853c523cb17af71db56f1a6c42f3e54fb1844b
SSDEEP

768:UF0zD7VTfJZnLu+zURlkFd34kxwG+wjL43cpJGA+f3+k4CdrE3Bug:BDhJZy+4R6okxd+wjE3c6hfOk/E3Bu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b04ba6604d69b2ee477c9b288cac4fca942129799503d66e961da291f3d062

Files

02b04ba6604d69b2ee477c9b288cac4fca942129799503d66e961da291f3d062
.dll windows:4 windows x86 arch:x86

42f8f013f8e3d29620c0d42b93f0831c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\workarea\7.93\apps\mcp\rx\atipdx\build\win32\B_rel\ATIPDxXX.pdb

Imports

kernel32

CloseHandle
GetModuleHandleA
CreateEventA
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
GetProcAddress
TlsAlloc
SetLastError
GetLastError
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

dinput8

DirectInput8Create

Exports

Exports

DxInterface

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42f8f013f8e3d29620c0d42b93f0831c

Headers

File Characteristics

PDB Paths

Imports

kernel32

dinput8

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 944B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 944B

.reloc
Size: 4KB - Virtual size: 3KB