2af1f634eddeacf30d85269a17d5f86aff1ccc3f9f5705d50ea48318ea6e0124

Sharing

Copy URL Twitter E-mail

General

Target

2af1f634eddeacf30d85269a17d5f86aff1ccc3f9f5705d50ea48318ea6e0124
Size

320KB
MD5

ee5aad608c71b33c2338603c7abe2386
SHA1

b0f8971c56fd54ed13abd7b3ea91dbb5803addc4
SHA256

2af1f634eddeacf30d85269a17d5f86aff1ccc3f9f5705d50ea48318ea6e0124
SHA512

ba11087472086f0ed12b45f04250c9301f4f101ef16f82f8fd9971d286f1fc1a5bc37a09bc837956468685249ce33dae07532dcc11f2c798d02715b8671c3214
SSDEEP

6144:XYeIBBrn6RKe/dlJtk6cF799utd/Tw/+AfMrpW1+9:Xones6cF7P4/T+bfc8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af1f634eddeacf30d85269a17d5f86aff1ccc3f9f5705d50ea48318ea6e0124

Files

2af1f634eddeacf30d85269a17d5f86aff1ccc3f9f5705d50ea48318ea6e0124
.dll windows:6 windows x64 arch:x64

21daade4259e161cbfeb98ba2db927c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\qb\workspace\27479\source\output\dump64\CtlApi\bin\Release\ControlLib.pdb

Imports

cfgmgr32

CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_ListW
CM_Locate_DevNodeW
CM_Get_Device_Interface_PropertyW
CM_Get_DevNode_PropertyW

kernel32

HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcessId
FreeLibrary
LoadLibraryW
WriteConsoleW
SetEndOfFile
HeapReAlloc
WideCharToMultiByte
OutputDebugStringA
GetProcAddress
GetLastError
GetCurrentApplicationUserModelId
HeapSize
GetModuleHandleA
GetTimeZoneInformation
CreateFileW
SetStdHandle
GetModuleFileNameA
GetConsoleOutputCP
WriteFile
FlushFileBuffers
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
Sleep
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
CompareStringW
LCMapStringW
GetStdHandle
GetFileType
CloseHandle
SetFilePointerEx
GetConsoleMode
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetFileSizeEx
GetStringTypeW

advapi32

EventWriteTransfer
EventRegister
EventUnregister
RegGetValueW

user32

SetDisplayConfig
GetDisplayConfigBufferSizes
QueryDisplayConfig

ntdll

RtlAnsiStringToUnicodeString
RtlFreeUnicodeString
RtlInitAnsiString

Exports

Exports

ctlAUXAccess
ctlCheckDriverVersion
ctlClose
ctlEdidManagement
ctlEngineGetActivity
ctlEngineGetProperties
ctlEnumEngineGroups
ctlEnumFans
ctlEnumFrequencyDomains
ctlEnumMemoryModules
ctlEnumPowerDomains
ctlEnumTemperatureSensors
ctlEnumerateDevices
ctlEnumerateDisplayOutputs
ctlEnumerateI2CPinPairs
ctlEnumerateMuxDevices
ctlFanGetConfig
ctlFanGetProperties
ctlFanGetState
ctlFanSetDefaultMode
ctlFanSetFixedSpeedMode
ctlFanSetSpeedTableMode
ctlFrequencyGetAvailableClocks
ctlFrequencyGetProperties
ctlFrequencyGetRange
ctlFrequencyGetState
ctlFrequencyGetThrottleTime
ctlFrequencySetRange
ctlGetAdaperDisplayEncoderProperties
ctlGetBrightnessSetting
ctlGetCurrentScaling
ctlGetCurrentSharpness
ctlGetDeviceProperties
ctlGetDisplayProperties
ctlGetIntelArcSyncInfoForMonitor
ctlGetIntelArcSyncProfile
ctlGetLACEConfig
ctlGetLinkedDisplayAdapters
ctlGetMuxProperties
ctlGetPowerOptimizationCaps
ctlGetPowerOptimizationSetting
ctlGetSet3DFeature
ctlGetSetCombinedDisplay
ctlGetSetCustomMode
ctlGetSetDisplayGenlock
ctlGetSetDisplaySettings
ctlGetSetDynamicContrastEnhancement
ctlGetSetRetroScaling
ctlGetSetVideoProcessingFeature
ctlGetSetWireFormat
ctlGetSharpnessCaps
ctlGetSupported3DCapabilities
ctlGetSupportedRetroScalingCapability
ctlGetSupportedScalingCapability
ctlGetSupportedVideoProcessingCapabilities
ctlGetVblankTimestamp
ctlGetZeDevice
ctlI2CAccess
ctlI2CAccessOnPinPair
ctlInit
ctlLinkDisplayAdapters
ctlMemoryGetBandwidth
ctlMemoryGetProperties
ctlMemoryGetState
ctlOverclockGetProperties
ctlOverclockGpuFrequencyOffsetGet
ctlOverclockGpuFrequencyOffsetGetV2
ctlOverclockGpuFrequencyOffsetSet
ctlOverclockGpuFrequencyOffsetSetV2
ctlOverclockGpuLockGet
ctlOverclockGpuLockSet
ctlOverclockGpuVoltageOffsetGet
ctlOverclockGpuVoltageOffsetGetV2
ctlOverclockGpuVoltageOffsetSet
ctlOverclockGpuVoltageOffsetSetV2
ctlOverclockPowerLimitGet
ctlOverclockPowerLimitGetV2
ctlOverclockPowerLimitSet
ctlOverclockPowerLimitSetV2
ctlOverclockReadVFCurve
ctlOverclockResetToDefault
ctlOverclockTemperatureLimitGet
ctlOverclockTemperatureLimitGetV2
ctlOverclockTemperatureLimitSet
ctlOverclockTemperatureLimitSetV2
ctlOverclockVramFrequencyOffsetGet
ctlOverclockVramFrequencyOffsetSet
ctlOverclockVramMemSpeedLimitGetV2
ctlOverclockVramMemSpeedLimitSetV2
ctlOverclockVramVoltageOffsetGet
ctlOverclockVramVoltageOffsetSet
ctlOverclockWaiverSet
ctlOverclockWriteCustomVFCurve
ctlPanelDescriptorAccess
ctlPciGetProperties
ctlPciGetState
ctlPixelTransformationGetConfig
ctlPixelTransformationSetConfig
ctlPowerGetEnergyCounter
ctlPowerGetLimits
ctlPowerGetProperties
ctlPowerSetLimits
ctlPowerTelemetryGet
ctlReservedCall
ctlSetBrightnessSetting
ctlSetCurrentScaling
ctlSetCurrentSharpness
ctlSetIntelArcSyncProfile
ctlSetLACEConfig
ctlSetPowerOptimizationSetting
ctlSetRuntimePath
ctlSoftwarePSR
ctlSwitchMux
ctlTemperatureGetProperties
ctlTemperatureGetState
ctlUnlinkDisplayAdapters
ctlWaitForPropertyChange

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21daade4259e161cbfeb98ba2db927c9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

cfgmgr32

kernel32

advapi32

user32

ntdll

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 4KB - Virtual size: 9KB

.pdata Size: 9KB - Virtual size: 8KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 4KB - Virtual size: 9KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB