ef8d544c71b0b0e8682a2d8fa568b7bf82cd10c913a9f2139267c01ed6e19b78

Sharing

Copy URL Twitter E-mail

General

Target

ef8d544c71b0b0e8682a2d8fa568b7bf82cd10c913a9f2139267c01ed6e19b78
Size

57KB
MD5

ff252aabe21b38b238755385f1897e9a
SHA1

79fa18aa066114de5e84b1959b71de323fdb7a34
SHA256

ef8d544c71b0b0e8682a2d8fa568b7bf82cd10c913a9f2139267c01ed6e19b78
SHA512

bb85b3f024e51700a578073369b2024d72711dd08b4435cabfaf09bf992e7b83f7d2bde39d2074f457c0603f561100ff4c1d9d4b7c362d973fab8a208bdf8eca
SSDEEP

1536:uugGQtHdTENOuy6xlnHEfWkjiLuvNgdI78PaD:uugGQjTENOuyqnHke5dJU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef8d544c71b0b0e8682a2d8fa568b7bf82cd10c913a9f2139267c01ed6e19b78

Files

ef8d544c71b0b0e8682a2d8fa568b7bf82cd10c913a9f2139267c01ed6e19b78
.dll windows:6 windows x64 arch:x64

3b7fbf8238b1df8415462f276697cc0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

UE4Editor-OpenImageDenoise.pdb

Imports

ue4editor-core

??0FLLMScope@@QEAA@W4ELLMTag@@_NW4ELLMTagSet@@W4ELLMTracker@@@Z
?GetSecondsPerCycle64@FGenericPlatformTime@@SANXZ
?Logf_InternalImpl@FMsg@@CAXPEBDHAEBVFName@@W4Type@ELogVerbosity@@PEB_WZZ
?OutputLogMessageInternal@FLogTrace@@CAXPEBXGPEAE@Z
??1FLLMScope@@QEAA@XZ
??1FLogCategoryBase@@QEAA@XZ
??0FLogCategoryBase@@QEAA@AEBVFName@@W4Type@ELogVerbosity@@1@Z
?GetBlocks@FNameDebugVisualizer@@SAPEAPEAEXZ
??0FName@@QEAA@PEB_WW4EFindName@@@Z
??1FString@@QEAA@XZ
?OutputLogMessageSpec@FLogTrace@@SAXPEBXPEBUFLogCategoryBase@@W4Type@ELogVerbosity@@PEBDHPEB_W@Z
?ZeroVector@FVector@@2U1@B
?QuantizeSize@FMemory@@SA_K_KI@Z
?Free@FMemory@@SAXPEAX@Z
?Realloc@FMemory@@SAPEAXPEAX_KI@Z
?Malloc@FMemory@@SAPEAX_KI@Z
?CheckVerifyFailedImpl@FDebug@@CAXPEBD0HPEB_WZZ
?GCoreObjectArrayForDebugVisualizers@@3PEAVFChunkedFixedUObjectArray@@EA
??$LogBogusChars@_WD@FGenericPlatformString@@CAXPEBDH@Z

ue4editor-renderer

?GPathTracingDenoiserFunc@@3P6AXAEAVFRHICommandListImmediate@@PEAVFRHITexture2D@@111@ZEA

ue4editor-rhi

?ReadSurfaceData@FRHICommandListImmediate@@QEAAXPEAVFRHITexture@@UFIntRect@@AEAV?$TArray@UFLinearColor@@V?$TSizedDefaultAllocator@$0CA@@@@@VFReadSurfaceDataFlags@@@Z
?GetSizeXY@FRHITexture2D@@QEBA?AUFIntPoint@@XZ
?GDynamicRHI@@3PEAVFDynamicRHI@@EA

kernel32

InitializeSListHead
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
LoadLibraryExA
GetProcAddress
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException
QueryPerformanceCounter
IsProcessorFeaturePresent
GetCurrentProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
RtlCaptureContext

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
__std_terminate
memcpy
__current_exception
__current_exception_context
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate

Exports

Exports

InitializeModule

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uedbg
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b7fbf8238b1df8415462f276697cc0c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ue4editor-core

ue4editor-renderer

ue4editor-rhi

kernel32

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 15KB

.uedbg Size: 512B - Virtual size: 112B

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 244B

.text
Size: 16KB - Virtual size: 15KB

.uedbg
Size: 512B - Virtual size: 112B

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 244B