1f12e8fd20164ecc16b4eb00fc63121cd3482e02ce9b211f2e9f523b2d799d88

Sharing

Copy URL

Twitter E-mail

General

Target

1f12e8fd20164ecc16b4eb00fc63121cd3482e02ce9b211f2e9f523b2d799d88
Size

51KB
MD5

526ab6662478f3e5e109157f1f10c9a4
SHA1

2a6b62bd4eb55f71cbb0d779f524ed598f14db38
SHA256

1f12e8fd20164ecc16b4eb00fc63121cd3482e02ce9b211f2e9f523b2d799d88
SHA512

ffa793df2541d8e0c569f69c2bcda9ea0fe39b1ea2314cbdbcf62c8c9c9aac8e8255b6b7f7d07508a55c806570380139b6165a48e12e27aca57e9f5922162cb7
SSDEEP

1536:m+z6I2WpXjRYn74xGfWkjiLuvNgdI78PaD:m+z6I15jReuie5dJU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f12e8fd20164ecc16b4eb00fc63121cd3482e02ce9b211f2e9f523b2d799d88

Files

1f12e8fd20164ecc16b4eb00fc63121cd3482e02ce9b211f2e9f523b2d799d88
.dll windows:6 windows x64 arch:x64

eea9088016aa4293b4611b6c042f1151

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ShaderCompileWorker-TextureFormatASTC.pdb

Imports

shadercompileworker-core

?PrintfImpl@FString@@CA?AV1@PEB_WZZ
??1FString@@QEAA@XZ
??0FName@@QEAA@PEB_WW4EFindName@@@Z
??0FName@@QEAA@PEBDW4EFindName@@@Z
?GetBlocks@FNameDebugVisualizer@@SAPEAPEAEXZ
??0FLogCategoryBase@@QEAA@AEBVFName@@W4Type@ELogVerbosity@@1@Z
??1FLogCategoryBase@@QEAA@XZ
?Logf_InternalImpl@FMsg@@CAXPEBDHAEBVFName@@W4Type@ELogVerbosity@@PEB_WZZ
?Value@FParse@@SA_NPEB_W0AEAH@Z
?Get@FModuleManager@@SAAEAV1@XZ
?LoadModuleChecked@FModuleManager@@QEAAAEAVIModuleInterface@@VFName@@@Z
?AppendChars@FString@@QEAAXPEB_WH@Z
?GetProcReturnCode@FWindowsPlatformProcess@@SA_NAEAUFProcHandle@@PEAH@Z
?Sleep@FWindowsPlatformProcess@@SAXM@Z
?EngineDir@FPaths@@SA?AVFString@@XZ
?ProjectIntermediateDir@FPaths@@SA?AVFString@@XZ
?Get@IFileManager@@SAAEAV1@XZ
?Get@FCommandLine@@SAPEB_WXZ
?GetInt@FConfigCacheIni@@QEAA_NPEB_W0AEAHAEBVFString@@@Z
?LoadFileToArray@FFileHelper@@SA_NAEAV?$TArray@EV?$TSizedDefaultAllocator@$0EA@@@@@PEB_WI@Z
?LogTemp@@3UFLogCategoryLogTemp@@A
?GConfig@@3PEAVFConfigCacheIni@@EA
?GEngineIni@@3VFString@@A
??4FString@@QEAAAEAV0@$$QEAV0@@Z
??0FString@@QEAA@AEBV0@@Z
??0FString@@QEAA@$$QEAV0@@Z
??0FString@@QEAA@XZ
?Memcpy@FGenericPlatformString@@CAPEAXPEAXPEBX_K@Z
?QuantizeSize@FMemory@@SA_K_KI@Z
?Free@FMemory@@SAXPEAX@Z
?Realloc@FMemory@@SAPEAXPEAX_KI@Z
?Malloc@FMemory@@SAPEAX_KI@Z
?CheckVerifyFailedImpl@FDebug@@CAXPEBD0HPEB_WZZ
?ProcessFatalError@FDebug@@SAXXZ
?PromptForRemoteDebugging@FWindowsPlatformMisc@@SAX_N@Z
?CreateGuid@FWindowsPlatformMisc@@SAXAEAUFGuid@@@Z
?IsDebuggerPresent@FWindowsPlatformMisc@@SA_NXZ
?CreateProc@FWindowsPlatformProcess@@SA?AUFProcHandle@@PEB_W0_N11PEAIH0PEAX3@Z
?GCoreObjectArrayForDebugVisualizers@@3PEAVFChunkedFixedUObjectArray@@EA

vcruntime140

__current_exception
__current_exception_context
memset
__C_specific_handler
memcpy
__std_type_info_destroy_list
_purecall

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_register_onexit_function
_initialize_onexit_table
_execute_onexit_table
terminate
_initterm_e
_initterm
_cexit
_crt_at_quick_exit
_initialize_narrow_environment
_crt_atexit

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

Exports

Exports

InitializeModule

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uedbg
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eea9088016aa4293b4611b6c042f1151

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shadercompileworker-core

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.uedbg Size: 512B - Virtual size: 480B

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 876B

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 296B

.text
Size: 8KB - Virtual size: 8KB

.uedbg
Size: 512B - Virtual size: 480B

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 876B

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 296B