5118a981c98fc951cbfb6c0ae971f7899d2c4df46c844b4b1efbee0c3e160a10

Sharing

Copy URL

Twitter E-mail

General

Target

5118a981c98fc951cbfb6c0ae971f7899d2c4df46c844b4b1efbee0c3e160a10
Size

155KB
MD5

d43ed1f54b8ae4fa6e303d5418303c7d
SHA1

0681d06766b216d9b32aa1b955e91de831e1e6c8
SHA256

5118a981c98fc951cbfb6c0ae971f7899d2c4df46c844b4b1efbee0c3e160a10
SHA512

4a8eccc33eda48905c47d5439a30bdca0273ddfd399910d81dfde7a24cf764eb777707d71b1de32066b14d5cd30ad771928ae32005a3916eb4065dfbfd804e31
SSDEEP

3072:oSt88i0ZfnQrekkRktV0XmXCnTZ1de54kUUObdCuVp:ok8jOCk+V0Xk8TnA48ObdCu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5118a981c98fc951cbfb6c0ae971f7899d2c4df46c844b4b1efbee0c3e160a10

Files

5118a981c98fc951cbfb6c0ae971f7899d2c4df46c844b4b1efbee0c3e160a10
.dll windows:5 windows x86 arch:x86

d87ebdc7c3ec664d82ca22fd7024c9e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\PC\Documents\Visual Studio 2010\Projects\Anykia D3D Base\Debug\Anykia D3D Base.pdb

Imports

kernel32

GetModuleHandleA
VirtualProtect
Sleep
GetCurrentThread
GetProcAddress
CloseHandle
DisableThreadLibraryCalls
CreateThread
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LoadLibraryW
lstrlenA
RaiseException
MultiByteToWideChar
IsDebuggerPresent
WideCharToMultiByte
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
SetLastError
VirtualQuery
VirtualFree
VirtualAlloc
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
GetCurrentThreadId
GetCurrentProcess
GetLastError
FreeLibrary

user32

GetAsyncKeyState
mouse_event
GetForegroundWindow
GetCursorPos
ScreenToClient
GetSystemMetrics
SetRect

msvcp100d

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QBE_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?uncaught_exception@std@@YA_NXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bid@locale@std@@QAEIXZ
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_BADOFF@std@@3_JB
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??3@YAXPAXABU_DebugHeapTag_t@std@@PADH@Z
??2@YAPAXIABU_DebugHeapTag_t@std@@PADH@Z
?_DebugHeapTag_func@std@@YAABU_DebugHeapTag_t@1@XZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??1_Container_base12@std@@QAE@XZ
?_Orphan_all@_Container_base12@std@@QAEXXZ
?_Debug_message@std@@YAXPB_W0I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??Bios_base@std@@QBEPAXXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?width@ios_base@std@@QBE_JXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
?width@ios_base@std@@QAE_J_J@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?flags@ios_base@std@@QBEHXZ
??0_Container_base12@std@@QAE@XZ

d3dx9_43

D3DXVec3Project
D3DXCreateLine
D3DXCreateFontA

msvcr100d

??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
_lock_file
_unlock_file
fputc
ungetc
memcpy_s
fgetc
fgetpos
_fseeki64
fsetpos
setvbuf
fflush
cos
sin
vsprintf_s
memcmp
sprintf
clock
_CRT_RTC_INITW
_unlock
__dllonexit
_lock
_onexit
_malloc_dbg
_free_dbg
_encoded_null
_CrtSetCheckCount
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_CrtDbgReportW
_invalid_parameter
fwrite
fclose
_vsnprintf
_time64
_localtime64
strftime
sprintf_s
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
??3@YAXPAX@Z
memset
memmove
__CxxFrameHandler3
??2@YAPAXI@Z
strlen
memcpy
sqrt
free
_CxxThrowException

Exports

Exports

_DllMain@12

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d87ebdc7c3ec664d82ca22fd7024c9e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

msvcp100d

d3dx9_43

msvcr100d

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 7KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 7KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 10KB - Virtual size: 9KB