25fba96c27ae528554f9de178b4da5b0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

25fba96c27ae528554f9de178b4da5b0.exe
Size

823KB
MD5

25fba96c27ae528554f9de178b4da5b0
SHA1

a8343924e6e1e78db6d97c692e3784a7ab2dffac
SHA256

b3638b55fa222f8f2ff9456bde4fd2ade7bf20a47f59d2c59029087368dce331
SHA512

018f323b997cae426669428f40f021a6052a03c041b2ab6b259da0364ca71bd81e2c56f69bc329f9f905db5988b10535b4f7a28d43f7b3eae91da9e52b7878f1
SSDEEP

24576:DSBvHpq2BzARu0zv6bbzkpEa6XCFyVoX6VGi:DSpHpYFyV86VG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25fba96c27ae528554f9de178b4da5b0.exe

Files

25fba96c27ae528554f9de178b4da5b0.exe
.dll windows:10 windows x86 arch:x86

866fd0b587e4e2281a6bb79e39bc29de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3d8.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_except_handler4_common
wcscpy_s
_XcptFilter
_vsnprintf
_purecall
__CxxFrameHandler3
_amsg_exit
memcpy
floor
_initterm
strrchr
wcsrchr
atoi
strcpy_s
_wcslwr
_stricmp
malloc
free
_ftol2_sse
sscanf_s
_CIcos
_CIexp
_CIlog
_CIlog10
_CIpow
_CIsqrt
_CxxThrowException
memset

user32

CloseDesktop
GetUserObjectInformationA
OpenInputDesktop
GetWindowThreadProcessId
IsWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowRect
GetKeyState
GetWindowLongA
IsIconic
PostMessageA
SendMessageA
CallWindowProcA
SetWindowLongA
IsZoomed
ShowWindow
IsWindowVisible
GetForegroundWindow
SetWindowPos
SystemParametersInfoA
GetDC
EnumDisplaySettingsA
ReleaseDC
EnumDisplayDevicesA
GetSystemMetrics
OffsetRect
GetWindowInfo
ClientToScreen
DisplayConfigGetDeviceInfo
GetClientRect
SetRect
IntersectRect
GetMonitorInfoA
DefWindowProcA
RegisterHotKey
UnregisterHotKey
SetRectEmpty
SetForegroundWindow
SetCursor
GetCursor
DestroyIcon
GetDesktopWindow
GetWindowDC
CreateIconIndirect
GetIconInfo
GetCursorPos
SetCursorPos
GetThreadDesktop
UnionRect

advapi32

RegOpenKeyExA
RegCreateKeyA
EventUnregister
EventWriteTransfer
EventRegister
EventSetInformation
RegSetValueExA
RegGetValueA
RegCreateKeyExA
SetSecurityDescriptorDacl
GetSidSubAuthority
GetSidLengthRequired
InitializeSid
IsValidSid
InitializeSecurityDescriptor
InitializeAcl
SetSecurityInfo
ConvertStringSidToSidA
GetLengthSid
AddAccessAllowedAce
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

api-ms-win-core-versionansi-l1-1-0

GetFileVersionInfoExA
VerQueryValueA
GetFileVersionInfoSizeExA

ext-ms-win-rtcore-ntuser-dpi-l1-1-0

SetProcessDpiAwarenessInternal
GetProcessDpiAwarenessInternal

api-ms-win-gdi-dpiinfo-l1-1-0

GetCurrentDpiInfo

ntdll

VerSetConditionMask
EtwEventWriteNoRegistration

d3d8thk

OsThunkDdDeleteSurfaceObject
OsThunkDdGetDriverInfo
OsThunkD3dContextDestroyAll
OsThunkDdGetFlipStatus
OsThunkDdCanCreateD3DBuffer
OsThunkDdDestroySurface
OsThunkD3dDrawPrimitives2
OsThunkDdSetExclusiveMode
OsThunkDdGetDC
OsThunkD3dContextCreate
OsThunkDdCreateSurface
OsThunkDdLock
OsThunkD3dContextDestroy
OsThunkDdUnlock
OsThunkDdGetBltStatus
OsThunkDdGetAvailDriverMemory
OsThunkDdFlip
OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkDdReleaseDC
OsThunkDdWaitForVerticalBlank
OsThunkDdFlipToGDISurface
OsThunkDdAttachSurface
OsThunkDdDeleteDirectDrawObject
OsThunkDdDestroyD3DBuffer
OsThunkDdGetScanLine
OsThunkDdUnlockD3D
OsThunkDdCreateSurfaceObject
OsThunkDdReenableDirectDrawObject
OsThunkDdSetGammaRamp
OsThunkDdCreateD3DBuffer
OsThunkDdQueryDirectDrawObject
OsThunkDdLockD3D
OsThunkDdCanCreateSurface
OsThunkDdCreateSurfaceEx
OsThunkDdBlt
OsThunkDdResetVisrgn

gdi32

DeleteObject
GetRandomRgn
D3DKMTMakeResident
D3DKMTPresent
D3DKMTEvict
D3DKMTDestroyAllocation2
D3DKMTLock2
D3DKMTCreateAllocation
D3DKMTMapGpuVirtualAddress
D3DKMTDestroyContext
D3DKMTDestroyAllocation
D3DKMTFreeGpuVirtualAddress
D3DKMTCloseAdapter
D3DKMTCreateHwQueue
D3DKMTSharedPrimaryUnLockNotification
D3DKMTRegisterTrimNotification
D3DKMTWaitForSynchronizationObjectFromCpu
D3DKMTUnregisterTrimNotification
D3DKMTGetSharedPrimaryHandle
D3DKMTEscape
D3DKMTSubmitPresentToHwQueue
D3DKMTUnlock2
D3DKMTUpdateAllocationProperty
D3DKMTWaitForSynchronizationObject
D3DKMTDestroySynchronizationObject
D3DKMTSetGammaRamp
D3DKMTCreateSynchronizationObject2
SetStretchBltMode
D3DKMTReclaimAllocations
D3DKMTCreateSynchronizationObject
D3DKMTUpdateGpuVirtualAddress
D3DKMTOpenAdapterFromHdc
D3DKMTDestroyDCFromMemory
D3DKMTOpenResource
D3DKMTDestroyPagingQueue
D3DKMTCreateAllocation2
D3DKMTQueryAllocationResidency
D3DKMTSharedPrimaryLockNotification
D3DKMTSetDisplayPrivateDriverFormat
D3DKMTSetVidPnSourceOwner
D3DKMTCreateDevice
D3DKMTSubmitCommand
D3DKMTRender
D3DKMTDestroyHwQueue
D3DKMTInvalidateCache
D3DKMTSignalSynchronizationObjectFromGpu
D3DKMTWaitForSynchronizationObjectFromGpu
DeleteDC
D3DKMTSetDisplayMode
D3DKMTSubmitSignalSyncObjectsToHwQueue
D3DKMTSignalSynchronizationObject
D3DKMTReclaimAllocations2
D3DKMTCreateContext
D3DKMTSubmitCommandToHwQueue
D3DKMTCreatePagingQueue
D3DKMTSubmitWaitForSyncObjectsToHwQueue
D3DKMTCreateDCFromMemory
D3DKMTDestroyDevice
D3DKMTReserveGpuVirtualAddress
D3DKMTGetMultisampleMethodList
D3DKMTSignalSynchronizationObjectFromGpu2
D3DKMTCreateContextVirtual
GdiEntry1
GetRegionData
CreateRectRgn
GetDIBits
GetDeviceGammaRamp
GdiEntry13
StretchBlt
CreateCompatibleBitmap
GetDeviceCaps
GetNearestColor
CreateCompatibleDC
SelectObject
CreateDIBitmap
GetObjectA
GetSystemPaletteEntries
D3DKMTGetDisplayModeList
D3DKMTSetAllocationPriority
D3DKMTQueryResourceInfo
D3DKMTSignalSynchronizationObject2
D3DKMTGetScanLine
D3DKMTMarkDeviceAsError
D3DKMTUnlock
D3DKMTLock
D3DKMTOpenResource2
D3DKMTWaitForSynchronizationObject2
D3DKMTSignalSynchronizationObjectFromCpu
CreateDCA
D3DKMTOfferAllocations
D3DKMTGetResourcePresentPrivateDriverData
D3DKMTGetDeviceState
D3DKMTQueryAdapterInfo
BitBlt

kernel32

GetVersionExA
IsProcessorFeaturePresent
WaitForSingleObject
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WriteFile
PeekNamedPipe
ReadFile
FlushFileBuffers
DisconnectNamedPipe
ConnectNamedPipe
SetNamedPipeHandleState
GetModuleFileNameA
OutputDebugStringA
ResetEvent
OpenEventW
ReleaseSemaphore
CreateSemaphoreA
GlobalAddAtomA
GetSystemDirectoryA
CreateFileA
MultiByteToWideChar
SetErrorMode
GetCurrentProcess
VerifyVersionInfoA
GetTickCount
DebugBreak
WideCharToMultiByte
LoadLibraryW
OutputDebugStringW
Sleep
lstrcmpA
LocalAlloc
GetProcessHeap
GetCurrentProcessId
LocalFree
HeapAlloc
CloseHandle
DisableThreadLibraryCalls
OpenMutexA
GetModuleHandleA
ReleaseMutex
GetLastError
GetNativeSystemInfo
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
QueryPerformanceFrequency
InitializeCriticalSection
HeapFree
CreateMutexA

dwmapi

ord101
ord100
DwmIsCompositionEnabled

Exports

Exports

DebugSetMute
Direct3D8EnableMaximizedWindowedModeShim
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.text
Size: 643KB - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

866fd0b587e4e2281a6bb79e39bc29de

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

user32

advapi32

api-ms-win-core-versionansi-l1-1-0

ext-ms-win-rtcore-ntuser-dpi-l1-1-0

api-ms-win-gdi-dpiinfo-l1-1-0

ntdll

d3d8thk

gdi32

kernel32

dwmapi

Exports

Exports

Sections

.text Size: 643KB - Virtual size: 642KB

.data Size: 4KB - Virtual size: 20KB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 643KB - Virtual size: 642KB

.data
Size: 4KB - Virtual size: 20KB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 164KB - Virtual size: 164KB