1adad2e91bf75a789e4c9012758174939d636ddbbb72e4a1819c6d012fd1ce95

Sharing

Copy URL Twitter E-mail

General

Target

1adad2e91bf75a789e4c9012758174939d636ddbbb72e4a1819c6d012fd1ce95
Size

1.4MB
MD5

09162e86cbbe4bc70854122e492d6021
SHA1

8bf94e5401039c7695728fdad52f3f22febe1a2e
SHA256

1adad2e91bf75a789e4c9012758174939d636ddbbb72e4a1819c6d012fd1ce95
SHA512

74ceb128829b74f9d2e153463f93a9f61e2f9c9db3e3e36be24c4ed55d3fc4a1883de6ee31a4d595949b4c29aace4eee1d6b0a4a42ce3d4f1ff908f252c732ff
SSDEEP

24576:UKaqNe1OhEiD8uz/AHLh0lhSMXlyLy2kIw3K3:SqNfz/Aal2kD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1adad2e91bf75a789e4c9012758174939d636ddbbb72e4a1819c6d012fd1ce95

Files

1adad2e91bf75a789e4c9012758174939d636ddbbb72e4a1819c6d012fd1ce95
.dll windows:6 windows x86 arch:x86

26720178060c4ed8197671a58ba1a981

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Code\Rendition\RReady\trunk\RReady\Release\Redline.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

ShellExecuteExW
SHGetFolderPathW

bcrypt

BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptGetProperty
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptFinishHash
BCryptHashData

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

opengl32

glVertexPointer
glEnable
glTexParameteri
glHint
glReadBuffer
glDrawArrays
glTexParameterf
glIsEnabled
glDisable
glCopyTexImage2D
glGetError
glGetIntegerv
glBindTexture
glViewport
glStencilOp
glClear
glStencilMask
glGenTextures
glGetTexLevelParameteriv
glMatrixMode
glCallLists
glStencilFunc
glBlendFunc
glReadPixels
glLoadIdentity
glPopMatrix
glFinish
glClearColor
glTranslatef
glTexImage2D
glClearStencil
wglUseFontOutlinesW
glDeleteLists
wglDeleteContext
wglCreateContext
wglGetCurrentDC
wglShareLists
glShadeModel
glDeleteTextures
glLineWidth
glTexEnvf
glPointSize
glCallList
glVertex3i
glColorPointer
glEnableClientState
wglGetCurrentContext
glClearDepth
glGetBooleanv
glScissor
glDepthMask
glGetString
wglGetProcAddress
glDisableClientState
glGetTexImage
glVertex3f
glVertex2f
glBegin
glEndList
glGenLists
glTexCoord2f
glEnd
glNewList
glLogicOp
glAlphaFunc
glDrawBuffer
glOrtho
glTexSubImage2D
glDepthFunc
wglMakeCurrent
glPushMatrix
glColor4f
glScalef
glListBase
glFlush

user32

SetWindowLongA
SendMessageW
SetWindowPos
GetDC
GetWindowRect
EnumDisplaySettingsA
GetActiveWindow
LockWindowUpdate
ShowCursor
SetForegroundWindow
SetWindowLongW
SetFocus
ReleaseDC
SetMenu
GetWindowLongA
ChangeDisplaySettingsA
GetMenu
AdjustWindowRectEx
GetWindowLongW
TranslateMessage
CreateWindowExA
AdjustWindowRect
PeekMessageW
DispatchMessageW
ShowWindow
GetClassNameA
DestroyWindow
MessageBoxA
GetClientRect
DefWindowProcA
GetWindowInfo

gdi32

CreateCompatibleDC
DescribePixelFormat
SelectObject
SetPixelFormat
GetPixelFormat
CreateBitmap
GetObjectW
ChoosePixelFormat
StretchBlt
CreateFontA
DeleteDC
DeleteObject
SwapBuffers

kernel32

LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
HeapFree
HeapAlloc
GetFileType
GetStdHandle
SetFilePointerEx
GetFileSizeEx
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetStringTypeW
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
IsValidCodePage
EnterCriticalSection
LoadLibraryExW
SetLastError
RaiseException
GetExitCodeThread
WaitForSingleObjectEx
AreFileApisANSI
GetFileAttributesW
FindNextFileW
FindFirstFileExW
FindClose
GetLocaleInfoEx
QueryPerformanceFrequency
TryAcquireSRWLockExclusive
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetModuleHandleW
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
LoadLibraryA
CreateEventW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
GetProcAddress
GetACP
GetOEMCP
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapReAlloc
GetTimeZoneInformation
SetStdHandle
HeapSize
GetLocaleInfoW
IsValidLocale
GetCurrentThread
GetUserDefaultLCID
WriteConsoleW
SetEndOfFile
LeaveCriticalSection
ReadConsoleW
ReadFile
Sleep
GetThreadId
GetModuleFileNameW
GetTempPathW
GetModuleFileNameA
WriteProcessMemory
VirtualProtect
GetModuleHandleA
OpenProcess
CloseHandle
K32GetModuleInformation
ReadProcessMemory
GetCurrentProcessId
GetLastError
GetCurrentProcess
CreateFileW
GetNativeSystemInfo
IsWow64Process
MoveFileA
GetCurrentThreadId
GetCommandLineA
DeleteFileA
GetLocalTime
LocalFree
ExitProcess
FormatMessageA
EnumSystemLocalesW

Exports

Exports

?DumpString@@YAXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetGLPixelSizes@@YA_NKAAI0AAMI@Z
?GetWindowInfo@@YAXPAI000PAUtagRECT@@@Z
?RDumpBufferGroup@@YAXPAU_v_buffer_group@@@Z
?RFlushPrimaries@@YAXXZ
?RSetPrimaryLinebytes@@YAXK@Z
?RegisterBufferGroup@@YAXPAU_v_verite@@PAU_v_buffer_group@@@Z
?ShowMessage@@YAXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?UnregisterBufferGroup@@YAXPAU_v_verite@@PAU_v_buffer_group@@@Z
?V1Log@@YAXPBD@Z
?cmdBuffer@@3PAPAU_v_cmdbuffer@@A
?pLib@@3PAVVeriteLib@@A
?pLog@@3PAVLogFile@@A
?pMemAlloc@@3PAVAllocator@@A
?pRegisters@@3PAVRegisters@@A
?plog@@3PAVLogFile@@A
?videoInitialised@@3_NA
AddToCommandList
Aspect
CheckPrimaryBuffer
CreateBufferGroupInternal
DestroyBuffer
DirectMemWrite
DosAlloc
DosFree
GetFrameRate
GetMemBase
GetMemInfo
GetPixelSize
GetWindowInfo
IsIntelHD
OnDemandLogging
RBitBlt
RInit
RInitLog
RInitVideo
RLockBuffer
RReadBuffer
RRegisterForSync
RScreenshot
RShutdown
RShutdownLog
RToggleFullScreen
RToggleVSyncImmediate
RUnlockBuffer
RVideoSwapBuffers
RenditionCommandBufferProcessor
SetDosEXE
VL_AAEdge
VL_AALine
VL_Affine
VL_Bitblt
VL_BitbltMem
VL_Bitfill
VL_BitfillNoPat
VL_BitfillPatOpaque
VL_BitfillPatTransparent
VL_CloseVerite
VL_CloseVerite_
VL_CompositeRect
VL_ContextInit
VL_CopyBuffer
VL_CreateSurface
VL_CreateSurface_
VL_DestroySurface
VL_DestroySurface_
VL_Dot
VL_FillBuffer
VL_FillBuffer_
VL_FrameMarker
VL_FrameMarker_
VL_GetErrorHandler
VL_GetErrorText
VL_GetExtensionFunction
VL_GetExtensions
VL_GetFunctionName
VL_GetLastError
VL_InstallDstBuffer
VL_InstallDstBuffer_
VL_InstallTextureMap
VL_InstallTextureMapBasic
VL_InstallTextureMap_
VL_InstallZBuffer
VL_InstallZBuffer_
VL_IntLine
VL_IntPolyline
VL_Line
VL_LoadBuffer
VL_LoadBuffer_
VL_Lookup
VL_MemFill
VL_MemFillRect
VL_MemWrite
VL_MemWriteRect
VL_MemWriteSprite
VL_OpenVerite
VL_OpenVerite_
VL_Particles
VL_PointSurface
VL_Polyline
VL_QNormalize
VL_QOffset
VL_QSpan
VL_Rectangle
VL_Rectangle_
VL_RegisterErrorHandler
VL_RestoreSurface
VL_SetA
VL_SetALUMode
VL_SetA_
VL_SetAlphaThreshold
VL_SetAlphaThreshold_
VL_SetB
VL_SetBGColorABGR
VL_SetBGColorARGB
VL_SetBlendDstFunc
VL_SetBlendDstFunc_
VL_SetBlendEnable
VL_SetBlendEnable_
VL_SetBlendSrcFunc
VL_SetBlendSrcFunc_
VL_SetChromaColor
VL_SetChromaKey
VL_SetChromaMask
VL_SetCurrentTexture
VL_SetDisplayBase
VL_SetDitherEnable
VL_SetDitherEnable_
VL_SetDitherOffset
VL_SetDstBGR
VL_SetDstBase
VL_SetDstColorABGR
VL_SetDstColorARGB
VL_SetDstFmt
VL_SetDstRdDisable
VL_SetDstStride
VL_SetF
VL_SetFGColorABGR
VL_SetFGColorARGB
VL_SetFGColorARGB_
VL_SetF_
VL_SetFogColorBGR
VL_SetFogColorRGB
VL_SetFogColorRGB_
VL_SetFogEnable
VL_SetFogEnable_
VL_SetG
VL_SetPMask
VL_SetPalette
VL_SetPat
VL_SetPatEnable
VL_SetPatLength
VL_SetPatOffset
VL_SetPatOpaque
VL_SetR
VL_SetSOffset
VL_SetScissorX
VL_SetScissorX_
VL_SetScissorY
VL_SetScissorY_
VL_SetSpecularColorBGR
VL_SetSpecularColorRGB
VL_SetSpecularEnable
VL_SetSrcBGR
VL_SetSrcBase
VL_SetSrcBase_
VL_SetSrcColorNoPad
VL_SetSrcFilter
VL_SetSrcFilter_
VL_SetSrcFmt
VL_SetSrcFunc
VL_SetSrcFunc_
VL_SetSrcStride
VL_SetSrcStride_
VL_SetStereoDisplayBase
VL_SetSurfaceBGR
VL_SetSurfaceChromaColor
VL_SetSurfaceChromaKey
VL_SetSurfaceChromaMask
VL_SetSurfaceClamp
VL_SetSurfaceColorPad
VL_SetSurfaceTexturePalette
VL_SetSwapUV
VL_SetSwapUV_
VL_SetTOffset
VL_SetTexturePalette
VL_SetTranspReject
VL_SetTranspReject_
VL_SetU
VL_SetUClamp
VL_SetUMask
VL_SetUMask_
VL_SetUMultiplier
VL_SetUMultiplier_
VL_SetV
VL_SetVClamp
VL_SetVMask
VL_SetVMask_
VL_SetVMultiplier
VL_SetVMultiplier_
VL_SetYUV2RGB
VL_SetZ
VL_SetZBase
VL_SetZBufMode
VL_SetZBufMode_
VL_SetZBufWrMode
VL_SetZBufWrMode_
VL_SetZScissorEnable
VL_SetZStride
VL_SetZ_
VL_Span
VL_Square
VL_SwapDisplaySurface
VL_SwapDisplaySurface_
VL_Triangle
VL_TriangleFill
VL_TriangleNormQ
VL_Triangle_
VL_Trifan
VL_Trifan_
VL_Tristrip
VL_Tristrip_
VL_VertexSize
VL_WaitForDisplaySwitch
VL_WaitForDisplaySwitch_
VL_Warp
VsyncEnabled
dosMode
pAlloc

Sections

.text
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 343KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 297KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26720178060c4ed8197671a58ba1a981

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

shell32

bcrypt

advapi32

ole32

opengl32

user32

gdi32

kernel32

Exports

Exports

Sections

.text Size: 728KB - Virtual size: 727KB

.rdata Size: 343KB - Virtual size: 342KB

.data Size: 297KB - Virtual size: 322KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 41KB - Virtual size: 40KB

.text
Size: 728KB - Virtual size: 727KB

.rdata
Size: 343KB - Virtual size: 342KB

.data
Size: 297KB - Virtual size: 322KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 41KB - Virtual size: 40KB