Static task
static1
General
-
Target
StealthRemastered.asi.dll
-
Size
814KB
-
MD5
1e6c7f013a382dd468257f0c32db3a68
-
SHA1
a19b2307f3fc345ea16f4e1f12c8f5c761638637
-
SHA256
dc9c968b3c865671026d9d2a161daacfaa1ac4283cde08913c7fdc06f6197400
-
SHA512
e383a50e9bf7cc43f6d33b41ee0a46d554669a4af29ae810e257140c476292d2bff4a465f2d36539446ec11b57af0b839f4c42e93679bb297988f6f1ea4d00c6
-
SSDEEP
12288:S7+xGsEonxcCc91owCYv0BYqW/vCss0mhGluUvHdeKX8g3Q/6NKl0EcZ:S7+xGsRx81SpKqq8g3C6NKiF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource StealthRemastered.asi.dll
Files
-
StealthRemastered.asi.dll.dll windows:6 windows x86 arch:x86
e0a6f8bab55ed13913a1ac042d9afa9c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
d3dx9_43
D3DXCreateTextureFromFileInMemoryEx
D3DXQuaternionRotationAxis
D3DXQuaternionMultiply
kernel32
FreeLibraryAndExitThread
CreateThread
GetCurrentThread
VirtualQuery
GetSystemInfo
VirtualProtect
GetTickCount64
MultiByteToWideChar
GlobalLock
WideCharToMultiByte
GlobalUnlock
GlobalAlloc
GlobalFree
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryA
GetProcAddress
ExitThread
DisableThreadLibraryCalls
GetSystemDirectoryA
GetModuleHandleA
GetModuleHandleExW
GetModuleFileNameW
GetModuleHandleW
GetEnvironmentStringsW
Sleep
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
OutputDebugStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ReadConsoleW
GetFileSizeEx
HeapAlloc
HeapFree
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
ExitProcess
ReadFile
WriteConsoleW
GetFileType
FreeEnvironmentStringsW
GetStdHandle
InterlockedFlushSList
RaiseException
GetProcessHeap
SetStdHandle
GetCommandLineW
FormatMessageA
LocalFree
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
HeapSize
AreFileApisANSI
CloseHandle
GetLastError
SetLastError
MoveFileExW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InterlockedCompareExchange
GetCurrentProcess
GetCurrentThreadId
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualFree
FreeLibrary
LoadLibraryExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwind
user32
MapVirtualKeyA
GetActiveWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
GetClientRect
ScreenToClient
GetCursorPos
IsChild
GetAsyncKeyState
SetCursorPos
ClientToScreen
SetCursor
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
GetForegroundWindow
shell32
SHGetKnownFolderPath
ole32
CoTaskMemFree
imm32
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
Sections
.text Size: 631KB - Virtual size: 631KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 146KB - Virtual size: 146KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ