C:\Users\FFXX\AppData\Local\FiveM\FiveM.app\plugins\d3d10.pdb
Static task
static1
1 signatures
General
-
Target
d3d10.dll
-
Size
2.4MB
-
MD5
755bd5b01baea072792d7822fead5635
-
SHA1
a6ebc8cba3f3eff2cef78f2e0b723596a5e4fc5c
-
SHA256
705cbf57bbd40dda5764349330e01dee4b26241d304e98e08b9814b493df5097
-
SHA512
ac6611b5163019f313aafd534482629227f2077c6d657c4a9b060921849d6829164ee0a2c0fdfd8a163915091cedbbc7503f40336b883db2967afd5340e753c7
-
SSDEEP
49152:ut7tR5y0NCmPVGVk50KUGnhL8wIz1IuGOC7b+Iyv:yta1mDTUfhmj7C
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d3d10.dll
Files
-
d3d10.dll.dll windows:6 windows x64 arch:x64
8477b9e59ccadb7c2538aecb52181c9c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
kernel32
CreateToolhelp32Snapshot
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
OpenThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
HeapCreate
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
GetFileInformationByHandleEx
CloseHandle
VirtualFree
VirtualAlloc
GetSystemInfo
GetModuleHandleW
VirtualQuery
Thread32Next
InitializeCriticalSectionEx
HeapSize
DeleteCriticalSection
GetProcessHeap
WinExec
LocalFree
SetLastError
EnterCriticalSection
LeaveCriticalSection
SleepEx
VerSetConditionMask
GetSystemDirectoryA
LoadLibraryA
VerifyVersionInfoA
GetTickCount
MoveFileExA
WaitForSingleObjectEx
MultiByteToWideChar
GetStdHandle
GetFileType
ReadFile
VirtualProtect
GetCurrentThread
Sleep
GetLogicalDrives
GetDriveTypeA
FormatMessageA
LoadLibraryExA
GetModuleFileNameA
FreeLibrary
GetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalFree
GlobalLock
GlobalUnlock
PeekNamedPipe
WaitForMultipleObjects
CreateFileA
GetFileSizeEx
WideCharToMultiByte
GetLocaleInfoEx
InitOnceBeginInitialize
InitOnceComplete
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesW
GetFileAttributesExW
GetModuleHandleA
GetFullPathNameW
SetFileInformationByHandle
GetTempPathW
AreFileApisANSI
GlobalAlloc
GetProcAddress
Thread32First
CreateThread
GetEnvironmentVariableA
user32
SetCursor
GetClassNameA
EnumWindows
FindWindowExA
SetWindowLongPtrA
MessageBoxA
GetWindowRect
GetWindowTextA
GetSystemMetrics
LoadCursorA
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
GetClientRect
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
GetKeyState
IsChild
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
DestroyWindow
DefWindowProcA
UnregisterClassA
RegisterClassExA
CreateWindowExA
msvcp140
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Xbad_function_call@std@@YAXXZ
?_Random_device@std@@YAIXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?_Xbad_alloc@std@@YAXXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?rdstate@ios_base@std@@QEBAHXZ
??Bios_base@std@@QEBA_NXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
_Query_perf_frequency
_Query_perf_counter
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?good@ios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Strxfrm
_Strcoll
_Xtime_get_ticks
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
d3dx11_43
D3DX11CreateShaderResourceViewFromMemory
imm32
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
d3dcompiler_43
D3DCompile
xinput1_3
ord4
ord2
d3dx9_43
D3DXVec3Transform
D3DXMatrixTranspose
normaliz
IdnToAscii
wldap32
ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord60
ord143
ord217
ord46
ord211
ord22
ord45
ord50
ord41
ord26
crypt32
CertFreeCertificateChain
CertOpenStore
CertCloseStore
CertGetCertificateChain
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CryptStringToBinaryA
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
ws2_32
sendto
recvfrom
freeaddrinfo
ntohl
getaddrinfo
select
__WSAFDIsSet
gethostname
ioctlsocket
closesocket
recv
send
WSAGetLastError
bind
connect
getpeername
getsockname
getsockopt
htons
ntohs
setsockopt
socket
WSASetLastError
WSAIoctl
WSAStartup
WSACleanup
accept
listen
htonl
rpcrt4
RpcStringFreeA
UuidToStringA
UuidCreate
psapi
GetModuleInformation
userenv
UnloadUserProfile
vcruntime140
__std_type_info_destroy_list
__intrinsic_setjmp
__current_exception_context
__current_exception
__C_specific_handler
strrchr
longjmp
memcmp
strchr
memmove
memset
memcpy
memchr
__std_exception_copy
strstr
__std_terminate
_CxxThrowException
__std_exception_destroy
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-stdio-l1-1-0
_lseeki64
fread
fclose
_wfopen
fseek
ftell
fwrite
_read
_write
_close
fsetpos
_open
fgetpos
fgetc
_get_stream_buffer_pointers
setvbuf
__stdio_common_vsscanf
ungetc
tmpfile
_popen
_pclose
_ftelli64
_fseeki64
clearerr
__acrt_iob_func
fputs
fflush
tmpnam
fgets
feof
ferror
__stdio_common_vsprintf
__stdio_common_vfprintf
getc
freopen
fopen
fputc
api-ms-win-crt-heap-l1-1-0
realloc
calloc
malloc
_callnewh
free
api-ms-win-crt-runtime-l1-1-0
_invalid_parameter_noinfo_noreturn
_errno
strerror
terminate
_wassert
_beginthreadex
_resetstkoflw
_invalid_parameter_noinfo
__sys_nerr
_initterm_e
system
exit
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
_getpid
api-ms-win-crt-string-l1-1-0
tolower
iscntrl
strspn
isxdigit
isalnum
isgraph
toupper
strcpy_s
strcoll
isblank
isspace
ispunct
islower
isupper
isalpha
strpbrk
strcspn
_strdup
strncpy
strcmp
strncmp
isdigit
api-ms-win-crt-utility-l1-1-0
srand
rand
qsort
api-ms-win-crt-math-l1-1-0
acos
fminf
_dsign
asin
asinf
atan2
ceil
fmaxf
cos
cosh
coshf
ldexp
floor
fmod
log
log10
log10f
frexp
atan2f
sin
sinh
sinhf
sqrt
tan
tanf
tanh
tanhf
floorf
pow
ceilf
acosf
powf
sqrtf
sinf
expf
cosf
fmodf
exp
api-ms-win-crt-convert-l1-1-0
atof
strtoull
strtoll
strtod
strtoul
atoi
strtol
api-ms-win-crt-locale-l1-1-0
setlocale
localeconv
___lc_codepage_func
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
_localtime64_s
_gmtime64
_time64
_mktime64
strftime
_difftime64
clock
_localtime64
api-ms-win-crt-filesystem-l1-1-0
_unlink
_unlock_file
_lock_file
rename
_stat64
_access
_fstat64
remove
advapi32
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
ConvertSidToStringSidA
CopySid
IsValidSid
OpenProcessToken
GetLengthSid
GetTokenInformation
shell32
ShellExecuteA
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 375KB - Virtual size: 375KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 826KB - Virtual size: 836KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 53KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ