VDD[.]HDR[.]23[.]12[.]zip

Resubmissions

11/08/2024, 19:24

240811-x4t8watfnj 8

Sharing

Copy URL Twitter E-mail

General

Target

VDD.HDR.23.12.zip
Size

60KB
MD5

2b5b754fbac88804c4e048e5da5ecbf8
SHA1

1f9b8fa79dfaa1dfb10295fb9d300cdb6900abe1
SHA256

4dea678b0b7ce63ca74edd1f39ff3ce1ab7375a9e5ef726df0e6503d1d50875f
SHA512

b87234f4fe14a31fff16d82ca47ca9e499e970c4cdbfc07d6e81135ffafbbd5955ec6eb982746003877d734aa7a912f9c7ff46e1f7c6941f38fd8a4d24d3b52f
SSDEEP

1536:Am0SXqFiiHx5SzyF2URfZh/jXpzcHsIYhcckP:AnSGiiR0eF2Kh/jXBcHc+P

Score

1^/10

Malware Config

Signatures

Files

VDD.HDR.23.12.zip
.zip
VDD HDR 23.12.2/IddSampleDriver/IddSampleDriver.dll
.dll windows:10 windows x64 arch:x64

0c7ba4c1124a4881db1e22cb4ffeb9af

Code Sign

01
Certificate

Issuer

CN=Virtual Display Driver,OU=Development,O=MikeTheTech,L=Salinas,ST=CA,C=US,1.2.840.113549.1.9.1=#0c17636f6e74616374406d696b65746865746563682e636f6d

Not Before

14/10/2023, 17:46

Not After

14/10/2024, 17:46

Subject

CN=Virtual Display Driver,OU=Development,O=MikeTheTech,L=Salinas,ST=CA,C=US,1.2.840.113549.1.9.1=#0c17636f6e74616374406d696b65746865746563682e636f6d

7f:fd:6f:72:67:8a:c5:49:f2:89:98:a1:db:fa:af:6d:1c:dd:9c:10:11:1a:6e:aa:e4:2f:fe:57:48:94:53:ee
Signer

Actual PE Digest

7f:fd:6f:72:67:8a:c5:49:f2:89:98:a1:db:fa:af:6d:1c:dd:9c:10:11:1a:6e:aa:e4:2f:fe:57:48:94:53:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\DEV\Idd\Balouk\IddSampleDriver\x64\Release\IddSampleDriver.pdb

Imports

ntdll

RtlPcToFileHeader
RtlUnwindEx
DbgPrintEx

kernel32

RaiseException
GetLastError
SetEvent
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
CloseHandle
FlsSetValue
FlsGetValue
FlsAlloc
SetLastError
InterlockedFlushSList
InitializeSListHead
FlsFree
CreateThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LCMapStringEx
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection

ole32

CoCreateGuid

dxgi

CreateDXGIFactory2

d3d11

D3D11CreateDevice

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
terminate
_errno
_seh_filter_dll
abort
_initterm
_initterm_e
_register_onexit_function
_configure_narrow_argv
_cexit
_initialize_narrow_environment
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
_callnewh

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-stdio-l1-1-0

_fsopen
fseek
fputc
fsetpos
_fseeki64
fwrite
fgetpos
setvbuf
fgetc
fflush
fclose
_get_stream_buffer_pointers
ungetc
fread

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
_unlock_locales
__pctype_func
___lc_locale_name_func
_lock_locales
setlocale

api-ms-win-crt-string-l1-1-0

isupper
_wcsdup
islower
__strncnt
strcpy_s

Exports

Exports

FxDriverEntryUm

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VDD HDR 23.12.2/IddSampleDriver/IddSampleDriver.inf
VDD HDR 23.12.2/IddSampleDriver/Virtual_Display_Driver.cer
VDD HDR 23.12.2/IddSampleDriver/iddsampledriver.cat
VDD HDR 23.12.2/IddSampleDriver/installCert.bat
.bat .vbs
VDD HDR 23.12.2/IddSampleDriver/option.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0c7ba4c1124a4881db1e22cb4ffeb9af

Code Sign

01Certificate

7f:fd:6f:72:67:8a:c5:49:f2:89:98:a1:db:fa:af:6d:1c:dd:9c:10:11:1a:6e:aa:e4:2f:fe:57:48:94:53:eeSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

ole32

dxgi

d3d11

avrt

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 2KB - Virtual size: 4KB

.pdata Size: 5KB - Virtual size: 4KB

_RDATA Size: 1024B - Virtual size: 640B

.reloc Size: 1024B - Virtual size: 908B

01
Certificate

7f:fd:6f:72:67:8a:c5:49:f2:89:98:a1:db:fa:af:6d:1c:dd:9c:10:11:1a:6e:aa:e4:2f:fe:57:48:94:53:ee
Signer

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 2KB - Virtual size: 4KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 1024B - Virtual size: 640B

.reloc
Size: 1024B - Virtual size: 908B