VDD[.]23[.]10[.]20[.]2[.]zip

Resubmissions

11/08/2024, 19:47

240811-yhkyravcrm 8

11/08/2024, 19:36

240811-ybgyhsvajm 8

11/08/2024, 19:35

240811-yayjwaydne 1

Sharing

Copy URL

Twitter E-mail

General

Target

VDD.23.10.20.2.zip
Size

51KB
MD5

7235e2dce08834620783494cbc45882a
SHA1

bacae3a235930c6c6bf72b017e1c045c3d498116
SHA256

17ed26405040423505547791654e4874ae601270eea3fec113fae3130fa8ec0f
SHA512

a0210b2848a0c6e251cc7db3ea1d7d26bfa9e28bccb199de9843cc331e0a7bef342d0d4c85554f8089fc50b3d7aacf76a7681cf74db41c3d7938104c63ad4b19
SSDEEP

768:cQeirG8QKMa9tJASYXZtNOIzUOgy4++N39Jv0fn5yW0y9llGr4oh4ZIkPE5JLXcn:/Dvei9OmgUkg3v0PgW0Wla+Is3AmB

Score

1^/10

Malware Config

Signatures

Files

VDD.23.10.20.2.zip
.zip
IddSampleDriver/Virtual_Display_Driver.cer
IddSampleDriver/iddsampledriver.cat
IddSampleDriver/iddsampledriver.dll
.dll windows:10 windows x64 arch:x64

bcbe8454a0a5c59e3d8ec4c2e1692f42

Code Sign

01
Certificate

Issuer

CN=Virtual Display Driver,OU=Development,O=MikeTheTech,L=Salinas,ST=CA,C=US,1.2.840.113549.1.9.1=#0c17636f6e74616374406d696b65746865746563682e636f6d

Not Before

14/10/2023, 17:46

Not After

14/10/2024, 17:46

Subject

CN=Virtual Display Driver,OU=Development,O=MikeTheTech,L=Salinas,ST=CA,C=US,1.2.840.113549.1.9.1=#0c17636f6e74616374406d696b65746865746563682e636f6d

62:9b:6b:3d:fc:54:a5:cf:8c:dd:4b:73:e7:7f:f6:c6:ec:ee:cd:c8:fc:01:ed:1f:f3:4e:b5:3f:4a:bf:29:c2
Signer

Actual PE Digest

62:9b:6b:3d:fc:54:a5:cf:8c:dd:4b:73:e7:7f:f6:c6:ec:ee:cd:c8:fc:01:ed:1f:f3:4e:b5:3f:4a:bf:29:c2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\alisa\Documents\GitHub\IddSampleDriver\x64\Release\IddSampleDriver.pdb

Imports

ntdll

RtlPcToFileHeader
RtlUnwindEx
DbgPrintEx

kernel32

RaiseException
GetLastError
SetEvent
WaitForSingleObject
CreateEventW
WaitForMultipleObjects
CloseHandle
FlsSetValue
FlsGetValue
FlsAlloc
SetLastError
InterlockedFlushSList
InitializeSListHead
FlsFree
CreateThread
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LCMapStringEx
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection

ole32

CoCreateGuid

dxgi

CreateDXGIFactory2

d3d11

D3D11CreateDevice

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

api-ms-win-crt-runtime-l1-1-0

terminate
_invalid_parameter_noinfo_noreturn
_errno
_seh_filter_dll
_initterm
_initterm_e
_crt_atexit
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
abort
_cexit

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
_callnewh

api-ms-win-crt-convert-l1-1-0

strtol

api-ms-win-crt-stdio-l1-1-0

_fsopen
_get_stream_buffer_pointers
fread
fseek
fputc
fsetpos
_fseeki64
fwrite
fclose
setvbuf
fgetpos
fflush
ungetc
fgetc

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
_unlock_locales
__pctype_func
___lc_locale_name_func
_lock_locales
setlocale

api-ms-win-crt-string-l1-1-0

islower
__strncnt
isupper
_wcsdup
strcpy_s

Exports

Exports

FxDriverEntryUm

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IddSampleDriver/iddsampledriver.inf
IddSampleDriver/installCert.bat
.bat .vbs
IddSampleDriver/option.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

bcbe8454a0a5c59e3d8ec4c2e1692f42

Code Sign

01Certificate

62:9b:6b:3d:fc:54:a5:cf:8c:dd:4b:73:e7:7f:f6:c6:ec:ee:cd:c8:fc:01:ed:1f:f3:4e:b5:3f:4a:bf:29:c2Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

ole32

dxgi

d3d11

avrt

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 1KB - Virtual size: 4KB

.pdata Size: 4KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 512B

.reloc Size: 1024B - Virtual size: 888B

01
Certificate

62:9b:6b:3d:fc:54:a5:cf:8c:dd:4b:73:e7:7f:f6:c6:ec:ee:cd:c8:fc:01:ed:1f:f3:4e:b5:3f:4a:bf:29:c2
Signer

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 1KB - Virtual size: 4KB

.pdata
Size: 4KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 512B

.reloc
Size: 1024B - Virtual size: 888B