911321e66cfb4ae2996bf6c39fb90f0404e5057a3137b307f0304145e5771f37

Sharing

Copy URL Twitter E-mail

General

Target

911321e66cfb4ae2996bf6c39fb90f0404e5057a3137b307f0304145e5771f37
Size

777KB
MD5

767b8afee1926a07b9b70632f43a8404
SHA1

97f1c771aadd5354b8d0fe2652fd21992e176abd
SHA256

911321e66cfb4ae2996bf6c39fb90f0404e5057a3137b307f0304145e5771f37
SHA512

0f6602dfc4ac05968e8f000f16b1a5679fb8b8c87e6e571a0e616db607ff6c267d36207ef0cbb1525c87c8600397c0982e388d05d35f54f80604ed3b1a44df08
SSDEEP

12288:Fjpyxs2JVPDWUR6CAL44qT4ZFAr2FoZczq3HfN+WknM3Xc8:FjpoXR9nT4ZF1Ftzq3HV+WknM3X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
911321e66cfb4ae2996bf6c39fb90f0404e5057a3137b307f0304145e5771f37

Files

911321e66cfb4ae2996bf6c39fb90f0404e5057a3137b307f0304145e5771f37
.dll windows:6 windows x64 arch:x64

57423b8e0f41f24f60bef000ff5c1083

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\work\ct\rtc\ctyuneffectsdk\lib\windows\x64\Release\ctyuneffectsdk.pdb

Imports

winmm

timeGetTime

ws2_32

freeaddrinfo
getaddrinfo
ntohs
ntohl
htons
htonl
WSASetEvent
WSAResetEvent
WSAEnumNetworkEvents
WSAGetLastError
WSAWaitForMultipleEvents
WSAEventSelect
WSACloseEvent
WSACreateEvent
sendto
send
accept
closesocket
listen
recvfrom
recv
setsockopt
connect
bind
getpeername
getsockname
socket
getsockopt
ioctlsocket

egl

eglGetCurrentContext
eglDestroyContext
eglGetConfigAttrib
eglBindAPI
eglMakeCurrent
eglCreatePbufferSurface
eglTerminate
eglGetError
eglCreateWindowSurface
eglQueryContext
eglGetDisplay
eglDestroySurface
eglInitialize
eglQueryString
eglCreateContext
eglGetConfigs

glesv2

glGetShaderInfoLog
glDeleteShader
glCompileShader
glGetProgramiv
glCreateProgram
glShaderSource
glBlendFunc
glEnable
glTexImage2D
glLinkProgram
glCreateShader
glAttachShader
glTexSubImage2D
glGetShaderiv
glBindBuffer
glReadPixels
glDeleteBuffers
glFinish
glUnmapBuffer
glMapBufferRange
glBufferData
glGenBuffers
glGetString
glPixelStorei
glGetProgramInfoLog
glBindTexture
glUniform1i
glActiveTexture
glDeleteTextures
glUniform1f
glUniform2f
glGetAttribLocation
glVertexAttribPointer
glUniformMatrix4fv
glDisableVertexAttribArray
glEnableVertexAttribArray
glDrawArrays
glGetUniformLocation
glUseProgram
glDeleteProgram
glViewport
glClear
glBindFramebuffer
glGetError
glGetIntegerv
glGenTextures
glGenFramebuffers
glFramebufferTexture2D
glTexParameterf

kernel32

SetFilePointerEx
ReadConsoleW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
SetStdHandle
GetFileSizeEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
HeapReAlloc
MultiByteToWideChar
DeleteCriticalSection
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
GetStdHandle
WriteFile
IsDebuggerPresent
InitializeCriticalSection
GetLastError
DebugBreak
TlsAlloc
TlsGetValue
GetCurrentThreadId
OpenThread
TlsSetValue
CloseHandle
Sleep
CreateThread
WaitForSingleObject
GetCurrentThread
RaiseException
RtlUnwind
GetProcAddress
TryEnterCriticalSection
CreateEventW
SetEvent
ResetEvent
SetLastError
SetThreadPriority
GetLogicalProcessorInformation
GetCurrentProcess
GetModuleHandleW
WideCharToMultiByte
GetFileType
CreateFileW
WriteConsoleW
HeapSize
SetEndOfFile
GetModuleHandleA
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
QueryPerformanceCounter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
GetStringTypeW
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
TlsFree
FreeLibrary
LoadLibraryExW
ReadFile
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc

Exports

Exports

?createEffect@CTYunEffect@ctyun@@SAPEAV12@PEAUCTYunEffectParams@2@@Z
?destroyEffect@CTYunEffect@ctyun@@SAXPEAV12@@Z
createCTYunEffect
destroyCTYunEffect

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57423b8e0f41f24f60bef000ff5c1083

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

ws2_32

egl

glesv2

kernel32

Exports

Exports

Sections

.text Size: 493KB - Virtual size: 492KB

.rdata Size: 241KB - Virtual size: 241KB

.data Size: 12KB - Virtual size: 19KB

.pdata Size: 23KB - Virtual size: 22KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 493KB - Virtual size: 492KB

.rdata
Size: 241KB - Virtual size: 241KB

.data
Size: 12KB - Virtual size: 19KB

.pdata
Size: 23KB - Virtual size: 22KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 5KB - Virtual size: 4KB