ddd00e47391e1352a052a8d064811fa0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ddd00e47391e1352a052a8d064811fa0N.exe
Size

477KB
MD5

ddd00e47391e1352a052a8d064811fa0
SHA1

a50e3cc80ffcf4c6f806cc36581805f0868c64b0
SHA256

edc9516a1375e96daa76dd29b605db35f9ebda32a08d07354b9133957ca5a82a
SHA512

ed2b6eec6fb61db164e68edf33bf322014ebf8ee90af14147488d174b98be7eede4cbc797f58dbcf41708d9ab73563f955853164b4578c48487d0a9f5df63dc0
SSDEEP

6144:KsnHLFz2MX2J/UUe6KBjff+GLg+EQ1P7SzoL4uk6FKWGB6FOKa/rKBIfm5i1:BHcMmDe5fkc5za6I1

Score

1^/10

Malware Config

Signatures

Files

ddd00e47391e1352a052a8d064811fa0N.exe
.dll windows:6 windows x64 arch:x64

7444a9b4718fce718c841f95ee828083

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:72:4a:5a:37:5a:2b:01:3a:1e:4b:6c:60:a7:c2:e5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

23/07/2021, 00:00

Not After

24/07/2024, 23:59

Subject

CN=NVIDIA Corporation,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

a0:3d:72:6d:f7:90:67:f9
Certificate

Issuer

CN=NVIDIA Corporation NVS Root,OU=IT-MIS,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Not Before

10/03/2022, 18:04

Not After

07/03/2032, 18:04

Subject

CN=NVIDIA Corporation NVS Root,OU=IT-MIS,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

19/01/2024, 16:46

Not After

01/06/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ec
Signer

Actual PE Digest

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ec

Digest Algorithm

sha256

PE Digest Matches

true

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ec
Signer

Actual PE Digest

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ec

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\7kmo3Q93X\0\streamline\sdk\_artifacts\sl.interposer\Production_x64\sl.interposer.pdb

Imports

dbghelp

MiniDumpWriteDump

kernel32

GetModuleFileNameW
CreateFileW
GetCurrentThreadId
GetLastError
CloseHandle
GetCurrentProcessId
VirtualProtect
LoadLibraryW
FlushInstructionCache
LoadLibraryA
GetProcAddress
SetThreadDescription
SetConsoleTextAttribute
SetConsoleTitleA
GetStdHandle
WriteConsoleA
OutputDebugStringA
SetThreadPriority
GetConsoleWindow
AllocConsole
GetStartupInfoW
ReadFile
CreatePipe
PeekNamedPipe
WaitForSingleObject
CreateProcessW
GetCurrentProcess
LocalAlloc
LocalFree
LoadLibraryExW
OutputDebugStringW
Sleep
GetSystemDirectoryW
GetFileAttributesW
GetModuleHandleW
SetLastError
GetModuleFileNameA
VerifyVersionInfoW
VerSetConditionMask
GetFullPathNameW
DisableThreadLibraryCalls
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetModuleHandleA
IsDebuggerPresent
FreeLibrary
QueryPerformanceCounter
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
GetSystemTimeAsFileTime
FormatMessageA
GetLocaleInfoEx
CreateDirectoryW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
AreFileApisANSI
CopyFileW
GetFileInformationByHandleEx
WideCharToMultiByte
ReleaseSRWLockExclusive
InitializeSListHead

user32

SetWindowPos
MonitorFromWindow
GetWindowRect
EnumDisplayMonitors
GetMonitorInfoA

advapi32

RegOpenKeyExW
RegGetValueW
RegCloseKey

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

msvcp140

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Syserror_map@std@@YAPEBDH@Z
_Xtime_get_ticks
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
_Cnd_signal
_Cnd_init_in_situ
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?uncaught_exceptions@std@@YAHXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
_Cnd_timedwait
_Cnd_do_broadcast_at_thread_exit
_Cnd_wait
_Thrd_id
_Thrd_join
_Cnd_broadcast
_Cnd_destroy_in_situ
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
_Thrd_detach
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Mtx_unlock
_Query_perf_counter
_Mtx_lock
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Throw_Cpp_error@std@@YAXH@Z
_Query_perf_frequency
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memmove
memchr
__std_type_info_destroy_list
__C_specific_handler
__std_exception_destroy
__std_exception_copy
__std_terminate
__std_type_info_hash
strstr
memset
wcsrchr
wcsstr
memcmp
memcpy
__current_exception
__current_exception_context
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-convert-l1-1-0

strtod
strtoll
strtoull

api-ms-win-crt-string-l1-1-0

strcmp
isalpha
strcpy_s
_wcsnicmp
_wcsicmp
strncmp
isdigit

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_cexit
_errno
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e
terminate
abort
_beginthreadex

api-ms-win-crt-stdio-l1-1-0

fclose
fflush
_wfsopen
fputs
__stdio_common_vsprintf
__stdio_common_vfprintf
fgets
__acrt_iob_func
__stdio_common_vsscanf

api-ms-win-crt-time-l1-1-0

_time64
_localtime64_s

api-ms-win-crt-math-l1-1-0

_dsign
ceilf

Exports

Exports

CreateDXGIFactory
CreateDXGIFactory1
CreateDXGIFactory2
D3D11CreateDevice
D3D11CreateDeviceAndSwapChain
D3D12CreateDevice
D3D12CreateRootSignatureDeserializer
D3D12CreateVersionedRootSignatureDeserializer
D3D12EnableExperimentalFeatures
D3D12GetDebugInterface
D3D12GetInterface
D3D12SerializeRootSignature
D3D12SerializeVersionedRootSignature
DXGIGetDebugInterface1
slAllocateResources
slEvaluateFeature
slFreeResources
slGetFeatureFunction
slGetFeatureRequirements
slGetFeatureVersion
slGetNativeInterface
slGetNewFrameToken
slInit
slIsFeatureLoaded
slIsFeatureSupported
slSetConstants
slSetD3DDevice
slSetFeatureLoaded
slSetTag
slSetVulkanInfo
slShutdown
slUpgradeInterface
vkAcquireNextImageKHR
vkAllocateCommandBuffers
vkAllocateDescriptorSets
vkAllocateMemory
vkBeginCommandBuffer
vkBindBufferMemory
vkBindBufferMemory2
vkBindImageMemory
vkBindImageMemory2
vkCmdBeginQuery
vkCmdBeginRenderPass
vkCmdBeginRenderPass2
vkCmdBeginRendering
vkCmdBindDescriptorSets
vkCmdBindIndexBuffer
vkCmdBindPipeline
vkCmdBindVertexBuffers
vkCmdBindVertexBuffers2
vkCmdBlitImage
vkCmdBlitImage2
vkCmdClearAttachments
vkCmdClearColorImage
vkCmdClearDepthStencilImage
vkCmdCopyBuffer
vkCmdCopyBuffer2
vkCmdCopyBufferToImage
vkCmdCopyBufferToImage2
vkCmdCopyImage
vkCmdCopyImage2
vkCmdCopyImageToBuffer
vkCmdCopyImageToBuffer2
vkCmdCopyQueryPoolResults
vkCmdDispatch
vkCmdDispatchBase
vkCmdDispatchIndirect
vkCmdDraw
vkCmdDrawIndexed
vkCmdDrawIndexedIndirect
vkCmdDrawIndexedIndirectCount
vkCmdDrawIndirect
vkCmdDrawIndirectCount
vkCmdEndQuery
vkCmdEndRenderPass
vkCmdEndRenderPass2
vkCmdEndRendering
vkCmdExecuteCommands
vkCmdFillBuffer
vkCmdNextSubpass
vkCmdNextSubpass2
vkCmdPipelineBarrier
vkCmdPipelineBarrier2
vkCmdPushConstants
vkCmdResetEvent
vkCmdResetEvent2
vkCmdResetQueryPool
vkCmdResolveImage
vkCmdResolveImage2
vkCmdSetBlendConstants
vkCmdSetCullMode
vkCmdSetDepthBias
vkCmdSetDepthBiasEnable
vkCmdSetDepthBounds
vkCmdSetDepthBoundsTestEnable
vkCmdSetDepthCompareOp
vkCmdSetDepthTestEnable
vkCmdSetDepthWriteEnable
vkCmdSetDeviceMask
vkCmdSetEvent
vkCmdSetEvent2
vkCmdSetFrontFace
vkCmdSetLineWidth
vkCmdSetPrimitiveRestartEnable
vkCmdSetPrimitiveTopology
vkCmdSetRasterizerDiscardEnable
vkCmdSetScissor
vkCmdSetScissorWithCount
vkCmdSetStencilCompareMask
vkCmdSetStencilOp
vkCmdSetStencilReference
vkCmdSetStencilTestEnable
vkCmdSetStencilWriteMask
vkCmdSetViewport
vkCmdSetViewportWithCount
vkCmdUpdateBuffer
vkCmdWaitEvents
vkCmdWaitEvents2
vkCmdWriteTimestamp
vkCmdWriteTimestamp2
vkCreateBuffer
vkCreateBufferView
vkCreateCommandPool
vkCreateComputePipelines
vkCreateDescriptorPool
vkCreateDescriptorSetLayout
vkCreateDescriptorUpdateTemplate
vkCreateDevice
vkCreateEvent
vkCreateFence
vkCreateFramebuffer
vkCreateGraphicsPipelines
vkCreateImage
vkCreateImageView
vkCreateInstance
vkCreatePipelineCache
vkCreatePipelineLayout
vkCreatePrivateDataSlot
vkCreateQueryPool
vkCreateRenderPass
vkCreateRenderPass2
vkCreateSampler
vkCreateSamplerYcbcrConversion
vkCreateSemaphore
vkCreateShaderModule
vkCreateSwapchainKHR
vkCreateWin32SurfaceKHR
vkDestroyBuffer
vkDestroyBufferView
vkDestroyCommandPool
vkDestroyDescriptorPool
vkDestroyDescriptorSetLayout
vkDestroyDescriptorUpdateTemplate
vkDestroyDevice
vkDestroyEvent
vkDestroyFence
vkDestroyFramebuffer
vkDestroyImage
vkDestroyImageView
vkDestroyInstance
vkDestroyPipeline
vkDestroyPipelineCache
vkDestroyPipelineLayout
vkDestroyPrivateDataSlot
vkDestroyQueryPool
vkDestroyRenderPass
vkDestroySampler
vkDestroySamplerYcbcrConversion
vkDestroySemaphore
vkDestroyShaderModule
vkDestroySurfaceKHR
vkDestroySwapchainKHR
vkDeviceWaitIdle
vkEndCommandBuffer
vkEnumerateDeviceExtensionProperties
vkEnumerateDeviceLayerProperties
vkEnumerateInstanceExtensionProperties
vkEnumerateInstanceLayerProperties
vkEnumerateInstanceVersion
vkEnumeratePhysicalDeviceGroups
vkEnumeratePhysicalDevices
vkFlushMappedMemoryRanges
vkFreeCommandBuffers
vkFreeDescriptorSets
vkFreeMemory
vkGetBufferDeviceAddress
vkGetBufferMemoryRequirements
vkGetBufferMemoryRequirements2
vkGetBufferOpaqueCaptureAddress
vkGetDescriptorSetLayoutSupport
vkGetDeviceBufferMemoryRequirements
vkGetDeviceGroupPeerMemoryFeatures
vkGetDeviceImageMemoryRequirements
vkGetDeviceImageSparseMemoryRequirements
vkGetDeviceMemoryCommitment
vkGetDeviceMemoryOpaqueCaptureAddress
vkGetDeviceProcAddr
vkGetDeviceQueue
vkGetDeviceQueue2
vkGetEventStatus
vkGetFenceStatus
vkGetImageMemoryRequirements
vkGetImageMemoryRequirements2
vkGetImageMemoryRequirements2KHR
vkGetImageSparseMemoryRequirements
vkGetImageSparseMemoryRequirements2
vkGetImageSubresourceLayout
vkGetInstanceProcAddr
vkGetPhysicalDeviceExternalBufferProperties
vkGetPhysicalDeviceExternalFenceProperties
vkGetPhysicalDeviceExternalSemaphoreProperties
vkGetPhysicalDeviceFeatures
vkGetPhysicalDeviceFeatures2
vkGetPhysicalDeviceFeatures2KHR
vkGetPhysicalDeviceFormatProperties
vkGetPhysicalDeviceFormatProperties2
vkGetPhysicalDeviceImageFormatProperties
vkGetPhysicalDeviceImageFormatProperties2
vkGetPhysicalDeviceMemoryProperties
vkGetPhysicalDeviceMemoryProperties2
vkGetPhysicalDeviceProperties
vkGetPhysicalDeviceProperties2
vkGetPhysicalDeviceProperties2KHR
vkGetPhysicalDeviceQueueFamilyProperties
vkGetPhysicalDeviceQueueFamilyProperties2
vkGetPhysicalDeviceSparseImageFormatProperties
vkGetPhysicalDeviceSparseImageFormatProperties2
vkGetPhysicalDeviceSurfaceCapabilitiesKHR
vkGetPhysicalDeviceSurfaceFormatsKHR
vkGetPhysicalDeviceSurfacePresentModesKHR
vkGetPhysicalDeviceSurfaceSupportKHR
vkGetPhysicalDeviceToolProperties
vkGetPipelineCacheData
vkGetPrivateData
vkGetQueryPoolResults
vkGetRenderAreaGranularity
vkGetSemaphoreCounterValue
vkGetSwapchainImagesKHR
vkInvalidateMappedMemoryRanges
vkMapMemory
vkMergePipelineCaches
vkQueueBindSparse
vkQueuePresentKHR
vkQueueSubmit
vkQueueSubmit2
vkQueueWaitIdle
vkResetCommandBuffer
vkResetCommandPool
vkResetDescriptorPool
vkResetEvent
vkResetFences
vkResetQueryPool
vkSetEvent
vkSetPrivateData
vkSignalSemaphore
vkTrimCommandPool
vkUnmapMemory
vkUpdateDescriptorSetWithTemplate
vkUpdateDescriptorSets
vkWaitForFences
vkWaitSemaphores

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7444a9b4718fce718c841f95ee828083

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:72:4a:5a:37:5a:2b:01:3a:1e:4b:6c:60:a7:c2:e5Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04Certificate

Extended Key Usages

Key Usages

a0:3d:72:6d:f7:90:67:f9Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04Certificate

Extended Key Usages

Key Usages

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ecSigner

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ecSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dbghelp

kernel32

user32

advapi32

shell32

ole32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 105KB - Virtual size: 104KB

.data Size: 8KB - Virtual size: 19KB

.pdata Size: 13KB - Virtual size: 13KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:72:4a:5a:37:5a:2b:01:3a:1e:4b:6c:60:a7:c2:e5
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

a0:3d:72:6d:f7:90:67:f9
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

07:d7:13:53:da:25:61:b4:61:e9:90:47:8a:4c:ce:04
Certificate

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ec
Signer

21:ad:6f:0a:fd:d5:cc:33:a0:3e:83:5a:52:3c:ea:8d:e6:48:75:10:52:37:c2:79:d5:8e:ba:52:1f:26:e7:ec
Signer

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 105KB - Virtual size: 104KB

.data
Size: 8KB - Virtual size: 19KB

.pdata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB