c28259c522c26af2a65ebfc98b3ba07826cae0d96a24501149f052641aeeb55e

Sharing

Copy URL

Twitter E-mail

General

Target

c28259c522c26af2a65ebfc98b3ba07826cae0d96a24501149f052641aeeb55e
Size

2.8MB
MD5

e58241d70356298c92a817c287f06842
SHA1

62440f5fdaa766f21e9fcef0cca8ccfc2d09b076
SHA256

c28259c522c26af2a65ebfc98b3ba07826cae0d96a24501149f052641aeeb55e
SHA512

8c1bbdcdd1000eeaced5a44edd6581830603c9c7f9bdc27a1c8b1033d5ea70feb5e84fbc1c6208c47841ad7c49008ef7724a7daef4170df15be0236fa8b30f79
SSDEEP

49152:C6VvDyjbA5HSyUALaDH/QRiHfKHiiNFiMMPd6:Cck+cxA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c28259c522c26af2a65ebfc98b3ba07826cae0d96a24501149f052641aeeb55e

Files

c28259c522c26af2a65ebfc98b3ba07826cae0d96a24501149f052641aeeb55e
.dll windows:6 windows x64 arch:x64

efe4502e4959b35e06f7d3e49bef43e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\constructicon\builds\gfx\one\17.50\drivers\amf\stable\build\runtime\build\wNow64a\B_rel\amfrt64.pdb

Imports

kernel32

VirtualFree
InitializeCriticalSection
LoadLibraryW
Sleep
LeaveCriticalSection
ReleaseSemaphore
GetProcAddress
VirtualAlloc
EnterCriticalSection
ResetEvent
CreateSemaphoreW
CreateEventW
QueryPerformanceFrequency
DeleteCriticalSection
ReleaseMutex
CloseHandle
VerSetConditionMask
CreateDirectoryW
OutputDebugStringW
GetModuleFileNameW
VerifyVersionInfoW
GetLastError
GetCurrentDirectoryW
GetCurrentThreadId
GetModuleHandleW
InitializeCriticalSectionEx
RaiseException
DecodePointer
GetVersionExW
GetLocalTime
LocalFree
SetEnvironmentVariableA
GetTickCount
SetEnvironmentVariableW
LoadLibraryExW
SetEvent
WaitForSingleObject
QueryPerformanceCounter
FreeLibrary
CreateMutexW
MultiByteToWideChar
GetCurrentProcessId
GetModuleFileNameA
FlushFileBuffers
WriteConsoleW
SetEndOfFile
SetStdHandle
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStdHandle
GetProcessHeap
GetOEMCP
IsValidCodePage
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
WideCharToMultiByte
GetStringTypeW
EncodePointer
GetSystemTimeAsFileTime
GetACP
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
ResumeThread
FindFirstFileExW
FindClose
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDriveTypeW
GetTimeZoneInformation
HeapReAlloc
ReadFile
SetFilePointerEx
CreateFileW
GetFileType
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
GetCommandLineA
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc

user32

GetDesktopWindow
ReleaseDC
GetDC
GetClientRect

gdi32

DeleteDC
CreateDCW
ChoosePixelFormat
SetPixelFormat
SwapBuffers

ole32

CoTaskMemAlloc
CoTaskMemFree

dxva2

DXVA2CreateVideoService

setupapi

SetupDiGetClassDevsW
SetupDiSetSelectedDriverW
SetupDiGetSelectedDriverW
SetupDiBuildDriverInfoList
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDriverInfoW

d3d9

Direct3DCreate9Ex

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

opengl32

glBindTexture
glGetTexLevelParameteriv
glTexImage2D
wglCreateContext
glDeleteTextures
glGetError
glGetTexImage
wglGetCurrentDC
wglMakeCurrent
glTexParameteri
glGenTextures
wglDeleteContext
wglGetCurrentContext

glu32

gluErrorString

Exports

Exports

AMFGetPerformanceMonitor
AMFGetPerformanceMonitorLogger
AMFInit
AMFQueryVersion
DllMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efe4502e4959b35e06f7d3e49bef43e9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

dxva2

setupapi

d3d9

d3d11

dxgi

opengl32

glu32

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 36KB - Virtual size: 65KB

.pdata Size: 48KB - Virtual size: 47KB

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 36KB - Virtual size: 65KB

.pdata
Size: 48KB - Virtual size: 47KB

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 15KB - Virtual size: 15KB