b119676189716eddbeaf522fcb9f9b13c24e9f9c1c9b3b698d352ea3d8ace5e7

Sharing

Copy URL Twitter E-mail

General

Target

b119676189716eddbeaf522fcb9f9b13c24e9f9c1c9b3b698d352ea3d8ace5e7
Size

213KB
MD5

129fc4dbf8992d6a22e88a53e93a8cb2
SHA1

12674b0497192ea1bc64e565414fb8f8ffcc17e4
SHA256

b119676189716eddbeaf522fcb9f9b13c24e9f9c1c9b3b698d352ea3d8ace5e7
SHA512

bd2462f8b058fde9ca9912bed5a4b6a56d322f9411dfbc0a1a0b639249774c638fa5d72ed2a4401eb48e72ff031e45599fe9a0db8059ee0f8e9dfab900a29a82
SSDEEP

6144:rY23/sERdN9OqXPjdXT+KENm2eK7mnoUSgpAY8ODcDcm7cIshrYKW63F:c23/TXrdXHYKH1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b119676189716eddbeaf522fcb9f9b13c24e9f9c1c9b3b698d352ea3d8ace5e7

Files

b119676189716eddbeaf522fcb9f9b13c24e9f9c1c9b3b698d352ea3d8ace5e7
.dll windows:6 windows x86 arch:x86

0aef7c1553b781a01ed57377396a55a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\constructicon\builds\gfx\three\18.40\drivers\pxproxy\ogl\thunkpx\build\wNow\B_rel\atigktxx.pdb

Imports

kernel32

Sleep
LoadLibraryExA
GetModuleHandleA
FreeLibrary
WaitForSingleObject
GetCurrentThreadId
GetExitCodeThread
GetModuleFileNameA
CloseHandle
DeleteCriticalSection
CreateEventA
CreateFileW
DecodePointer
LeaveCriticalSection
SetEvent
EnterCriticalSection
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
InitializeCriticalSection
GetProcAddress
LoadLibraryA
VerifyVersionInfoA
SetLastError
GetModuleFileNameW
GetLastError
LoadLibraryW
VerSetConditionMask
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
EncodePointer
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
CompareStringW
LCMapStringW
GetStdHandle
GetFileType
WideCharToMultiByte
MultiByteToWideChar
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
GetStringTypeW
SetFilePointerEx
SetStdHandle
WriteConsoleW

user32

EnumDisplayDevicesA

gdi32

CreateDCA
DeleteDC

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

DisableSubmitThread
DllMain
GetD3DKMTProcAddress
IsOglCacheLocked
SetThunkProxyBypassMode
XopGetNumAdapters
XopGetRealDeviceId
XopOpenLinkedAdapter
XopQueryAdaptersOgl
XopSetAdapterIndex
XopSetGlobalsOgl

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0aef7c1553b781a01ed57377396a55a4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

version

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 171KB

.data Size: 2KB - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 172KB - Virtual size: 171KB

.data
Size: 2KB - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB