a0f0dce23588e7ea6eb12e365a85a9fbce2fa44e2745a43334e06ab2dbafbf18

Sharing

Copy URL Twitter E-mail

General

Target

a0f0dce23588e7ea6eb12e365a85a9fbce2fa44e2745a43334e06ab2dbafbf18
Size

134KB
MD5

cc047e931e9f2756e930a53736c1391d
SHA1

e44a94cb59d5962bd4a80beae11ee2088ba169f9
SHA256

a0f0dce23588e7ea6eb12e365a85a9fbce2fa44e2745a43334e06ab2dbafbf18
SHA512

194b8270c758b3e70c3332be49cc6c552d98ec1dcbd3fa8ba94e23b41f59e01b8a9510f674e934f9585dc643b97ae6b125e646d302dc7bcf6b52510446517fa0
SSDEEP

3072:M3839ZD+/k1AlPWll50COVWn4zQ+iH+V4f578cxd8T:yUEc8PXCEJMC4f57Ld6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0f0dce23588e7ea6eb12e365a85a9fbce2fa44e2745a43334e06ab2dbafbf18

Files

a0f0dce23588e7ea6eb12e365a85a9fbce2fa44e2745a43334e06ab2dbafbf18
.dll windows:6 windows x86 arch:x86

77aa7e604903f204f0f677ef7e1c8d41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\constructicon\builds\gfx\five\18.50\drivers\mantle\amdextlib\build\wNow\dll\B_rel\mantleaxl32.pdb

Imports

kernel32

InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryA
CreateFileW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
InterlockedFlushSList
RaiseException
GetLastError
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DecodePointer
CloseHandle
WriteConsoleW

Exports

Exports

DllMain
grAddEmulatedPrivateDisplay
grAddPerfExperimentCounter
grAddPerfExperimentTrace
grBlankPrivateDisplay
grCalibrateGpuTimestamp
grCmdBeginPerfExperiment
grCmdBindBorderColorPalette
grCmdBindUserData
grCmdCopyOcclusionData
grCmdCopyRegisterToMemory
grCmdDispatchOffset
grCmdDispatchOffsetIndirect
grCmdElse
grCmdEndIf
grCmdEndPerfExperiment
grCmdEndWhile
grCmdIf
grCmdInsertTraceMarker
grCmdResetMemoryPredication
grCmdResetOcclusionPredication
grCmdSetMemoryPredication
grCmdSetOcclusionPredication
grCmdWaitMemoryValue
grCmdWaitRegisterValue
grCmdWhile
grCreateAdvancedMsaaState
grCreateBorderColorPalette
grCreateFmaskImageView
grCreatePerfExperiment
grCreatePrivateDisplayImage
grCreateVirtualDisplay
grDestroyVirtualDisplay
grDisablePrivateDisplay
grEnablePrivateDisplay
grEnablePrivateDisplayAudio
grFinalizePerfExperiment
grGetExtensionLibraryVersion
grGetPrivateDisplayScanLine
grGetPrivateDisplays
grGetVirtualDisplayProperties
grOpenExternalSharedPrivateDisplayImage
grPrivateDisplayPresent
grQueueDelay
grQueueDelayAfterVsync
grQueueMigrateObjects
grQueueSetExecutionPriority
grRegisterPowerEvent
grRegisterPrivateDisplayEvent
grRemoveEmulatedPrivateDisplay
grSetEventAfterVsync
grSetPowerDefaultPerformance
grSetPowerProfile
grSetPowerRegions
grSetPrivateDisplayPowerMode
grSetPrivateDisplaySettings
grUpdateBorderColorPalette
grWinAllocMemory
grWinOpenExternalSharedImage
grWinOpenExternalSharedMemory
grWinOpenExternalSharedQueueSemaphore

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77aa7e604903f204f0f677ef7e1c8d41

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB