NoThreatDetected-7015c2c4cbc6674661170f6843256131f18af19213032eba4f325cb3dcc60256N

Sharing

Copy URL Twitter E-mail

General

Target

NoThreatDetected-7015c2c4cbc6674661170f6843256131f18af19213032eba4f325cb3dcc60256N
Size

3.5MB
MD5

f1f5978eb185e9284c68588735050800
SHA1

10d9e3bfceb0e9d0cdb9c1501e34185f45eaaebe
SHA256

7015c2c4cbc6674661170f6843256131f18af19213032eba4f325cb3dcc60256
SHA512

0d5efeb2d696966f340ecd06be242ff1e7b595bf44d2f4d4e3f2fd851897cdda3fee2b06483bc8fd840b630c6686f90bd170391af579f657d2d8dc1c4dff5285
SSDEEP

49152:nk9SMhQ8AH3QqcwSwGVQeqy0xWDZ3+jsfcWojIwJE9qto3ySx3+YIO:k9Qy/ASxF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NoThreatDetected-7015c2c4cbc6674661170f6843256131f18af19213032eba4f325cb3dcc60256N

Files

NoThreatDetected-7015c2c4cbc6674661170f6843256131f18af19213032eba4f325cb3dcc60256N
.dll windows:6 windows x64 arch:x64

4b9172c257d3475eb2cd7d8197207a5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\constructicon\builds\gfx\one\18.30\drivers\amf\stable\build\runtime\build\wNow64a\B_rel\amfrt64.pdb

Imports

kernel32

DeleteCriticalSection
LoadLibraryW
GetProcAddress
FreeLibrary
GetVersionExW
SetEnvironmentVariableW
GetLocalTime
EnterCriticalSection
VirtualFree
ReleaseSemaphore
VirtualAlloc
LeaveCriticalSection
InitializeCriticalSection
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateEventW
Sleep
SetEvent
QueryPerformanceFrequency
CloseHandle
ResetEvent
CreateSemaphoreW
QueryPerformanceCounter
GetTickCount
CreateDirectoryW
GetCurrentThreadId
OutputDebugStringW
GetCurrentDirectoryW
DecodePointer
VerifyVersionInfoW
WriteConsoleW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
RaiseException
GetLastError
InitializeCriticalSectionEx
GetModuleHandleW
GetModuleFileNameW
WideCharToMultiByte
GetFullPathNameW
HeapSize
FlushFileBuffers
SetEndOfFile
SetStdHandle
HeapReAlloc
GetStdHandle
GetOEMCP
GetACP
IsValidCodePage
HeapFree
HeapAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ExitProcess
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
VerSetConditionMask
MultiByteToWideChar
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetStringTypeW
EncodePointer
GetCPInfo
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
LocalFree
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
LoadLibraryExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
ReadFile
SetFilePointerEx
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
CreateFileW
GetFileType
GetDriveTypeW
GetFileInformationByHandle

user32

GetDesktopWindow
GetClientRect
GetDC
ReleaseDC

gdi32

SwapBuffers
CreateDCW
DeleteDC
ChoosePixelFormat
SetPixelFormat

ole32

CoTaskMemFree
CoTaskMemAlloc

dxva2

DXVA2CreateVideoService

d3d9

Direct3DCreate9Ex

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

opengl32

glTexParameteri
wglCreateContext
glDeleteTextures
glGetTexLevelParameteriv
glGenTextures
glBindTexture
wglGetCurrentContext
glGetError
wglDeleteContext
glTexImage2D
glGetTexImage
wglMakeCurrent
wglGetCurrentDC

glu32

gluErrorString

Exports

Exports

AMFGetPerformanceMonitor
AMFGetPerformanceMonitorLogger
AMFInit
AMFQueryVersion
DllMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b9172c257d3475eb2cd7d8197207a5b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

ole32

dxva2

d3d9

d3d11

dxgi

opengl32

glu32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 35KB - Virtual size: 73KB

.pdata Size: 58KB - Virtual size: 58KB

.rsrc Size: 1024B - Virtual size: 976B

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 35KB - Virtual size: 73KB

.pdata
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 1024B - Virtual size: 976B

.reloc
Size: 18KB - Virtual size: 17KB