fd4e34f9dc301bd02664272cdf127bf33dce8628249c8423ba2b1c8fab752276N

Sharing

Copy URL Twitter E-mail

General

Target

fd4e34f9dc301bd02664272cdf127bf33dce8628249c8423ba2b1c8fab752276N
Size

1.2MB
MD5

7cc5e5d5ac046832985f0d36ee335830
SHA1

cb23304bfffe643204f40bf4fa2909e6a87ab13f
SHA256

fd4e34f9dc301bd02664272cdf127bf33dce8628249c8423ba2b1c8fab752276
SHA512

90d8dc33816f8d99b3bf698e0a57c8933735ad3a0f82232e68d0daaf4f24c435caadbdde7e5d8b9df5051124479cf39328d9d97cf3fa9a8d659fdc689234f51a
SSDEEP

24576:ISffRV6sfR8k6UmWdkhas4RP1yE3bUEGPP:LV6G6UmWkMSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd4e34f9dc301bd02664272cdf127bf33dce8628249c8423ba2b1c8fab752276N

Files

fd4e34f9dc301bd02664272cdf127bf33dce8628249c8423ba2b1c8fab752276N
.dll regsvr32 windows:6 windows x86 arch:x86

dc19e9b997cc51e7d57fc3a145e53bd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\BuildAgent\work\e29d8375e7a671c2\output\bin\release\VVSDShowD3DRenderer.pdb

Imports

opencv_core453

??0Mat@cv@@QAE@HHHPAXI@Z
??0Mat@cv@@QAE@ABV01@ABV?$Rect_@H@1@@Z
??1Mat@cv@@QAE@XZ
??4Mat@cv@@QAEAAV01@$$QAV01@@Z
??0Mat@cv@@QAE@XZ

opencv_imgproc453

?resize@cv@@YAXABV_InputArray@1@ABV_OutputArray@1@V?$Size_@H@1@NNH@Z

winmm

timeSetEvent
timeGetTime
timeKillEvent
timeEndPeriod
timeBeginPeriod

d3d9

Direct3DCreate9

kernel32

DuplicateHandle
ReleaseSemaphore
WaitForMultipleObjects
GetCurrentProcess
GetSystemInfo
VirtualAlloc
VirtualFree
CreateSemaphoreA
Sleep
MulDiv
lstrcmpiA
CreateFileMappingA
WideCharToMultiByte
GetVersionExA
DisableThreadLibraryCalls
CreateThread
GetCurrentThread
SetThreadPriority
GetThreadPriority
GetTickCount
GetACP
InterlockedExchange
InterlockedCompareExchange
GetFullPathNameA
MapViewOfFile
GetFileSize
CreateFileA
CreateFileW
UnmapViewOfFile
LockResource
LoadResource
SizeofResource
FindResourceA
FindResourceW
OutputDebugStringA
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetProcAddress
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
CloseHandle
ResetEvent
GetHandleInformation
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ReleaseMutex
WaitForSingleObject
CreateMutexA
CreateEventA
GetCurrentProcessId
GetCurrentThreadId
ResumeThread
VirtualUnlock
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetLastError
UnhandledExceptionFilter
GetModuleFileNameA
lstrlenA
MultiByteToWideChar

user32

RegisterWindowMessageA
SendMessageA
RegisterClassA
SetWindowPos
IsWindowVisible
SetForegroundWindow
InvalidateRect
GetWindowRect
AdjustWindowRectEx
MapWindowPoints
GetParent
GetWindowThreadProcessId
InSendMessage
GetWindowPlacement
IsIconic
IsZoomed
GetSystemMetrics
SetWindowTextA
GetWindowTextA
SetParent
SystemParametersInfoA
wvsprintfA
GetQueueStatus
MsgWaitForMultipleObjects
SetWindowLongA
GetWindowLongA
EqualRect
OffsetRect
IntersectRect
CopyRect
SetRectEmpty
SetRect
FillRect
ClientToScreen
GetClientRect
ReleaseDC
GetDC
MoveWindow
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExA
RegisterClassExA
GetClassInfoA
DefWindowProcA
CallNextHookEx
wsprintfA
LoadIconA
DispatchMessageA
UnhookWindowsHookEx
SetWindowsHookExA
IsChild
IsWindow
PostThreadMessageA
PostMessageA
PeekMessageA
GetMessageA
LoadCursorA
IsRectEmpty
MonitorFromWindow

gdi32

StretchBlt
SetDIBitsToDevice
StretchDIBits
SetStretchBltMode
SetDIBColorTable
GetObjectA
SelectPalette
RealizePalette
GetTextExtentPoint32A
TextOutA
GetStockObject
GetDIBits
GetDeviceCaps
CreatePalette
CreateDCA
CreateCompatibleBitmap
CreateDIBSection
SetDIBits
GdiFlush
SelectClipRgn
Rectangle
ExcludeClipRect
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
BitBlt
GetSystemPaletteEntries
SelectObject

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyA
RegCloseKey
RegSetValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

SysAllocString
SysFreeString

vcruntime140

__std_exception_destroy
__std_exception_copy
strchr
_except_handler3
__RTDynamicCast
__CxxFrameHandler
__std_terminate
__std_type_info_destroy_list
_except_handler4_common
__current_exception_context
__current_exception
_CxxThrowException
memset
memcpy
__CxxFrameHandler3
_purecall
memmove

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm_e
_initterm
_controlfp
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_beginthreadex
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh
_aligned_free
_aligned_malloc

api-ms-win-crt-math-l1-1-0

_CIacos
_CIasin
_except1
_libm_sse2_pow_precise
ceil
floor
_CIcosh
_CIexp
_CIpow
_CIfmod
_CIsinh
_CItanh
_finite
_isnan
_fpclass
_ftol

api-ms-win-crt-string-l1-1-0

isdigit
isspace
_stricmp
tolower
toupper
strncmp
strncpy
_strdup
isxdigit
isalpha
isalnum

api-ms-win-crt-convert-l1-1-0

atoi
atof

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_p
__stdio_common_vswprintf_s
__stdio_common_vswprintf
__stdio_common_vfwscanf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vfwprintf
__stdio_common_vswprintf_p
__acrt_iob_func
__stdio_common_vswscanf
__stdio_common_vfprintf_s
__stdio_common_vfprintf_p
__stdio_common_vfscanf
__stdio_common_vsprintf
__stdio_common_vfprintf
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__stdio_common_vfwprintf_p
__stdio_common_vfwprintf_s

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1005KB - Virtual size: 1004KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d3dMana
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 265B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc19e9b997cc51e7d57fc3a145e53bd6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opencv_core453

opencv_imgproc453

winmm

d3d9

kernel32

user32

gdi32

advapi32

ole32

oleaut32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Exports

Exports

Sections

.text Size: 1005KB - Virtual size: 1004KB

.rdata Size: 171KB - Virtual size: 170KB

.data Size: 44KB - Virtual size: 58KB

.idata Size: 11KB - Virtual size: 10KB

.d3dMana Size: 1024B - Virtual size: 572B

.00cfg Size: 512B - Virtual size: 265B

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 1005KB - Virtual size: 1004KB

.rdata
Size: 171KB - Virtual size: 170KB

.data
Size: 44KB - Virtual size: 58KB

.idata
Size: 11KB - Virtual size: 10KB

.d3dMana
Size: 1024B - Virtual size: 572B

.00cfg
Size: 512B - Virtual size: 265B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 33KB - Virtual size: 33KB