FFXVIFix_v0[.]8[.]4[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

FFXVIFix_v0.8.4.zip
Size

635KB
MD5

17f2d4b023631ed32215fdf8d21d1623
SHA1

ade1bed47143066a9b06e73c047821134b5092e7
SHA256

b1fc408a92ac9bac20e09c8ac1e49506ed220044dad1ac94c81680b010acc983
SHA512

b78b6afc7ac2535fc3eded8976986bd5466b5e4fe9b311e8ce7b85d302a82f73c62190ab547807644f59630d76deff8a0fa7cfaff5ca0e8e3d36e68cb2441eaa
SSDEEP

12288:nKifevDoGrYH3uytga5Yo/gvwXSlB4VxyarhpqXaHaxODw:nK90GamkYEaCSroxrrfqXaHeODw

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FFXVIFix.asi
unpack001/dinput8.dll

Files

FFXVIFix_v0.8.4.zip
.zip
FFXVIFix.asi
.dll windows:6 windows x64 arch:x64

5d9b8cdf50f979438f0c61c36b92ae69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\FFXVIFix\FFXVIFix\x64\Release\FFXVIFix.pdb

Imports

kernel32

VirtualProtect
VirtualFree
GetCurrentProcess
RtlPcToFileHeader
VirtualAlloc
GetCurrentThreadId
SuspendThread
ResumeThread
CloseHandle
GetSystemInfo
GetThreadContext
GetThreadId
SetThreadContext
VirtualQuery
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
WriteConsoleA
WriteFile
GetModuleFileNameW
SetThreadPriority
Thread32Next
GetDynamicTimeZoneInformation
Thread32First
FreeLibraryAndExitThread
CreateToolhelp32Snapshot
Sleep
GetConsoleMode
CreateThread
GetProcAddress
GetCurrentProcessId
GetModuleHandleW
AllocConsole
SetEndOfFile
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
ReadConsoleW
ReadFile
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
EnumSystemLocalesW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
LocalFree
FormatMessageA
GetLocaleInfoEx
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
AreFileApisANSI
GetLastError
GetFileInformationByHandleEx
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
CompareStringEx
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RaiseException
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
ExitProcess
GetFileSizeEx
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
RtlUnwind

user32

EnumDisplaySettingsW
GetWindowLongW
DefWindowProcW
CallWindowProcW
GetWindowRect
InflateRect
SetWindowPos
SetWindowLongPtrW
SendMessageW
CallNextHookEx
RealGetWindowClassW
GetWindowLongPtrW
PeekMessageW
GetTopWindow
GetForegroundWindow
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowLongW

ntdll

NtGetNextThread

Sections

.text
Size: 558KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 579KB - Virtual size: 579KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FFXVIFix.ini
UltimateASILoader_LICENSE.md
dinput8.dll
.dll regsvr32 windows:6 windows x64 arch:x64

d595bb0009ee0aea4dc8cd1348d5b2d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\Ultimate-ASI-Loader\Ultimate-ASI-Loader\bin\x64\Release\dinput8.pdb

Imports

kernel32

GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
CloseHandle
GetLastError
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
GetProcAddress
CreateToolhelp32Snapshot
Thread32First
Thread32Next
GetCommandLineA
GetCommandLineW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileA
CreateFileW
FindClose
FindFirstFileA
FindFirstFileW
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
GetFileAttributesA
GetFileAttributesW
GetFileAttributesExA
GetFileAttributesExW
WriteFile
SetUnhandledExceptionFilter
AcquireSRWLockExclusive
CreateEventA
CreateEventW
ExitProcess
GetCurrentThread
GetStartupInfoW
GetSystemTimeAsFileTime
FreeLibrary
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
LoadLibraryExA
LoadLibraryExW
LoadLibraryA
LoadLibraryW
GetShortPathNameA
GetStartupInfoA
GetPrivateProfileIntW
GetPrivateProfileStringW
MultiByteToWideChar
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapSize
SetStdHandle
SetFilePointerEx
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReleaseSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
InitializeSListHead
LocalFree
FormatMessageA
GetLocaleInfoEx
GetFullPathNameW
AreFileApisANSI
GetFileInformationByHandleEx
WideCharToMultiByte
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCPInfo
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP

user32

SetForegroundWindow
MessageBoxW
FindWindowW
ShowCursor

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree
CoCreateInstance

dbghelp

MiniDumpWriteDump
SymInitialize
SymCleanup
SymFromAddr
SymSetOptions
StackWalk64

Exports

Exports

AppCacheCheckManifest
AppCacheCloseHandle
AppCacheCreateAndCommitFile
AppCacheDeleteGroup
AppCacheDeleteIEGroup
AppCacheDuplicateHandle
AppCacheFinalize
AppCacheFreeDownloadList
AppCacheFreeGroupList
AppCacheFreeIESpace
AppCacheFreeSpace
AppCacheGetDownloadList
AppCacheGetFallbackUrl
AppCacheGetGroupList
AppCacheGetIEGroupList
AppCacheGetInfo
AppCacheGetManifestUrl
AppCacheLookup
BinkAllocateFrameBuffers
BinkBufferBlit
BinkBufferCheckWinPos
BinkBufferClear
BinkBufferClose
BinkBufferGetDescription
BinkBufferGetError
BinkBufferLock
BinkBufferOpen
BinkBufferSetDirectDraw
BinkBufferSetHWND
BinkBufferSetOffset
BinkBufferSetResolution
BinkBufferSetScale
BinkBufferUnlock
BinkCheckCursor
BinkClose
BinkCloseTrack
BinkControlBackgroundIO
BinkControlPlatformFeatures
BinkCopyToBuffer
BinkCopyToBufferRect
BinkCurrentSubtitle
BinkDDSurfaceType
BinkDX8SurfaceType
BinkDX9SurfaceType
BinkDoFrame
BinkDoFrameAsync
BinkDoFrameAsyncMulti
BinkDoFrameAsyncWait
BinkDoFramePlane
BinkFindXAudio2WinDevice
BinkFreeGlobals
BinkGetError
BinkGetFrameBuffersInfo
BinkGetGPUDataBuffersInfo
BinkGetKeyFrame
BinkGetPalette
BinkGetPlatformInfo
BinkGetRealtime
BinkGetRects
BinkGetSubtitleByIndex
BinkGetSummary
BinkGetTrackData
BinkGetTrackID
BinkGetTrackMaxSize
BinkGetTrackType
BinkGoto
BinkIsSoftwareCursor
BinkLoadSubtitles
BinkLogoAddress
BinkNextFrame
BinkOpen
BinkOpenDirectSound
BinkOpenMiles
BinkOpenTrack
BinkOpenWaveOut
BinkOpenWithOptions
BinkOpenXAudio2
BinkOpenXAudio27
BinkOpenXAudio28
BinkOpenXAudio29
BinkPause
BinkRegisterFrameBuffers
BinkRegisterGPUDataBuffers
BinkRequestStopAsyncThread
BinkRequestStopAsyncThreadsMulti
BinkRestoreCursor
BinkService
BinkServiceSound
BinkSetError
BinkSetFileOffset
BinkSetFrameRate
BinkSetIO
BinkSetIOSize
BinkSetMemory
BinkSetOSFileCallbacks
BinkSetPan
BinkSetSimulate
BinkSetSoundOnOff
BinkSetSoundSystem
BinkSetSoundSystem2
BinkSetSoundTrack
BinkSetSpeakerVolumes
BinkSetVideoOnOff
BinkSetVolume
BinkSetWillLoop
BinkShouldSkip
BinkStartAsyncThread
BinkUtilCPUs
BinkUtilFree
BinkUtilMalloc
BinkUtilMutexCreate
BinkUtilMutexDestroy
BinkUtilMutexLock
BinkUtilMutexLockTimeOut
BinkUtilMutexUnlock
BinkUtilSoundGlobalLock
BinkUtilSoundGlobalUnlock
BinkWait
BinkWaitStopAsyncThread
BinkWaitStopAsyncThreadsMulti
CloseDriver
CommitUrlCacheEntryA
CommitUrlCacheEntryBinaryBlob
CommitUrlCacheEntryW
CreateDirect3D11DeviceFromDXGIDevice
CreateDirect3D11SurfaceFromDXGISurface
CreateMD5SSOHash
CreateUrlCacheContainerA
CreateUrlCacheContainerW
CreateUrlCacheEntryA
CreateUrlCacheEntryExW
CreateUrlCacheEntryW
CreateUrlCacheGroup
D3D10CompileEffectFromMemory
D3D10CompileShader
D3D10CreateBlob
D3D10CreateDevice
D3D10CreateDeviceAndSwapChain
D3D10CreateEffectFromMemory
D3D10CreateEffectPoolFromMemory
D3D10CreateStateBlock
D3D10DisassembleEffect
D3D10DisassembleShader
D3D10GetGeometryShaderProfile
D3D10GetInputAndOutputSignatureBlob
D3D10GetInputSignatureBlob
D3D10GetOutputSignatureBlob
D3D10GetPixelShaderProfile
D3D10GetShaderDebugInfo
D3D10GetVersion
D3D10GetVertexShaderProfile
D3D10PreprocessShader
D3D10ReflectShader
D3D10RegisterLayers
D3D10StateBlockMaskDifference
D3D10StateBlockMaskDisableAll
D3D10StateBlockMaskDisableCapture
D3D10StateBlockMaskEnableAll
D3D10StateBlockMaskEnableCapture
D3D10StateBlockMaskGetSetting
D3D10StateBlockMaskIntersect
D3D10StateBlockMaskUnion
D3D11CoreCreateDevice
D3D11CoreCreateLayeredDevice
D3D11CoreGetLayeredDeviceSize
D3D11CoreRegisterLayers
D3D11CreateDevice
D3D11CreateDeviceAndSwapChain
D3D11CreateDeviceForD3D12
D3D11On12CreateDevice
D3D12CoreCreateLayeredDevice
D3D12CoreGetLayeredDeviceSize
D3D12CoreRegisterLayers
D3D12CreateDevice
D3D12CreateRootSignatureDeserializer
D3D12CreateVersionedRootSignatureDeserializer
D3D12DeviceRemovedExtendedData
D3D12EnableExperimentalFeatures
D3D12GetDebugInterface
D3D12GetInterface
D3D12PIXEventsReplaceBlock
D3D12PIXGetThreadInfo
D3D12PIXNotifyWakeFromFenceSignal
D3D12PIXReportCounter
D3D12SerializeRootSignature
D3D12SerializeVersionedRootSignature
D3DKMTCloseAdapter
D3DKMTCreateAllocation
D3DKMTCreateContext
D3DKMTCreateDevice
D3DKMTCreateSynchronizationObject
D3DKMTDestroyAllocation
D3DKMTDestroyContext
D3DKMTDestroyDevice
D3DKMTDestroySynchronizationObject
D3DKMTEscape
D3DKMTGetContextSchedulingPriority
D3DKMTGetDeviceState
D3DKMTGetDisplayModeList
D3DKMTGetMultisampleMethodList
D3DKMTGetRuntimeData
D3DKMTGetSharedPrimaryHandle
D3DKMTLock
D3DKMTOpenAdapterFromHdc
D3DKMTOpenResource
D3DKMTPresent
D3DKMTQueryAdapterInfo
D3DKMTQueryAllocationResidency
D3DKMTQueryResourceInfo
D3DKMTRender
D3DKMTSetAllocationPriority
D3DKMTSetContextSchedulingPriority
D3DKMTSetDisplayMode
D3DKMTSetDisplayPrivateDriverFormat
D3DKMTSetGammaRamp
D3DKMTSetVidPnSourceOwner
D3DKMTSignalSynchronizationObject
D3DKMTUnlock
D3DKMTWaitForSynchronizationObject
D3DKMTWaitForVerticalBlankEvent
D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_QueryRepeatFrame
D3DPERF_SetMarker
D3DPERF_SetOptions
D3DPERF_SetRegion
D3DPerformance_BeginEvent
D3DPerformance_EndEvent
D3DPerformance_GetStatus
D3DPerformance_SetMarker
DebugSetLevel
DebugSetMute
DefDriverProc
DeleteIE3Cache
DeleteUrlCacheContainerA
DeleteUrlCacheContainerW
DeleteUrlCacheEntry
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
DeleteUrlCacheGroup
DeleteWpadCacheForNetworks
DetectAutoProxyUrl
Direct3D9EnableMaximizedWindowedModeShim
Direct3DCreate9
Direct3DCreate9Ex
Direct3DCreate9On12
Direct3DCreate9On12Ex
Direct3DShaderValidatorCreate9
DirectInput8Create
DirectSoundCaptureCreate
DirectSoundCaptureCreate8
DirectSoundCaptureEnumerateA
DirectSoundCaptureEnumerateW
DirectSoundCreate
DirectSoundCreate8
DirectSoundEnumerateA
DirectSoundEnumerateW
DirectSoundFullDuplexCreate
DispatchAPICall
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
DriverCallback
DrvGetModuleHandle
EnableFeatureLevelUpgrade
FindCloseUrlCache
FindFirstUrlCacheContainerA
FindFirstUrlCacheContainerW
FindFirstUrlCacheEntryA
FindFirstUrlCacheEntryExA
FindFirstUrlCacheEntryExW
FindFirstUrlCacheEntryW
FindFirstUrlCacheGroup
FindNextUrlCacheContainerA
FindNextUrlCacheContainerW
FindNextUrlCacheEntryA
FindNextUrlCacheEntryExA
FindNextUrlCacheEntryExW
FindNextUrlCacheEntryW
FindNextUrlCacheGroup
ForceNexusLookup
ForceNexusLookupExW
FreeUrlCacheSpaceA
FreeUrlCacheSpaceW
FtpCommandA
FtpCommandW
FtpCreateDirectoryA
FtpCreateDirectoryW
FtpDeleteFileA
FtpDeleteFileW
FtpFindFirstFileA
FtpFindFirstFileW
FtpGetCurrentDirectoryA
FtpGetCurrentDirectoryW
FtpGetFileA
FtpGetFileEx
FtpGetFileSize
FtpGetFileW
FtpOpenFileA
FtpOpenFileW
FtpPutFileA
FtpPutFileEx
FtpPutFileW
FtpRemoveDirectoryA
FtpRemoveDirectoryW
FtpRenameFileA
FtpRenameFileW
FtpSetCurrentDirectoryA
FtpSetCurrentDirectoryW
GetBehaviorValue
GetDeviceID
GetDriverModuleHandle
GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetMemoryModule
GetOverloadedFilePathA
GetOverloadedFilePathW
GetProxyDllInfo
GetUrlCacheConfigInfoA
GetUrlCacheConfigInfoW
GetUrlCacheEntryBinaryBlob
GetUrlCacheEntryInfoA
GetUrlCacheEntryInfoExA
GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoW
GetUrlCacheGroupAttributeA
GetUrlCacheGroupAttributeW
GetUrlCacheHeaderData
GopherCreateLocatorA
GopherCreateLocatorW
GopherFindFirstFileA
GopherFindFirstFileW
GopherGetAttributeA
GopherGetAttributeW
GopherGetLocatorTypeA
GopherGetLocatorTypeW
GopherOpenFileA
GopherOpenFileW
HttpAddRequestHeadersA
HttpAddRequestHeadersW
HttpCheckDavCompliance
HttpCloseDependencyHandle
HttpDuplicateDependencyHandle
HttpEndRequestA
HttpEndRequestW
HttpGetServerCredentials
HttpGetTunnelSocket
HttpIsHostHstsEnabled
HttpOpenDependencyHandle
HttpOpenRequestA
HttpOpenRequestW
HttpPushClose
HttpPushEnable
HttpPushWait
HttpQueryInfoA
HttpQueryInfoW
HttpSendRequestA
HttpSendRequestExA
HttpSendRequestExW
HttpSendRequestW
HttpWebSocketClose
HttpWebSocketCompleteUpgrade
HttpWebSocketQueryCloseStatus
HttpWebSocketReceive
HttpWebSocketSend
HttpWebSocketShutdown
IncrementUrlCacheHeaderData
InternetAlgIdToStringA
InternetAlgIdToStringW
InternetAttemptConnect
InternetAutodial
InternetAutodialCallback
InternetAutodialHangup
InternetCanonicalizeUrlA
InternetCanonicalizeUrlW
InternetCheckConnectionA
InternetCheckConnectionW
InternetClearAllPerSiteCookieDecisions
InternetCloseHandle
InternetCombineUrlA
InternetCombineUrlW
InternetConfirmZoneCrossing
InternetConfirmZoneCrossingA
InternetConfirmZoneCrossingW
InternetConnectA
InternetConnectW
InternetConvertUrlFromWireToWideChar
InternetCrackUrlA
InternetCrackUrlW
InternetCreateUrlA
InternetCreateUrlW
InternetDial
InternetDialA
InternetDialW
InternetEnumPerSiteCookieDecisionA
InternetEnumPerSiteCookieDecisionW
InternetErrorDlg
InternetFindNextFileA
InternetFindNextFileW
InternetFortezzaCommand
InternetFreeCookies
InternetFreeProxyInfoList
InternetGetCertByURL
InternetGetCertByURLA
InternetGetConnectedState
InternetGetConnectedStateEx
InternetGetConnectedStateExA
InternetGetConnectedStateExW
InternetGetCookieA
InternetGetCookieEx2
InternetGetCookieExA
InternetGetCookieExW
InternetGetCookieW
InternetGetLastResponseInfoA
InternetGetLastResponseInfoW
InternetGetPerSiteCookieDecisionA
InternetGetPerSiteCookieDecisionW
InternetGetProxyForUrl
InternetGetSecurityInfoByURL
InternetGetSecurityInfoByURLA
InternetGetSecurityInfoByURLW
InternetGoOnline
InternetGoOnlineA
InternetGoOnlineW
InternetHangUp
InternetInitializeAutoProxyDll
InternetLockRequestFile
InternetOpenA
InternetOpenUrlA
InternetOpenUrlW
InternetOpenW
InternetQueryDataAvailable
InternetQueryFortezzaStatus
InternetQueryOptionA
InternetQueryOptionW
InternetReadFile
InternetReadFileExA
InternetReadFileExW
InternetSecurityProtocolToStringA
InternetSecurityProtocolToStringW
InternetSetCookieA
InternetSetCookieEx2
InternetSetCookieExA
InternetSetCookieExW
InternetSetCookieW
InternetSetDialState
InternetSetDialStateA
InternetSetDialStateW
InternetSetFilePointer
InternetSetOptionA
InternetSetOptionExA
InternetSetOptionExW
InternetSetOptionW
InternetSetPerSiteCookieDecisionA
InternetSetPerSiteCookieDecisionW
InternetSetStatusCallback
InternetSetStatusCallbackA
InternetSetStatusCallbackW
InternetShowSecurityInfoByURL
InternetShowSecurityInfoByURLA
InternetShowSecurityInfoByURLW
InternetTimeFromSystemTime
InternetTimeFromSystemTimeA
InternetTimeFromSystemTimeW
InternetTimeToSystemTime
InternetTimeToSystemTimeA
InternetTimeToSystemTimeW
InternetUnlockRequestFile
InternetWriteFile
InternetWriteFileExA
InternetWriteFileExW
IsHostInProxyBypassList
IsUltimateASILoader
IsUrlCacheEntryExpiredA
IsUrlCacheEntryExpiredW
LoadUrlCacheContent
NotifyCallbackData
OpenAdapter10
OpenAdapter10_2
OpenDriver
PSGPError
PSGPSampleTexture
ParseX509EncodedCertificateForListBoxEntry
PlaySound
PlaySoundA
PlaySoundW
PrivacyGetZonePreferenceW
PrivacySetZonePreferenceW
Private1
RADTimerRead

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d9b8cdf50f979438f0c61c36b92ae69

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ntdll

Sections

.text Size: 558KB - Virtual size: 557KB

.rdata Size: 579KB - Virtual size: 579KB

.data Size: 21KB - Virtual size: 34KB

.pdata Size: 22KB - Virtual size: 21KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 9KB - Virtual size: 9KB

d595bb0009ee0aea4dc8cd1348d5b2d3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

ole32

dbghelp

Exports

Exports

Sections

.text Size: 264KB - Virtual size: 263KB

.rdata Size: 119KB - Virtual size: 118KB

.data Size: 5KB - Virtual size: 18KB

.pdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 558KB - Virtual size: 557KB

.rdata
Size: 579KB - Virtual size: 579KB

.data
Size: 21KB - Virtual size: 34KB

.pdata
Size: 22KB - Virtual size: 21KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 9KB - Virtual size: 9KB

.text
Size: 264KB - Virtual size: 263KB

.rdata
Size: 119KB - Virtual size: 118KB

.data
Size: 5KB - Virtual size: 18KB

.pdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB