unsecapp[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

unsecapp.exe
Size

53KB
MD5

9b782b1e1d7a2c28302755f963eac907
SHA1

489a8a19a65c54ffdce72bd9410b54f41dbadf91
SHA256

fabb8cc6de82a79f1eed0976e5ce741ff3b9d5b1b40d90146052f4393cca80a3
SHA512

8eb808395f6fe126734ed415983752aff05a79e2a7d413db9d0ecc2296d28bad38cd521185dbd0be75528b4641ddb9a7ff67f781ba985196b93c91d11a91ebae
SSDEEP

1536:6zAD+X+1mFQOM16kLDGa3Fz8yntK6b+Bzn1UZzfcP2OB:6zcT1wkLDGa3Fz1nk6b+Bz12bu

Score

1^/10

Malware Config

Signatures

Files

unsecapp.exe
.exe windows x64

87e54e3d04d772f26002d8b564b2426c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

exit
__set_app_type
__getmainargs
_amsg_exit
??0exception@@QEAA@AEBV0@@Z
memmove
__CxxFrameHandler3
??0exception@@QEAA@AEBQEBD@Z
?terminate@@YAXXZ
_onexit
_callnewh
__dllonexit
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
??0exception@@QEAA@AEBQEBDH@Z
memcpy
_XcptFilter
_unlock
_lock
??1type_info@@UEAA@XZ
malloc
_exit
_commode
_fmode
_purecall
??3@YAXPEAX@Z
__C_specific_handler
_initterm
__setusermatherr
_cexit
printf
wcsstr
??_V@YAXPEAX@Z
_vsnwprintf

api-ms-win-core-com-l1-1-0

StringFromGUID2
CoInitializeEx
CoRegisterClassObject
CoRevokeClassObject
CoImpersonateClient
CoInitializeSecurity
CoRevertToSelf

api-ms-win-security-base-l1-1-0

GetLengthSid
EqualSid
IsValidSid

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
GetProcAddress

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentThreadId
ExitProcess
GetCurrentProcessId
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

wbemcomn

??0CInCritSec@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CInCritSec@@QEAA@XZ
??0CNtSid@@QEAA@AEBV0@@Z
?GetDWORDStr@Registry@@QEAAHPEBGPEAK@Z
??1Registry@@QEAA@XZ
??0Registry@@QEAA@PEBGK@Z
??0CNtSid@@QEAA@PEAX@Z
?GetTextSid@CNtSid@@QEAAHPEAGPEAK@Z
??8CNtSid@@QEAAHAEAV0@@Z
??1CNtSid@@QEAA@XZ
??1CCritSec@@QEAA@XZ
ErrorTrace
_ThrowMemoryException_
?OnInitialize@CUnk@@UEAAHXZ
??0CUnkInternal@@QEAA@PEAVCLifeControl@@@Z
??1CUnkInternal@@UEAA@XZ
?QueryInterface@CUnkInternal@@UEAAJAEBU_GUID@@PEAPEAX@Z
?AddRef@CUnkInternal@@UEAAKXZ
?Release@CUnkInternal@@UEAAKXZ
?Initialize@CUnk@@UEAAHXZ
?AddRef@CUnk@@UEAAKXZ
??0CCritSec@@QEAA@XZ
?Write@CMemoryLog@@QEAAXJ@Z
GetMemLogObject
?InternalRelease@CUnkInternal@@QEAAKXZ
?InternalQueryInterface@CUnkInternal@@QEAAJAEBU_GUID@@PEAPEAX@Z
??0CLifeControl@@QEAA@XZ
??0CNtSid@@QEAA@W4SidType@0@@Z
?Release@CUnk@@UEAAKXZ
?QueryInterface@CUnk@@UEAAJAEBU_GUID@@PEAPEAX@Z
??1CUnk@@UEAA@XZ
??0CUnk@@QEAA@PEAVCLifeControl@@PEAUIUnknown@@@Z
??_7CUnkInternal@@6B@

api-ms-win-core-synch-l1-1-0

SetEvent
LeaveCriticalSection
EnterCriticalSection
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount

api-ms-win-core-debug-l1-1-0

DebugBreak

api-ms-win-core-localization-l1-2-0

LCMapStringW

api-ms-win-service-core-l1-1-0

SetServiceStatus
StartServiceCtrlDispatcherW

api-ms-win-service-winsvc-l1-1-0

RegisterServiceCtrlHandlerW

api-ms-win-service-management-l1-1-0

CreateServiceW
OpenServiceW
DeleteService
OpenSCManagerW

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW

ntdll

EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage
EtwUnregisterTraceGuids

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87e54e3d04d772f26002d8b564b2426c

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

api-ms-win-core-com-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-apiquery-l1-1-0

wbemcomn

api-ms-win-core-synch-l1-1-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-service-core-l1-1-0

api-ms-win-service-winsvc-l1-1-0

api-ms-win-service-management-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

ntdll

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 1KB

.didat Size: 512B - Virtual size: 64B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 644B

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.didat
Size: 512B - Virtual size: 64B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 644B