vdub64[.]exe | Triage

Sharing

General

Target

vdub64.exe
Size

9KB
MD5

b741f76a088710ab870cec65d80cb750
SHA1

29cd0be1ea9fcb64d281be32ac3c42222f9f9d32
SHA256

a27e36f0f6b22ec28fa8cea2de7ff39e1835e8e9cc8ffd5bd37f5cc12e2181ba
SHA512

106f2fc8d54ecf6104c198b480ae9bca4aa4d5f6a317f07f944aa63d3e3fc984e67e14423d91c4662bd3f1a5289b686c43f4a0b947c9d088535a50fe3eeb8fb6
SSDEEP

96:0+daRQJ0TKMQmQyjPaDDn3xkV8C9i+cuvg+Jagxet1+PNuaCws6LfkHVthIT:0+oRFTzw88C9isg4dxetqvjkhIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vdub64.exe

Files

vdub64.exe
.exe windows x64

ae0a3f3c30ee47cd5fa415888cb203d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LeaveCriticalSection
WriteFile
EnterCriticalSection
ReadFile
GetStdHandle
GetConsoleScreenBufferInfo
SleepEx
DeleteCriticalSection
WaitForSingleObjectEx
LocalFree
FormatMessageA
GetLastError
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
CreateFileA
SetErrorMode
SetConsoleCtrlHandler
lstrlenA
GetCommandLineA
CreateThread
InitializeCriticalSection
CreatePipe
lstrcpyA
GetFullPathNameA
GetModuleFileNameA

user32

PostThreadMessageA

msvcr80

memset
memcpy

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ